Stephan Bridger

I’m currently working on a project that involves sending alerts and notifications to users on Windows 11 systems. During development, I learned that—for local testing purposes—it’s possible to generate toast notifications using built-in PowerShell functionality. Specifically, the ToastNotificationManager and CreateToastNotifier APIs make it straightforward to display dead simple, native notifications without any external dependencies. $body = 'Hello from PowerShell! Behold, a toast notification.' $toastXml = [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime]::GetTemplateContent([Windows.UI.Notifications.ToastTemplateType]::ToastText01) $toastXml.SelectSingleNode('//text[@id="1"]').InnerText = $body $appId = 'App' $toast = [Windows.UI.Notifications.ToastNotification]::new($toastXml) [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($appId).Show($toast) Of course, y...

Playing around with writing malware proof-of-concepts, running red and blue team simulations in my computer lab against Windows Home edition, I feel sort of bad for Windows Home users. Such users probably constitute the majority of Microsoft's userbase. And most security mitigations for that edition are not exactly effective against attackers. Commercial-grade versions of Windows and commercial-grade security products are a different story in some circumstances. Commercial editions of Windows include a lot of nice mitigations and security features. But I think it's kind of an economic trilemma. You have three potential strategies for security--and a few different potential tradeoffs. You can only optimize for two out of three. If it's cheap and convenient, it won't be secure. If it's cheap and secure, it won't be convenient. If it's secure and convenient, it won't be cheap. There are certainly exceptions to this model, though. ...

Latin1 was the early default character set for encoding documents delivered via HTTP for MIME types beginning with /text . Today, only around only 1.1% of websites on the internet use the encoding, along with some older applications. However, it is still the most popular single-byte character encoding scheme in use today. A funny thing about Latin1 encoding is that it maps every byte from 0 to 255 to a valid character. This means that literally any sequence of bytes can be interpreted as a valid string. The main drawback is that it only supports characters from Western European languages. The same is not true for UTF8. Unlike Latin1, UTF8 supports a vastly broader range of characters from different languages and scripts. But as a consequence, not every byte sequence is valid. This fact is due to UTF8's added complexity, using multi-byte sequences for characters beyond the general ASCII range. This is also why you can't just throw any sequence of bytes at it and ex...

From "Overfitting and the strong version of Goodhart's law" : Increased efficiency can sometimes, counterintuitively, lead to worse outcomes. This is true almost everywhere. We will name this phenomenon the strong version of Goodhart's law. As one example, more efficient centralized tracking of student progress by standardized testing seems like such a good idea that well-intentioned laws mandate it. However, testing also incentivizes schools to focus more on teaching students to test well, and less on teaching broadly useful skills. As a result, it can cause overall educational outcomes to become worse. Similar examples abound, in politics, economics, health, science, and many other fields. [...] This same counterintuitive relationship between efficiency and outcome occurs in machine learning, where it is called overfitting. [...] If we keep on optimizing the proxy objective, even after our goal stops improving, something more worrying happens. The goal often sta...

If you've ever seen a data visualization, you've probably seen a Bell Curve or a normal distribution. But this emergent property of many data visualizations is actually a result of the law of large numbers and the central limit theorem. The central limit theorem tells us that the distribution of a normalized version of any sample mean will eventually converge to a standard normal distribution . For example, let's say that we wish to chart the first fifty most popular science-fiction books on Goodreads by the number of pages they contain. Our initial sample will look something like this: pageCounts = np.array([ 324, 216, 384, 194, 480, 368, 374, 268, 244, 258, 476, 472, 391, 390, 144, 288, 118, 592, 224, 342, 382, 336, 450, 500, 304, 297, 192, 320, 487, 260, 250, 525, 182, 275, 400, 576, 518, 318, 208, 256 ]) If we want to plot our original sample of books, we could do something like: import numpy as np import seaborn as sns import matplotlib....

Sometimes, we have to unlearn the things we initially learned. And I don't mean this in the sense of having been  deliberately deceived. Rather, I mean that to some extent, there are actually many situations in life that involve necessary lies —or believing things that are wrong for perfectly rational reasons . Sometimes it is only after we have consumed and digested such a falsehood that we can see the truth at all. Really, this form of learning is not unlike some parts of math. Consider a mathematical proof in which we begin by assuming that something is one way. But by the end of the proof, we may realize, through contradiction, that it's actually another way. Let us take the number 2 and generously hypothesize that the square root of 2 is actually rational . If this assumption were true, we should be able to prove it with an equation. Let the square root of 2 be the lowest form of $\frac{p}{q}$. Since squares of even numbers are even, and squares of odd numbers ...

On the random walk hypothesis and post-hoc explanations for describing natural processes, from " Patterns and the Stock Market ": While it's certainly entertaining to spin post-hoc explanations of market activity, it's also utterly futile. The market, after all, is a classic example of a "random walk," since the past movement of any particular stock cannot be used to predict its future movement. This inherent randomness was first proposed by the economist Eugene Fama, in the early 1960's. Fama looked at decades of stock market data in order to prove that no amount of rational analysis or knowledge (unless it was illicit insider information) could help you figure out what would happen next. All of the esoteric tools and elaborate theories used by investors to make sense of the market were pure nonsense. Wall Street was like a slot machine. Alas, the human mind can't resist the allure of explanations, even if they make no sense. We're so eager t...