Honestly, the more research papers I read, the more I am suspicious. This "surprisingly" and other hyperbole is just to make reviewers think the authors actually did something interesting/exciting. But the more "surprises" there are in a paper, the more I am suspicious of it. Often such hyperbole ought to be at best ignored, at worst the exact opposite needs to be examined.
It seems like the best students/people eventually end up doing CS research in their spare time while working as engineers. This is not the case for many other disciplines, where you need e.g. a lab to do research. But in CS, you can just do it from your basement, all you need is a laptop.
I still remember the time when a gcc bug caused MiniSat to output UNSAT for a satisfiable problem [1]. I was the author of a SAT solver, and I was chasing my tail trying to figure out why I was getting UNSAT for a satsifiable problem. I have to admit I didn't expect it to be a gcc bug... (note: bug was found by Vegard Nossum on the CryptoMiniSat mailing list)
I worked at a company that wanted to implement an AI chatbot. I was helping to review the potential issues. On the first try I realised it was given full access to all past orders, for all customers via an API it could query in the background. So I could cajole it to look up other people's orders. It took less than 3 minutes of checking to figure this out.
Often engineers and especially non-technical people don't have the immediate thought of "let's see how I can exploit this" or if they do, they don't have the expertise to exploit it enough to see the issue(s). This is why companies have processes where all serious external changes need to go through a set of checks, in particular, by the IT security department. Yes, it's tedious and annoying, but it saves you from public blunders.
Such processes also make sure that the IT security department knows of the new feature, and can give guidance and help to the engineers about IT security issues related to the new feature. So if they get feedback about security issues from users they won't freak out and know who to contact for support. This way, things like accusing the reporter for "blackmailing" don't happen.
In general, this fiasco seems to show that Eurostar haven't integrated their IT security department into their processes. If there was trust and understanding among the engineers about what the IT department does, they would have (1) likely not released the tool with such issues and (2) would have known how to react when they got feedback from security researchers.
Honestly US standards can go to hell. I absolutely abhor these monstrosities. They should be outright banned except if specific need can be shown. They are dangerous, take up way too much space, and excessively damage the road.
Your freedom to do stuff stops where my freedom to walk & cycle around without undue fear of death begins.
Attributing "monstrosities" only to the US as a "US standards" doesn't make sense since the consumer trend towards bigger cars is global. It's a consumer trend, not a standard.
In NL, for example, I see plenty of large EU cars driving around with only a very occasional US "monstrosity" like a pickup truck, and I don't even live in the city.
“Because children grow up, we think a child's purpose is to grow up. But a child's purpose is to be a child. Nature doesn't disdain what lives only for a day. It pours the whole of itself into the each moment. We don't value the lily less for not being made of flint and built to last. Life's bounty is in its flow, later is too late. Where is the song when it's been sung? The dance when it's been danced? It's only we humans who want to own the future, too. We persuade ourselves that the universe is modestly employed in unfolding our destination. We note the haphazard chaos of history by the day, by the hour, but there is something wrong with the picture. Where is the unity, the meaning, of nature's highest creation? Surely those millions of little streams of accident and wilfulness have their correction in the vast underground river which, without a doubt, is carrying us to the place where we're expected! But there is no such place, that's why it's called utopia. The death of a child has no more meaning than the death of armies, of nations. Was the child happy while he lived? That is a proper question, the only question. If we can't arrange our own happiness, it's a conceit beyond vulgarity to arrange the happiness of those who come after us.”
YES. The "This is evidenced by the new set of hacker values being almost purely performative" is so incredibly true. I went to a privacy event about Web3, and the event organisers hired a photographer who took photos of everyone (no "no photo" stickers available), and they even flew a drone above our heads to take overarching videos of everyone :D I guess "privacy" should have been in quotes. All the values and aesthetics of the original set of people who actually cared about privacy (and were attracted to it) has been evaporated. All that remained are the hype. It was wild.
SAT solvers are used _everywhere_. Your local public transport is likely scheduled with it. International trains are scheduled with it. Industrial automation is scheduled with it. Your parcel is likely not only scheduled with it, but even its placement on the ship is likely optimised with it. Hell, it's even used in the deep depths of cryptocurrencies, where the most optimal block composition is computed with it. Even your friendly local nuclear reactor may have had its failure probability computed with (a variation of) it. In other words, it's being used to make your life cheaper/better/safer/easier. Google a bit around, open your eyes Neo ;)
PS: Yes, I develop a propositional SAT solver that used to be SOTA [1]. I nowadays develop a propositional model counter (for computing probabilities), that is currently SOTA [2]
Are there open source examples of usage for real world problems, for example train scheduling or something else than software engineering practicioners might find relatable?
Register allocation, instruction selection and instruction scheduling can, with a degree of bloodyminded patience, all be solved with boolean SAT. That's a compiler backend.
I like the higher level CSP more as an interface but those are _probably_ best solved by compilation to SAT. SMT also worth a look.
When I used to work at Deutsche Bahn, the German railway operator, in the mid 2000s as a research student, we were using Mixed Integer Linear Programming.
Author of CryptoMiniSat here :) XOR+CNF is indeed supported by CryptoMiniSat. Which is cool, but if you _really_ think about it, the resolution operator over these two are gonna give you multivariate polynomials over GF(2). So resolution is poor in CryptoMiniSat, because it only encodes one of the constraints that this polynomial implies (i.e. one that can be encoded in a single disjunctive clause). And if you wanna do the _real_ deal, i.e. "properly" solve multivariate polynomials over GF(2) then you are in for a ride -- the all-powerful, much-feared, Grobner basis algorithms, and I am not touching those with a 100m pole, because they are hell on wheels :) I mean... it's possible to contribute to them, and I know of two people who did: https://theory.stanford.edu/~barrett/fmcad/slides/5_Kaufmann... and of course, https://link.springer.com/chapter/10.1007/978-3-031-37703-7_... i.e. Daniela and Alex. It's... rough :D
Thanks for the links to those people. The GF(2) simplifies Grobner bases calculations a lot, IMHO, but I don't have much experience with them either. I am just curious, because to me it now seems to be an obvious way to go. I mean, the fact that we can represent any SAT problem as an intersection of 2SAT and XORSAT problems indicates, there must be some generalization of the both polynomial algorithms. And it seems to me this generalization is somehow related to Grobner bases methods.
I have only very quickly skimmed it, but I wouldn't be surprised if the theorem D.21 in Kaufman's thesis (https://danielakaufmann.at/wp-content/uploads/2020/11/Kaufma...) turned out to be true for all the unsatisfiability PAC proofs, not just the circuits she is looking at. (As I commented below. If you're proving contradiction, looking for element 1 in the ideal using Grobner basis, then it seems somewhat unreasonable to require degree of basis polynomials larger than 3, if you start from all polynomials with degree less or equal than 2. If you look what e.g. 2SAT algorithm is doing algebraically, it only needs degree 3 polynomials as well, although the monomial of degree 3 is immediately eliminated. So if the Grobner basis algorithm needs to build large degree polynomials, because no small degree will help you, it's likely your system is already satisfiable. Would really like to see a counterexample.)
