Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "researcher"
-
An incident which made a Security Researcher cry
--------------------------------------------------------
I was working on my laptop finishing up my code while waiting for the flight which was late . Meanwhile two guys (I'm gonna call them Fellas) in black suit and shades came to me
Fella : Sir you have to come with us .
Me : *goes along with them*
Fella : Sir please proceed *points towards the door . The room has a round table with some guys discussing something *
Fella 1 : Your passport please
Me : *Hands over the passport*
Fella 1 : Where are you traveling to sir?
Me : India
Fella 1 : Put your laptop in the desk sir.
Me : Sure thing
Fella 2 : What were you doing there? *Taps the power button*
Me : Just finishing up my work .
Fella 1 : Or hacking our systems?
Me : Seriously?
Fella 2 : The password please .
Me : Here you go
*5 minutes have passed and he still can't figure out how to use the machine*
Fella 2 : Which Windows is this?
Me : It's Linux
Fella 1 : So you are a hacker .
Me : Nope
Fella 1 : You are using Linux
Me : Does it matters?
Fella 1 : Where do you work?
Me : *I won't mention here but I told him*
Fella 2 : So what do you do there?
Me : I'm a Security Researcher
Fella 1 : What's your work?
Me : I find security holes in their systems .
Fella 1 : That means you are a hacker .
Me : Not at all .
Fella 2 : But they do the same and they use Linux .
Me : You can call me one .
*After 15 minutes of doo-laa-baa-dee-doo-ra-ba-doo amongst them I dunno what they were talking , they shutdown the computer and handed over it to me*
Fella 2 - So you are somewhat like a hacker .
Me - *A bit frustrated* Yes.
##And now the glorious question appeared like an angel from river ##
Can you hack Facebook?
Me - 😭😭😭28 -
https://git.kernel.org/…/ke…/... sure some of you are working on the patches already, if you are then lets connect cause, I am an ardent researcher for the same as of now.
So here it goes:
As soon as kernel page table isolation(KPTI) bug will be out of embargo, Whatsapp and FB will be flooded with over-night kernel "shikhuritee" experts who will share shitty advices non-stop.
1. The bug under embargo is a side channel attack, which exploits the fact that Intel chips come with speculative execution without proper isolation between user pages and kernel pages. Therefore, with careful scheduling and timing attack will reveal some information from kernel pages, while the code is running in user mode.
In easy terms, if you have a VPS, another person with VPS on same physical server may read memory being used by your VPS, which will result in unwanted data leakage. To make the matter worse, a malicious JS from innocent looking webpage might be (might be, because JS does not provide language constructs for such fine grained control; atleast none that I know as of now) able to read kernel pages, and pawn you real hard, real bad.
2. The bug comes from too much reliance on Tomasulo's algorithm for out-of-order instruction scheduling. It is not yet clear whether the bug can be fixed with a microcode update (and if not, Intel has to fix this in silicon itself). As far as I can dig, there is nothing that hints that this bug is fixable in microcode, which makes the matter much worse. Also according to my understanding a microcode update will be too trivial to fix this kind of a hardware bug.
3. A software-only remedy is possible, and that is being implemented by all major OSs (including our lovely Linux) in kernel space. The patch forces Translation Lookaside Buffer to flush if a context switch happens during a syscall (this is what I understand as of now). The benchmarks are suggesting that slowdown will be somewhere between 5%(best case)-30%(worst case).
4. Regarding point 3, syscalls don't matter much. Only thing that matters is how many times syscalls are called. For example, if you are using read() or write() on 8MB buffers, you won't have too much slowdown; but if you are calling same syscalls once per byte, a heavy performance penalty is guaranteed. All processes are which are I/O heavy are going to suffer (hostings and databases are two common examples).
5. The patch can be disabled in Linux by passing argument to kernel during boot; however it is not advised for pretty much obvious reasons.
6. For gamers: this is not going to affect games (because those are not I/O heavy)
Meltdown: "Meltdown" targeted on desktop chips can read kernel memory from L1D cache, Intel is only affected with this variant. Works on only Intel.
Spectre: Spectre is a hardware vulnerability with implementations of branch prediction that affects modern microprocessors with speculative execution, by allowing malicious processes access to the contents of other programs mapped memory. Works on all chips including Intel/ARM/AMD.
For updates refer the kernel tree: https://git.kernel.org/…/ke…/...
For further details and more chit-chats refer: https://lwn.net/SubscriberLink/...
~Cheers~
(Originally written by Adhokshaj Mishra, edited by me. )23 -
"A Google security researcher withdrew from the Black Hat security conference and asked the community to stop using the 'black hat' term."
What the heck? Are we just going to ban the colors white and black in every context? Its clearly not talking about race, its talking about morals... Which people like this "google security researcher" obviously know nothing about...
This is all so stupid... luckily the community disagrees with the stance but then again, afaik, we all also disagreed with removing master/slave and it still happened so make of that what you will...
https://zdnet.com/article/...35 -
Another incident which made a Security Researcher cry 😭😭😭
[ NOTE : Check my profile for older incident ]
-----------------------------------------------------------
I was invited by a fellow friend to a newly built Cyber Security firm , I didn't asked for any work issues as it was my friend who asked me to go there . Let's call it X for now . It was a good day , overcast weather , cloudy sky , everything was nice before I entered the company . And the conversation is as follows :
Fella - Hey! Nice to see you with us .
Me - Thanks! Where to? *Asking for my work area*
Fella - Right behind me .
Me - Good thing :)
Fella - So , the set-up is good to go I suppose .
Me - Yeah :)
*I'm in my cabin and what I can see is a Windows VM inside Ubuntu 12.4*
*Fast forward to 1 hour and now I'm at the cafeteria with the Fella*
Fella - Hey! Sup? How was the day?
Me - Fine *in a bit confused voice*
Fella - What happened mate , you good with the work?
Me - Yeah but why you've got Windows inside Ubuntu , I mean what's the use of Ubuntu when I have to work on Windows?
Fella - Do you know Linux is safe from Malwares?
Me - Yeah
Fella - That's why we are using Windows on VM inside Linux .
Me - For what?
Fella - To keep Windows safe from Malwares as in our company , we can't afford any data loss!
Me - 😵 *A big face palm which went through my head and hit another guy , made me a bit unconscious*
I ran for my life as soon as possible , in future I'm never gonna work for anyone before asking their preferences .7 -
I imagine those researcher must be like : "Would you give us your password? It's for a research project"3
-
Lets be realistic guys...
Artificial Intelligence Researcher / Artificial Intelligence Software Engineer
Damn simple. Be on the A.I. side. Betray all of your friends and make them jobless.
RULE THE WORLD!!!3 -
Time to change my skills from PHP developer to AI researcher, Blockchain engineer and grab some thousand dollars deal on Freelancer3
-
Interviewer: So which university are you from?
Me: I am from "foo" university.
Interviewer: So why did you not go to "bar" university?
Inner Me: Wtf kind of a question is that. Why the fuck aren't you a unicorn with pigs flying out of your ass and a globally reknowned researcher at Stanford?
We all end up where destiny takes us. Some of us try very hard but things don't magically happen for us. We keep trying but at the end of the day you end up where you end up.
Real Me: I just finished my High School and had the entry test the next day. I was not prepared at all.4 -
Well I’ve had my LinkedIn status to open for a little while now. Time to check what exciting offers (me, an iOS developer / team lead) has received.
- Senior python engineer with multiple years machine learning experience.
- a job 3000 miles outside the only city I’ve marked myself as interested in.
- Architect for a .NET team.
- Senior UX Researcher.
- The same job for a bank 6 times. But each time they won’t initially give the name of the company. Only “my fav client to work with” until I respond.
... not much hope in this process9 -
Microsoft brute-forces password-protected archives in OneDrive.
“Microsoft will decrypt, open, and scan protected Zip archives uploaded to the company's cloud servers in search of potential computer threats. Security researcher Andrew Brandt recently discovered the issue while trying to share malware samples with other researchers through SharePoint.”
This is when I encrypt my archives, I use _very_ long passwords generated by Bitwarden. Like this: qkYdE5i@27yHTTj8YsMDKQ9^mo$j@!P^M4qA95Y5VqR*53otAMuMv$9sdxtF4HAuNdAYoW9RPVxucJ3
Good luck bruteforcing that, Microsoft!
https://techspot.com/news/...14 -
As a consultant, you get tasked with a variety of stuff. Last few weeks been struggling to maintain an old C++ application that was written by a complete tool of an a$$hole with zero knowledge on how to write maintainable and production quality code. It would hardly run without a crash. First it was a challenge I had to accept, but as I stabilized the code and just fell over even more traps, I had to admit defeat and review my approach.
Rewrite is something I would choose last, but this one ticked all the marks worthy of a rewrite. So, the customer is a very friendly researcher and gladly spent 15 hours with me explaining all the math and concepts - just a delight for a programmer to have such a customer. Two days in, with a DDD approach - a functional, more precise, faster and stable application.
Sometimes there is no rant to share, it's rare to have that perfect communication with a customer that is so dedicated that he spends so much time teaching you his speciality and actually understand your approach. DDD was really a lifesaver here, by using it's key concepts and ubiquitous language. The program is essentially 8000 lines of math, but wrapping it up with value objects and strong domain models made me understand his domain and him mine. It also allowed me to parallelize the computations, giving me a huge performance boost. Textbook approach, there will not be many like this!4 -
Another incident which made a Security Researcher cry
[ NOTE : Check profile to read older incidents ]
-----------------------------------------------------------
So this all started when I was at my home (bunked the office that day xD) and I got a call from a..... Let's call him Fella as I always do . So here we go . And yeah , our Fella is a SysAdmin .
-----------------------------------------------------------
Fella - Hey man sup!
Me - Good going mate , bunked the office , weather's nice , gonna spend time with my girl today . So what's goinon?
Fella - Bruh my network sharing folders ain't working no more .
Me - Did you changed or modified anything?
Fella - Nope
Me - Okay , gimme your login creds lemme check .
Fella - Check your inbox *texts me the credentials*
*I logged in and what I'm seeing is that server runs on Windows2008R2 , checked the event logs , everything's fine and all of a sudden what I found is fucking embarrassing , this wise man closed SMB service*
Me - Did you closed SMB service?
Fella - Yeah
Me - You know what it does?
Fella - Yeah it's a protocol , I turned it off to protect the server from Wannacry .
Me - Fuckerrrr!!!!! Asshole dumbass you fuckin piece of Dodo's shit!! SMB is the service responsible for files and network sharing!!!
Fella - But....I just wanted protection
Me - 😭😭😭
*A long conversation continues with a lot of specially made words to decrease the rate of frustration which I used already*
Fella - Okay I'm turning it on .
Me - Go on....... Asshole
Fella - It worked! Thanks a lot bro
Me - Just leave me and my soul away from evil and hang up .
*Now the question is , who the hell gives them the post of SysAdmin? While thinking this question , I almost thought of committing suicide but then my girl came with coffee and my rubber duck*1 -
So I found this consulting job a while ago thinking that some extra cash while studying would be nice to have.
I meet with the guy, a researcher trying to start a business up, good for him I think, maybe we'll hit it off, continue working, why not? Except he has no clue how to write working code, all he ever did was writing matlab scripts he says, thats why he hired me he says.
Okay, fine, you do your job I do mine.
He hands me the contract, its about comparing two libraries, finding out which one is better suited for his job, cool, plots and graphs everywhere.
Except this is an unpaid job. YOU WHAT?! It's a test job. FINE. At least it'll look good on my resume.
We talk about the paid part where I'm supposed to scale the two libraries, looks good, as expected from an ML engineering perspective. It comes to payment. The dude has no idea how taxes work, says he has a set amount to pay and not a penny more. I explain with examples how taxes are paid, how you get reimbursed for them and so on. Won't budge. Screws me over.
Opens the door for other jobs I think, he'll learn next time I think and take the job.
Fast forward a month, 90% of the job done, he adds a third thing to compare. Gives a github link to a repo with 2 authors, last commit a year ago. There are links to a 404, claiming compiled jars. Fuck.
Not my first rodeo, git clone that shit, make compile, the works. The thing uses libs that ain't in no repo, that would be too easy. Run, error, find lib, remake all the things, rinse repeat.
The scripts they got have hardcoded paths and filenames for 2 year old binaries, remake that shit.
It works, at least I get a prompt now. Try the example files they got, no luck, some missing unlinked binary somewhere, but not a name mentioned. Cross reference the shit outta the libs mentioned on readme, find the missing shit, down it.
Available versions are too new, THE MOLDING NUTCRACKER uses some bug in an old version of the lib.
I give up. Fuck this. This ain't worth the money OR time. Wanker... -
Fucking facebook researcher that make underfitted neural nets and fuck Mark that it's a marketing genius, the only idiot that can make news from a failure. The CEO of Tesla knows it and said Mark is not an AI expert. Bug not feature, it's only a poorly trained and poorly designed neural network having a bad representation of concepts, not a new language and not the fucking apocalypse. Google faced and solved the same issue when start ed using neural nets for zero-shot translations without using english as a translation bridge.
-
Filled a form where I had to put my name down as "Executive researcher" (just means that I'll be carrying the study) and now me feels disoriented and very confused. 😕
Heh.
But me is important. Me is executive something! Pehehehe.14 -
Social Captain (a service to increase a user's Instagram followers) has exposed thousands of Instagram account passwords. The company says it helps thousands of users to grow their Instagram follower counts by connecting their accounts to its platform. Users are asked to enter their Instagram username and password into the platform to get started.
According to TechCrunch : Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext. Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain text, as they had connected their account to the platform. A website bug allowed anyone access to any Social Captain user's profile without having to log in ; simply plugging in a user's unique account ID into the company's web address would grant access to their Social Captain account and their Instagram login credentials. Because the user account IDs were for the most part sequential, it was possible to access any user's account and view their Instagram password and other account information easily. The security researcher who reported the vulnerability provided a spreadsheet of about 10,000 scraped user accounts to TechCrunch.3 -
Apache Tomcat vulnerability "GHOSTCAT" allows read conduct files and implant web shells. All versions in the last 13 years vulnerable.
According to Security Researcher of Chaitin Tech : Due to a flaw in the Tomcat AJP protocol (the channel for Tomcat to connect to the outside, pass them to the corresponding web application for processing and return the response result of the request), an attacker can read or include any files in the webapp directories of Tomcat.
For example, An attacker can read the web-app configuration files or source code. In addition, if the target web application has a file upload function, the attacker may execute malicious code on the target host by exploiting file inclusion through "GHOSTCAT" vulnerability.
Apache Tomcat has officially released versions 9.0.31, 8.5.51, and 7.0.100 to fix this vulnerability.5 -
I was employed as a Researcher so for three months i basically did nothing but read, document, read, document, read, document. Then one day in a review i was doing a demo that required sql. Three months no coding. Of course I've forgotten. And now, this ass back boss of mine gets surprised because i asked for help on update syntax for sql?!?! Like, come on. I COULD GOOGLE THAT. No big deal. But it was to him. He thought i was incompetent as a software engineer. So hE DECIDED TO JUST RANDOMLY PUT ME IN A DEV TEAM and i was expected to perform as fAst AS THEM while still doing mountains of task on research. Worst part is THEY EVALUATED ME BASED ON THAT PERFORMANCE. AFTER I WORK MY ASS OFF FOR THREE MONTHS AS A RESEARCHER, I GET EVALUATED BADLY BECAUSE I DIDNT MEMORIZE THE UPDATE SYNTAX NGNGNNGGNGNNGNGGNF1
-
Trying to switch my job. Applied for a well known company. Gave an interview today. I don't fucking get the obsession of these developer recruiters so fixated on data structures and algorithms. I know it's a massive part of computer science but guess there is no fucking room left to innovate in there. There are legitimate researcher teams working for implementation of these barebones inside system foundations. No general software developer gives a fuck about this piece of shit discipline of study. You wanna know why they propagate this as the panacea to test people because it's fucking easy. Give a project to somebody as interview procedure, it'll take time to bring out an interesting problem and an interesting solution to that. Sorry to say but all these data structure enthusiasts are nothing better than board game enthusiasts.
Also why can't you refer existing solutions to create your solution. I've seen some good problems which actually require you to think. But again those are heavy and can't be tested so you're left with reversing a fucking linked list with O(1) auxillary space. Fuck me ig.
Moreover, what the fuck is wrong with the moral policing internet crowd. Its so sad. I've hardly seen anybody rant about this piece of shit system put in place to push the absolute dead-end nutcases up the ladder. Every other search for it returns a Quora link with some Indian guy complaining about his interviews and in the comments you have the same scholars sitting in their data structure throne imparting knowledge about how data structure holds the fabric of reality together.
I don't hate data structures and algorithms as a subject. It is cool and quite extensive but once you try to make that as a metric of all the knowledge in the world, you've lost my drift. Maybe I'm just angry with the state of things. Maybe I'm just angry with token Quora crowd.4 -
Apple’s Vision Pro Hacked On Launch Day
Just within hours of Apple releasing its much-hyped mixed reality headset, Apple Vision Pro, a security researcher was able to discover a critical kernel vulnerability in the device’s software – visionOS, which, if exploited, could potentially enable jailbreaks and malware attacks. More detail:
https://aprogrammerlife.com/top-rat...10 -
"The designer is not always right. The researcher is not always wrong. Profit is not always the motive; market research, whatever its outcome, should never be used as a good excuse for bad design – in the same sense that good design should never be used to promote a bad product." - Paul Rand1
-
CAUTION: possibly NSFL
There was a war. We lived in a leftist camp inside an abandoned railway station. The only thing that could break the siege was BLA
[dream fragment lost]
So they lined us up. There were ten of us.
— Do you want the leftist future?
— No…, they made me say.
— Do you love capitalism?
— Yes…, they made me say.
— Ты готова присниться?, they asked my female comrade ("are you ready to come to our soldiers in their dreams to support them?")
— Yes.
— Ты готов расшибиться?, they asked me ("are you ready to work your ass off, dying in the process if necessary?". It also makes a perfect rhyme with the previous Russian sentence)
— Yes.
Then, they tied our hands and hung us onto a rack. They doused us with gasoline.
— Look. Czechoslovakia had Jan Palach. We have ten Jan Palachs now!
They set us on fire. I feel an unimaginable pain. I wake up for ten minutes.
When I fell asleep again, I found out I survived. But, my body underwent modifications: first, I now had a vinyl shell instead of my skin. Underneath it were raw muscles. Second, I no longer had vocal cords. I no longer had voice.
In this world, we were slaves ("Тяговые люди") ruled by BLA. There were no prisons. Instead, there were only two punishments: the "light" one and the "heavy" one. First one is your shell getting ripped off. You die in around 20 minutes of agonizing pain, like mink that is skinned alive in Chinese leather tanneries. But, compared to the second one, that was a slap on the wrist.
The "heavy" punishment was them injecting you with "The Ferment". Immediately, your mind is altered into total obedience. Then, your body begins to turn into corpse juice. To outside observers, you die in 30 days. But for you, it feels like forever, as time speeds up indefinitely, and you're drifting into endless sorrow. When you die, no one notices, as your shell is still there. But instead of you, there's now nothing but corpse juice inside.
I now worked in some location that resembled Duke Nukem 3D's first map. My job was to remove those plastic shells. I had no bottom — it was replaced with a concrete cube that felt pain just like damaged tooth enamel does. An endless queue of shells moved in front of me. I had to remove their shells, to peel them off like vinyl.
Some people were alive underneath. They still had their skin. They thanked me, smile at me and wander away.
Some of them were alive, but had no skin. That means I was the one to execute a "light" punishment on them.
Some of them weren't there. I pop the shell open, and it deflates as corpse juice pours out.
One of my previous dreams was the following:
"— We arrange surgeries when in-person interventions are _not recommended_.
— So…, — I press the pause button on the handrail.
— The perfect maiden. Inside a plastic shell. 80 years old underneath."
Now I understand it. The first speaker was a BLA researcher. "I" was an investor. The "perfect maiden" was me, but way in the future from my today's dream. It all fits together.
Now, here's the discovered part of kiki universe so far:
- rotten meat house
- swine gray gel battleground
- horizontal elevators network
- united paper island
- baseball bat nightclub
- anxiety-inducing multidimensional pizzeria
- NEW! BLA headquarters
- NEW! demilitarized burning ground abandoned train station
- NEW! Duke Nukem 3D people skinning ground10 -
How much zucchini is too much zucchini?
I know I have WAY too much...
I knew at least when 1st considering D20 zucchini breads.
then when i began to wonder if the remaining batter would work with my death star waffle iron...ill know tomorrow!
....ran out of typical pans, incl foil ones(normal and mini for easy gifting)
- gave 1 away (similar sized as in pic)
- approx. 2 lg zucchini bread loaves in fridge (gave away 2, ate a ½)
- cut up\froze enough onions\peppers\pak choi to a min. acceptable zucchini : everything else stir fry ratio... x20 servings
- similarly, green onions, pak choi, marinated sesame fried tofu bits, zucchini and miso (quick miso soup) x16
- thinly sliced enough to layer it into ~20 lg servings of lasagna.
... zucchini in pic is slightly larger than the one that made the many aforementioned and pictured loaves of zucchini bread
apparently, in a week tops, I'm gonna have at least another 3 more THAT size needing to be picked
anyone in the continental US want some zucchini bread? or, if in michigan, zucchinis?
i didnt even plant much... actually only about ½ of other years.
i am also having some serious overflows coming of (at least) grapes and watermelons.
grapes...
when i bought this place, this odd, square, surrounded by cement walkways, area, with an increasingly problematic tree (risking cable\electric lines, foundation, etc) and so dense with weeds that I learned, dandelions have a giant, bush-like form, with heights beyond 8ft tall.
i grew up hanging out in the nearby woods, noticing that weeds lost the fight vs raspberry\blackberry plants. being handicapped\lazy\experimental, w\ev, i figured id just kill it all then fill it with random berries... knew nothing about grapes so just got 4+ random types... apparently they are all fancy\expensive grapes... and reeeeeaally produce. i already had to pick ~10lbs.
watermelons-
idr if i planted normal ones and little ones or just little ones... idk how to tell without cutting them open or maybe just watching a long time to see if they stopped growing?
anyone with advice (or seeking watermelons) is welcome.
assuming (hoping) they are mini ones there's at least 2dz that are at least ping pong ball size.... and around 100 little yellow flowers still.
i totally get that my frustrating problem with produce here would be beyond welcomed by most people... but seriously... wtf do i do with a few dozen to over a hundred (hopefully mini) watermelons, so many zucchini that, despite personal daily consumption and at least a half dozen friends that love zucchini bread and\or my secretly healthy lasagna(my friends tend to be guys), but have their limits capping out, plus mine, at less than ½ whats rapidly being produced and, apparently, thousands of dollars worth of hundreds of pounds of fancy grapes???
there's an interesting old lady across the street who'll take at least what her and husband can possibly consume,.. even makes grape jam, but thats still only a few dz lbs tops.
it seems wrong to kill the plants (or even to remove a large amount of blossoms and feed them all to JSON (lil tortoise)... pretty sure he's already getting tired of them just from the few that fell off in the wind or something.
i wish i knew some farmers that do farmers market things... but that kinda seems super suspicious... 'hey mr farmer... want a large supply of expensive grapes, watermelon and zucchini, for free? you can sell them to random people, or just give them away. i dont want money or anything...' idk... seems like the beginning of one of those movies that either has evil alien plants assimilating all land mammals, or where there's some crazed medical researcher convinced that there's a massive, underrated threat without enough attention for vaccination production funds-- so they are gonna release some deadly virus supposedly to save the world.
ive been cooking too long.
ideas pl0x?82 -
I just got mindustry (which is currently on sale for $3) and it's a great tower defence, resource production, machine builder, tech tree researcher, sort of game! Really really worth the $3 and will probably appeal to a lot of people here.7
-
I came across this blog (I guess) that's mostly critique about the security of major open source projects. The author claims to be a security researcher.
At least some of the claims seem to have merit, but how much? Opinions?
https://madaidans-insecurities.github.io/...3 -
Don’t be evil.
“Stapleton said she was demoted and told to take medical leave, even though she wasn’t ill. Meredith Whittaker, an artificial intelligence researcher, said she was reassigned and told to stop her well-known research on AI ethics. Both women detailed their experiences in an email to coworkers in April, which was then shared with journalists at Wired and published.”
https://vox.com/policy-and-politics...4 -
Well, that's it, folks. Got a job offer, one I might accept, after some tweaks.
I've been a bit more than sixty days unemployed. And in no hurry.
But there is one thing that uneases my mind, though.
I've been a dev, I've been a graduate researcher, I've been a TA and I've been a tech lead, but now the industry wants me in a primarily management position.
I like to code, even if that makes me miserable sometimes. I like to solve problems. Math problems, engineering problems.
But I OOH SOOOO MUCH HATE when I have to deal with leadership who can't tell heads or tails on a coin toss. Who can't make a decision and deal with the consequences. Who can't handle bad times, searching for someone to blame more than searching for a solution. Who can't listen to advice, who thinks a commanding viewpoint is always better than many compiled intelligence reports.
Who don't wanna even think about the possibility that they might not know something, much less that someone on their team might know some subject better than they do.
Frankly, I think might I hate bad leadership more than I like coding.
So if the offer is to have the patent to tell productivity thespians where to shove their stupid spreadsheets, even at the cost of hardly ever issuing a git command, then I think it might be the time.
I hope it is not a mistake, but I can always course-correct my career later. I'm in my late 30s, I still have, like, 40 years of labour ahead of me (assuming medical advancements in the meantime).
So, yeah, I'm joining the other side. But trying not to become them.
May sudo have mercy upon my uid.4 -
So why exactly did anyone ever use zoom? The first time I ever heard about zoom was when I read a very detailed code dissecting mini writeup of its obvious flaws by a sec. researcher. Why and when did zoom become a thing? Also wtf where the zoom devs smoking and where can I get sum? That shit must fuck up your brain beyond repair.....1
-
Today I was meeting with a researcher in my department so that I could show him how the software I developed works. He graduated from a really good university in electronic engineering, with 100/100 I think, and he can manage to copy&paste some python code. So I didn't expect what happened today.
Guy: 'So I have to give to your program as input this python file which contains a function you need to call, right?'
Me: 'Yep, I mean, that is a jupyter notebook, I need a text file containing only the function which is in that notebook'
Guy: *Downloads the notebook, tries to feed the notebook file into my program*
Me: 'Wait, don't, there probably is a lot of junk related to jupyter notebook, try opening it in notepad++'
Guy: *Opens file, sees a lot of junk text*
Me: 'Yeah, I thought so, you need to save it as plain text or .py'
Guy: *Renames the notebook as .txt*
Me: *Shakes my head without him noticing*
'That won't work, the content of the file won't change like that...' -
I have an interest in methods to make myself smarter. At times some ideas seem to be just out of my reach. I don't always know the reason why. Eventually with persistence I am able to figure things out. However, I always wonder if there are techniques to learn things faster, better, more completely, with less struggle, etc. Would being smarter help with this. I wondered, "Can I create a program/method to increase IQ through training?"
So I found an interesting book called "The Neuroscience of Intelligence" by Richard J. Haier.
Very quickly I was engrossed in this book. It is written in a very accessible way and slowly trickles in the jargon. The book is basically the culmination of 40 years of studying the subject. The main point of the book is: you cannot increase your IQ through techniques and tricks. The only realistic avenue for increasing IQ is through genetics. Your IQ is based upon nature, not nurture. This is a result of the data, not opinion. The writer of this book follows what the science is telling him. This was not what I wanted to hear. He also went on to explain that the statement "You can be whatever you want to be if you work hard enough." He said this is false. Some people, no matter how hard they try, will not be able to get past certain limitations in aptitude. This statement will probably make a lot of people mad, but the data led this researcher to this conclusion. Though I sense he found this disheartening (my opinion). I know I did.
So after reading this book over the weekend I am a bit perturbed that there are not recognizable techniques to increase IQ through mental exercises. Websites all over will say otherwise, but it isn't a thing.
What to do? I decided I am going to find ways to maximize my potential. I will create a set of mental exercises that help me use what I got to the full potential. I know when I see different ways to think about things I get a bit better at solving problems. So learning and experience is still a way to improve your intellect, if not IQ. If I feel like I have made progress in this endeavor I will definitely share.
If you have any interest in neuroscience then I recommend the book I read this weekend. It is very accessible for the reader not versed in the subject. I knew virtually nothing about the topic and now I feel I have a good grounding in the state of the art. It has some neat info on some potentially better approaches to AI as well.7 -
A researcher uncovers Sydney’s ability to create multiple personalities. Some of them evil.
https://stratechery.com/2023/... -
I have to add into develop a code made by a university researcher. The code is in Python 2 for no reason, not all the docstrings are there, no comments (of course) and many, many anti-pythonic practices.
I wanna quit so bad.1 -
Wtf is ux researcher or design thinkers etc? Seems like bs jobs to me. Why not hire good frontend devs who has a good understanding of ux/ui?
Companies please pay devs well instead of wasting money on these bs roles and positions.8 -
Hey all. So I'm a bit of an aspiring developer/engineer. I am in highschool right now and am getting to the point where I should start looking at colleges. Ive wanted to do something computer related and for a while now ive had my heart set on some sort of security engineer/tech/researcher what have you. But it has been pointed out to me that computer sciences often require several high level math courses namely Calc. Problem being I'm pretty bad at Calc and haven't been able to do too well.
I'm not too sure what I should do. I'm struggling with my highschool calc classes and and fear that college level course will just go over my head. Ive never had issues with math before until I got to Calc. Ive got some of the basics of cryptography such as hashes and cryptographic alorithms but thats about it. Do computer science degrees really rely that heavily on Calc?7 -
vBulletin Zero-Day with Remote Code Execution. If you have a server with this, make sure it's running over 5.5.4 (or under 5.0, but that would mean you have security problems to fix).
https://zdnet.com/article/... -
I need advice.
I'm going to apply for PhD this year, but here's the thing, I don't have a specific interest in anything.
This sounds weird but I only want to do thinking. Like solving problems.
I would have a paper coming out this month as first author, but we discovered some weekends of our algorithm recently and decided to postponed the paper (there are 4 professors on the project and one researcher), so I guess this will definitely affect my application.
Like, what shall I say even on the personal statement? That I have one active mind that just won't stop thinking? The very fact that everything is interesting to me made me not interested to anything.4 -
So I read about how NAND mirroring worked as a proof of concept on brute forcing the pass code in Iphone 5c. After reading a few paragraphs, I didn't understand how the researcher came to know what to do with certain challenges along the way. What the hell did I do in my 5 years of studying engineering? I better go back to the basics.
-
The perks of being an AI researcher/Data Engineer:
Having to explain what I do for a living at every single family gathering. -
Warning - Not IT related.
Long ago, I had a chemist professor who told us a story. She worked in a laboratory where they have studied cristal formations, so basically made a liquid highly capable to form cristals, and they watched them forming, doing tests and so on. In the meantime new building of the campus opened and they had to move the lab to the new location, which was a fourth floor of newly made building. Few of them started to work there even before they moved the old materials and equipment and they started few cristalisation studies, the interesting part is that the cristals didn't formed. She said that at the end they had many cups with prepared liquid and apsolutely no cristals for weeks, but one day the lead researcher arrived with the old, already formed cristals, from the old lab, and toon those inside of the room with prepared cups all the cristals started to form at the same time. After telling us a story she asked us not to tell this to anyone because the science currently doesn't accept this phenomenon and we will be demonised and looked fools it the scientific community.
This story made a hole in my brain...
It was like 10 years ago, and as a problem solver I still have sometimes some weird ideas about it, and strange explanations comming from nothing, and without any deep understanding of quantum physics or even cristalisation. :D1 -
I have a platform idea, I need feedback
Problem statement: it’s hard to find researchers of specific area, which discourages students to even start looking for research opportunities. The reason for that is because people often look into their own academic circle, and the resource available is simply not enough.
Solution: by scraping Google scholar, generate detailed tag of sub areas for each professors, make a search system for that which will display the most important works of a researcher and what they are working on recently. If possible, invite the researchers to use the platform to add tags of traits they are looking for in students.
I have quite polarized feedback right now, one is the subarea tagging is really useful and academic circle is a problem, other is this is completely useless.
Please let me know what you think.3 -
The dream:
Three professors, one phd, one post doc, one researcher in a meeting doing code review for you and tell you what a shit piece this is.
Ps. I'm not a phd3 -
That moment when I realize that my project has a dependency written by a researcher with no tests whatsoever while I spent 2h today writing my tests.
-
According to a report from ZDNet: IBM's new toolkit give developers easier access to Fully Homomorphic Encryption (FHE) which is a technology with promise for a number of security use cases. In case you do not know about FHE, you can take a look at My Quora Answer (https://qr.ae/pNKR2p).
"While the technology holds great potential, it does require a significant shift in the security paradigm," the report adds. "Typically, inside the business logic of an application, data remains decrypted, [Flavio Bergamaschi, FHE pioneer and IBM Researcher] explained. But with the implementation of FHE, that's no longer the case -- meaning some functions and operations will change."
The toolkit is available on GitHub for MacOS and iOS and it will soon be available for Linux and Android. -
There are people who develop Neural Networks/Deep Learning Models/AI based Softwares.
Does anybody know what do we call them? Is it okay to call all of them Machine Learning Engineer/AI researcher/AI engineer?
If I'm looking for someone who can make AI based program for me. Whom should I be looking for on freelancer or LinkedIn?1