New British cars may have to be fitted with breathalyser technology and black box-style recorders under Labour plans to align with EU vehicle safety laws.
The Government said copying European rules would drive down costs…
Here is the full Telegraph article. It seems more complicated than that, instead the car has to allow for the possibility of installation of such a device, without the use of the device, or the device, being required per se. So the black box is more concerning to me. It would mean that a complete monitoring of your whereabouts and driving behavior could become possible. There are Event Data Recorders in most newer US cars, but to date they are not used for very much. Perhaps the American ethos prevents slippery slope on this one?
These are not just extreme paranoid fears. When driving with a Spanish rental car this summer, the car issued an annoying, recurring beep every time it was being driven over the speed limit, even by small amounts. For one thing, the road synchs with the beeping device do not always accurately reflect the posted speed limits. For another, often the speed limit would suddenly fall by 20km, but of course you should decelerate rather than slamming on the brakes. For another, it can be dangerous to always drive below or even at the speed limit, especially when overtaking and I do mean sane rather than crazy overtaking.
So on these issues matters could indeed get much worse.
Hear me out. If you are an organization with some spare storage and bandwidth, or an engineer looking to justify an overprovisioned homelab, you should consider running a Certificate Transparency log. It’s cheaper, easier, and more important than you might think.
Certificate Transparency (CT) is one of the technologies that underpin the security of the whole web. It keeps Certificate Authorities honest, and allows website owners to be notified of unauthorized certificate issuance. It’s a big part of how the WebPKI went from the punchline of “weakest link” jokes to the robust foundation of the security of most of digital life… in less than fifteen years!
CT is an intrinsically distributed system: CAs must submit each certificate to two CT logs operated by third parties and trusted by the browsers. This list is, and has been for a couple years, uncomfortably short. There just aren’t as many independent log operators as we’d like. Operating a log right now would be an immense contribution to the security of virtually every Internet user.
It also comes with the bragging rights to claim that your public key is on billions of devices.
Where’s the catch? Well, until recently running a log was a pain, and expensive. I am writing this because as of a few months ago, this has changed!
Browsers now accept CT logs that implement the new Static CT API, which I designed and productionized in collaboration with Let’s Encrypt and the rest of the WebPKI community over the past year and a half. The key difference is that it makes it possible to serve the read path of a CT log exclusively through static, S3 and CDN friendly files.
Moreover, the new Sunlight implementation, sponsored by Let’s Encrypt, implements the write path with minimal dependencies and requirements. It can upload the Static CT assets directly to object storage, or store them on any POSIX filesystem.
Bandwidth: 2 Gbps outbound peak capacity2 (which you can offload to a CDN).
Storage: you have two options.
3 – 5 TB1 of usable redundant filesystem space on SSDs3.
3 – 5 TB1 of S3-compatible object storage, and 200 GB of cache on SSD.
Static CT logs are just flat static files, which you can serve with any HTTP server4 from disk, or expose as a public object storage bucket.
People: Google policy requires the email addresses of two representatives. The uptime target is forgiving enough that it can probably be met by a single person working during business hours.
That’s pretty much it!
Durability is the first priority: it’s really important that you never lose data once it’s fsync’ed to disk or PUT to object storage, since your log will have signed and returned SCTs, which are promises to serve the certificates it received. This means for example that backups are useless: they would rollback the log’s state.
In terms of ongoing effort, a log operator is expected to read the Google and Apple CT Log policies, monitor the ct-policy@chromium.org mailing list, update the log implementation from time to time, and rotate log temporal shards every year. (For example, we just stood up 2027 shards of our log.)
Given the logs lifecycle, you should plan to stick around for at least three years.
Sign me up!
If you want to become a CT log operator, first of all… thank you!
The Sunlight README was rewritten recently to get you up and running easily. Sunlight is highly specialized for Certificate Transparency and the WebPKI, and it’s designed to help you operate a healthy, useful CT log with minimal configuration.
The community is eager to welcome new log operators. You can post questions, reports, and updates on the transparency.dev Slack, ct-policy mailing list, or Sunlight issue tracker. I encourage you to reach out even just to share your plans, or to ask any questions you might have before committing to running a log.
I systematically make the mistake of reaching a beautiful spot with my motorcycle, watching the sunset, and then realizing “oh, shoot, now it’s dark!” This time, the motorcycle didn’t start, too, and it was the first ride of the season in January. Got to read A Tour of WebAuthn by Adam Langley, though, so who can say if it was good or bad.
Geomys, my Go open source maintenance organization, is funded by Smallstep, Ava Labs, Teleport, Tailscale, and Sentry. Through our retainer contracts they ensure the sustainability and reliability of our open source maintenance work and get a direct line to my expertise and that of the other Geomys maintainers. (Learn more in the Geomys announcement.)
Here are a few words from some of them!
Teleport — For the past five years, attacks and compromises have been shifting from traditional malware and security breaches to identifying and compromising valid user accounts and credentials with social engineering, credential theft, or phishing. Teleport Identity is designed to eliminate weak access patterns through access monitoring, minimize attack surface with access requests, and purge unused permissions via mandatory access reviews.
Ava Labs — We at Ava Labs, maintainer of AvalancheGo (the most widely used client for interacting with the Avalanche Network), believe the sustainable maintenance and development of open source cryptographic protocols is critical to the broad adoption of blockchain technology. We are proud to support this necessary and impactful work through our ongoing sponsorship of Filippo and his team.
If a six months shard is assumed to grow up to 2B entries (the biggest so far has been 1.93B), and old shards are deleted one month after they expire, Sunlight on ZFS configured like Tuscolo will need at most 2.75 TB. However, the WebPKI is always growing, and shorter-lived certificates will increase issuance rate, but will also make rotation more efficient. Provisioning 3 TB and having a plan to get to 5 TB if necessary over the next couple years would be prudent. ↩↩
This is a conservative estimate of potentially necessary peak capacity. Right now the Tuscolo log produces ~50Mbps average / ~250Mbps peak, but there are relatively few monitors. RFC 6962 logs reported numbers around 1 – 2 Gbps. Static CT reduces bandwidth by almost 80%, but also makes it easier to monitor a log, which might increase demand. YMMV. Verifiable Indexes will hopefully reduce full monitor count in the future. ↩
It might be possible to run the object storage part on HDD. The write path would probably be fine, but the read path serves a lot of files with random accesses. Maybe with a large SSD cache layer. ↩
Or with Sunlight’s specialized HTTP read path, called Skylight, which has a bunch of nice metrics and health checks. ↩
Yep, two nines. Availability of the write path in particular is not a big deal at all: CAs will just fallback to other logs. Availability of the read path is important to ensure timely monitoring of new entries, but it’s just a simple static HTTP server. Note that Google is planning to split the requirements between read and write endpoints, and to require higher availability on the read path. ↩
It’s possible the requirements will grow in the future because of short-lived certificates and/or post-quantum signatures, but the ecosystem is very aware of the potential burden on CT log operators, and there are a number of proposals to mitigate it, such as Merkle Tree Certificates and Verifiable Indexes. I am optimistic this will be solved, but even if it won’t you can always turn your log read-only without disrupting the ecosystem, should it get too large. ↩
Some people fight over whether birth order predicts gayness. According to my data, it obviously does
If you’re not familiar, I’m using data from my Big Kink Survey, which is a long, extremely detailed survey I built that went viral on tiktok, and then a bunch of corners of the internet, and at this point is #1 if you google ‘kink survey’. Around 2.4 million people have opened it, and people have finished it ~900k times, and around ~770k people pass my general sanity-check cleaning filters. It’s very popular among young women and liberals, but even my conservative male sample size dwarfs most published studies in the field of sex research.
For simplicity, I’m not controlling for anything, but nothing I checked had meaningful potential to confound the data. Conservatives have more siblings (very conservative people reported 0.3 more siblings than very liberal people did), but filtering for liberal vs conservative didn’t change the outcomes noticeably at all.
You might notice the gay rates are real high. This is partially cause liberal people are gayer (and the majority of my data), but also I suspect cause I had a slightly broader definition of gay (details later).
Some people argue over whether the gender of siblings predicts how gay men will be. I asked people if they had mostly male or mostly female siblings, or an equal split of both. If I just look at the groups of ‘mostly male’ and ‘mostly female’ siblings, This seems a little bit true
Having older female siblings seems to predict gayness meaningfully more than having older male siblings! This is surprising enough that I doublechecked my code to make sure I hadn’t accidentally swapped the sign. Most studies seem to find the opposite. I don’t know what’s going on here.
…I was actually planning to write this blog post with a whole host of data, I’ve got a bunch of charts I was gonna throw at you, but this is actually way more confusing and interesting. It seems pretty well established in science that older brothers are correlated with being gay, and this doesn’t hold for older sisters.
Is it somehow related to the fact that more males said they had brothers than sisters? Maybe but probably not - of people who said their siblings were mostly one gender, 51.6% picked male and 48.4% picked female. This is a gap that seems pretty explainable by the fact that more males are born than females; when I mess around with some simulations the gap seems consistent with this.
In the survey, I asked people whether they preferred vaginas or penises, and also whether they preferred masculinity or femininity. This was how males responded:
To count as gayish, I took the top right four boxes. I don’t really see how this could be responsible for the mysterious older sister phenomenon here.
But let’s check the full-gay category just in case:
siblings mostly male
birthorder supergay% n ci
1.0 1.4 38643 0.1
2.0 1.9 31760 0.2
3.0 2.1 8773 0.3
4.0 2.1 2892 0.5
Males with mostly-male siblings saw a birth order jump 0.7, while mostly-female had a jump of 1.6%. The confidence is lower because the sample is lower, but so far the effect in my data still holds among the supergays.
I am so confused. Age doesn’t seem to have an impact on this either, there’s a similar gap whether I check younger or older males.
What about the ‘mostly’ in the ‘are your siblings mostly male or female’? I don’t ask specific number! But in this sample, people have either 1, 2, or 3 siblings; the only way you could have a female sibling in ‘mostly male’ is in the 3-sibling category, and this would be one female and two males. This means out of all possible siblings reported, we should expect around 4.5/5 of them to be male. I don’t think this method of structuring the survey question should cause that much of a deviation in results.
Wikipedia says:
“the odds of having a homosexual son increase from approximately 2% for the first born son, to 3% for the second, 5% for the third and so on.”…
“The fraternal birth order effect has been described by one of its proponents as "the most consistent biodemographic correlate of sexual orientation in men”
Probably I am wrong here. By default I am likely wrong, because it’s very unlikely that we would see a whole host of studies and meta-analyses finding no effect with female siblings if there is in fact an effect with female siblings.
Again, I really don’t think anything is going wrong in my data processing. I’ve quadruple checked I wasn’t redefining anything or swapping signs. I checked the base raw data before I did any cleaning at all to make sure I wasn’t accidentally cleaning something weird, and it all holds pre-cleaning.
Maybe I’m failing to control for something important? But I checked birth order along with a whole bunch of other stuff in my data, and nothing seemed like a good candidate besides politics.
For what it’s worth I find almost no effect among females:
I don’t have time to do an in-depth review of all the available research, but some of it does look pretty good. Like, there’s a 9-million sample size analysis of birth order and sibling gender and whether or not people entered into a same-sex marriage, and it finds that
the probability for individuals [of same sex union] with one older brother was 12.5% higher than that for individuals with one older sister.
So, ???
It seems unlikely that the other surveys are wrong and I’m somehow right. My current top guess is that the difference lies in how we’re measuring homosexuality; the 9mil survey looks at legally recognized union, while I’m asking about what are u into? Maybe something about legally recognized unions are doing some other filtering, like this requires a level of boldness that people with older brothers are more likely to have? Or in my data men with older sisters are more likely to enjoy identifying as gay because they’re in a family that celebrates more sexual-minority type identification?
Actually… I wonder if this is part of it. Women are much more liberal than men are, and we know liberalism is correlated strongly with identifying as non-cis
haha what the fuck is going on with male liberal teens? this is a topic for another blog post (subscribe!)
So maybe men raised with a lot of older sisters get disproportionately exposed to liberal, non-cis values, and are more likely to emphasize their interest in men as a signaling thing? But they wouldn’t go so far as to marry a man, and if you’re only tracking legal union then all these men suddenly drop out of the data?
Wait… are men with more older sisters, more liberal? Let’s check my socialliberal question, where people rated themselves from socially conservative to liberal on a -3 to 3 scale. Here’s the means:
Gah!
No, my theory predicts that we should see increased liberal identification with more older sisters - at least compared to brothers - but there’s basically no noticeable change.
Man, I have no idea. I’m so confused. Are we just seeing “if you run enough checks on data, eventually you’ll accidentally see a rare thing outside of your expected confidence interval”? Is this just a random fluke in my data? I’m not sure how to easily check how unlikely this is in this specific circumstance, but feeding the raw data to o3 gives me a p ≈ 1.7 × 10⁻¹⁰, or ≈ 1 chance in 6 billion, that I would see this outcome in a world where there was actually the same birth order slope for males and females.
If the answer lies in my failure to control for something, then that in itself would be crazy. If the fraternal birth order effect only applies to people in some areas of the world, or of some ages, or of some political orientations, that would be really bizarre.
…Probably the answer is something really simple and obvious and I will feel very dumb when someone kindly points it out for me. But I’d love to get it pointed out!
When I have more time later I’ll try uploading the raw data to my raw data directory so other people can replicate what I’m finding.
Knowingless is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
In his second appearance, Nate Silver joins the show to cover the intersections of predictions, politics, and poker with Tyler. They tackle how coin flips solve status quo bias, gambling’s origins in divination, what kinds of betting Nate would ban, why he’s been limited on several of the New York sports betting sites, how game theory changed poker tournaments, whether poker players make for good employees, running and leaving FiveThirtyEight, why funky batting stances have disappeared, AI’s impact on sports analytics, the most underrated NBA statistic, Sam Bankman-Fried’s place in “the River,” the trait effective altruists need to develop, the stupidest risks Tyler and Nate would take, prediction markets, how many monumental political decisions have been done under the influence of drugs, and more.
Here is one excerpt:
COWEN: Why shouldn’t people gamble only in the positive sum game? Take the US stock market — that certainly seems to be one of them — and manufacture all the suspense you want. Learn about the companies, the CEO. Get your thrill that way and don’t do any other gambling. Why isn’t that just better for everyone?
SILVER: Look, I’m not necessarily a fan of gambling for gambling’s sake. Twice a year, I’ll be in casinos and in Las Vegas a lot. Twice a year, I’ll have a friend who is like, “Let’s just go play blackjack for an hour and have a couple of free drinks,” and things like that. But I like to make bets where I think, at least in principle, I have an edge, or at least can fool myself into thinking I have an edge.
Sometimes, with the sports stuff, you probably know deep down you’re roughly break-even or something like that. You’re doing some smart things, like looking at five different sites and finding a line that’s best, which wipes out some but not all of the house edge. But no, I’m not a huge fan of slot machines, certainly. I think they are very gnarly and addictive in various ways.
COWEN: They limit your sports betting, don’t they?
SILVER: Yes, I’ve been limited by six or seven of the nine New York retail sites.
COWEN: What’s the potential edge they think you might have?
SILVER: It’s just that. If you’re betting $2,000 on the Wizards-Hornets game the moment the line comes out on DraftKings, you’re clearly not a recreational bettor. Just the hallmarks of trying to be a winning player, meaning betting lines early because the line’s early and you don’t have price discovery yet. The early lines are often very beatable. Betting on obscure stuff like “Will this player get X number of rebounds?” or things like that. If you have a knack for — if DraftKings has a line at -3.5 and it’s -4 elsewhere, then it can be called steam chasing, where you bet before a line moves in other places. If you have injury information . . .
It’s a very weird game. One thing I hope people are more aware of is that a lot of the sites — and some are better than others — but they really don’t want winning players. Their advertising has actually changed. It used to be, they would say for Daily Fantasy Sports, which was the predecessor, “Hey, you’re a smart guy” — the ads are very cynical — “You’re a smart guy in a cubicle. Why don’t you go do all your spreadsheet stuff and actually draft this team and make a lot of money, and literally, you’ll be sleeping with supermodels in two months. You win the million-dollar prize from DraftKings.”
And:
COWEN: If we could enforce just an outright ban, what’s the cost-benefit analysis on banning all sports gambling?
SILVER: I’m more of a libertarian than a strict utilitarian, I think.
COWEN: Sure, but what’s the utilitarian price of being a libertarian?
Lots of fresh material and debate, they question me, lots of philosophy, here are the links. And this is a new podcast from Peter and Kasia, Lives Well Lived, further interesting episodes are on the way.
Log in
