Recent @tfehring Activity
The prediction market Kalshi  is showing a ~50% chance that the CDC will designate a variant of high consequence  by March, up from a ~20% chance 36 hours ago.
A biostatistician friend of mine pointed me to this relatively optimistic Twitter thread , though this response  is much more pessimistic.
Of course the WHO and South African government oppose travel bans. That doesn't mean imposing those bans isn't in other countries' best interest. Taking a risk-averse approach in a highly risky and uncertain situation isn't inconsistent with the WHO's recommendation to take a "risk-based and scientific approach."
I'm not saying that restricting travel is necessarily the right approach (though it probably is), but nothing in your comment really strikes me as compelling evidence that it's the wrong approach.
>The plain fact of the matter is that humans evolved on an almost exclusively meat-based diet
At one point in our evolutionary chain (that of Homo erectus and early Homo sapiens), sure. At other points (Australopithecus) we were exclusively vegetarian. For much of our history (that of Homo habilis and more recent Homo sapiens) we've eaten significant amounts of both plants and animals.
I'd love to see a source for the claim that plants are toxic for humans. Considering that many humans eat exclusively plants, and that those people seem to have lower all-cause mortality rates than people with otherwise similar characteristics , I suspect that that could only be true if you're using a very non-standard definition of "toxic."
The amount of feed crop acreage needed to produce a beef burger is much greater than the crop acreage needed to produce an Impossible burger, so the Impossible burger reduces the number of those habitats that are being destroyed. (I'm using "feed crop" loosely to include hay - even 100% grass-fed cattle can't just be pastured year-round in most areas, and cutting hay is just as bad as harvesting feed crops for any smaller animals that've made their homes in the fields.)
The Bay Area had something like 20x as much VC investment as Austin as of 2017 . This article  indicates that the trend is probably in Austin's favor, as I'd expect, but it also shows that Austin isn't even in the top 10 nationally (unless they lump it in with San Antonio?) by deal count as of 2020.
Yeah good point, I was thinking they'd cut your service off but on second thought that's probably not the case.
Or they want to avoid making pricing more complex than it already is, they do that by significantly marking up egress and using it to cross-subsidize other stuff (like data ingress and internal data transfer), and they've determined that the benefit of that simpler pricing to their other users outweighs the detriment to users with egress-heavy use cases.
Edit: On second thought this is probably a bad idea, but I'm leaving my original comment below for posterity.
Probably easiest to generate a virtual card number with a spend limit, off the top of my head I know Capital One offers this, Apple will also generate virtual card numbers though I don't know if you can set a spend limit on them.
Yeah, and it sounds like the same will be true on iOS sometime in December. Not sure why they'd announce the discontinuation now instead of just waiting a few weeks until they have a drop-in replacement available, though I guess it is just for one platform.
End of Support for Firefox Lockwise
154 points • 127 comments
I'd think the former would typically (depending on how many times the class is re-used) use more bandwidth, if anything, since it still requires the framework to define the `w-32 h-32` class attributes elsewhere using the more verbose identifiers. Plus the overhead for an additional request if that class definition happens in an external style sheet.
A qualitative assessment like whether Company A is more likely to be breached than Company B is a good start, but it's a far cry from being able to actually quantify each of their expected losses.
I agree that there's a big disconnect between the way that insurers assess risk and the way that security researchers assess risk. But I'm skeptical that the type of assessment you're describing can be done at scale in a rigorous enough way to inform pricing decisions, I worry that it would just turn into gameable checklists and therefore cease to be a good measure.
Perhaps more importantly, it's probably possible for insurers to accurately assess the expected annual cost associated with a given company's employees getting phished for a seven-digit ransom, but that's not the only risk they're worried about. Even if it can accurately assess the average loss associated with, say, a major 0day in a particular piece of software that's used by a double-digit percentage of companies - a much harder task - an insurer might just not want that much exposure to a single point of failure on its balance sheet.
This is really interesting. Assuming I'm willing to trust the author's claim that semantic class names are the reason CSS is hard to maintain, what's the advantage of `<img class="w-32 h-32">` over `<img style="width: 32px; height: 32px;">`?
There’s nothing inherently unsustainable about relying on insurance for this type of thing. Arguably, properly priced cyber coverage would increase companies’ incentive to invest in good security, since it translates a possible cost in the future to a certain cost today in the form of higher premium.
The problem is that cyber risk is (1) effectively impossible to model due to a lack of representative data and (2) probably highly correlated between companies, meaning that a vulnerability in a widely-used library or platform could mean massive systemic risk for insurers. As a result, premiums probably don’t align well with the underlying risk, even after the corrections described in the article. Profits in cyber insurance were very high (think combined ratios in the 50s-60s) and stable for a long time, but that ship seems to have sailed.
> For vast majority of Covid cases the symptoms are nothing to worry about. The risk of dying from under 50 is like 0.1% or better if not overweight.
I'm not sure this claim is consistent with the available evidence. Long term cognitive side effects (e.g. "brain fog" and memory loss) and respiratory problems each seem to occur in ~15% of symptomatic COVID cases among working-age, not-particularly-unhealthy people. "Long term" here means 7-9 months after infection. https://www.medrxiv.org/content/10.1101/2021.03.18.21253633v...
Worth mentioning that canola oil apparently has a much lower omega-6 to omega-3 ratio than butter, lard, olive oil, or coconut oil, not to mention other industrial seed oils. https://en.wikipedia.org/wiki/Fatty_acid_ratio_in_food#Oils
Does that mean you roll your own database because you can't review the whole codebase for Postgres or whatever? How about your own cryptography suite, and web server, and compiler?
I think it's reasonable to err on the side of rolling your own for simple stuff instead of `npm install is-even` or whatever. But using other people's software is a net positive for both productivity and security for sufficiently complex applications. And the range from "simple" to "complex" is a continuum and it's not trivial to decide where on that continuum to draw the line.