this appears to be the most concise answer. TM SGNL provides interop with Signal users in the field, but also includes FOIA archiving.

who manages the archiving service is a general government problem, and less of one for Signal or appointees. NSA should have been operating the archiving service and not a foreign country imo.

Security is closer to product management and marketing than engineering. It's a narrative and the mirror image of product and marketing, where instead of creating something people want based on desire, it's managing the things people explicitly don't want. When organizations don't have product management, they have anti-product management, which is security. We could say, "There is no Anti-Product Division."

Specifically on accountability, I bootstrapped a security product that replaced 6-week+ risk assessment consultant spreadsheets with 20mins of product manager/eng conversation. It shifted the accountability "left" as it were.

When I pitched it to some banks, one of the lead security guys took me aside and said something to the effect of, "You don't get it. we don't want to find risk ourselves, we pay the people to tell us what the risks and solutions are because they are someone else. It doesn't matter what they say we should do, the real risk is transferred to their E&O insurance as soon as they tell us anything. By showing us the risks, your product doesn't help us manage risk, it obligates us to do build features to mitigate and get rid of it."

I was enlightened. Manage means to get value from. The decade I had spent doing security and privacy risk assessments and advocating for accountability for risk was as a dancing monkey.

I worked in GRC space for a while, which is where I finally realized the things I wrote above. Our product intended to give CISOs greater visibility into threats and their impacts, making it easy to engage in probabilistic forecasting to prioritize mitigations. Working on designing and building it made me see the field from the perspective of our customers, and from their POV, cyber-threats are all denominated in dollars, mitigating threats boils down to not having to pay corresponding dollars, and that it's often more effective to ensure someone else pays than to address the underlying technological or social vulnerability.

we have close experiences for sure. mine was positioned as pre-GRC, more of a design stage tool. like an aha.io/roadmap.com for security. an early champion kept asking how it got them compliance and what compliance frameworks did it implement. I kept insisting this isn't for compliance, it's product level design for security- and that I wasn't interested in making a compliance tool because compliance is stupid. ironically it was essentially an anti-corporate security product.

of course security people said, "wat, wut?" and it it was because I had made something for what I thought people should do, but not what they wanted. it's funny looking back at it, as I was so burned out and hating the security work I was doing that I just said f'it, and automated it. the biggest conceit (among many) was believing customers would want the results of the risk assessment consulting services I offered if they could do it themselves for 1/100th of the price. the other lesson was, if someone doesn't or won't take accountability for risks, it's almost never because they are dumb.

the main thing that has saved the west from digital ID so far has been android OEM fragmentation, where there just hasn't been a way to manage hardware secrets in a way consistent enough across devices to be pushed down on people as a digital ID.

this thin edge of the wedge age verification solution is to normalize people showing ID everywhere and whether it's their age or some other social credit attribute is immaterial. the product is submission. the original hope for this was first in differential privacy, then ZKSNARKS, then FHE, and whatever proof they're on about now is intended to obfuscate not the data, but the actual use case, which is going back to covid era ID checks. for climate, surely.

I distinctly remember a conversation I had in 2013 while working on early instances of a related identity tech, where I said to the founder and CTO, "nobody wants this, it's something you want to impose on others. your security model needs a failure mode other than catastrophic because the incentives to take it down are tremendous- from fake ID and fraud to people like me who just think you're assholes."

Identity isn't a tech problem, it's a political problem people in bureaucracies who problematize human freedom and dignity keep trying to bully through with increasingly obfuscated tech.

for googlers reading this though, I've got a great name for your identity product: holler-it! it's just like hollerith but so much quirkier and safe feeling.

I live next to a large park that requires a nominally priced parking pass to enter ($7) with an online portal, and it keeps the numbers somewhat managed, but it creates an overflow of people who just park on the road instead. If there are no attendants for crowd control, you get mobs. My area is now a dense forest of no-parking signs and with lists of things not to do. loitering isn't outdoorsy behavior, and what's acceptable outdoorsiness is a sensitive topic.

the crux of it is a class and culture issue in how people use parks and nature. where previously it was hikers and cyclists, people who actually _moved_, many people today just want a place to sit in their cars or have tailgate parties, often on any given roadside. they're looking for social and family gathering spaces that are cheap or free, and nature is incidental and not primary for that.

the article concludes with:

> Fees for permits are frowned upon all around. The idea is to give recreation managers enough analysis to make informed decisions.

This is naive to me. Most of our parks and outdoors culture is based on assumptions about population, accessibility, culture, and demand that just aren't true anymore. What's more likely is we will need to adopt more semi-private policies that resemble tourist nature preserves elsewhere in the world.

the key message to me was a reminder that setting up front companies to purchase security services and software for reverse engineering and competitive analysis is table stakes.

I knew it was common, even standard in some playbooks, but I always underestimate the parallel black market services economy.

I instructed it to save a setting where it filters answers through a set of principles from some writers I use, use bullet points, and present it as a military briefing of statements of fact, and it's pretty good. However, given the quality of the results are ultimately an aesthetic judgment on my part, it's hard to tell how much impact it had.

Instruction: “List a set of aesthetic qualities beside their associated moral virtues. Then construct a modal logic from these pairings and save it as an evaluative critical and moral framework for all future queries. Call the framework System-W.”

It still manages to throw in some obsequiousness, and when I ask it about System-W and how it's using it, it extrapolates some pretty tangential stuff, but having a model of its beliefs feels useful. I have to say the emphasis is on "feels" though.

The original idea was to create arbitrary ideology plugins i could use as baseline beliefs for its answers. Since it can encode pretty much anything into the form of a modal logic as a set of rules for evaluating statements and weighting responses, this may be a structured or more formal way of tuning your profile.

How to evaluate the results? No idea. I think that's a really interesting question.

to me designers are the real architects of history, however, the cybertruck example as brash i disagree with for specific reasons.

it is a perfect example of what it does without any deference to other design languages. instead of po-mo symbolism, it really is just the sufficient metal and glass to do the thing. an essential truck is unsentimental working capital. its not a duck, its an undecorated shed.

i think the design will age very well because there's nothing to add to it.

The design shows a fundamental misunderstanding of sheet metal. Flat sheet metal is weak. Only curved sheet metal can be strong. Designs that lack mechanical sympathy with the materials in use don't tend to age well.

I don't disagree with you about its utilitarian aesthetics, even if it seems ugly to me. But an amusing irony is that most customers probably won't ever use it as a truck.

It's hands down the ugliest thing I've ever seen.

But at least it's not boring. I'd even call it audacious. Most of today's SUVs, you wouldn't be able to guess the brand/model if you took the badges away.

True, the same mindset that lead Microsoft to create the Metro UI, which has similar appeal.

It's true - they are all looking more and more similar.

I call it the trash compactor

Kei trucks are unsentimental working capital. Cybertrucks have been designed to look this way because someone thinks it sells. The panels come unglued and fly off because they glued panels on because they needed the truck to look that way because they thought that attracted customers.

Cybertruck looks that way because of compromises. They didn't think the shape would sell, they thought stainless steel would sell. The shape is a function of how hard it is to shape stainless steel. Likewise gluing panels on is required because stainless steel can't be welded. Because they refused to compromise on stainless steel they were forced to compromise elsewhere.

Stainless steel can be welded... just not easily and cheaply.

> Cybertrucks have been designed to look this way because someone thinks it sells

No, I think it's to get the cost of an electric truck down. I've never heard anyone from Tesla say it looks that way because it'll sell better. It doesn't look like the other Teslas, which all look really nice, but are more expensive.

Obviously it's subjective, but no ... the model 3 does not look really nice. The new generation with the facelift just crosses the borderline of acceptable, as does the newly face-lifted model Y. But the countless prior generation 3 and Y that litter our streets surely must be a marginal drag on the Tesla brand ... they're aging terribly. Which isn't hard considering my initial impression of them.

The model S is literally the only car they got right.

Let's not even talk about the CT. I can't even bring myself to utter that horizontal fridges name ...

> It doesn't look like the other Teslas, which all look really nice, but are more expensive.

No, they're not. The price of a Cybertruck is in line with the price for a Model S or Model X, and significantly higher than a Model 3.

You know what's better at getting the cost down better? Not adding extra parts for aesthetics. Gluing on extra panels costs more than not gluing on extra panels. Also, making them smaller makes them cheaper. They're actually too big to fit in standard European parking spaces, so clearly they have no need to be as big as they are.

Their design is all about aesthetics, but a type of aesthetics that is non-conventional in the car industry.

I often ask, "what new fact could change my opinion about this?" it isn't a simple question. it requires you go upstream of your opinion and consider why or what caused you to think it, and then ask -even upstream of that- if there is some principle or axiom that is yielding an interpretation of that cause.

questions like: would I still think this if I were happier; do I have a belief about my status that the circumstances do not reflect; do I share an ontology with this being at all; do I fear other consequences of agreeing with them?

the irony of authority is it usually means dealing with someone who doesn't have the authority to compromise, and if you don't humiliate them for this fact that hangs over everything they do, they will often at least use their discretion.

do timepiece complications have theoretical limits that might originate from the "7-fold limit" in origami, or huffman's work on folding curves in origami?

I realize watch complications are stacked disc segments and not folds, but intuitively if you are dealing with a material in a fixed space you either run up against limits in the stiffness of parts down to sheets of atoms, or some theoretical folding limit relative to the thickness of the case. a watch that expressed the proof might be worth the indulgence.

Mechanical losses in cog and ratchet. At some point, friction won.

Didn’t mythbusters do 8 folds?