steventhedev

The original article smelled wrong when they claimed to have broken AES. Thankfully, Bruce Schneier is far more authoritative than I ever will be and gives a short and succinct list of links to debunkings of this.

Only on signup

Anything using Blind as a "verified industry source" is going to be skewed to the type of person who uses Blind. Beyond that, it's low sample size, and there are suspiciously round fractions for some of the larger companies. Worse, because Blind is blind - this doesn't represent current employees, but merely people who worked at some point in the past at those companies.

Not saying it's not good - just saying not to get overly excited over a badly done survey

TCP Selective Ack is very much a thing, but it does take extra memory so lots of TCP stacks exclude it or disable it by default.

TCP was never designed with wifi in mind. TCP retransmission was only ever meant to handle drops due to congestion, not lossy links.

Tmux is a wonderful complement to mosh. Together you get persistence even when your local client loses power (speaking from experience)

I worked with mosh for years to connect to servers on other continents. It was impossible to work otherwise. It only has two small warts: forwarding, and jump hosts.

The second is fixable/ish with an overlay network, but that isn't always an option if you don't control the network. I tried to solve this with socat but wasn't able to configure it correctly - something about the socket reuse flag was very unhappy.

Intel, whose investment will be over five years, will pay a corporate tax rate of 7.5% instead of 5% previously. The normal tax rate is 23%, but under Israel's law to encourage investment in development areas, companies receive large benefits.

Usually these types of grants are never a good investment but the increased corporate tax rate alone covers a third of the grant (9b yearly taxable revenue at 2.5% over 5 years comes out to 1.125b).

Also that in order to exploit this it requires an active man in the middle. Which requires any of the following:

• Reverse proxy hijack/NAT hijack - from a compromised machine near the server
• BGP hijack - stealing traffic to the real IP
• DNS hijack - stealing traffic to send to a different IP
• Malicious/compromised network transit
• Local network gateway control
• WAP poisoning - wifi roaming is designed really well so this is actually easier than it sounds.

Almost all of those have decent mitigations like 801.x and BGP monitoring. The best mitigation is that you can just change your client config to disable those ciphersuites though.

Kelly is the betting stake formula - just plug in the expected value and it will tell you how much of your money you should gamble to maximize your winnings over time. But it does that with more or less a 50-50 chance of you losing all your money. Because winning 10 dollars means a lot more to someone who makes minimum wage than a millionaire, you need to skew the formula to take that into account.

The easiest way to do that is to use the log-value of money, and rederive the kelly criterion based on that value instead.

From what I recall the math works out so that unless you have a substantial pile of money, the ideal number of lottery tickets is always between 0 and 1.

Lotteries are generally regulated but corruption isn't unheard of.

But outside regulated state sponsored lotteries - it's safe to assume it's crooked in one way or another.

If the expected value is positive, then by all means you should play the lottery. Just bear in mind that the utility of money is nonlinear, so Kelly will overextend you - use something like max log-value and rederive.

The only time this happens are either scratch off tickets that are horribly broken or rolling-jackpot lotteries where you can win what other people put in before you.