There is no formal “next in line”. The closest potential successor would have been the deputy prime minister; Chrystia Freeland held that role until a few weeks ago when she dramatically resigned and sparked this chain of events.
Currently, this is “Working as Intended” in Canada’s political system.
I’ve been thinking about this topic thru the lens of moral philosophy lately.
A lot of the “big lists of controls” security approaches correspond to duty ethics: following and upholding rules is the path to ethical behaviour. IT applies this control, manages exceptions, tracks compliance, and enforces adherence. Why? It’s the rule.
Contrast with consequentialism (the outcome is key) or virtue ethics (exercising and aligning with virtuous characteristics), where rule following isn’t the main focus. I’ve been part of (heck, I’ve started) lots of debates about the value of some arbitrary control that seemed out of touch with reality, but framed my perspective on virtues (efficiency, convenience) or outcomes (faster launch, lower overhead). That disconnect in ethical perspectives made most of those discussions a waste of time.
A lot of security debates are specific instances of general ethical situations; threat models instead of trolley problems.
I work at medium to large government orgs as a consultant and it’s entertaining watching beginners coming in from small private industries using - as you put it - consequentialism and virtue ethics to fight against an enterprise that admits only duty ethics: checklists, approvals, and exemptions.
My current favourite one is the mandatory use of Web Application Firewalls (WAFs). They’re digital snake oil sold to organisations that have had “Must use WAF” on their checklists for two decades and will never take them off that list.
Most WAF I’ve seen or deployed are doing nothing other then burning money to heat the data centre air because they’re generally left them in “audit only mode”, sending logs to a destination accessed by no-one. This is because if a WAF enforces its rules it’ll break most web apps outright, and it’s an expensive exercise to tune them… and maintain this tuning to avoid 403 errors after every software update or new feature. So no-one volunteers for this responsibility which would be a virtuous ethical behaviour in an org where that’s not rewarded.
This means that recently I spun up a tiny web server that costs $200/mo with a $500/mo WAF in front of it that does nothing just so a checkbox can be ticked.
Oh man, web application firewalls and especially Azure Application Gateway are the bane of my existence. Where I work they literally slap an Azure Application Gateway instance on every app service with all rules enabled (even the ones Microsofts recommends not to enable) in block mode directly when provisioning the stuff in Azure. The app is never observed in audit mode.
Result is that random stuff in the application does not work for any user, or only for some users, because some obscure rule in Azure Application Gateway triggers. Especially the SQL injection rule of Azure Application Gateway seems to misfire very often. A true pain to debug, then a true pain for the process to get the particular rule disabled.
And then not even to start about the monthly costs. Often Azure Application Gateway itself is more expensive than the App Service + SQL Database + Blob Storage + opt. App Insights. I really think someone in the company got offered a private island from Microsoft for putting Azure Application Gateway as a mandatory piece in the infrastructure of every app.
Yes, our most of our security has been outsourced to cheap workers in developing countries like India, which are of course rated on maintaining the standard and not rated on thinking and understanding what you want and putting things in context, and probably also work 60-70 hours per week during ungodly times so you can hardly blame them. It is truly the process that is broken.
Well what if they were intelligent and could actually really understand the data and its schema before deciding whether to allow or reject the request... wait... that's just the application itself.
It all boils down to trust. Management don’t trust the developers to do the right thing because they outsourced development to the lowest bidder. They futilely compensate for this by spending a mere $500/mo for a WAF.
So WAF. Bad? I don’t know enough about it. If it’s just a way to inject custom rules that need to be written and maintained, the value seems low or negative. I had hoped you got a bunch of packages that protected against (or at least detected) common classes of attacks. Or at least gave you tools in order to react to an attack?
Just slapping WAF in front of your services without configuring and maintaining rules is bad.
Without someone dedicated for maintenance of WAF it is just a waste. Where not many companies want to pay for someone babysitting WAF and it can be full time job if there is enough changes on layers behind.
Maybe, if the attacker didn't bother to hack into the WAF itself (generally a softer target than whatever's behind it) and if you bothered keeping or understanding the logs (extremely unlikely to be a good use of resources).
You don't need to understand the logs at the time you gather them for this, you just need to keep them long enough to cover the breach, and to be able to understand them after the fact. Hardly seems like an obvious waste to me, and well worth $500/mo.
Every corporation over a certain size has a rule that everything needs a firewall in front of it… even if the something is a cloud service that only listens on port 443.
I have friends who are very scary drivers but insist on backseat driving and telling you about best driving practices, and coworkers who are insistent on implementing excessive procedures at work but constantly are the ones breaking things.
I think following rules gives some people a sense of peace in a chaotic and unpredictable world. And I can't stand them.
A little of both. I understand getting a warm fuzzy feeling that you did the right things, but if you don't achieve your goal, what's the point?
But let me clarify -- OP mentioned a contrast between consequentialism and virtual ethics and I think you can be "too much" consequentialism too. I'm wouldn't call myself a rule follower but I also follow rules 99% of the time too. It does create a sense of order and and predictability and I value that.
There is a right balance where you do follow rules but you also know when to break them. What I can't really stand are rigid people -- diehard rule followers or diehard "no one can tell me what to do." I find working with rigid people hard because you have to work around their "buttons."
It gets worse than that: it rewards people who try to break the law as much as possible without getting caught, while people who follow it are punished.
That's true of most laws, but the system punishes law breakers to make it better to follow the law overall. When the law is vague and subjective, the people who get the most reward are the ones who are willing to see how far they can push it.
I’m thinking of the metaphor between Newtonian and general relativity. At low energies, masses and velocities the two theories correspond in predictions with little discrepancy. If the velocity/mass/energies increase dramatically, then Newtonian physics will fail to give accurate predictions.
Same with “hire smart people and let them work”. When salaries are relatively low, consequences are limited and incentives are well aligned, that approach works. As soon as any of those things change, then the “manager mode” fails dramatically.
As someone who ascribes to “manager mode” most of the time, I’m going to start looking more at places where the assumptions break and (carefully) try out “founder mode”.
I think that’s an oversimplification. If you have a Windows system handy, look for a file named “errata.inf” [0]. It’s a giant configuration file that is full of tweaks to make dodgy hardware work reliably.
Hardware, software and firmware are all prone to mistakes, errors and corner cases that are surprising. Security issues generally live in the intersection of systems with different metaphors. Hardware is not immune from issues, and software can help reduce that impedance mismatch.
It's also a complex number, a Unicode character, an ASCII character, an Extended ASCII character, a glyph, the multiplicative identity element, a raster image, ...
The GP point is correct; we implicitly convert between all these representations naturally and quickly, but there are interesting branches of mathematics that consider those conversions explicitly and find nuances (eg, category theory).
All the examples of shadows mentioned by Douglas in the video [0]:
Traditional Shadow from Sunlight: A tree casting a shadow in bright sunlight during the summer, characterized by the typical darkening on the ground.
Snow Shadow: Occurs in winter when a tree intercepts snowflakes, resulting in an absence of snow under the tree despite being surrounded by snow. This is likened to a shadow because it mimics the visual absence typical of shadows, even though caused by a different kind of blockage.
Rain Shadow: Explained with the example of the Cascade Mountains, where the mountains block rain clouds leading to dry conditions on the leeward side, effectively creating a "shadow" where rain is absent due to the geographical barrier.
Car Shadow by a Truck: Described during highway driving, where a large truck casts a "shadow" by preventing cars behind it from passing. This "shadow" is the area in front of the truck where cars tend to stay clear due to the difficulty in passing the truck.
Shadow Cast by England Due to the Gulf Stream: This is a metaphorical shadow, where England blocks the warm Gulf Stream from reaching certain areas, resulting in colder temperatures on one side, while allowing it to pass above to northern Norway, warming it. This is referred to as the "shadow of England" on the coast of Norway, influenced by the flow of water rather than light.
These examples use the concept of "shadow" in various physical and metaphorical contexts, showing disruptions in different types of flows (light, snow, rain, traffic, and ocean currents) caused by obstructions.
For example, the "2" in "2π" is not the same type of "2" as in x^2 or 2x generally. Yet, physicists (to pick a random group) will blend in these factors, resulting in nonsense. As a random example, one of the Einstein field equations has "8π" in it. Eight what!? What aspect of the universe is this counting out eight of -- a weirdly large integer constant? This actually ought to be "4(2pi)", and then "4" is the number of spacetime dimensions, which makes a lot more sense.
Similarly, in at least one place the square of the pseudoscalar (I^2) was treated as a plain -1 integer constant and accidentally "folded" into other unrelated integer constants. This causes issues when moving from 2D to 3D to 4D.
These examples miss the mark somewhat. The "2" in "2π" can mean several things (the nonnegative integer 2, the integer 2, the rational 2, the real 2) that are all commonly identified but are different. The "2" in "x^2" usually means the nonnegative integer 2. The "2" in "2x" can usually mean the nonnegative integer or the integer 2, but also the other 2's depending on what x is. The problem is not that the meaning of 2 varies across different expressions, but that it can vary within each single expression.
The best example is perhaps the polynomial ring R[x][y], which consists of polynomials in the variable y over the ring of polynomials in the variable x over the real numbers. Any algebraist would tell you that it is obviously just the two-variable polynomial ring R[x, y] in disguise, because you can factor out all the y-powers and then the coefficients will be polynomials in x. But the rings are very much not the same at the level of implementation, and every time you use their "equality" (canonical isomorphy), you need to keep the actual conversion map (the isomorphism) in the back of your mind.
Haskell shows (one way of) how you can have numerical literals like 2 that can be used with many different types, but still be strongly statically typed.
That by itself isn't a problem. But making all the other confusions you mention is a problem.
Saying 1 is both an integer and a rational number is wildly different from saying it is both an integer and an ASCII character. Z is a subset of Q. ASCII characters don’t overlap with either.
When you construct numbers using sets under ZFC axioms or inside lambda calculus what you get is representation. But 1 is just 1.
Your keyboard has a button with ‘1’ printed on it. When you push that, you don’t always get an integer or a rational number. You can convert what you get to either. So there must be overlap with ASCII somehow?
By any common set-theoretic construction of Q (e.g., equivalence classes of integer pairs under cross-multiplication), 1 as an element of Z is not literally an element of Q: 1 ∈ Q merely corresponds to 1 ∈ Z, and this correspondence is carefully designed to preserve the ring operations of Z within a certain subset of Q. In this case, the distinction is so negligible that eliding it is harmless, but the whole point of the article is that such elisions can become harmful in more complex constructions.
1 ∈ Z and ASCII '1' can similarly be seen as corresponding in terms of having the same glyph when displayed. But of course, there are far fewer meaningful operations common to the two.
I am not sure I understand what you mean by “literally” here. For sure, if you use Zermelo–Fraenkel set theory as the foundation of mathematics, as is commonly done, every mathematical object is a set. The first definition of 1 encountered in that setting is the singleton set {0}, where 0 is the empty set. (And 2={0,1}, 3={0,1,2} and so forth – you get the picture.)
This is precisely the sort of thing this is all about: The natural numbers are uniquely described up to unique isomorphism by some variant of the Peano axioms after all.
Ah, that depends what the meaning of “is” is, does it not?
On a more serious note, if you are of a certain philosophical bent you may believe that the natural numbers have an existence independent of and outside of the minds of humans. If so, 1 is presumably not a set, even if we don’t fully understand what it is. I certainly don’t think of it as a set on a day to day basis!
But others may deny that the territory even exists, that all we have are the maps. So in this one map, 1 is a set containing zero, but in that other map, it is something different. The fact that all the different maps correspond one-to-one is what counts in this worldview, and is what leads to the belief – whether an illusion or not – that the terrain does indeed exist. (And even the most hard nosed formalist will usually talk about the terrain as if it exists!)
But this is perhaps taking us a bit too far afield. It is fortunate that we can do mathematics without a clear understanding of what we talk about!
If there are many different ways to represent what something 'literally is', then how do we know for sure that ASCII '1' isn't a true representation of the literal number 1, just considered under different operations? We can say that 1 + 1 + 1 ≠ 1 (in Z), and we can also say that 1 + 1 + 1 = 1 (in Z/2Z): the discrepancy comes from two different "+" operations.
For that matter, how do we know what infinite sets like Z and Q 'literally are', without appealing to a system of axioms? The naive conception of sets runs headlong into Russell's paradox.
But the integers are a subset of the rationals, which are a subset of the reals, which are a subset of the complex numbers. Looking only at the objects and not their operations 1 (integer) = 1 (rational) = 1 (real) = 1 (complex). Moreover, when we do account for the operations, we also see that 1 + 1 = 2 and 1 * 1 = 1 in every one of those systems. This isn't just a coincidence, of course; it's by design.
However, the way you arrive at 1 + 1 = 2 is not the same (though I suppose you could short-circuit the algorithm). Rational addition requires finding a common denominator, while integer addition doesn't. They achieve the same result when the inputs are integers, and again this is by design, but the process isn't the same. Ditto real addition vs. rational and complex addition vs. real.
In higher-level mathematics, the operations on the objects become definitional. We don't look at just a set of things, we look at a set of things and the set of operations upon those things. Thus "1 with integer addition and integer multiplication" becomes the object under consideration (even if it's just contextually understood) instead of simply 1. This is why they don't satisfy higher-level notions of equivalence, even if they intentionally do satisfy simple equality as taught in grade school.
Of course, the entire point of the submitted paper is to examine this in detail.
> But the integers are a subset of the rationals, which are a subset of the reals, which are a subset of the complex numbers.
It depends on definitions, and, in some sense, the point of the common approach to mathematics is not just that one does not, but that one cannot, ask such questions. One approach is to look at natural numbers set theoretically, starting with 0 = ∅; to define integers as equivalence classes of pairs of natural numbers; to define rational numbers as equivalence classes of certain pairs of integers; and to define real numbers as equivalence classes of Cauchy sequences of rational numbers. In each of these cases there is an obvious injection which we are used to regarding as inclusion, but most of mathematics is set up to make it meaningless even to ask whether the natural number 1 is the same as the integer 1 is the same as ….
That is to say, if you're working on an application where encoding details are important, then you can and will ask such questions; but if I am writing a paper about natural numbers, I do not have to worry about the fact that, for some choice of encoding, the number 2 = {∅, {∅}} is the same as the ordered pair (0, 0) = {0, {0, 0}} = {∅, {∅}}, and in fact it is meaningless to test whether 2 "equals" (0, 0). The philosophy of studiously avoiding such meaningless questions leads some to avoid even testing for equality, as opposed to isomorphism; failing to do so used to be referred to in category-theoretic circles as "evil", although, as the nLab points out if you try to go to https://ncatlab.org/nlab/show/evil , it seems common nowadays to avoid such language.
This is not the point of the article. Even at the level of the objects themselves, 1 : integer is not 1 : rational. The latter is an ordered pair (1, 1) of two coprime positive integers, or an equivalence class of ordered pairs up to cancelling. Some ugly hackery is required to really make the integers equal to their respective rationals, and its consequences aren't great either (just imagine that some rationals are pairs while others are not -- that's what you get if you forcibly replace the rational k/1 by the integer k), and no one wants to do that.
Fair! Yeah I mean, I will say I don't need a complete plan, but unknowns make me nervous, and maybe a true finger-gunner never doubts their ability to figure it out.
I feel like there are parallels to computer security. A lot of my experience in this domain is looking at systems that were designed in a thoughtful way, but the designer didn’t fully appreciate being surrounded by a universe (especially one full of people of varying mixes of deviousness and cleverness).
The “real world engineer” job exists, it’s a security engineer. And it’s equal parts awesome and draining.
It sounds like blocking calls switch to a system stack and return the Go stack to the executor pool, but I don’t have source links to back up that claim.
Just to be clear, there are many aspects of biology that that professor is ignoring on a regular basis that you’ve elided (hibernation, molting, limb regeneration, etc). What specifically about procreation is important enough to call that individual’s expertise into question?
Currently, this is “Working as Intended” in Canada’s political system.
reply