Better Password Peppering 2021-08-24T10:19:19.000Z
Gossip 2021-03-21T13:36:34.693Z
Open & Welcome Thread – March 2021 2021-03-03T12:27:10.378Z
Yoav Ravid's Shortform 2021-01-20T12:44:41.782Z
How to solve the argument about what the algorithm should do 2021-01-15T06:08:15.627Z
A sketch of 'Simulacra Levels and their Interactions' 2020-08-04T09:13:21.781Z
What are the Nth Order Effects of the Coronavirus? 2020-04-07T13:55:08.456Z
SSC - Face Masks: Much More Than You Wanted To Know 2020-03-24T06:59:11.707Z
What will be the economic effects of no restrictions 2020-03-24T06:48:15.629Z
How dangerous is it to test a vaccine without animal trials? 2020-03-14T08:51:29.401Z
how should a second version of "rationality: A to Z" look like? 2019-08-24T07:01:27.575Z
Is there neuroscience research on cognitive biases? 2019-07-29T07:45:04.365Z
I translated 'Twelve Virtues of Rationality' into Hebrew. 2019-06-01T18:52:02.436Z
alternative history: what if Bayes rule had never been discovered? 2019-05-11T07:29:58.979Z
800 scientist call out against statistical significance 2019-03-23T12:57:01.989Z
Can Bayes theorem represent infinite confusion? 2019-03-22T18:02:45.088Z
Ideas for a fact checking widget 2019-03-18T14:25:28.535Z
Ideas for an action coordination website 2019-03-08T13:32:06.756Z
What i learned giving a lecture on NVC 2019-02-20T09:08:58.441Z
Is there an assurance-contract website in work? 2019-02-20T06:14:00.633Z
Are there documentaries on rationality? 2019-02-14T11:34:51.624Z
Stale air / high CO2 may decrease your cognitive function 2019-01-22T12:52:06.070Z
What math do i need for data analysis? 2019-01-19T10:08:28.398Z
Critical Thinking in Medicine 2019-01-15T15:09:42.716Z
this Website uses Bayesian networks to evaluate claims - RootClaim 2019-01-12T14:46:43.860Z
What are the axioms of rationality? 2018-12-25T06:47:54.363Z


Comment by Yoav Ravid on The Best Software For Every Need · 2021-09-20T13:06:01.054Z · LW · GW

Huh, it is quite good. My main gripes is it doesn't have a way to favorite certain voices, so you have to scroll through a big list to find the right one, it doesn't have automatic language recognition (like google translate), and when there's two languages in the same text, it just skips the text that isn't in the language of the selected voice.

It makes it difficult to use it multilingually, But I expect it would work better for someone monolingual.

Comment by Yoav Ravid on LessWrong is paying $500 for Book Reviews · 2021-09-17T18:39:18.746Z · LW · GW

I just found out that Pinker is releasing a book called "Rationality" (Hmm.. sounds familiar..) later this month, which apparently presents tools that "have never been presented clearly and entertainingly in a single book--until now." (Good that someone finally put in the effort!).

But slight sarcasm aside, it seems like the sort of thing our community should keep up with - so if someone was looking for a book to review, this sounds like a good option (though it doesn't give much time, it releases on the 28th this month and the bounty closes on the 14h of the next).

I'm already working on a different book review (which is long and difficult to write) so I won't be doing this myself.

Comment by Yoav Ravid on £2000 bounty - contraceptives (and UTI) literature review · 2021-09-16T18:04:09.480Z · LW · GW

Other useful tools:
Connected Papers
Semantic Scholar

Comment by Yoav Ravid on Prefer the British Style of Quotation Mark Punctuation over the American · 2021-09-12T17:48:05.005Z · LW · GW

This is a very good situation for the punctuation under the quotes method alexgieg suggested.

Comment by Yoav Ravid on The Best Software For Every Need · 2021-09-11T03:04:06.274Z · LW · GW

What about (tabletop) laptop users?

Comment by Yoav Ravid on Open & Welcome Thread September 2021 · 2021-09-10T12:15:26.985Z · LW · GW

Welcome! That chain of links was fun to read :)

Comment by Yoav Ravid on LessWrong is providing feedback and proofreading on drafts as a service · 2021-09-08T04:19:33.350Z · LW · GW

This is one of the things that makes this so awesome. As long as you cross-post to LessWrong and you have 100+ karma, you get access to free proofreading for your blogposts (And hopefully everyone gets to read more and better posts as a result).

Comment by Yoav Ravid on LessWrong is providing feedback and proofreading on drafts as a service · 2021-09-07T08:59:43.229Z · LW · GW

True, though growing the community can also be part of strengthening it.

Comment by Yoav Ravid on LessWrong is providing feedback and proofreading on drafts as a service · 2021-09-07T06:05:14.214Z · LW · GW

No I don't think it's a good assumption that most people past a 100 karma have figured out how to write publicly with decent quality (though, depends on what you consider decent).

I'm well past a 100 and I expect this to be very useful to me when I write posts.

And if we're talking in general then even the best writers usually have proofreaders/beta-readers (take Paul graham for example, every essay he releases credits at least a few beta readers)

I do agree it might be especially important to new people that don't have karma, though. It'll be interesting to hear more from the team why they decided on that specific limit. My guess, though, is that they want to mostly review posts that are going to be good posts, and don't want to get spammed with low quality requests. And the 100+ karma filter does that pretty nicely.

One middleground I can think of is you can get a limited number of posts reviewed under 100 karma (even just 1), and at 100 that limit just goes away.

Comment by Yoav Ravid on LessWrong is providing feedback and proofreading on drafts as a service · 2021-09-07T04:10:06.405Z · LW · GW


I remember we had a few conversation about this problem and a few solutions came up, some of them fairly complex. But this just nukes the problem (in a good way). I love it. Now I want to write a post just to try the feature... :)

Anyway, I'm very curious to see how this works out, and how it will affect the posts that are published from now on. And I hope you'll manage the load.

And speaking of managing the load, I'd love to volunteer if I can be of help. I'll send a message on intercom.

btw there's a typo: "The LessWrong team can get things back to you within a day or two", the "to" is missing.

Comment by Yoav Ravid on Open & Welcome Thread September 2021 · 2021-09-06T14:51:08.780Z · LW · GW

I personally have never upvoted my own comment, though not because of some principle objection to doing it. I think as long as you don't do it all the time it can be useful when you think a comment is particularly important/relevant/whatever and you think people should read it. Being confidant in the comment or the comment being time-consuming don't seem like good reasons to upvote your own comment. Also, my guess is you might get more downvotes if people think you shouldn't have strongly upvoted your own comment - I'm not sure to what extent though.

Of course, the norm would be very different if comments were automatically strongly upvoted like posts, so even if this is the current norm it doesn't mean it's the one that "should" be.

Comment by Yoav Ravid on A lost 80s/90s metaphor: playing the demo · 2021-09-04T11:46:29.007Z · LW · GW

The odor of [2-Nonenal] is perceived as orris, fat and cucumber. Its odor has been associated with human body odor alterations during aging.

Know what, I think I lost my appetite. (Cucumber?)

Self Addressed Stamped Envelopes are pretty cool though :)

Comment by Yoav Ravid on A lost 80s/90s metaphor: playing the demo · 2021-09-02T11:02:13.744Z · LW · GW

I read the whole thing (and upvoted), where's my Werther's original? :P

In seriousness, I don't know how useful the phrase is, and I don't really expect to use it, but it was cool to learn about and your writing style was fun to read.

Comment by Yoav Ravid on [deleted post] 2021-09-02T08:03:52.669Z

Seems this can just be deleted? It doesn't do anything that the Open Threads tag doesn't do.

Comment by Yoav Ravid on Petition To Make Inarticulate Downvoting More Difficult · 2021-09-01T09:49:25.653Z · LW · GW

I think there is a value to downvoting being easy, and not require an explanation (Eliezer talked about that being important from the start), but I do agree with you that it can be frustrating. 

So, I suggest a better solution would look in the opposite direction, of rewarding articulate downvoting. How exactly I'm not sure, but I think it would be better than something that discourages downvoting.

I guess there's already some of that, since if you explain your down vote in a comment then it can get upvoted. But it can also be ignored or downvoted, so it's not a reliable reward.

Comment by Yoav Ravid on Open and Welcome Thread – August 2021 · 2021-08-31T17:33:46.708Z · LW · GW

This isn't what I meant here. I meant if we want to have a comment of ours on the post before it's posted. A bit like what YouTubers do.

Comment by Yoav Ravid on Beware of small world puzzles · 2021-08-30T12:32:06.848Z · LW · GW

Nassim Taleb called this The Ludic Fallacy 

"the misuse of games to model real-life situations". Taleb explains the fallacy as "basing studies of chance on the narrow world of games and dice"

He talks about it more in the context of people treating probability like it was about "games and dice", but it easily applies to examples like yours too. And it's indeed something to be careful of. Maybe it should be a tag..

Comment by Yoav Ravid on [deleted post] 2021-08-30T04:52:01.134Z

We already have a Definitions tag. I don't see why we need this one too.

Comment by Yoav Ravid on Cryptographic Boxes for Unfriendly AI · 2021-08-27T09:38:40.471Z · LW · GW

Barak et al proved that you cannot encrypt source code and have someone else run it without decrypting it.

I don't really understand Barak's proof, but I found a project with a paper from last year that does exactly that. So either there's a flaw in their method, or a flaw in Barak's proof (even if just in it's generality). Their work seems pretty solid so my bet is on them, but I'm definitely not qualified to evaluate it.

Comment by Yoav Ravid on Better Password Peppering · 2021-08-27T06:38:21.157Z · LW · GW

Edit: Actually, the slower hashing algorithm is even better because it can't be parallelized.

That's true when you're checking one password, but a slower hashing algorithm doesn't stop you from checking multiple passwords at once (which is something you do when cracking passwords but not when authenticating them). Still, it's something I haven't thought about, so thanks for pointing that out.

Comment by Yoav Ravid on [deleted post] 2021-08-26T12:25:36.456Z

Agree. We also have Data Science (which maybe should be renamed to data analysis, not sure).

Comment by Yoav Ravid on [deleted post] 2021-08-26T11:56:43.874Z

One of those tags I'm surprised we didn't already have. Good job on noticing and writing it!

Comment by Yoav Ravid on [deleted post] 2021-08-26T11:52:14.058Z

This should be a sequence rather than a tag. Surprised it's not already a sequence, actually.

Comment by Yoav Ravid on Good books on Bayesian statistics · 2021-08-26T11:46:25.934Z · LW · GW

See The Best Textbooks on Every Subject. Also this is more fitting for a Question format. The mods can probably switch this post to use the question format, but in the future you can easily create questions from the same place you create posts.

Comment by Yoav Ravid on Security Mindset and Ordinary Paranoia · 2021-08-25T10:16:08.836Z · LW · GW

Security requires a particular mindset. Security professionals — at least the good ones — see the world differently. They can’t walk into a store without noticing how they might shoplift. 

This reminds me of a thing Israelis often do when we go through security (say, to enter a store) where we think how we could have smuggled a bomb inside and the security guard wouldn't catch it, and often joke about it with people around us. It would weird for most people outside Israel, but Israelis are used to it because we're so saturated with stories about these things happening (That's the reason with have security guards in the first places, I'm pretty sure most countries don't have nearly as much as Israel). So this seems like a case of a whole culture becoming a bit more security minded, even if just in a narrow field (terrorist attacks).

Oh, btw, the joke is at least somewhat wrong, since the security guard takes into account how likely they think you are to attempt an attack in how thoroughly they check you. So if you think "I could have done something", the guard already did their job.

Comment by Yoav Ravid on Better Password Peppering · 2021-08-24T18:05:19.526Z · LW · GW

Yes, password security is supposed to provide security even when a hacker gets access to all your data, but it doesn't mean secrecy is completely disregarded, after all no one makes their password hashes database public, and leaks are still a security breach even if the passwords were hashed and salted correctly. So storing it in a harder to compromise place (outside the database, outside the hard drive, outside the computer, whatever) is only "cheating" if you completely rely on it and assume it would work. Which I didn't. My problem with the first method is exactly that, that it's useless if the secret stops being secret.

But, if you really want you can still store them in the database, The important point is that you don't store which peppers are used for which users, which you still do for salts even if you try to hide them somehow.

The hacker does get slowed down almost 100X with a 100 peppers when cracking passwords, since to reject a password they have to try all the peppers, and most likely they have to try a very large number of passwords before finding the right one. On authentication it does take on average half the time, since you usually check correct passwords.

Comment by Yoav Ravid on Better Password Peppering · 2021-08-24T17:47:46.730Z · LW · GW

Yup, and it's already common practice to do 100K+ iterations (Django's default, for example, is 260,000, and in one of their next updates the default is going to be raised to 360,000. And it doesn't feel slow even on a weak laptop like mine).

Comment by Yoav Ravid on Better Password Peppering · 2021-08-24T16:04:07.798Z · LW · GW

I agree that salts already give very good security on their own (even if I personally like the idea of adding peppers), and it's entirely possible that I'm underestimating the difficulty of implementing it. I also agree that using secrecy assumptions is bad (that's my problem with the first method, which is fully based on secrecy and becomes useless if the secret is revealed).

My main curiosity here is how does my method compare to the usual ones. Since, if we take the secrecy example, mine doesn't depend on secrecy (unlike #1, like #2) but still benefits from it (like #1, unlike #2).

Comment by Yoav Ravid on Better Password Peppering · 2021-08-24T12:56:51.624Z · LW · GW

It's actually asymmetric even when the peppers are leaked, since for authentication you only have to check half of the pepper on average before you find the correct one (if the user inputs the correct password, which is most of the time), but to reject a password you have to try all the peppers, which is what you have to do if you don't know the password and are trying to crack it.

Comment by Yoav Ravid on Open and Welcome Thread – August 2021 · 2021-08-24T09:53:06.295Z · LW · GW

Being able to comment on our posts before they're published (i.e, on drafts) would be nice. Sometimes I want to add a note in a comment but can't do that until the post is posted.

Comment by Yoav Ravid on A Response to A Contamination Theory of the Obesity Epidemic · 2021-08-23T08:55:08.282Z · LW · GW

SlimeMoldTimeMold (Who's article series the Contamination Theory paper is based on) has wrote a post about the seed oil hypothesis. They also cover Jeff Nobbs' series.

Excerpt from the end

The literature on seed oil consumption in humans consistently shows that seed oils cause no more weight gain than other fats. When we took a closer look at some of these studies, we found serious problems with several of the analyses. The evidence here is weak at best. 

This doesn’t mean that seed oils, or vegetable oils, or whatever you want to call them, are good for you. They may still be very bad for you, and the case for other health effects (including a connection with cancer) seems stronger. But it doesn’t look like they could be a major cause of the obesity epidemic, and probably, they play no role at all.

Comment by Yoav Ravid on Any recommendation for reading material for pre-school children [3-4 yr]? · 2021-08-22T14:51:28.189Z · LW · GW

Related: Brainstorming: children's stories

Personally I really like The Emperor's New Clothes.

Tiger-Tiger Is It True? is also nice, though I would couple that with a more nuanced discussion of truth, to not teach the kid that truth requires absolute certainty. Or if you're feeling more creative, modify the section about being absolutely sure to just being sure, have tiger give an example why he can be sure, and have turtle point out that that example isn't really enough to be sure because of a possibility tiger hasn't thought about.

Comment by Yoav Ravid on An Apprentice Experiment in Python Programming, Part 3 · 2021-08-17T17:58:27.158Z · LW · GW

The Jupyter Notebook was cool! I only did some of the exercises but that's already more than the zero I did in the previous posts. convenience sure does matter.

Comment by Yoav Ravid on [deleted post] 2021-07-27T07:52:06.008Z

Why is there a page for human genetics but not for genetics in general? Is tagging all posts about genetics with Biology deemed enough? I'm in favor of a genetics tag.

Comment by Yoav Ravid on Open and Welcome Thread – July 2021 · 2021-07-24T05:49:47.897Z · LW · GW

Does anyone know an article that expands on the idea of separating teaching institutions and assessment? I wrote a short expansion (750~ words) myself, and will probably publish it soon, but I'd like to read articles by other people too if they exist.

Comment by Yoav Ravid on The Apprentice Thread · 2021-07-04T08:35:31.405Z · LW · GW

[APPRENTICE] Interested in your offer about getting in tech without college. I'm 20, I've learned python on my own, and I'm currently looking for a job without much success. FYI, I am from Israel, so I don't know if it's as relevant.

Comment by Yoav Ravid on [deleted post] 2021-07-04T05:01:23.365Z

I noticed this became a subject lately so I created a tag for it. I'm not yet sure if it really needs a tag, but I'd thought it's better to give it try and some time and then see. I also considered naming it "Apprenticeship and Mentorship" to cover both parts.

Comment by Yoav Ravid on Attributions, Karma and better discoverability for wiki/tag features · 2021-06-03T05:45:58.869Z · LW · GW

Oh, I see. That seems like a confusing way to do it. I'd have it show the text that was there when the page was created (Or just empty, if no text was added).

Comment by Yoav Ravid on Attributions, Karma and better discoverability for wiki/tag features · 2021-06-03T05:33:18.887Z · LW · GW

Well, I went through the last 2 months of wiki activity and did some voting. I really like this feature, and the feature showing you what each person did on the page is brilliant, makes me want to be able to upvote them right there.

A bit of design feedback: I think I would put the voting "widget" at the start of the line, so it's always in the same place. Currently it's places changes significantly based on the person's name, how much and when they edited. And if they left an explanation of their edit then it's in the middle between the two and you need to look for it.

Comment by Yoav Ravid on Attributions, Karma and better discoverability for wiki/tag features · 2021-06-03T05:02:40.974Z · LW · GW

It seems the creation of a page isn't something that can be Karma voted on. perhaps it should? Especially if someone creates the page already with a description.

See the Pomodoro Technique page for example, it was created by Multicore 2 days ago, already with a long description, but I can't upvote it.

btw, seems there's a bug where it says the time of the edit. it says "New tag created by Multicore at" as if it's going to say a date, but then says "2d" as if it were to say "New tag created by Multicore 2d ago"

Comment by Yoav Ravid on Attributions, Karma and better discoverability for wiki/tag features · 2021-06-03T04:55:36.957Z · LW · GW

Awesome additions! Now that we have karma voting for the wiki, I want even more to be able to see all the wiki activity of a certain user on a page, so I can go through some of the people that did a lot of work on the wiki and give them all the upvotes they should have gotten while this feature wasn't on.

Comment by Yoav Ravid on There’s no such thing as a tree (phylogenetically) · 2021-05-28T05:26:34.722Z · LW · GW

Contra, I found it really funny and it made me want to read the post more. Also the end bit with missing the forest for the trees was hilarious :)

Comment by Yoav Ravid on The Schelling Game (a.k.a. the Coordination Game) · 2021-05-03T19:46:40.215Z · LW · GW

Heh, I also know a road trip game called contact which, though similar in style, is quite different.

  • One player picks a word, and tells the other players the first letter of that word.
  • The other players need to say together words that start with the letters they have been given. They can use clues, and when one of the players thinks they have they're both thinking of the same word he'll say "1, 2, 3 contact" and then the two players will say it together. 
  • If any player says a word alone (including the player who picked the first word) that word is burned and cannot be used again in the round, if two players say a word together that starts with the letters they've been given, the first player reveals the next letter of the word they picked. 
  • The round continues until that word is guessed, and then another round starts.
Comment by Yoav Ravid on Rationality Cardinality · 2021-04-28T04:08:13.157Z · LW · GW

If you're using search to figure out if someone made "cards against humanity" for rationality, this post is what you're looking for (just helping your SEO :P)

Comment by Yoav Ravid on bfinn's Shortform · 2021-04-27T17:42:39.868Z · LW · GW

I see this most often with toothbrushes, "Removes up to 100% of plaque!".

Comment by Yoav Ravid on Let's Rename Ourselves The "Metacognitive Movement" · 2021-04-24T07:45:05.892Z · LW · GW

Just for context, I personally never used any of the softenings (I didn't even hear about rationalish till this post). They're both cute but ultimately meh in my opinion.

Aspiring rationalists is pretty much redundant, since a rationalist isn't someone who claims to be rational, but indeed someome who aspires to be. So unless you aspire to aspire, there's no point to the term.

I like Rationalish as a pun, but I think it solves the same nonexistent problem.

Comment by Yoav Ravid on wfenza's Shortform · 2021-04-24T05:37:58.196Z · LW · GW

Are you talking about this? If so, why didn't you just edit it?

Comment by Yoav Ravid on Let's Rename Ourselves The "Metacognitive Movement" · 2021-04-24T05:17:15.561Z · LW · GW

I agree metacognition describes something we do, but I don't think it captures it as well as a Rationality does (I don't like "rationalism" and kinda frown whenever people use it, though gladly it's not used a lot).

When I hear "Metacognition" I think about "Thinking about thinking", but in any particular way. Rationality to me is almost like saying "Rational Metacognition", meaning it has a direction, it strives to be successful, to do well (and so on). It doesn't give as much freedom as Metacognition in a way that I like.

Put another way, Metacognition sounds like a phenomenon or a category of phenomena, while rationality sounds like a technique, an approach or a philosophy.

I am familiar with worrying that talking about rationality would feel awkward or pretentious, but I think finding a good way to introduce it could go a long way to help before we consider changing the name. Perhaps something like "I'm a rationalist, which means I learn and think about how to think well, so I can apply these lesson and be more effective and make better decisions"

Anyway, upvoted for an interesting topic and a well made argument.

Comment by Yoav Ravid on [Lecture Club] Awakening from the Meaning Crisis · 2021-04-23T18:52:55.467Z · LW · GW

Verveake was losing me in these parts of the series (though I did finish it). His overuse of complex language makes it extremely hard to understand what he's talking about. And that also makes it hard to evaluate, use or further explain. 

Comment by Yoav Ravid on Gossip · 2021-04-23T10:29:39.514Z · LW · GW

A good recent talk from David Wolpe about how to respond to Gossip (Specifically harmful negative gossip, he doesn't make the distinctions I made here).