Baby boss
- My Posts
- Chat to Authors
Home
Home
Member since 2017-07-15T03:50:57Z. Last seen 2025-04-09T16:00:01Z.
2754 blog posts. 128 comments.
Baby boss
無人能DQ的 - 畢明
名采論壇
法新社圖片 Bel19ve。 自那天起,他的名字旁邊又多了新徽號,像打敗虎的武松,和除三害的周處,他襟前非凡的姓名前後還添加了:“bel19ve”。「相信19」,把19嵌入了相信,摘下職業生涯第19個大滿貫,到20時相信還會創造出另一個新字。他在創造歷史,或者應該說,他又再開創歷史,無人能DQ他的王位。 2017年7月16日之後,他還被奠基為#GOAT - Greatest Of All Time,我打令:費達拿#GOAT。他贏了,我會收到賀電,恭喜賀喜,四方八面是小鳳姐。11度打入溫布頓決賽, 8次取得冠軍,前無古人;第19個大滿貫,男子組無人能及的紀錄,且以不失一局的完勝姿態直搗決賽兼攻下冠軍,是自1976年波格在溫網橫掃每一輪比賽之後,41年來首次有第二人能分毫不損進入決賽,但當年波格20歲,他差一個月36。 李白《司馬將軍歌》:「手中電擊倚天劍,直斬長鯨海水開。」是這種氣勢,是這種氣魄。 溫布頓決賽,他的對手再不是以前的勁敵,拿度敗走,梅利、祖高域傷出退賽,剩他寂寞獨領風騷。可想過,這個未完的傳奇,至今從未在任何比賽中途退出,一直堅持把每場球賽打完。今次,他的最後一個攔路虎甚至不是「第五天王」華連卡,是第一次殺入決賽的Cilic,本來也不是慳電的燈一枚,但出閘脫腳,結果整場冠軍戰絲毫未能威脅費天王,無驚無險,衝線終點。 沒有鬼哭神嚎日月無光風蕭水寒,沒有「百戰沙場碎鐵衣……獨領殘兵千騎歸」的壯懷激烈,一樣有三十功名塵與土,八千里路雲和月。絕不能說今次的稱王、那夜的勝戰不轟烈,來得絕非輕易。35歲的高齡,去年才動過手術停賽半年的傷膝,後浪似虎,同代如狼,個個想撕下他的優雅作為戰利。贏費達拿,永遠是履歷的星章,這個「昔日」王者早滿身刀傷,化成鍛造他再登寶座的燃料,今日再接受萬世歡呼。 今年年頭兩挫宿敵剋星拿度,那個篡他位的強橫刺客,又被後浪祖高域淹過,被最佳隊友華連卡打敗,從頂峰摔下,他已被太多人否定過,被自己質疑過,但我早寫過「他知道自己的故事未完,他創造自己的傳奇未完。處逆境,不喪志,中強矢,能怒飛,這一振翅高飛,復仇是甜蜜的,揚眉是吐氣的,那口氣,屈了十年,你以為『千古江山,英雄無覓』,他的風流已被雨打風吹去,他以一口再奪冠之浩氣,告訴世人『想當年,金戈鐵馬,氣吞萬里如虎』,今天不負當年。」好一個千古風流人物,在溫布頓場上,翠草白衣,一扣一剔一反一挑一殺,優雅中不失狠辣,把一路上的對手Dimitrov、Raonic、Berdych修理得七個一皮。潛台詞是「大叔我還未玩夠,你哋彈開先」。 一次出征大捷不因最後一圈再無車緊貼,或者最後一個欄不夠高做成驚險而小看衝線的光輝。費達拿的低潮是舉世見證的,正如他今年的強勢回歸,球王在逆境中仍然相信、仍然改進,真正做到:「假如當所有人都懷疑你,你仍然能相信自己,但繼續讓別人懷疑;假如你能夠等待,而不會被等待磨蝕……」(If you can trust yourself when all men doubt you, But make allowance for their doubting too. If you can wait and not be tired by waiting……)做到溫布頓Centre Court球員入口處高高在上的銘刻,英國諾貝爾文學獎得主 Rudyard Kipling一首《If》的詩句:"If you can meet with Triumph and Disaster, And treat those two impostors just the same"。 費達拿為什麼與眾不同?除了天才、觸覺、技術和球品。他發球,慢慢逐格播出,是罕有地可以把視線看着對手最久至最後一刻才移走上望擊球的,容許他比誰都更準確的決定發球戰略。
我懷疑以拿度、梅利、祖高域的打法,當身體少壯不再,傷患囤積後油缸還能走多久。
“The two most powerful warriors are patience and time” - Leo Tolstoy 杜牧的《題烏江亭》:「勝敗兵家事不期,包羞忍恥是男兒。江東子弟多才俊,捲土重來未可知。」且看比費達拿年輕的拿度祖高域梅利35歲時如何,職業生涯晚年如何,江山如此多嬌,但幾個男兒是丈夫。
(摘自信報 作者 張公道)
港人受到外國的低廉樓價所吸引,一些人希望在外國置業,而坊間亦有很多展銷會及廣告,介紹海外樓盤。
根據區區觀察,很多買家都遇上種種問題,只要留意傳媒報道,有關買家如何收不到樓,投訴無門等,便知一二。有關海外置業,應注意︰
有金融界的朋友指出,一些港人無法在港買樓,於是轉往海外,此言或許有點勢利,但此類買家更應注意,倘若在香港無買過樓,更易墮入陷阱。愚見認為,
那麼,樓宇所在的區域、周圍的環境、樓宇的質素,心中有數;同樣重要的是,可與當地人士交流一下,認識各種法例,了解發展商的聲譽及作風,以及在當地的律師樓簽約,則一切有保障得多。即使在當地無親友,亦可藉着與其他當地人士交談,了解一些實情。在展銷會內聽經紀的介紹後,即行簽約, 風險甚高。
hkaee1@gmail.com
The Extensible Messaging and Presence Protocol (XMPP) is just such an open technology for real-time interaction. Consider some of its advantages:
Over 10 years of development has resulted in a stable, widely deployed,seriously tested, Internet- scale technology, with dozens of interoperable codebases, tens of thousands of deployed services, and millions of endusers.
It provides built-in support for channel encryption and strong authentication, inherent resistance to many forms of malware, a diverse ecosystem of implementations, a decentralized used in XMPP solves serious scaling problems associated with traditional HTTP-based polling approaches ; as a result, it enables you to build applications that were literally impossible until now.
The core aspects of XMPP have undergone rigorous public review withinthe Internet Engineering Task Force (IETF), and extensions to XMPP are published in an open, developer-oriented standards process run by the XSF. This approach has resulted in strong technologies that can be freely implemented under any licensing terms, from open source to shareware to proprietary code.
Open standards, a large number ot software products, and a communications network are all good, but the "secret sauce"of XMPP maybe its vibrant and friendly community of technology , developers, open source projects, commercial software companies, service providers, and end users. This community is committed to working together to solve problems and build great new applications.
Around 12:00 PST, an unknown attacker exploited a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. Given a couple more hours, the hacker could’ve made off with over $105,000,000 from vulnerable wallets.
But someone stopped them.
Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did.
By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $77,000,000.
Yes, you read that right.
It’s an extraordinary story, and it has significant implications for the world of cryptocurrencies.
It’s important to understand that this exploit was not a vulnerability in Ethereum or in Parity itself. Rather, it was a vulnerability in the default smart contract code that the Parity client gives the user for deploying multi-signature wallets.
This is all pretty complicated, so to make the details of this clear for everyone, this post is broken into three parts:
What exactly happened? An explanation of Ethereum, smart contracts, and multi-signature wallets. How did they do it? A technical explanation of the attack (specifically for programmers). What now? The attack’s implications about the future and security of smart contracts. If you are familiar with Ethereum and the crypto world, you can skip to the second section.
Ethereum is a digital currency invented in 2013 — a full 4 years after the release of Bitcoin. It has since grown to be the second largest digital currency in the world by market cap — $20 billion, compared to Bitcoin’s $40 billion.
Like all cryptocurrencies, Etherium is a descendant of the Bitcoin protocol, and improves on Bitcoin’s design. But don’t be fooled: though it is a digital currency like Bitcoin, Ethereum is much more powerful.
While Bitcoin uses its blockchain to implement a ledger of monetary transactions, Ethereum uses its blockchain to record state transitions in a gigantic distributed computer. Ethereum’s corresponding digital currency, ether is essentially a side effect of powering this massive computer.
To put it another way, Ethereum is literally a computer that spans the entire world. Anyone who runs the Ethereum software on their computer is participating in the operations of this world-computer, the Ethereum Virtual Machine (EVM). Because the EVM was designed to be Turing-complete (ignoring gas limits), it can do almost anything that can be expressed in a computer program.
Let me be emphatic: this is crazy stuff. The crypto world is ebullient about the potential of Ethereum, which has seen its value skyrocket in the last 6 months.
The developer community has rallied behind it, and there’s a lot of excitement about what can be built on top of the EVM — and this brings us to smart contracts.
In a multi-signature wallet, there are several private keys that can unlock the wallet, but just one key is not enough to unlock it. If your multi-signature wallet has 3 keys, for example, you can specify that at least 2 of the 3 keys must be provided to successfully unlock it.
This means that if you, your father, and your mother are each signatories on this wallet, even if a criminal hacked your mother and stole her private key, they could still not access your funds. This leads to much stronger security guarantees, so multi-sigs are a standard in wallet security.
This is the type of wallet the hacker attacked.
So what went wrong? Did they break the private keys? Did they use a quantum computer, or some kind of cutting-edge factoring algorithm?
What follows is a technical explanation of exactly what happened. If you’re not a developer, feel free to skip to the next section, since this is going to be programming-heavy.
Ethereum has a fairly unique programming model. On Ethereum, you write code by publishing contracts (which you can think of as objects), and transactions are executed by calling methods on these objects to mutate their state.
In order to run code on Ethereum, you need to first deploy the contract (the deployment is itself a transaction), which costs a small amount of Ether. You then need to call methods on the contract to interact with it, which costs more Ether. As you can imagine, this incentivizes a programmer to optimize their code, both to minimize transactions and minimize computation costs.
One way to reduce costs is to use libraries. By making your contract call out to a shared library that was deployed at a previous time, you don’t have to re-deploy any shared code. In Ethereum, keeping your code DRY will directly save you money.
The default multi-sig wallet in Parity did exactly this. It held a reference to a shared external library which contained wallet initialization logic. This shared library is referenced by the public key of the library contract.
// FIELDS address constant _walletLibrary = 0xa657491c1e7f16adb39b9b60e87bbb8d93988bc3; The library is called in several places, via an EVM instruction called DELEGATECALL, which does the following: for whatever method that calls DELEGATECALL, it will call the same method on the contract you're delegating to, but using the context of the current contract. It's essentially like a super call, except without the inheritance part. (The equivalent in JavaScript would be OtherClass.functionName.apply(this, args).)
Here’s an example of this in their multi-sig wallet: the isOwner method just delegates to the shared wallet library's isOwner method, using the current contract's state:
function isOwner(address _addr) constant returns (bool) {
return _walletLibrary.delegatecall(msg.data);
}
This is all innocent enough. The multi-sig wallet itself contained all of the right permission checks, and they were sure to rigorously enforce authorization on all sensitive actions related to the wallet’s state.
But they made one critical mistake.
Solidity allows you to define a “fallback method.” This is the method that gets called when there’s no method that matches a given method name. You define it by not giving it a name:
評:最後·觸及根本的問題,作為創作型作家,你認為虛構藝術的功能何在?為什麼要表現現實而不是寫事實本身? 海:幹嘛為這個感到困惑?從已發生的事情,從存在的事情,從你知道的事情還有你不知道的那些事情,
你是為此而寫,並不是為了你所知的別種原因。更何況是那些沒人想得到的理由?(苗焯/譯) (原載《巴黎評論》第十八期·一九五八年春號)
評: 你有一次在信中告訴我·在簡陋環境下寫出小說的不同片段,對作家是有益的·你能用這個來說說〈殺人者〉嗎?你說過·這個小說·〈十個印第安人〉和〈今天星期五〉是在一天之內寫成的·或許還有你頭一個長篇小說《太陽照常升起》?
海: 我想想·《太陽照常升起》是我生日那天在瓦倫西亞動筆寫的, 七月十一日。我妻子哈德萊和我提早就到瓦倫西亞,為的是買好位置看鬥牛,節慶到七月十四日才開始。和我年齡相仿的人都寫過一部小說,可我寫上一段還覺得費勁。所以我就在生日那天動筆,整個假日都在寫,早上在床上寫,到馬德里之後接著寫。那裡沒有節慶,我們訂了一個有桌子的房間,我能在桌上寫真是太奢侈了。旅館附近,阿瓦雷茲街上有一個喝啤酒的地方挺涼快的,去那兒寫。最後熱得寫不下去了·我們就去昂達伊(Hendaye)·那裡有片又長又美的沙灘·有一家便宜的小旅館,我在那兒寫得很順。後來又到巴黎去·在聖母院路一一三號一家鋸木廠樓上的公寓裡寫完了第一稿。
There’s a great MSR demo from 2012 that shows the effect of latency on the experience of using a tablet. If you don’t want to watch the three minute video, they basically created a device which could simulate arbitrary latencies down to a fraction of a millisecond.
If you want to see a mini version of this for yourself, you can try a random Android tablet with a stylus vs. the current generation iPad Pro with the Apple stylus. The Apple device has well above 10ms end-to-end latency, but the difference is still quite dramatic – it’s enough that I’ll actually use the new iPad Pro to take notes or draw diagrams, whereas I find Android tablets unbearable as a pen-and-paper replacement.
Google today announced the launch of Hire, a new service that helps businesses more effectively manage their internal recruiting process. Hire offers businesses a cohesive applicant tracking service that’s deeply integrated with G Suite to make it easier for businesses to communicate with their candidates and track their progress through the interview process.
Google says Hire is meant to help businesses do away with manually tracking candidates. “Hire and G Suite are made to work well together so recruiting team members can focus on their top priorities instead of wasting time copy-pasting across tools,” Google product manager Berit Johnson writes in today’s announcement.
While Hire itself is interesting in its own right, it’s also interesting to see that Google is now looking to use the G Suite tools and back-end services it has developed over the last few years to solve problems in very specific verticals. I wouldn’t be surprised if the company decided to launch more of these projects now that it has the foundation in place to do so.
一連3日的科技界盛會RISE Conference上周在灣仔會展舉行,今年的嘉賓講者包括美國連續創業人Gary Vaynerchuk、4月剛在納斯特上市的Cloudera創辦人Amr Awadallah、誠哥投資旗艦Horizon Ventures也投資的公司,包括正籌備在港IPO的遊戲公司Razer創辦人陳民亮,以及人工智能公司Sentient創辦人兼主席Antoine Blondeau等,當然還有很多業界猛人,未能一一盡錄。
Antoine Blondeau的演說深入淺出,說明人工智能(AI)並非只有大數據,也不單純為了進行預測,而是有效決策的工具。他談到
人工智能研究向來需要極多科研人才,人力和時間成本不菲,evolving AI可以不受此限持續發展。根據研究部副總裁Risto Miikkulainen早前的訪問,演算法部門的研究團隊只有12人。
AI基金買股只long
筆者有幸和Antoine進行訪談,他除了介紹Sentient人工智能的商業應用,更詳細講解背後的技術概念,令人眼界大開。Sentient的AI應用主要有3方面:股票交易、電子商務和農業研究。
Antoine解說人工智能應用時,尤其是多維度的特質(high dimensionality),曾以高頻交易作比喻, 指其決定性資訊主要是order books(即各大行的落單狀況,以求搶先買賣賺取差價),其他資訊對高頻交易成敗的影響相對低,所以屬於低維度性質,不需要人工智能處理或發掘各種因素的關聯系數。
Sentient的AI基金買賣美股和日股,交易周期以日和周計算,基本上只long不short。由於基金計劃於下半年公開讓機構投資者認購,估計籌集幾億至幾十億美元,為符合相關銷售條例,Antoine現階段不能披露回報率。
Sentient去年9月推出兩個電子商務應用工具, 第一個是針對網頁設計的Ascend。現時大部分網站設計都是static,即每名用戶看見相同的版面。懂得本土化的公司,或會為不同國家推出當地版本,但總的而言網頁設計和內容排列都一式一樣。據筆者所知,現時的網站設計測試大多沿用A/B test。
高端女性內衣品牌Cosabella和網上媒體ABUV Media使用Ascend生成160個和38萬個版本測試, 網站轉換率(conversion rate)於7至8星期後分別提升了38%和45%。這是很驚人的成效吧。
助增網站轉換率
據知,Ascend的最低和最佳網站轉換率紀錄是6%和500%,成效高低取決於容許調節的特質數量、原有網站設計質素,以及測試期的長短。一般而言,可調節的特質數量愈多,效果愈佳。
已使用Aware的電商包括Skechers(SKX)和Sunglass Hut(其母公司為Luxottica Group)。據Antoine透露,至今運用Aware的電商,轉換率都提升約35%至40%。
至於AI的農業應用,Sentient和MIT Media Lab合作,研究在可調控光線、氣溫、濕度、水壓等各種因素的環境下,如何生長更優質的植物。首個測試的植物是羅勒(Basil),傳統智慧是葉子大,香味會降低;若要香味濃,葉子必定小。而人類過往的知識經驗是,植物生長時每天都有8至12小時的黑夜,卻原來讓植物24小時都處於光線下會生長更佳。植物成長的「公式」是一個黑盒,Sentient和MIT Media Lab嘗試運用AI測試並從中找出最佳配方。該研究只進行了6個月,暫時仍屬初步階段,未來會以更多植物作實驗。
上述幾種人工智能應用,令筆者驚嘆科技的進步。據Antoine所言,evolving AI的入行門檻極高,包括需要搭建巨型網絡、自動分流大數據和處理數據流失的方案等,現時具備這種能力的科網企業只有寥寥數間,如Google和Amazon。Sentient早於10年前已開始研發evolving AI,技術領先同行。
在個半小時的訪談中,筆者獲益良多,不論對系統交易、人工智能、未來產業等都有很大啟發。篇幅所限,未能全部列出,將來有機會再與讀者分享更多所見所聞。
評: 你願意承認你的小說中存在象徵主義嗎?
海: 既然評論家不斷找到了象徵,那我想就有吧。要是你不介意。
寫了書和故事又能不被要求提出解釋,可真夠難的。這也搶了解釋者的飯碗·要是有五個·六個或者更多的好評論家不斷地在解釋·我為什麼要去干擾他們呢?
評:麥克列許(Archibald MacLeish)說過有一種向讀者傳達經驗的方法,他說是你過去在《坎薩斯城星報》寫棒球比賽時形成的。這很簡單,用祕密隱藏的小細節去傳遞經驗,藉由讓讀者意識到在他們潛意識中有所察覺的東西·而具顯示出整體的功效·····。
海:這個傳聞不知從何而來。我從來沒給《星報》寫過棒球。阿契想講的是一九一口年前後,我在芝加哥是如何努力學著尋求那些激起情緒又不被注意的東西,比如說,外野手把手套一扔卻不回頭看一眼手套落在哪的那副模樣,拳擊手腳下的平底膠鞋踩在擂台上所發出的吱吱聲·布萊克本(Jack blackburn)剛下場時灰暗的膚色,還有好多其他東西·我像畫家畫素描一樣記述下來你見到布萊克本古怪的膚色·剃刀留下的老傷疤·對不瞭解其底細的人吹牛的方式,在你讀完之前就會被這些東西觸動。
評:你是否描寫過哪種情境,並未依據個人體驗? 海:這是個奇怪的問題。所謂個人體驗,你是說男女之間那檔事嗎?如果是這樣·回答是肯定的。
信鴿飛回家,是誰教的?鬥牛為什麼如此勇猛?或說,獵狗的嗅覺從何而來?上回我們在馬德里談過,沒有說得很清楚·這算是闡釋或濃縮。
評:有的名稱直接來自內文,《白象似的群山》也是這種情況?
海:是的,是後來加的。午飯之前我去普呂尼耶(Prunier)吃牡蠣的時候·遇見一位姑娘,我知道她已經打過一次胎。我過去和她聊天·倒不是聊墮胎·但回家的路上我想出這個故事,午飯也沒吃,花了一下午把它寫出來。
評:這麼說,你不寫的時候也持績不停地觀察,以便尋找一些能用的東西?
海:當然。作家停止觀察就完了。但他不必有意識地觀察,老想著怎麼去用。一開始可能是這狀況。但後來·他觀察到的東西進入他所知所見的大儲藏庫。
《老人與海》可以上千頁·把村子裡每個人都寫進去·包括他們怎麼討生活,出生·受教育·有了下一代·等等。有的作家這麼寫·寫得很好很不錯,寫作這行當,你受制於既存的完美傑作,所以我得努力學著另闢蹊徑。第一·將經驗傳達給讀者時,一切不必要的束西,我試著把它們刪去,這樣讀者要是讀到什麼就會成為個人經驗的一部分·好像確實發生過。這做起來很難·我一直努力在做。總之,先不說怎麼做成的·我這次有難以置信的好運氣,能夠把經驗完整地·前所未有地傳達出來;運氣在於我有一個好老頭和一個好孩子·近來的作家都已經忘了還有這樣的事情。還有·大海也同人一樣值得描述。這是我的運氣好。我見過馬林魚交配,知道那是怎麼回事。這些我都沒寫。在那一片水面上·我見過五十多頭抹香鯨的鯨群·有一次我叉中了一頭鯨魚·幾乎有六十呎那麼長·卻讓牠逃走了。可我也沒把這些寫到小說裡。我對漁村所瞭解的一切都略去不寫·但那正是冰山在水下的部分。