# niplav

Karma: 1,220

I operate by Crocker’s rules.

• I have found Connected Papers to be quite useful, but they’re limited to 3 free queries a month.

• Communities dedicated to a specific activity usually contain members that engage in that activity. Examples include:

• meditators

• hiking clubs

• pick-up artists

• weightlifters

• quantified self

• open source software contributors

Therefore, I think it’s often a good idea to come to a conclusion of what one wants to do, and then seeking out people specifically to do that thing. I have found search engines useful to look for meetups.

Then again, in many of the do-things communities I’ve participated in the “all talk no action” problem is often well-known and frowned upon, see e.g. buffers and foundarounditis.

“It must always be remembered that the Buddha way can provide relief from suffering only for those who actually practice.”

• Thank you! I was looking for this.

Then , , can be written via

$\newcommand{\bigplus}{\mathop{\Large+\normalsize}} \bigplus_{i \in I}Vi$
$\newcommand{\bigdot}{\mathop{\Large•\normalsize}} \bigdot_{i \in I}Vi$
$\newcommand{\bigmult}{\mathop{\Large*\normalsize}} \bigmult_{i \in I}Vi$

• I remember (from listening to a bunch of podcasts by German hackers from the mid 00s) a strong vibe that the security of software systems at the time and earlier was definitely worse than what would’ve been optimal for the people making the software (definitely not safe enough for the users!).

I wonder whether that is (1) true and (if yes) (2) what led to this happening!

Maybe companies were just myopic when writing software then, and could’ve predicted the security problems but didn’t care?

Or was it that the error predicting the importance of security was just an outlier, that companies and industries on average correctly predict the importance of safety & security, and this was just a bad draw from the distribution.

Or is this a common occurrence? Then one might chalk it up to (1) information asymmetries (normal users don’t value the importance of software security, let alone evaluate the quality of a given piece of software) or (2) information problems in firms (managers had a personal incentive to cut corners on safety).

Another reason might be that lower-level software usually can make any security issues a reputational externality for end-user software: sure, in the end Intel’s branch predictor is responsible for Meltdown and Spectre, and for setting cache timeouts too high that we can nicely rowhammer.js it out, but what end-user will blame Intel and not “and then Chrome crashed and they wanted my money”.

This is, of course, in the context of the development of AI, and the common argument that “companies will care about single-single alignment”.

The possible counterexample of software security engineering until the mid 00s seemed like a good test case to me, but on reflection I’m now not so sure anymore.

• 5 Jan 2023 21:39 UTC
2 points
0 ∶ 0

Your 60% of deliberately inducing societal collapse being bad strikes me as underconfident, when I try to imagine 1000 worlds in which that happens maybe 5 or so turn out well.

# Open & Wel­come Thread—De­cem­ber 2022

4 Dec 2022 15:06 UTC
8 points
• Pareto improvement: Instead of letting students write bachelors/​masters theses that are basically just literature reviews, let them rewrite the respective Wikipedia articles instead (and then the supervisor checks the article).

Advantage: Instead of (in expectation) 10 people benefitting from the literature review, now a couple of hundred (for obscure pages) or potentially tens of thousands (for mildly popular pages) of people benefit.

• Short summary of some reading on attention spans (maybe a longer writeup at some point):

As far as I can tell, psychology doesn’t have a agreed-upon measure of attention span, nor does it have a standard test for measuring it. Papers on the topic try to answer more specific questions, such as “what is the attention span of students during lectures”, where there is also no consensus (could be 8 seconds, could be 10 minutes, could be more). In the best case, papers use ad-hoc tests to measure attention span, in the worst case the use surveys. A commonly reported decline of attention span from 8 seconds to 12 seconds is likely completely fabricated. Since we don’t even have a test for attention span, society is not tracking whether attention spans are declining.

This seems like an improvable state of affairs, and could probably result in a lot of citations for comparatively little effort (look at some of the ad-hoc tests used in different papers, try them for construct, let a random sample take the test, and let another random sample take the test a year or two later (if desired, repeat)). The fact that completely made-up figures are cited this widely indicates that there is interest in those numbers.

• Another feature idea: Ability to sort posts after length (I have discovered that posts <1k words are often much more upvoted, but far more fluffy).

• 11 Nov 2022 9:19 UTC
4 points

Should I set up accounts on multiple servers? Why or why not?

Yes, you probably should, primarily as backup options for when your current server goes down. Happened to me twice.

Should I care which server(s) I use at all? Why or why not?

Probably a bit. You don’t want your server to be blocked by many other servers or be politically controversial (a mutual didn’t allow my follow request from my backup account because it was on a libertarian server). Finding interesting people on the fediverse is kind of difficult, starting with an interesting server can speed up that process. But most of the time you’ll probably be interacting with people who are not on your server.

It seems like routing and identity (in terms of who’s following and going to see your posts) are tied to server. There are procedures for migration, but presumably a dead or rogue server would just lose all your data. Is there a secure export available, that would let one seamlessly restore all follows, followers, and posts on a new server?

There is a method for exporting, but it only allows for importing follows on a new server, but not followers (which I think is technically infeasible, because adversarial users could just declare that everyone is following them now) or posts (which looks technically feasible but hasn’t been done yet).

Hope this helps.

• Since the Price of Anarchy is the ratio of the best possible strategy to the worst Nash equilibrium and the Price of Stability is the ratio of the best possible strategy to the best Nash equilibrium , one could define the Price of Inadequacy as either the difference between the two or as the ratio between the two .

• 10 Nov 2022 15:19 UTC
41 points
0 ∶ 0

Further evidence that I should write a factpost investigating whether attention spans have been declining.

• I think that for anything except scholarship, those aren’t terrible. I’d attack them from the other side: They aren’t shallow enough. In industry, most often you often just want to find some specific piece of information, so reading the whole 30 pages is a waste of time, as is following your deep curiosity down into rabbit holes.

• It’s surprising that soviet style centrally planned economy took more than 70 years to collapse. I think most libertarians would have predicted it to collapse way earlier.