aphoenix's recent activity

  1. Comment on The Monty Hall problem in ~science

    aphoenix
    Link Parent
    I'm having flashbacks to bad parties in university.

    I'm having flashbacks to bad parties in university.

    1 vote
  2. Comment on The Monty Hall problem in ~science

    aphoenix
    (edited )
    Link Parent
    The key is to understand that there is no difference between "you get to keep everything behind all the other doors" and "the host opens a door and shows you that it is empty". That's the reason...

    The key is to understand that there is no difference between "you get to keep everything behind all the other doors" and "the host opens a door and shows you that it is empty". That's the reason that I always take out the goat when discussing this - the goat is a distraction.

    No matter what happens, you have a 1/3 chance of having picked correctly (with 3 doors). That chance does not change when you acquire new knowledge. There is no way to change your original chance of selecting correctly, since that is done in the past, and the past cannot be changed.

    It works like this, and please read carefully because I'm actually doing something slightly different than the classic Monty Hall:

    • There exists doors A, B, C. Each have a 1/3 chance of containing the prize.
    • you choose A. You have a 1/3 chance of having chosen correctly.
    • (B, C) has a 2/3 of having the prize.
    • The host allows that you may keep what's behind door A, or you can switch and take the prize if it is behind B or C.
    • Most people will choose "B and C" instead of "just A"

    I have written something slightly different from the classic example (the host opens one empty door) but this is actually what is happening in the classic problem. The host is doing a bit of performative trickery to make you think that something he does now can change a possibility that occurred in the past but that isn't possible. You cannot retroactively change the odds of your decision being correct, and all the performative trickery in the world cannot change statistics.

    If you're more into "seeing for yourself" this is something you can show empirically. Sit with a friend and run the situation 100 times, and you'll see that the majority favours switching.

    6 votes
  3. Comment on Tell me about your living space in ~life

    aphoenix
    Link
    I live in a moderate sized bungalow in a small southern Ontario city. Our house's main floor is ~100m^2; we have a finished basement which is almost the same amount of usable space (~100m^2); if...

    I live in a moderate sized bungalow in a small southern Ontario city. Our house's main floor is ~100m^2; we have a finished basement which is almost the same amount of usable space (~100m^2); if you're more comfortable with it, that's about 2200 square feet of space.

    My family consists of me, my wife, and our three children, ranging in age from 5 to 14.

    Upstairs is 3 bedrooms, 1 bathroom, a whole bunch of hallway, a moderately crappy kitchen, and the family room which serves as a combination dining room / living room / entertainment room / music room. Our family room has a lot going on and is usually in some state of disaster, see above re: children. This is the room the children spend the most time in, which will be surprising when I describe the downstairs.

    Downstairs has 2 more bedrooms, one of which is my office and is very large, a very large play room, a laundry, the furnace room, and the storage room. The play room is the largest room in the house, and the least used. Kids, eh? What're you gonna do.

    My wife uses half of our master bedroom as her office, which means that on any given day, several lectures happen from there. I work from my office. During "normal" times, this wouldn't be the case - she works at a university, I work out of the offices of the company I work at.

    We have a relatively large back yard, which has two sheds; one shed is large and beautiful. I built it with my father about 9 years ago. The other is small and awful and every year I consider pulling it down. We have a bit of storage behind The Good Shed to store our canoe. There's a sandbox, a fairly large cedar deck that I built with my father, a natural gas grill, some lawn furniture, two fair size garden beds with lots of vegetables growing in them, and a very nice back sidewalk that I (you guessed it) built with my father, that incorporates a nice french drain that goes around the back and side of the house, draining out to the front yard. We do not have a garage. Our front yard is mostly lawn with a small ornamental cherry tree and the ultimate end of the french drain, filled with moderate river rock.

    I appreciate that this house has given us 15 years of good life and good memories. When we moved in, we rented out the basement and only had one kid; we changed that over time, and now use the whole place, and we've enjoyed building our family here. The location is fantastic; we love the city we are in, and we love the access to parks that are nearby.

    The house has had years of water problems. Leaks, floods, mold, and other awful crap. I'm nearly finished the long process of finally fixing just about every goddamn way water can get into this house, just in time to sell it.

    The space has been made "ours" through handiwork; I'll never be able to look at the shed in the back, or the bathroom that we redid, without being proud of the work I can do with my hands. That said, I am certainly looking forward to the somewhat near future where we will sell this house and move to one that will suit our needs more. We need more room, and we want to live in a nicer place.

    I don't have a strong series of recommendations other than, if you can swing it, get good at fixing things. Home ownership is often one long fix after another; if you can fix the things yourself, then you will save thousands upon thousands of dollars.

    5 votes
  4. Comment on The Monty Hall problem in ~science

    aphoenix
    Link Parent
    Are you actually me? I've also explained this to my brother and his friends, also while they were drunk, also late at night, because I also have a math degree. I also used this explanation.

    Are you actually me?

    I've also explained this to my brother and his friends, also while they were drunk, also late at night, because I also have a math degree. I also used this explanation.

    10 votes
  5. Comment on The Monty Hall problem in ~science

    aphoenix
    Link Parent
    Actually, the person you responded to is entirely right. The host does explicitly know and will not open a door with a car behind it. The opening of the door is absolutely not random. If it were...

    Actually, the person you responded to is entirely right.

    The host does explicitly know and will not open a door with a car behind it. The opening of the door is absolutely not random. If it were random, the probability would be different.

    I've always liked this slightly simpler version:

    • there are 3 doors
    • there is nothing behind 2 doors
    • there is a prize behind one door

    You get to pick a door, and then the host says "do you want to switch and get everything behind the 2 other doors, or do you want to keep your one door?"

    Everyone understands that they should take what is behind the 2 doors.

    The critical piece of understanding is that I have described the same puzzle.

    It's even more obvious when you make it more extreme:

    • there are 99,999 doors with nothing
    • there is one door with a prize
    • you may pick one door
    • the host offers to let you switch to 99,999 other doors

    You will always take the switch.

    Again, this is a description of the same puzzle, because the host has knowledge of where the prize is.

    @Sand see this comment for explanation.

    18 votes
  6. Comment on The Monty Hall problem in ~science

    aphoenix
    Link Parent
    I love this problem, and I love this explanation. On more than one occasion, I've had someone still refuse to believe that there was a reason to switch, but then this one minor variant was enough...

    I love this problem, and I love this explanation. On more than one occasion, I've had someone still refuse to believe that there was a reason to switch, but then this one minor variant was enough to convince them even though it is functionally the same.

    "Would you rather hve the one door you picked, or all the doors you did not pick?"

    What is hidden is that, functionally, you're giving the person all the doors they don't pick if they switch. That has made the lightbulb come on for some people.

    14 votes
  7. Comment on Board games with unique mechanics? in ~games.tabletop

    aphoenix
    Link
    There's a mechanic that I quite enjoy in Dixit and Mysterium where there are cards with art on them and you have to give somewhat cryptic clues to enable your co-players to match to the cards....

    There's a mechanic that I quite enjoy in Dixit and Mysterium where there are cards with art on them and you have to give somewhat cryptic clues to enable your co-players to match to the cards. It's explored differently in either game - Mysterium is a bit more constrained, Dixit is more free-form - but it's a cool concept.

    4 votes
  8. Comment on Board games with unique mechanics? in ~games.tabletop

  9. Comment on Would you give up flying to lower your environmental impact? in ~enviro

    aphoenix
    Link Parent
    I don't think we can realistically convince everybody to give up significant frivolous travel. We've had it for a long time, and it is now culturally imprinted on us all - if we want to fly...

    We take that for granted, but maybe we need to give it up?

    I don't think we can realistically convince everybody to give up significant frivolous travel. We've had it for a long time, and it is now culturally imprinted on us all - if we want to fly somewhere, we can. We can likely convince eco minded people to refrain from this type of travel, but consider that we can't even convince half of people to wear masks to prevent a deadly virus from spreading; we absolutely will not be able to sell those same people "just stay relatively local".

    It's probably going to be much easier to invent a new and fantastic way of eco-friendly travel than to convince the bulk of western culture to act responsibly.

    1 vote
  10. Comment on What's it take to make a secure, stable, and scalable site? in ~comp

    aphoenix
    Link Parent
    Given some more context, I can add a bit more insight: I think the best place to start, then, is with a framework that helps make some of these decisions for you. Since you have PHP experience, I...

    Given some more context, I can add a bit more insight:

    By 'secure', I mean protecting users information such as passwords, messages, login stats, and such, and keeping the backend more difficult to exploit than its worth.

    I think the best place to start, then, is with a framework that helps make some of these decisions for you. Since you have PHP experience, I would suggest checking out Laravel and seeing the sorts of things that it gets you "for free". There is a section in the documentation about security in Laravel that may address some of things that you're looking for or may give you ideas how to do it youself if you do end up wanting to roll your own from scratch, which I do not recommend. I cannot state this more strongly - using a framework to do this is going to be the best first step to security of your application.

    The next big thing I would recommend is to consider every piece of data you store and if it is necessary. For example, I would suggest that you never store things like Credit Card numbers, Social Security / Social Insurance Numbers, Driver's Licence numbers, or other official documentation. If you don't store it, you can't leak it, and most of the time there's no need to store things like that. After that, consider each piece of information that you want to store for relevancy; it might be "nice" to store honourifics, pronouns, or gender, but is there any utility in doing so? (it's okay if your answer is "yes")

    my mind thinks to small sites that get posted on to reddit and crash under the load of tens of thousands of visitors in an hour

    This is a common issue that people bring up, but the reality is that in 99% of cases, the server should crash if suddenly there is a spike in traffic by 1000000%. For most sites, you want to arrange the cost of hosting such that you are paying an appropriate amount for the traffic that you have almost all the time, with a bit of a buffer. You don't want to be paying for the ability to scale to 10000000% capacity at a moment's notice if that's going to happen one time, because in most cases that's just throwing money away. Here's a pirate based analogy: you have a bit of treasure on your ship, and you want to take it from Point A to Point B. When you're doing this, you hire an appropriate sized crew to deal with a pirate ship, should the need arise. You do not hire the entire flotilla of the Imperial British Navy, because that's an inappropriate amount of resourcing for your needs.

    Scaling is a place where you can address stability; consider in the previous analogy if you could hire just one guy to protect your treasure, but when the need arrives then hundreds more could just be zapped into existence! I'm pretty excited about this pirate themed analogy. With some work, you could set up your application to spin up more servers based on demands. This would almost necessarily be done via some kind of cloud computing (Amazon Web Services, Google Cloud, MS Azure, etc) and you would have some set of rules about how to bring on more application servers when needed... but this is almost certainly overkill at this point. I would suggest that you try to think of things like this:

    • get access to a small Linode server, or something similar, and do your development there
    • separate your services into different silos that make sense. A database service, an application service. Those are typically the only two that you need. As you grow, you may identify the need for more services, but that's a good spot to start.
    • use a framework to develop your application. Keep it simple; get a proof of concept working.
    • monitor your traffic usage - when you see an uptick in traffic, requisition bigger servers
    • set up some basic firewall rules (remove standard

    If things are successful and work, then you'll want to think about things like this:

    • am I spending too much time deploying this application to the servers? -> I need a build pipeline
    • are the server resources frequently taxed? -> am I caching enough things?
    • are the servers resources taxed, but I'm still caching things? -> I need a bigger server
    • are there spikes in server resources that happen with some frequency? -> I need to be able to scale based on traffic

    There are tons more points I could put on this list, but I think the most important part is to start building. I think you have the right ideas in your head about how to move forward ("I want to be secure and stable") and I think it's important to remember that perfect is the enemy of good; sometimes perfect is the enemy of doing things. There's lots that I glossed over too - this is a really barebones comment - but hopefully this is enough to help get you started.

    3 votes
  11. Comment on Cards Against Humanity statement in ~games.tabletop

    aphoenix
    Link Parent
    I'll drop it, but I feel like this whole thread has just been moving goalposts. My original stance was that the person I responded to read it through the lens of a predetermined verdict, and...

    I'll drop it, but I feel like this whole thread has just been moving goalposts. My original stance was that the person I responded to read it through the lens of a predetermined verdict, and you're doing it too. I never said this was a really well thought out statement or public defence, which is fine because it's an interview and not either of those things.

    1 vote
  12. Comment on What's it take to make a secure, stable, and scalable site? in ~comp

    aphoenix
    Link Parent
    I hope you didn't conclude from what I said that these factors are anything other than necessary from the beginning of planning to launch of a project, and beyond. I disagree. Do things where it...

    While I agree with the sentiment, you should also be putting these factors into consideration while you're designing the framework.

    I hope you didn't conclude from what I said that these factors are anything other than necessary from the beginning of planning to launch of a project, and beyond.

    Whatever processes can be done on the server should be done on the server.

    I disagree. Do things where it is appropriate to do so. Sometimes that means things are done client side, and that's okay. We don't even know what the project is - it may be necessary to do some, or even most, of the work on the client side.

    validate all data server-side.

    That's 100% necessary, and I'm adding it to my original list for posterity.

    2 votes
  13. Comment on Cards Against Humanity statement in ~games.tabletop

    aphoenix
    Link Parent
    You are assuming that there is something to find out in the 1 on 1 meetings at Temkins' apartment, and they have failed to do so. The message they have given is "to our knowledge, nothing...

    It means the person writing this doesn't explicitly know of any non-professional conduct.

    They could have found out, but didn't.

    You are assuming that there is something to find out in the 1 on 1 meetings at Temkins' apartment, and they have failed to do so.

    The message they have given is "to our knowledge, nothing unprofessional happened" which insinuates (if not outright states) that they did not have a formal complaint about people going to Temkins' apartment on file. So to their knowledge, to wit their independent HR department's lack of complaints on the matter, there were no issues with the situation.

    1 vote
  14. Comment on Cards Against Humanity statement in ~games.tabletop

    aphoenix
    Link Parent
    You are incorrect, or making an inference that had nothing to do with what I said. In the context of the question asked, and the way the question was answered, they confirmed both that the...

    You are incorrect, or making an inference that had nothing to do with what I said. In the context of the question asked, and the way the question was answered, they confirmed both that the meetings happened and that nothing untoward happened during them. I am not claiming that as an absolute fact; I'm saying that they answered the question, whereas the person I replied to said they dodged the question. I'm not saying that they were necessarily telling the truth or that they knew the entirety of truth. Context is important.

    1 vote
  15. Comment on What's it take to make a secure, stable, and scalable site? in ~comp

    aphoenix
    Link Parent
    This is super important, and I'm going to add it to my original list. I tend to think of it like this: you've only backed something up if it is successfully retrievable. If you have backed it up...

    And just as important, know how to restore from backups!!!

    This is super important, and I'm going to add it to my original list. I tend to think of it like this: you've only backed something up if it is successfully retrievable. If you have backed it up in a way that you can't get it, than you haven't done part 1: back things up.

    This seems like it might be obvious to people who don't necessarily do this, or who are just starting out, but some backup options don't make it easy to restore from your backups. You have to know the process for doing so.

    4 votes
  16. Comment on What's it take to make a secure, stable, and scalable site? in ~comp

    aphoenix
    (edited )
    Link
    This is a huge topic; it's analogous to saying "how does one be a doctor?" and expecting there to be some sort of answer. This is the sort of thing that people learn and implement over a period of...

    This is a huge topic; it's analogous to saying "how does one be a doctor?" and expecting there to be some sort of answer. This is the sort of thing that people learn and implement over a period of years. I'll try to give some general ideas of where to start.

    The shortest answer I can give you is that each of these are things to work towards incrementally. You need to have an idea of what you mean by "secure, stable, scalable" and exactly how much security, stability, and scalability that you need. The answer is that you want enough to be acceptable, but not so much that it's prohibitively expensive. I could, without too much personal effort, set up a site that was nigh unhackable, incredibly stable, and could handle a very large number of concurrent connections. This would be very expensive, and it wouldn't be 100% effective at any of these. It will always be possible for someone to hack your site or for the site to experience too much traffic. The best you can do is to make it more difficult than it is worth to get the information that you have, and for the site to survive normal usage.

    Application / Network Architecture is where a lot of the answers are going to be. You need to know how and where you are going to store data. There are a number of different ways to architect your system with security in mind, and there are a number of different options depending on budgetary and scalability needs.

    That said, here are some things that I would recommend considering:

    • use SSH for server access, with key authentication (not password)
    • don't use FTP
    • only allow SSH from a particular VPN
    • monitor login attempts and log things properly
    • keep your servers up to date - do the security patches as quickly as possible
    • back things up
    • back things up though, like, for real
    • Edit (thanks @Bauke): Know how to restore those backups when things go wrong!
    • keep your data separate from your application, and don't allow public access to your database
    • Edit (thanks @Akir): Validate all your data on the server side. You can pre-validate things in the client, but that is not sufficient validation.

    Those are some things that I tend to do, but they are by no means an exhaustive list - those are just things I remembered off the top of my head. These won't give you great security, but it's a place to start for someone at "don't store passwords as plain text".

    11 votes
  17. Comment on Cards Against Humanity statement in ~games.tabletop

    aphoenix
    Link Parent
    I don't want to offend, but I believe that you read this piece with a "verdict" in mind, and you've analyzed it through that lens. For example: The answer did not dodge a yes or no question. It...

    I don't want to offend, but I believe that you read this piece with a "verdict" in mind, and you've analyzed it through that lens.

    For example:

    Very well-wordsmithed way of dodging a yes or no question. Yes, he invited subordinates to his apartment for 1-1 meetings.

    The answer did not dodge a yes or no question. It was explicitly "yes" by the phrase that states "To our knowledge, 1-1 meetings were rare and completely professional." This means that 1-1 meetings in the apartment were rare and professional. The surrounding information is important because the the question itself is meant to evoke outrage for people who read it. For a sufficiently large company, it would be very weird to have 1-1 meetings with someone in one's residence; for a small, decentralized company that uses the area as office space, this is not weird. The point of the question is to paint the picture that things are necessarily inappropriate if someone does that, but it's not necessarily inappropriate. I've run businesses before where I had an office in my home, and I've had people to my home for business meetings. I'm not saying this to excuse Max Temkin, but I'm saying that the journalist knew what they were doing with that question, and is using it as a weapon.

    With respect to data they have that "paints them in a particular light" I think you're once again being a bit unfair. It's all relatively summed up by this section:

    Under normal circumstances, we would consider this conversation to be a confidential employee matter and would not share it publicly. However, since this person has already tweeted publicly and incorrectly about the events in question, we feel we must present this evidence.

    So they are only providing the screenshots when someone is perhaps directly lying about what was said, and otherwise are keeping direct quotations out. There's no real way for them to win on this one, because they either respect the privacy of the people involved by not sharing things that are likely against their own employment agreement to share and get called out on it, or they do share and violate the privacy of their employees, which would be quite detrimental in the middle of this issue about them not respecting their employees.

    10 votes
  18. Comment on Would you give up flying to lower your environmental impact? in ~enviro

    aphoenix
    Link Parent
    I don't have any problem with riding "the same way as poor people" but if I have a 2 week vacation that I want to spend in Vancouver, and I drive or take the bus, then my whole vacation will be...

    I don't have any problem with riding "the same way as poor people" but if I have a 2 week vacation that I want to spend in Vancouver, and I drive or take the bus, then my whole vacation will be spent sitting in a bus seat. If I drive myself, it's in a slightly more comfortable van seat. Realistically, if we don't fly, then most of the continent that we are on is not really an option.

    We need better ways to move around that are ecologically and economically feasible.

    4 votes
  19. Comment on What can you tell me about Montreal, Quebec, and, more generally, Canada? in ~life

    aphoenix
    Link
    @arghdos pretty much nailed it - it's a lovely city. I've only ever visited, and not lived there, but every visit has been delightful. The only thing I might add that hasn't come up that much is...

    @arghdos pretty much nailed it - it's a lovely city. I've only ever visited, and not lived there, but every visit has been delightful.

    The only thing I might add that hasn't come up that much is the opportunity to travel in and around Canada.

    Quebec is one of my favourite places to vacation - I live in Ontario, just next door. My favourite city in Quebec is Quebec City - there's great food, great beer, great people, and it has a great feel. Knowing french is certainly helpful when travelling anywhere in Quebec, but not particularly necessary.

    The Maritimes is a beautiful place - I've only been to Nova Scotia, but I believe the same warmth and friendliness is something you will find in all of the maritime provinces. Seeing the Bay of Fundy is impressive, and it's a great place for seafood.

    Ontario is a fantastic place as well. Montreal is close to Ottawa, and about a half day's drive from Toronto. Ottawa / Hull has a lot of amazing things to see and do, and the downtown is amazing, and if you're still around on Canada Day 2021 (assuming that we're not still on health lockdown at that point) it's an amazing place to go. Toronto also has a million things to see and do; museums, galleries, aquariums, shows, sports, the CN Tower; there's no reason to ever be bored as a tourist. Lots of other cities are great tourist spots as well - one of our best vacations of all time was to Sudbury! Science North is great, and going down into a mine was awesome.

    I just wanted to highlight that in addition to all the great things about Montreal that you would be experiencing, there's the fact that it's relatively central to a lot of cool Canadian places, and you would be able to see and do a lot of cool Canadian things!

    3 votes
  20. Comment on Replacing (potentially) insensitive terminology in programming in ~comp

    aphoenix
    Link Parent
    I think the argument is more "some people are finding this offensive. Here is a likely reason why they are finding it offensive." It's not an etymological argument; if it was, they'd also be...

    You argue that master branches in git is offensive because it comes from an older master/slave terminology.

    I think the argument is more "some people are finding this offensive. Here is a likely reason why they are finding it offensive." It's not an etymological argument; if it was, they'd also be saying "the term robot MUST be changed", which nobody is saying.

    It's an observation that this is right now a problematic word, and the reason is likely etymological. That's one of the cases where etymological arguing is valid. It wouldn't be valid if nobody was offended, and they were saying that people should be offended by this.

    There is a not trivial amount of people who find "master / slave", or even just "master" or "slave" on their own, to be offensive. Can we accept that as a given? I've met many of them, which indicates to me that there are lots more. It's not just a noisy group of very few people; it's a legitimate concern that many people have. It's also a really easy word to change, because there are lots of other valid terms that don't have connotations of slavery.

    4 votes