oldnews193's comments

> It is absolutely bonkers that they (or, Fripp at least) are still playing music after 50 years and still touching the hearts of so many people.

And the current King Crimson line-up give absolutely killer concerts. Older things like Letters or Sailor's Tale have likely never sounded this good. Really hope this band lasts long enough to incorporate more from the Fripp-Sinfield era into their setlists.

> - don't update the branch prediction tables until the branch is proven to execute

> - if loading a cache line causes another cache line to be evicted, keep both until it is known whether the load is supposed to execute

This sounds interesting. How do these countermeasures actually prevent Spectre V1? And if they do, why didn't Intel implement them? Seems like they are fully microarchitectural, and therefore opaque to the software world.

Alternatively, what might be a display of a certain bias it's associating that vocal trait with young women in the first place. Isn't it akin to associating pink with gender? It's just a colour.

> I felt a lot of anxiety about sharing my research in this environment and felt pressure to make my work seem like it was the best solution for every problem when in reality there are more nuances.

I am curious what kind of pressure you are referring to. It's your work and your decision how to present it to the world.

As far as other people's research is concerned, academics can express their opinions by participating in peer review and expressing their opinions vocally at program-committee meetings (for instance, proposing artifact evaluation as a part of the review process).

Isn't that the case simply because professors are expected to be highly productive, to the extent where it is not possible to meet the bar without offloading the work to students and switching to a full-time manager?

Come and visit. As far as I understand, foreigners do not have much trouble visiting the West Bank.

Even if that happens, the people with whom anti-immigration policies are popular and job solicitors in the EU are likely two non-overlapping groups.

You are absolutely right! I brought up Spectre not meaning to say it's an issue for cryptography (although maybe it is? it's above my paygrade :) ), but to illustrate one issue with formal proofs in security that I am trying to resolve for myself.

Spectre is a hardware-level vulnerability, which is based on how the code executed under misspeculation (the processor makes a branch prediction, executes stuff and then figures out the prediction was wrong) leaves detectable traces in cache. Technically, that is not specified, because caches and speculative execution are not a part of architecture. This renders security proofs at higher level of abstraction not necessarily correct or simply non-applicable (think properties like whether a program executes in constant time or if it is sandboxed), if they rely on the ISA being all that there is to know about hardware. Now, Spectre specifically might be "solved" as a problem, but the proof-minded people would be concerned with how to prove that. How to prove that things like this are not a security issue: https://asplos-conference.org/abstracts/asplos21-paper148-ex...

And to do that, it turns out they need to extend the models under the hood of their proofs with speculation semantics. A non-trivial task by itself, I bet it would trigger non-trivial conceptual changes to mechanized proofs too, so this all might be a labor-intensive game of catch. Alternatively, one could raise a question about what fully formal security proofs we want. Formal proofs make explicit assumptions about the underlying model of computation. Some of those assumptions might not hold because we (incorrectly) thought we could abstract some complexities of hardware away. Is that alright for the kind of security properties we want to have proven? It might be for some, but not others.

So with this in mind, I am curious how crypto experts think about properties they want to prove for their work. What value would the crypto community seek to extract from formal proofs? Are leaky abstractions an issue for them? It's all very interesting.

> I am personally interested in this, as a cryptography PhD student, because the state of “provable security” is an absolute dumpster fire. In my opinion this is one particular application where machine-checkable proofs need to be established as a baseline standard.

As a non-cryptographer and generally a layman, I wonder how useful machine-checked proofs about crypto are in security. What do they tell you?

The underlying reason for my skepticism is best illustrated with Spectre: it made architecture people sweat bullets, but also rendered previous applications of formal methods less useful. What good is a formal proof that a crypto algorithm is constant-time, if it assumed a model of computation that is a research toy? You can only verify properties that you can formulate within a given semantic model. I suppose, for hardware those are way less understood than for programming languages.

(Which is not to say that formal verification is hopeless of useless as it is. Just really curious what kind of proofs a crypto person would benefit from machine-checking, and how.)

> Verification is at least as complicated as writing the program you are verifying.

I guess, writing a proof is basically like writing a program. Then checking a proof ought to be like *running* a program, not proving an arbitrary property of it. If your proof/program evaluates to "false", it's a wrong proof. So this is all a question of having an appropriate semantic model of computation/proof-checking, on which you can check your proof.

You could then ask: "why is it that I can always run a proof? What if running it does not terminate?" To which I'd have to admit that I am really, seriously not an expert on this, but I vaguely recall that interactive theorem proving systems like Coq have a non-Turing-complete type systems. Maybe it's for a relevant reason?

> Lviv/Western Ukraine is also very anti-Russia and has been for a long time (pre-WW2). Ukraine is a very divided country and there is more than one opinion on what to do. If each region voted independently, you’d probably see Ukraine split into two states, one aligning with the EU and the other with Russia.

For what it's worth, the Party of Regions, which used to be in power until 2014 and which got voted into power by South and East of Ukraine, won the 2012 elections with a program featuring signing the Association Agreement with the EU, visa waiver with the EU and joining the EU market.

Anyhow, if the question "Would you rather be in a political and economic alliance with the EU or with Russia?" might have seemed divisive to some before 2014, I'd think Russian aggression fixed that for good.

> Ukraine democratically decides to prefer EU over Russia, maybe all parties need to live with that.

Russia has been opposing the expansion of NATO for decades, and Ukrainian politicians at different moments were aiming to join NATO (rather than signing memorandums not to join NATO). I suppose, we Ukrainians can be upset at how unfair it is that our sovereignty is not respected, but that won't earn us any more agency. Russians are the ones with the nukes, overwhelmingly stronger military and with opinions on the matter, so maybe we've got to be smarter about how we navigate through challenges ahead of us.