This assumes our models perfectly model the world, which I don't think is true. I mean, we straight up know it's not true - we tell models what they can and can't say.
I guess it's a matter of semantics, but I reject the notion it's even possible to accurately model the world. A model is a distillation, and if it's not, then it's not a model, it's the actual thing.
There will always be some lossyness, and in it, bias. In my opinion.
I solved the first puzzle:
-Congratulations!
-You solved Paprika with 18 slabs
But this was unclear:
-You've solved 0 puzzles!
-Reveal Rule
-Next Puzzle
-View Archive
-You still have 2 guesses left. Finish guessing before revealing the rule if you're feeling brave!
I have to do 2 more guesses before I can reveal the rule that I already figured out?
Thanks for the note! This part needs work and I really appreciate the call out. I'll try to explain here to share, and maybe clarify my own thinking.
Getting any of the guesses right counts as a win, and you get different guessing slabs for each guess (this latter part isn't made at all clear upfront).
If you have a rule in your head like "no red", but the true rule is "no red or orange", it's possible that on the guessing slabs those two rules evaluate to the same things (e.g. there weren't any oranges present in the guessing slabs). You could then try the rest of the guessing slabs, which might have an example where you get it wrong, giving more gameplay.
I wanted to give a victory on any subset of 5 slabs guessed successfully since trying to get all the guesses is very hard (especially the first guess on many puzzles), and you can get new information from guesses which fail, which offers some progression. Hence getting "you won" and the ability to reveal the rule (I've also thought about keeping the reveal unavailable until you do all guesses) and the invitation to keep playing.
If you have a minute I'd love to hear from you if that makes sense and if you have thoughts about what might make more sense. I've also tried to consider ways of restructuring the gameplay, e.g. automatically progressing to the next set of guessing slabs, such that the flow here is less confusing.
And I worked IT for legal firm, if we were not sending documents over email, we would get replaced by the client.
I spent 3 months on secure document transfer portal system, got scrapped after 4 months because clients wanted their forms as Word/PDF and they wanted them without hopping through any hoops.
Yes I know this was about wrong delivery address (person with same name, wrong account); the point is that email is not completely secure - certainly not for very sensitive (legal) content
Gmail can be fetched via IMAP and leave Gmail's infra entirely. And I don't think Google guarantees that their implementation stays fully on their own owned infra. It's a reasonable assumption but I'd never trust that for a security guarantee.
Email is not an end-to-end secure data protocol without the use of client side encryption/decryption like PGP/GPG, but even then, sender/receiver and time are all in the envelop metadata.
Probably because Law Firms arent necessarily computer security firms. Lots of people have terrible op sec. Additionally if you the recipient are on gmail it stops mattering, now Google knows your legal woes.
Exactly, I’d never use Gmail for anything sensitive. Even for just personal emails I use my own mailserver.
(And again, for truly sensitive stuff I don’t use email at all)
Sure even though, as most others, my server supports TLS, having your email not leave gmail at all may be slightly more secure.
Part of the point however was that when either server or receiver is using Gmail, your possibly confidential email content is still in Google’s hands. Using a personal server reduces that part of the attack surface. Still this does not mean I vacate my overall point that email in general is suboptimal from a secop standpoint.
Why’s that even relevant if the recipient is the wrong address? Email isn’t particularly secure anywhere, and gmail has forwarding and IMAP and aliases and other services that send emails outside of gmail. But sending sensitive documents to the wrong recipient, which was the topic that started this sub-thread, is a case where it does not matter how secure your servers are.
Sure it is, and your own comment above about gmail to gmail being fairly secure demonstrated that. Using a photocopier is intentional, and everyone knows what a photocopier is. Most people don’t know what IMAP is, and an email sender does not know if the recipient uses IMAP.
And this is still irrelevant to sending email to the wrong recipient, so I don’t know why you’re stuck on infra security.
Even if the law firm uses a Gmail account - which most of course don’t - Google still has access to your sensitive legal email content.
(And that’s apart from the meta data leaking)
if you attach documents by linking to a Google Drive document, sure.
if you attach documents 'inside' the mail (i.e. MIME encoded multipart) that is most definitely not secure.
1) you do not know how that mail gets delivered, not necessarily via servers that support encryption
2) you do not know how that mail, or the attachment, gets stored on the local machine
3) you do now know if the mail, or attachment, is sent to someone else
4) you cannot revoke the access to the document once the Need To Known stops
In our ISMS, sending Highly Sensitive data (ex: customer data) by attaching directly to a mail, is strictly not allowed by the IT charter. We explain it during an on-boarding meeting to all new staff members. And it's a fireable offense.
No, this was not an off-hand remark. He made a whole story comparing the profession to the coyote from road runner “they’ve already run of the cliff but don’t even realize it”. It was callous, and showed a total ignorance of the fact that medicine might be more than pixel classification.
As a doctor and full stack engineer you’d have a perfect future ahead of you in radiology - the profession will not go away, but will need doctors who can bridge the full medical-tech range
