Alleviate social suffering from the COVID-19 by shortening its incubation period

A crazy idea:

Develop a preventive treatment for COVID-19, whose operation would be to shorten (yes, shorten!) the incubation period from contagion until development of the disease’s symptoms. So that the incubation period will be one or two days long like flu, instead of a week or even longer.

Then, ask everyone to undergo the treatment (maybe take pills).

This approach has few advantages:

  1. People, who were infected, will infect less other people, because they’ll know that they were infected and will isolate themselves promptly.
  2. There will be less need for PCR tests to confirm COVID-19 infection (why are we not doing tests to confirm flu infection?).
  3. People, who need to self-isolate, can release themselves from isolation faster, as the confirmation of their health would arrive earlier.
  4. It is possible that thanks to change in the flow of the disease, less people will suffer from the serious form of the disease. Of course, the opposite situation can happen and then it’ll be necessary to find another treatment, which does not have this side-effect.

הקלה על הסבל החברתי מהקורונה על ידי קיצור תקופת הדגירה שלה

רעיון מטורף:לפתח טיפול מונע לקורונה שהפעולה שלו תהיה לקצר (כן, לקצר!) את תקופת הדגירה מרגע ההידבקות ועד להתגלות סימפטומי המחלה, כך שיהיה יום יומיים כמו שפעת במקום להיות שבוע ואפילו שבועיים.

ואז לבקש מכל אחד לעבור את הטיפול (אולי לקחת כדורים).

לדרך פעולה זו יש כמה יתרונות:

  1. אנשים שנדבקו – ידביקו פחות אנשים, כי יידעו שהם חולים ויבודדו את עצמם יותר מהר.
  2. הצורך בבדיקות לאימות הידבקות בקורונה יירד (למה לא עושים בדיקה לאימות שנדבקנו בוירוס שפעת?).
  3. אנשים שצריכים להיות בבידוד יוכלו להשתחרר מהבידוד תוך זמן יותר קצר.
  4. יש מצב שבגלל שינוי מהלך המחלה, אחוז יותר קטן של אנשים יסבלו מהצורה החמורה שלה. כמובן שיכול להיות גם מצב הפוך ואז יהיה צורך לחפש טיפול אחר שאין לו תופעת הלוואי הזו.

What to reply to a computer science student who asked you to be his accomplice in cheating?

You probably are familiar with the phenomenon of students, who pay other people to write term papers, theses and projects for them to submit in order to meet academic requirements.

Few years ago, a computer science student named R. (a pseudonym) approached me and asked me to write for him and his partner a computer program, so that they will submit it to meet a requirement in order to pass a course, which they were studying.

Instead of taking money from him, I replied to him as follows.

I am approaching your question from the point of view of a mentor, teacher or a wise person needing to advise a young person, who is in a difficult situation and who is considering a bad solution to his problem. What the young person really needs is not to have someone else do his project for him, but long-term thinking: what are the long-term consequences of this solution, what alternative solutions exist, which obstacles exist in the alternatives, how to overcome those obstacles, the need to summon courage to change course.

For starters, as far as I am concerned, what you asked for is in the grey area between cheating and having an original solution to the problem. This is because certificates are not worth that much in the vocation of software development. Either the developer knows how to program or he doesn’t know, no matter what degrees or impressive certificates he has. If he does not know how to program, then within half a year his employer, if the employer has a clue, knows about it, and gives him a kick in the ass – reducing the long-term damage. Also, there are several people, who take on big projects and hire other people to do the actual work. However, the difference is that they have to provide the project with services such as marketing skills, project management, search and selection of development tools, money handling, etc. – instead of (or in addition to) software development skills.

Now to the point. Before proceeding further with what you and your partner are contemplating doing – I highly recommend that both of you read Ayn Rand’s “The Fountainhead” and follow Peter Keating’s career development in the book. He started out relying upon other people, like you are contemplating doing, made an impression on the right people and reached the top of his profession.

But… he didn’t last long and eventually he fell. And the sad truth is that he trained for the wrong vocation. There was a vocation that suited him perfectly, and he could really excel at it, but his mother pressed him to learn the vocation he actually learned (and in which he eventually failed). The saddest thing about his story is that when he realized which vocation is right for him and started engaging in it – it turned out that he started it too late and could not reach a high level of proficiency in that vocation.

If you and your partner decide to pay someone else to do your project, then:

  • Anyone, who knows that you have done this, will be unable to help you look for a job, because they will have to lie if they vouch for your software development skills.
  • During software development work, there are periods of extreme pressure. Schools plan their course syllabuses so that an average student can handle the resulting pressure (with some sighs and groans). At work, pressure can be unlimited. So if you are unable to cope with pressure in school, it is very unlikely that you can cope with it at work. So you should consider a vocation, in which there is no such pressure.
  • You give up the fight to be really good professionals, who know when to accept failure like men (even at work there are some projects which fail, due to all kind of reasons, such as over-optimistic effort estimates, and it’s better to admit failure and move on to another project), and instead of accepting failure and its consequences, you are heading toward pretense.
What to do now?

I suggest that you first carefully review the decisionmaking process that led you to decide on a vocation in the software world. If you have taken psychotechnic tests and consulted with a specialist in the area of vocational selection, one of the tests was probably as follows:

  1. Go over a very long list of topics and highlight those which interest you.
  2. Group the interesting topics into groups, such that the topics in each group have the same theme from your point of view.
  3. Go over the groups and identify potential vocations related to each group.

Why am I telling you all this? Because if you kept the papers from your evaluation (or you can get them), you might find there a clue for identifying a vocation, which really attracts you and in which you can excel.

The next step is to determine if you have relatives, who are unwilling to accept that your future is not in the lucrative and profitable software world, but in another direction. Then check if and how to neutralize their influence upon your choice of the vocation that fits you.

I assume that the computer world is appealing to you, so you may want to check out some other vocations in this world besides writing software (I remember that in Hadassah Institute for Professional Selection Counseling in Jerusalem, where I did my vocational counselling, there was a library with descriptions of thousands of vocations – such a library could help you choose the right vocation for you). Examples: training, installation and configuring, software testing, maybe even administrative project management. Then go on to specialize in the vocation that suits you and in which you can excel.

True, you already started studying and already invested two years in your studies, and now I am proposing to write off all this investment and start over? Yes, however as far as getting a certificate or a degree is concerned, some of the investment will probably be lost. But as I said above, certificates are not that valuable in the software world. Like a pilot’s license does not turn someone, not having the aptitude to pilot, into an ace fighter pilot; also a software developer’s certificate does not turn someone not fit to be software developer into a great software developer. In terms of content – I’m sure you’ve learned something that will help you in any direction you choose for the rest of your life. And as far as the requirements for finishing your studies are concerned, once you know which direction is right for you, you probably can switch to a major which fits your vocational goals. In this case, you’ll probably be able to use some of the credits of the courses that you already completed. So what you already studied is not a total loss.

P.S.:

A student, who is paying someone else to do his homework, term papers, projects or theses, is like a basketball player who is paying someone else to go to his team’s practice sessions.

Orphan Technologies

Hi-Tech is failing people with disabilities

The other day, Nathan Zeldes wrote to me:

Between us, I’ve always been pissed off by the lack of progress in hi-tech solutions for severe handicaps; the fact that even the legendary Stephen Hawking was using a robot voice sounding like a Commodore 64 shows how little incentive companies (and society) have in driving leading edge solutions that could liberate people from severe disabilities.

To which I replied:

The problem is a lack of incentive to develop technologies which would help only few people. It just is not profitable. People cannot have a decent standard of living or support wife & children by working only on such problems. Subsidizing the development of such a technology could lead to the basic problem of socialism (possibility of turning a profit NOT by serving another person, the basis of “true” capitalism).

A similar problem exists with “orphan medicines” – medications and
procedures for treating very rare illnesses.

What could be done?

In discussions with Nathan Zeldes and with Dr. Yoav Medan (who is involved with the orphan technology of 3D printing of prosthetic hands), the following ideas were mentioned.

1. Students doing Final Projects

  • STEM students, who do their final projects, can profit from working
    on an orphan technology as their final project. The students provide
    a service and in exchange for it, they gain experience which will help
    them later make more money in their careers.
    However, most students cannot bring a product to market. The
    best they can do is to solve problems in a local and limited community.
  • People, who are not students, could gain both experience and reputation by working on such problems.
  • Companies could sponsor such projects, in order to get favorable
    advertising, improve their reputation, etc.
  • It would be a good idea to develop ways to quickly monetize experience/reputation to allow people to live well by doing those projects for a living.

2. Dual-use Technologies

For the deaf and HOH (Hard of Hearing), most of the relevant technologies happen to have dual use, starting from Alexander Graham Bell’s telephone. Robert Weitbrecht’s acoustic coupler was useful not only for allowing deaf people use teletypes over phone lines (and not only over telex lines) but also for other data communication users.

My personal experience was with adding Hebrew support to the Nokia 9110 and Nokia 9210 smartphones at the beginning of 21st century. Those cellular phones were very useful for the deaf in the pre-SMS era thanks to their ability to send and receive FAX messages. Since Hebrew support was useful also for Hebrew-speaking hearing people, it was a profitable endeavor for Erez Zino and me. See also: כנגד קול הסיכויים (in Hebrew).

A variant of this approach is for biotech and pharma companies, when developing a new technology, to first develop it to treat orphan/rare diseases. This gives them regulatory and reimbursement advantages. Once the technology is developed, it is applied also to common diseases, for which established therapies already exist.

An example is Minovia, which is developing a cell therapy technology to treat mitochondrial diseases. They began by targetting the Pearson Syndrome, which affects only 100 children worldwide.

3. “Micro-business” methodology and support services

Orphan technologies become orphan because the Hi-Tech world is based upon economics of scale. To develop a technology, you need a sufficiently big market to make it worthwhile. A business needs to have a minimum size to have any chance for success.

A methdology, infrastructure and support services to facilitate “micro-businesses” would overcome the above barrier. A micro-business would be a business, which does not require more than few hours a month, after some reasonable initial investment in building it, and would be very profitable (in terms of net income per hour) serving its very limited market.

One such possibility is to have spread out creativity centers (both physical and in the WWW) which help people develop their ideas. Examples: TAMI hackerspace and HAIFAUP.

4. Affluent end-users subsidizing the development

One could get affluent people needing an orphan technology to fund its development. Even if they are few, just one millionaire, with a child afflicted with the problem, could be enough to fund the orphan technology’s development.

Variations of this approach:

  • Government funding of technologies needed to rehabilitate army veterans with disabilities.
  • Collaboration with a non-profit devoted to the disease in question. Some of them have money or access to donors.
  • Philanthropic funding (from people not needing the orphan technology or themselves).
  • A variant of philanthropic funding is to use crowdfunding websites (Headstart, FundIt, PipelBiz, Indiegogo, KickStarter, etc.) to donate to a project.
  • Some companies declare upfront that they will allocate a certain percentage of their profits to social causes (including orphan technologies development), without expectation to make any financial returns.

5. Impact Investments

Some people invest not only for profit but also for social impact. They invest in underserved areas where they can see an eventual upside. An example is Social Finance Israel.

What could make me oppose Bibi Netanyahu – מה היה גורם לי להתנגד לביבי נתניהו

במערכות הבחירות של 2015 ו-2017, שמתי לב לתופעה מעניינת.

כל האנשים שהתנגדו להמשך כהונתו של ביבי נתניהו כראש ממשלה הפגינו רמה נמוכה מאוד של יכולת לנמק את טיעוניהם. הטיעונים שלהם היו מלאים בכשלים לוגיים (בעיקר מסוג Ad hominem). אלה מהם שהשתתפו בויכוח שבו עלו דוגמאות היסטוריות התעלמו במופגן מתקדימים היסטוריים וטענו שמה שהיה פעם לא רלבנטי להווה.

כמו כן, היו אפילו סהרוריים שטענו במלוא הרצינות, שכל אזרח ישראלי יהיה ראש ממשלה יותר טוב מביבי נתניהו. שכחו את האסון שהיה תחת שלטון אהוד ברק. אני בספק אם היו מסכימים לאפשר למשה שרת ז”ל לחזור להיות ראש ממשלת ישראל אם היה חוזר לתחיה בדרך נס.

למען האמת, הם היו הסיבה העיקרית שבגללה הצבעתי בעד ביבי נתניהו. אם ליריבים שלו אין נימוקים אמיתיים והם נזקקים ל-Ad hominem אז זה מצביע על האפשרות שהצדק עם ביבי נתניהו ושהוא ראש ממשלה הרבה יותר טוב מהמועמדים של המתנגדים לו.

מה שבטוח – המתנגדים של ביבי נתניהו עשו ועושים המון רעש על שטויות וזה מטשטש התנהלות לא תקינה אמיתית שיכולה להיות בהתנהלות ממשלות בראשות ביבי נתניהו, כי מוצלח ככל שיהיה, ביבי נתניהו הוא רק בן אדם ובתור שכזה, לא ייתכן שיהיה מושלם.

ואכן, יום אחד, בקרב כל האספסוף הסהרורי הזה צץ אדם חכם אחד. למרות דעותיו השמאלניות, הוא השכיל לשאול אותי מה היה גורם לי לשנות את דעתי ולהתחיל להתנגד לביבי נתניהו. לצערי, לא היה לו זמן לענות על השאלה הסימטרית – מה היה גורם לו לשנות את דעתו ולהתחיל לתמוך בביבי נתניהו.

מכל מקום, בעקבות שאלתו הכנתי רשימה של נושאים שצריך לעקוב אחריהם. אם תחול התדרדרות בתחומים אלה, זה יהיה סימן שאכן הגיע הזמן לסיים את עידן ביבי נתניהו.

  1. תגבור הכפיה הדתית והתרבות תופעות של הדתה בחיי היום יום.
  2. היחס ליהודים קונסרבטיביים ורפורמיים.
  3. תופעות של ישראבלוף – אם מתברר שהגזימו כלפי מעלה בחישוב הייצוא או יתרות מט”ח של ישראל, או הגזימו כלפי מטה בהערכת אחוז האבטלה בישראל.
  4. תופעות של ישראבלוף ביחסי החוץ של ישראל, למשל אם לאחר שנתניהו נואם על היחסים המצוינים עם ארץ מסוימת, מתברר שהם מצביעים נגד ישראל באו”ם ועושים בעיות לתיירים ואנשי עסקים ישראליים שמגיעים לארץ זו.
  5. מדיניות כלכלית פופוליסטית ו/או תיעדוף סקטורים כלכליים מסוימים בגלל לחצים פוליטיים.
  6. פגיעה בהתפתחות סקטור ההיי-טק בישראל על ידי מיסוי, רגולציות או מדיניות כושלת אחרת.
  7. הגדלת קיצבאות לחרדים ולאנשים אחרים שיכולים לעבוד ואין להם באמת צרכים מיוחדים – לרמה שמעודדת אותם להתבטל ולא לנסות לפרנס את עצמם.
  8. עצירת השקעות בתשתית – תחבורה, אינטרנט מהיר, ניצול אנרגיות מתחדשות.
  9. שחיתות שמתבטאת בפרויקטי תשתית שתוכננו לא נכון ואינם משרתים את הצרכים האמיתיים של עם ישראל. כנ”ל – בהצטיידות בכלי נשק ע”י צה”ל.
  10. ניוון מערכות ההשכלה הגבוהה.
  11. בעית דיור אמיתית-אמיתית, שמתבטאת בצפיפות דיור גבוהה ו/או דיירי רחוב שנזרקו לרחוב שלא בגלל בעיות נפשיות/שכרות/סמים.
  12. הימנעות מהשקעה בבדואים בדרום כדי שלא ייהפכו לעדה של אנשים שמראש מניחים שהם עבריינים, כמו השחורים בארה”ב.
  13. היחס לדרוזים ברמת הגולן לעומת היחס לערבים ביהודה ושומרון. יחס לא הוגן לדרוזים הללו יהיה סימן אזהרה שישראל הולכת להיות מדינה גזענית שמפלה לרעה שכבות אוכלוסיה מסוימות.
  14. איסור על ספרים, סרטים והצגות תיאטרון שמשחירות את פני ישראל, ושהופקו ב-100% מימון פרטי ללא תמיכה ממשרד החינוך והתרבות, ושמוצגות באולמות בבעלות 100% פרטית ללא שותפות ממשלתית או עירונית.

כמו כן, אני צריך לראות שלפחות 10% מהמתנגדים לביבי נתניהו יהיו מסוגלים לנמק את התנגדותם בנימוקים שמבוססים על עובדות, ושמכירים בכך שגם לתומכים בביבי נתניהו יש נימוקים רציניים, שצריך להתמודד איתם בלי לקרוא לתומכים בשמות גנאי.

הערה לסמולנים שרוצים להגיב על פוסט זה.
כדי שאתייחס ברצינות לדבריכם, עליכם קודם כל לענות בכנות על השאלה הבאה:
“מה ישכנע אותך שהפלסטינים לא באמת רוצים בשלום עם ישראל לא משנה כמה ויתורים נוותר להם ולאלו תנאים נסכים?”

Automatic localtime management in ESP8266 and other low-memory IoT devices

Justification

During the last several years, personal computers and smartphones became capable of displaying the local time, correctly adjusted for daylight saving time (DST) – and without requiring human intervention beyond selecting the correct timezone.

Nowadays, there are also some IoT devices, which need to support local time management – displaying it, or otherwise making it available.

Timekeeping is performed using the Internet protocol NTP, which provides the correct UTC. When using a PC or a smartphone, the timezone is usually selected by manual user action.

However, some IoT devices may not have the UI needed for convenient timezone selection. Then it is desirable to support automatic timezone selection as a default.

How to implement automatic timezone selection?

There are some websites, which discover your IP address and provide you with the best guess of your timezone.

Since those websites usually provide the timezone name rather than the string describing the DST transition dates (the so-called tz_string), the next step is to figure out the DST transition dates from the timezone name.

In devices with plenty of memory this is carried out by means of a timezone database.

For example, in Debian/Ubuntu based systems, this database is stored in the /usr/share/zoneinfo directory and occupies 3.5MB (the relevant package in Ubuntu 18.04 is tzdata and its version, as of Nov. 2019, is 2019c-0ubuntu0.18.04).

Memory constrained IoT devices

However, IoT devices are typically based upon memory-constrained controllers and cannot afford to store locally the whole timezone database – just to correctly determine the local time for a single timezone.

Therefore, IoT devices need to access an Internet based service to get the correct timezone information, just as they get UTC time updates using NTP. In other words, those IoT devices effectively outsource the timezone database management.

Internet service for providing the timezone information

An Internet service, for providing the correct tz_string corresponding to a timezone name, needs to keep the timezone database up to date at all times.

I implemented the internet service as follows.

  1. A machine, running an Ubuntu 18.04 installation with a webserver, is used.
  2. The Internet service is implmented as a small WSGI-based website. It uses the database mentioned below.
  3. A script scans the /usr/share/zoneinfo contents and creates a small database for translating timezone names into the corresponding tz_string values.
  4. There is a mechanism for invoking the above script and restarting the web server each time the tzdata package is updated/installed/re-installed.

Show us the code!

The GitHub project tddpirate/tzdata2tzstring includes redacted versions of both an implementation of the above website and a sample ESP8266 client.

Credits

I wish to thank the Python Israel Telegram group members for advice about selecting a Python WSGI framework. I ended up selecting Falcon because benchmarks indicated that it is faster than Flask and Bottle.

The members of the לינוקס Telegram group deserve thanks, too. They helped me find the mechanism for appending my own postprocessing scripts after a Debian/Ubuntu package installation or upgrade.

Get DisplayLink to work on Lenovo Y700 after upgrade to Debian Buster

Hardware

Laptop:
  • Lenovo Ideapad Y700
Graphics cards (in my system, they are configured to work in hybrid mode):
  • GeForce GTX 960M – NVIDIA Corporation GM107M (rev ff)
  • Intel Corporation HD Graphics 530 (rev 06)
Docking station with DisplayLink support:
  • ThinkPad Basic USB 3.0 Dock, Model No. DL3700-ESS
    It is connected to the laptop via an USB3 port and has its own power supply.

Using the NVIDIA graphics card

The following point is probably irrelevant to DisplayLink usage and problems. However it is part of my environment and I mention it for completeness sake.

The laptop is configured, as instructed by https://wiki.debian.org/Bumblebee, to work with the Intel graphics card. The NVIDIA card is used by applications running under optirun. I had to modify /etc/bumblebee/bumblebee.conf to use KernelDriver=nvidia-current rather than KernelDriver=nvidia.

Connecting two additional displays to the laptop

To install the appropriate driver:

  • git clone https://github.com/AdnanHodzic/displaylink-debian.git
  • Follow the instructions in README.md

When everything works properly, three displays are identified by xrandr -q | egrep axis as follows:

  • eDP-1 – laptop’s display
  • HDMI-1 – external display connected via laptop’s HDMI port
  • DVI-I-1-1 – external display connected via DisplayLink on docking port

Note that those displays could have different identifiers (such as DP1 or eDP1) in your system.

After starting the X-Window, configure the displays using:

  1. xrandr –output HDMI-1 –primary
  2. xrandr –output eDP-1 –mode 1360×768 –right-of HDMI-1
  3. sleep 1     # without it, the following display was not properly configured.
  4. xrandr –output DVI-I-1-1 –left-of HDMI-1

You probably want to add those commands to your ~/.xinitrc.
I chose the 1360×768 mode to have the same DPI in all attached displays.

Problems when upgrading from Debian 9 (Stretch) to Debian 10 (Buster)

The above setup worked under Debian 9 (Stretch).
However, after upgrade to Debian 10 (Buster) following the instructions in Release Notes for Debian 10 (buster), 64-bit PC, chapter 4, either the X-Window server did not work or the display connected via the docking station exhibited misconfiguration.

I got it to work as follows:

  1. Update your displaylink-debian clone to the most recent commit using
    git pull
  2. If the most recent commit did not work for you, try:
    git checkout fcb6ce5bc36c774af2d7f792842bcd2ede9c7483
    as this commit worked for me after performing the following steps.
  3. Reinstall the driver by running displaylink-debian.sh and following the instructions in README.md.
  4. Finally, replace the contents of the file /etc/X11/xorg.conf.d/20-displaylink.conf, installed by the above instructions by the following:
    Section "ServerLayout"
        Identifier "layout"
        Screen 0 "Intel Graphics"
        Inactive "nvidia"
    EndSection
    
    Section "Device"
        Identifier "intel"
        Driver "modesetting"
        Option "PageFlip" "false"
        Option "AccelMethod" "None"
    EndSection
    
    Section "Screen"
        Identifier "intel"
        Device "intel"
    EndSection
    
    Section "Device"
        Identifier "nvidia"
        Driver "nvidia"
        Option "ConstrainCursor" "off"
    EndSection
    
    Section "Screen"
        Identifier "nvidia"
        Device "nvidia"
        Option "AllowEmptyInitialConfiguration" "on"
        Option "IgnoreDisplayDevices" "CRT"
    EndSection
    
    Section "Device"
        Identifier "Intel Graphics"
        Driver "modesetting"
        Option "VSync" "false"
    EndSection
    
    Section "Screen"
        Identifier "Intel Graphics"
        Device "Intel Graphics"
    EndSection
  5. You need to restart the X-Server (I restarted the entire laptop to be on the safe side).

See GitHub issue: AdnanHodzic/displaylink-debian, Debian buster #308 for a similar bug report.

Credits

I wish to thank Boris Shtrasman for reviewing a draft of this post and providing a lot of feedback. Of course, any remaining inaccuracies in this post are my sole responsibility.

I feel psychologically unsafe when working in big corporations

Three times during my career, I worked in big corporations.

1. Intel – Haifa, Israel

First time, I worked in the Intel design center in Haifa, Israel. At the time, unlike today, the operations in Haifa were small.

I left work to pursue my M.Sc. after five and half years, during which time the operations in Haifa grew to employ hundreds of people.

With hindsight, it turned out that there was also a manager who wanted me out of Intel due to his own reasons.

2. SanDisk – Kfar Sava, Israel

Second time, I worked in SanDisk, Kfar Sava, Israel.

I noticed that I feel anxious all the time while I was working there. I left the job after half a year.

Among other things, I got into a serious disagreement with a manager in another unit about a problem, whose solution was critical to the success of an assignment that I got.

Reflections

Before accepting the job offer from Google Ireland (see below), I reviewed my experiences in Intel and SanDisk and made a list of recommendations how to improve my chances to be successful in Google.

One of the recommendations was to identify a high ranking manager, who is interested at helping smart deaf people succeed in their jobs in Hi-Tech companies, and who can advocate for me in case of misunderstandings among me and managers in remote units.

3. Google – Dublin, Ireland

Third time, I worked in Google Ireland. No high ranking manager was available to advocate for me as needed. I again was anxious all the time. I left the job after three and half months.

I chose to leave the job in lieu of accepting a demand that I apologize for a harsh but non-personal expression, which I said during a discussion about an accessibility problem in an American bank, which worked with Google.

I knew, without using the term psychological safety, that if I apologize I would not be able to feel psychologically safe if I ever have to point out problems with proposed plans or designs.

Background anxiety

The unending anxiety that I felt while working in SanDisk and Google was about fear of offending managers in remote units, whom I did not know personally, but with whom I had to interact to fulfill my work duties. I could not be confident that I would have the support of my own bosses if there is any problem with remote managers.

Now there is a research pointing out what I was missing during my work in SanDisk and Google. Ironically, the research was performed in Google about a year after I left the company.

High-Performing Teams Need Psychological Safety. Here’s How to Create It

The five keys to a successful Google team

An earlier version of this article was published in LinkedIn as: Psychological Safety – the reason why I did not survive in big corporations

Anonymizing datasets for machine learning

Preface

All of us are familiar with the idea of anonymizing datasets to get rid of personally-identifiable information, in order to enable data mining while preserving (as much as possible) the privacy of the people whose data was collected. The basic idea is to modify names, ID numbers (Social Security Number in USA), home addresses, birthdays, IP addresses and similar information. Sometimes, one needs to get rid also of information about age/gender/nationality/ethnicity.

This method was subjected to a lot of research and it is easy to find, with the help of search engines, relevant papers and articles. See Bibliography for examples.

However, there is also another transformation of datasets. Unlike anonymization, as described above, this transformation is not about privacy preservation. It is about hiding the nature of the data being processed. Lacking a better term, we’ll use the term anonymization also for this transformation.

One possible application for this kind of anonymization is when one develops a revolutionary model for predicting the future behavior of the stock exchanges of the world by following various economic indicators and other publicly available time-dependent data sources.

In such an endeavor, the developer typically has gathered a lot of data, and wants to use it to train his revolutionary machine learning model. Since he cannot afford to build his own data center, he rents a lot of computing power in one of the cloud providers.

However, he does not want to take the risk of an unscrupulous employee of the cloud provider stealing his secret data or model and using it for his own benefit. He also wants to reduce the damage if a black hat hacker breaks into his rented computers.

Some users might want to process information, which interests governments such as the Chinese government. Those governments have the resources to break into cloud computers.

The classical way to mitigate such risks is to encrypt/recode/scramble (henceforth, I’ll refer to all those operations as encryption) the data being uploaded to the cloud. However, this encryption must be done in such a way that the data is still suitable for training the model. In addition, when running the model for making a prediction, the raw model’s results need to be generated in an encrypted form, for decryption in the developer’s on-premises computer/s (to which I will refer as a workstation henceforth). From this point on, we’ll use the terms anonymization and encryption interchangeably.

When looking for relevant research on the second kind of anonymization, I did not easily find relevant information. It motivated me to write this article.

Glossary

The following symbols are described in order of their appearance in text.

    • M: the transfer function of a machine learning system.
    • A: the argument of M – the data used by a machine learning system to make a prediction.
    • a_j: the j^{th} element of A.
    • P: the value of M(A) i.e. the prediction that the machine learning system makes when presented with data A.
    • p_k: the k^{th} element of P.
    • I: the identity function. For all x, I(x) = x.
    • F^{-1}(x) is the inverse of F(x), for any function F(x): for all relevant x, F^{-1}(F(x)) \equiv x \equiv F(F^{-1}(x)).
    • Functional composition: for all relevant x, (F_1 \circ F_2)(x) \equiv F_1(F_2(x)). For example, F^{-1} \circ F \equiv I \equiv F \circ F^{-1}.
    • E_a(A): a function which encrypts the argument A. Its inverse is denoted by E^{-1}_a(A'), which decrypts A', an encrypted version of the argument A.
    • D_p(P'): a function which decrypts the encrypted prediction P'. Its inverse is denoted by D^{-1}_p(P), which encrypts the prediction P.

Architecture of machine learning systems

A machine learning system is used to approximate a function M, which makes a prediction (or classification or whatever) P, given the n-tuple A which packs together several argument values:

\displaystyle{}P = M(A)

where:

\displaystyle{}A = (a_1, a_2, \ldots, a_m)

is the argument, and

\displaystyle{}P = (p_1, p_2, \ldots, p_n)

is the prediction.

The values a_j of the argument and p_k of the prediction can be of any data type and they are not limited to scalars. This is why a n-tuple notation is used rather than a vector notation.

Examples of machine learning system applications:

  • Picture classification. When presented with a picture of an animal, the system would tell how likely is the animal to be a dog, a cat or a horse. The system is trained by presenting it several pictures together with a label identifying the animal shown in the picture.
  • Prediction of the next few values of a time series, such as the numbers which describe the weather at a particular location. The system is trained by using relevant historical information.

Machine learning systems are sometimes implemented using neural networks. Neural networks have the property that a sufficiently large neural network can be trained to approximate any function, which meets certain reasonable conditions.

A machine learning system is trained to implement a good approximation of the function M by processing several 2-tuples of (A_i, P_i), which associate each prediction – the desired value of the function (which is usually a n-tuple) – with the corresponding argument value (which is usually a n-tuple).

The training process is very computationally intensive, so people often resort to cloud computing facilities, as said above.

Architecture of anonymized machine learning systems

When an user does not want to let the cloud provider know what he is doing, one possible approach is to train the model using encrypted data streams, so that the model’s outputs are encrypted as well. The data streams are encrypted on the user’s workstation. The workstation is used also to decrypt the model’s predictions.

The whole system can be described using the following formulae.

Original system:

\displaystyle{}P = M(A)

We add identity functions before and after M:

\displaystyle{}P = I \circ M \circ I(A) = I(M(I(A)))

The next step is to decompose the identity functions into pairs of a function and its inverse. The functions being used perform encryption and decryption.

\displaystyle{}P = (D_p \circ D_p^{-1}) \circ M \circ (E_a^{-1} \circ E_a(A))

where E_a(A) encrypts the argument A and D_p(P') decrypts the prediction P'.

Now we rearrange parentheses as follows:

\displaystyle{}P = D_p \circ (D_p^{-1} \circ M \circ E_a^{-1}) \circ E_a(A)

Now the system can be decomposed into three parts, which perform the following operations:

  1. Encrypt the argument A: \displaystyle{}A' = E_a(A)
  2. Actual encrypted machine learning system: \displaystyle{}P' = D_p^{-1} \circ M \circ E_a^{-1}(A') = M'(A')
  3. Decrypt the encrypted prediction P': \displaystyle{}P = D_p(P')

where A' and P' are the encrypted argument and prediction respectively.

The functions E_a(A) and D_p(P') need to be invertible, as their inverses are part of the function being approximated by the learning machine model M', which is the second part of the system, and is the one actually run on the cloud provider’s computers.

The first and third parts are implemented on the user’s workstation. The typical implementation relies upon keys and scrambling formulae.

Two more requirements are:

  • The machine learning model P' = M'(A') is to be implemented using a technology, which is sufficiently sophisticated to embed also nonlinear and invertible functions in the loss function used to evaluate it.
  • There is sufficient training and validation data to train the model, which embeds including nonlinear invertible functions.

Types of data

When dealing with anonymization of data, one has to consider separately each of the following data types.

  • Variable names
  • Numerical variables
  • Ordinal variables
  • Categorical variables
  • Time based variables

Variable names

Variable names are used for naming the various variables which are part of the argument and prediction of the machine learning model. They are used for inspecting the argument’s data streams and for retrieving relevant parts of the model’s prediction.

Of course, the cloud provider should not be exposed to the true names of the variables.

Variable names can be converted into meaningless strings. For example, by using standard password scrambling algorithms, such as salt+md5sum.

The user’s workstation would have tables for mapping among the true variable names and the names used by the model and databases in the cloud.

Numerical variables

Numerical variables can be transformed using invertible functions.

Also, if the argument A has several numerical elements (including time based elements), one could treat them as a single vector and transform it using an invertible matrix.

Mathematically, it could look as follows:

\vec {A_v'} = E_{av}(\vec {A_v}) = E_{matrix} \vec {A_v}

where:

  • \vec {A_v} is the restriction of A to numerical variables.
  • \vec {A_v'} is the encrypted version of\vec {A_v}.
  • E_{av} is the argument’s encryption function, restricted to numerical elements of the argument A.
  • E_{matrix} is an invertible transformation matrix.

Invertible scalar functions could be applied to A_v‘s elements before and after the matrix transformation.

If the argument has also an element, which is a categorical variable, one could use a different transformation for each value of the categorical variable.

Ordinal variables

The values of the ordinal variables could be permuted. The learning model will implicitly embed the inverse permutation.

Categorical variables

Shuffling categories is not enough, because categories could be identified by their frequencies (like application of Zipf’s law to decrypting substitution ciphers).

The following approach is probably not universally applicable.

Categories could be anonymized by splitting a frequently occurring category into several subcategories. The learning model will give a different prediction for each subcategory. The different predictions will have to be somehow combined in the user’s workstation.

This approach also requires the model to be formulated in such a way that the final prediction can be derived by combining the predictions corresponding to the subcategories of split categories.

Time based variables

When anonymizing time based variables, one needs to transform the argument to hide any dependence it has upon weekly, monthly, seasonal or yearly cycles. One needs also to hide dependencies upon well-known events, such as volcano eruptions or rising CO_2 concentration in air.

Otherwise, it would be possible to identify dates by looking for correlations with well-known timings.

One possible way to hide those dependencies is to apply an ARIMA forecasting model to the argument.

Bibliography

The following articles are about getting rid of personally-identifiable information in order to preserve privacy.

      1. https://en.wikipedia.org/wiki/Data_anonymization
        • Generalization.
        • Perturbation.
      2. http://blog.datasift.com/2015/04/09/techniques-to-anonymize-human-data/
        The methods proposed by this article could interfere with machine learning, except for sufficiently small perturbations.
      3. https://www.elastic.co/blog/anonymize-it-the-general-purpose-tool-for-data-privacy-used-by-the-elastic-machine-learning-team
        • Suppression of fields.
        • Generation of semantically valid artificial data (such as strings). There is a Python module – Faker – which is good for faking names, addresses and random (lorem ipsum) text.
        • The methods, mentioned in this article, cannot anonymize numeric data.
      4. https://docs.splunk.com/Documentation/Splunk/7.2.3/Troubleshooting/AnonymizedatasamplestosendtoSupport
        Anonymization of data such as usernames, IP addresses, domain names.
      5. https://www.oreilly.com/ideas/anonymize-data-limits
        Human data cannot really be anonymized.
      6. https://www.intel.co.kr/content/dam/www/public/us/en/documents/best-practices/enhancing-cloud-security-using-data-anonymization.pdf
        Several methods for anonymizing data such as identifying information of humans, IP addresses, etc:

        • Hiding
        • Hashing
        • Permutation
        • Shift
        • Enumeration
        • Truncation
        • Prefix-preserving
      7. https://ieeexplore.ieee.org/abstract/document/6470603
        Usage of MapReduce to anonymize data.

      Addendum

      After finishing the first draft of this post, I was informed of the following.

      Credits

      I wish to thank Boris Shtrasman for reviewing a draft of this post and providing a lot of feedback. Of course, any remaining inaccuracies in this post are my sole responsibility.

Python discovers its inner PHP and JavaScript personae

Did you recently switch from PHP or JavaScript to Python, and are missing the fun of being bitten by your programming language?

The collection of surprising Python snippets and lesser-known features is your ultimate guide for provoking Python to bite you in the arse.

Security and Obscurity

If you do not know the password but know how to use the password to gain access to something that was secured using this password, then this is security by obscurity.

On the other hand, if you know the password but do not know how to use the password, then this is obscurity by security.

(Sources of inspiration: The Butterfly DreamCategory Theory’s reversal of rows.)