| ▲ | jay_gridbach 4 days ago |
| [flagged] |
|
| ▲ | MauranKilom 4 days ago | parent | next [-] |
| But you posted this to a site that is literally called Hacker News... To be clear, I am not supporting any attempt at undermining your project, but people are pointing out to you that your results will be called into question if your only defence against "hacking" is "I hope people don't figure out how to do that". |
| |
| ▲ | throwaway150 4 days ago | parent [-] | | > jay_gridbach: @oefrha I am afraid I had to flag your comment. OP! This isn't cool. @oefrha basically did a free security audit for you and instead of being grateful for that, you get defensive and flag them? How is this cool? I also had the same question as tromp about how you're validating that clients aren't cheating. @oefrha's analysis shows you aren't validating. How can we be 100% sure that none of the clients cheated? What if there is a counterexample to the conjecture but one of your clients didn't report it because they cheated? Math results require rigor and without rigor the bold claim is only a "claim" right now, not a fact! |
|
|
| ▲ | tgv 4 days ago | parent | prev | next [-] |
| That is understandable, but counterproductive. Tou can’t walk away from this by pretending it doesn’t exist. It only takes one troll to ruin the achievement. |
| |
|
| ▲ | oefrha 4 days ago | parent | prev | next [-] |
| Note: The parent comment accused me of giving clues to hack the application, but that part was later edited out, making my response a bit strange. --- This is basically a free security audit, even though I only spent like five minutes. If your application can be "hacked" so easily, it's very irresponsible to say you're "verifying" the conjecture. Removing the comment doesn't make your application any more secure. Btw, I even helpfully pointed to prior art which you can learn from. A butthurt response is pretty sad. |
| |
| ▲ | jay_gridbach 4 days ago | parent [-] | | At this point, I am not capable with addressing the thing you pointed out. I didn't want to
make the system closed-network nor login required. Technically, I think it is impossible to prevent reporting fake result as long as it is open network system - which means my design doesn't fit to seeking rigor. I hope this comment answers to your question. I will continue my project to seek meaningful purpose in some extent. |
|
|
| ▲ | gpvos 4 days ago | parent | prev | next [-] |
| The most foolproof way to verify the results would be to have the client return all the 100 million values back to the server. This may be a bit much though, so alternatively, after submission, send a random selection of numbers in the range back to the client, which will have to return the prime summands* for those. Possibly with a time limit to prevent it from doing the calculation for only those numbers. So it probably also needs to be a fairly large selection. *I had to look up that word |
|
| ▲ | fragmede 4 days ago | parent | prev [-] |
| Respectfully, you have put in an amazing amount of work. Unfortunately life is not so kind in other parts of the world, and people are just not nice on the Internet, and they will try and break your project just for the fun of it. It is very sad, but that is the reality of the Internet today. |
| |
| ▲ | throwaway150 4 days ago | parent | next [-] | | > people are just not nice on the Internet That's not what's happening here. People in this thread are simply asking in good faith how the server-side verifies the results submitted by the client. It’s a fair question. And an important one. In fact, it might be the most important question when making such a bold claim. If this isn't addressed, there's no way to know that a client didn't cheat by withholding a valid counterexample. And if even one client cheats, the entire claim made in this 'Show HN' thread falls apart. | | |
| ▲ | gyesxnuibh 4 days ago | parent | next [-] | | I took it to mean that people (clients) would give the project fake data for fun. But there's no statement about how those people might find the project (basically not necessarily people from hackernews). You both are agreeing with each other. | |
| ▲ | fragmede 4 days ago | parent | prev [-] | | I have plenty of friends on red teams so the deeper philosophical conversation doesn't elude me, but simplistically that is what it boils down to. Don't misunderstand my comment as accusations as to respective posters' morality. If there were no bad people, would you need to lock your door? So this is only coming up in this context. Unfortunately, on the Internet, we do have to lock our doors, and that's just the reality, despite what society we'd like to live in. |
| |
| ▲ | 4 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | jay_gridbach 4 days ago | parent | prev [-] | | Thank you. I will do my best to make my project sustainable. |
|
