This is good nuance to add to the conversation, thanks.
I think in most cases you have to trust some group of parties. As an individual you likely don't have enough time and expertise to fully validate everything that runs on your hardware.
Do you trust the OSS community, hardware vendors, OS vendors like IBM, Apple, M$, do you trust third party vendors like Crowdstrike?
For me, I prefer to minimize the number of parties I have to trust, and my trust is based on historical track record. I don't mind paying and giving up functionality.
Even if you've trusted too many people, and been burned, we should design our systems such that you can revoke that trust after the fact and become un-burned.
Having to boot into safe mode and remove the file is a pretty clumsy remediation. Better would be to boot into some kind of trust-management interface and distrust cloudstrike updates dated after July 17, then rebuild your system accordingly (this wouldn't be difficult to implement with nix).
Of course you can only benefit from that approach if you trust the end user a bit more than we typically do. Physical access should always be enough to access the trust management interface, anything else is just another vector for spooky action at a distance.
It is some mix of priorities along the frontier, with Apple being on the significantly controlling end such that I wouldn't want to bother. Your trust should also be based on prediction, and giving a major company even more control over what your systems are allowed to do has been historically bad and only gets worse. Even if Apple is properly ethical now (I'm skeptical, I think they've found a decently sized niche and that most of their users wouldn't drop them even if they moved to significantly higher levels of telemetry, due to being a status good in part), there's little reason to give them that power in perpetuity. Removing that control when it is absued hasn't gone well in the past.
The Vanguard 500 Index Fund (VFINX) has existed since 1976.
Kenneth French (the "French" in the Fama-French asset pricing model) provides market data going back to 1972 [1] and can be used to reconstruct index fund performance.
Citadel doesn't have individual clients, and if you're not a billionaire I don't see how you'd gain access to their hedge fund.
Huh? The first index fund was started 45 years ago, and indexes existed and are tracked far longer than that. Tell me what percentage of hedge funds beat the S&P over the last 50 years?
If you cherry pick the US S&P (over international, and over small cap), I’m allowed to cherry pick hedge funds.
Many funds consistently outperform the S&P by 2-3X over 30-40 years. Minimum investment, $5-10M, of course.
Buy and hold is the best option for those under USD $10 million net worth, but you must acknowledge there are semi-closed funds/prop trading firms that consistently beat the market.
Stop being poor so you can go into those badass hedge funds that always beat the S&P 500 /s
But seriously, I'd rather just put money into VTI and VXUS and go back to playing video games, planning a D&D one-shot, programming a bit, or hanging out with friends in my spare time. Let the active traders waste their time poring over 10-Ks and/or charts. I'll be here having fun and taking what the market gives.
> Yes, just like there are individual stocks that beat the market. How do you pick them?
The same way you picked your passive index fund: look at 20-30+ years of data.
Unfortunately, VTI, VT, VOO all underperform the top hedge funds, when evaluated over 20 years (risk adjusted return, downside deviation, and absolute return). I’d go further back but VTI was created in 2001 whereas the hedge funds were created in 1980/1990.
I picked S&P because it's one of a handful of widely reported indices and it was created roughly in the same era as the original vanguard index fund, not by cherry-picking data.
Your statement that major index funds all underperform the top hedge funds is tautological, of course the ones that beat the averages are the top funds. What I'm genuinely curious is: how many hedge funds were there in 2001 and how would you identify the top ones?
The other important question is whether a retail investor can join it. I know someone like baobabKoodaa [1] would shout from the rooftops, "You're moving the goalposts, grandparent, waaaaaaaaaaah!" Well, I'm not grandparent, so my goalposts are completely different from theirs.
My goalpost is whether a retail investor like me can get in on those high-flying funds. If not, then in the retail universe, they may as well not exist. Thus, I'm better off investing in VTI/VXUS and using the rest of my spare time coming up with some funny ways to challenge my party in a D&D one-shot.
What percentage of hedge fund clientele exclusively invested in a single hedge fund 50 years ago? Many index fund evangelists focus on that assumption. It’s a strawman.
You can invest actively and intelligently. For example, my 401k offered an emerging markets fund (MGEMX) that isn’t the ideal fund from a cost structure perspective... but it performed really well for a few years. It wasn’t speculation or reckless behavior to have exposure to that sector. Portfolio rebalancing booked my gains when it was rising 30%, and I ended up doing well when 2008 killed that sector.
That doesn’t mean buy and hold doesn’t make sense either. If I was lucky and held on to an early fun money Bitcoin buy I’d be on an island right now!
The fact that the difference is 10ms and 8ms respectively suggests that the speedup of attribute access isn't what's showing up in your measurements. In one case we access the slot "a" once; in the other case we access it five times. How can that be a 20% difference?
> The condition is, though, that I need to be able to quickly run the program to validate just all of it to work.
That's a condition for all TDD.
> I know there's testing frameworks, although it seems more of an eclectic mess than Java
If you look at the test suites for popular libraries like numpy, django, airflow it's mostly `pytest`, `unittest` (part of the standard library), and `nose`.
> where testing and mocking is just a little harder to do...
Mocking is actually pretty easy to do in python using pytest.monkeypatch or unittest.mock. Compared to mocking in a strongly typed language like C++ (and I assume Java) if an object you're mocking implements a particular interface, you would only have to mock out the parts that get exercied by the codepath in the tests you care about.
I was saying, run the program, not run a test in a larger suite.
> > where testing and mocking is just a little harder to do...
You were quoting me trying to say that mocking out system interactions, such as I
/O, things with external side-effects, tends to be harder, regardless of Python versus Java.
> Mocking is actually pretty easy to do in python
Let's disagree. As a Java developer, doing some Python takes me a moderate amount of online searching, unless I'm writing the test code, during which the online searching and associated trial and error skyrockets.
I think you could look at the battle/war from a different perspectives, and come up with different conclusions.
In the mainstream (whatever that is?) it appears that convenience wins. And hardware/software vendors seem to make the assumption that customers won't complain if their data is harvested. I think that's where you're coming from?
On the (privacy) enthusiast things, the horizon looks much better. We've got great software that makes self-hosting easier: FreeNAS, Nextcloud, Docker, Plex, NixOS, etc. We have more choice in phones: we can still use "dumbphones", or use open source operating systems, or choose manufacturers with better privacy track records. I'm not familiar with consumer electronics as much, but buying low end/dumb devices (TVs, appliances) is still viable. And the open source home automation movement keeps getting traction with hardware and software.
Plex forces centralized Internet authentication for your locally-hosted server, and uses a variety of centralized services that have access to your served files' titles and other metadata. Furthermore Plex collects a variety of usage information statistics. I don't think it's possible to entirely opt out of these services or collection, or indeed use Plex at all without Internet access.
Although Plex claims to "care deeply" about privacy in its privacy policy, there is no blanket statement guaranteeing the privacy of your data and usage habits, or at least none without weasel words.
As someone who held out on smart phones until 2 months ago, nah, not having a smart phone isn't an option any more. Many jobs, even if not explicitly, require you to have a smart phone. Otherwise you can't read or see what your boss sends, you can't use their dumbass apps, you can't take and send pictures of customer complaints or problems, and ive even found places that requires you to have a smart phone just to sign up for their job application submission software.
Not having a smartphone is turning into luddite territory and you are looked down upon as less valuable in much of the modern world if you don't have one.
> We have more choice in phones: we can still use "dumbphones", or use open source operating systems, or choose manufacturers with better privacy track records.
There are zero options on the market right now that come close to a modern smartphone.
They do, they just don't call them TVs. Look up commercial digital displays, exact same brands with the same screens as the consumer model but no tracking and bloatware. Of course, without the subsidies from selling your data, they're going to run you an extra 30-50%
it's not just that, they're generally rated for 24/7 usage and feature much higher build quality - often with ultra thin bezels to allow them to be used in tiled arrangements.
whether that usage rating is related to any actual difference in the hardware is something i've pondered, but it is something they do specifically mention.
I wish it was only a 30-50% premium though as my experience is that they are an integer multiple of the equivalent consumer TV.
generally we get around this by using rentals for a lot of things, the only people purchasing them (in my realm) are production rental houses like PRG or VER, or permanent installers where the cost is just another line on the buildout of a space.
I'm very happy with my current dumb 65" 1080p screen, but have thought about whether I would pay signage screen prices if the only other option was something with its own rogue computer - smart TVs really are terrible in every iteration I've seen. Eventually I may desire more resolution or size, or my screen may have an irreparable failure.
Having modded thinkpads to use better / higher resolution panels, and having disassembled a number of consumer TVs, I do suspect that the next best option is going to be getting a dumb driver board to accept HDMI and turn it into the LVDS / EDP / whatever interface is needed to directly drive the panel (as well as a backlight driver, and something to spit audio from the HDMI to some speakers). As it gets harder to buy a quality large screen without crapware (without paying signage prices) I hope enough of us will pursue this route that there can be a known process and BOM to make it a straightforward project. I would imagine you could have your cake and eat it too by pairing up a quality dumb driver board and a high quality screen that is not available in dumb form.
At that point we could consider interesting modifications like a teensy with ethernet to allow remote control over LAN with a protocol like OSC, or some lightweight hardware to decode an NDI stream to allow creating "channels" coordinated by a centralized media server / NAS. One could accomplish interesting things that would be concerning if not under local-only control, like video calling that hops between screens in the house as you change rooms, shows that automatically pause if you get up for a restroom break, gesture control for when you're watching a cooking video while cooking and have dirty/wet hands, and so on. There is a ton of smart home functionality around screens that is compelling and useful when not paired with creepy companies or unknown data exfiltration.
Wow, that's super unlikely. How many commits did the repo have?
According to [1] using 3 letters you'd need at least 72 commits to have at least 50% chance to observe a clash. Using 6 letters you'd need at least 3977 commits, lol.
Do you know of git GUIs that explicitly maintain a bijection between the GUI and the underlying command history? It'd be cool to use the GUI and see the command history, or use the CLI and see updates in the GUI.
I'm not sure if this is exactly what you're looking for, but maybe close? SmartGit has an Output window that shows the underlying Git commands that it uses when you drag things around or use its commands. And if you make changes in the command line and then switch back to the SmartGit window, it updates to match.
> more precisely predict what riders might be willing to pay for a ride
It's weird to me that this sort of price discrimination is legal.
E.g. given this information, my incentive as a rider is to never tip (so that their algorithm doesn't identify me as "willing to pay" more). Maybe I could also make a new Lyft account every time I need a ride?
> > more precisely predict what riders might be willing to pay for a ride
> It's weird to me that this sort of price discrimination is legal.
I don't interpret this as charging different customers different prices per se. But there are different prevailing conditions with different pricing justified (other than simple congested/not congested). Knowing what your service is worth to customers so you can extract a greater fraction of this is pricing 101.
> I don't interpret this as charging different customers different prices per se.
Based on my experience Lyft and Uber charge different prices to different customers with identical trips. I've tested this by asking friends with who I'm about to share a ride with to request the same trip as me, and compare prices. We've observed differences of 10-20%.
> Knowing what your service is worth to customers so you can extract a greater fraction of this is pricing 101.
Where this becomes problematic is in the age of big data. When a company can build an accurate profile of me, they can extract maximum prices from me. We need laws that mandate what definition of "profile" is allowed to be used for pricing.
I'm not sure why we accept price discrimination at the individual level for airlines and Lyft/Uber. I'm pretty sure people would be outraged if Amazon started price discriminating based on your purchase history.
I think that statement was about riders in the collective sense. Riders are typically willing to pay more, e.g. on New Years Eve than on a random afternoon.
But, in any case, dynamic pricing at both the individual and the collective level is pretty widespread these days. By and large--there are some exceptions--companies don't have to sell at a fixed price to all people at all times.
I think in most cases you have to trust some group of parties. As an individual you likely don't have enough time and expertise to fully validate everything that runs on your hardware.
Do you trust the OSS community, hardware vendors, OS vendors like IBM, Apple, M$, do you trust third party vendors like Crowdstrike?
For me, I prefer to minimize the number of parties I have to trust, and my trust is based on historical track record. I don't mind paying and giving up functionality.