Vitamin C is a temperamental thing. It oxidizes very easily, and then just becomes this inert thing. Luckily, it turns color when it oxidizes, so it lets you know it happened. Skin care products try to stabilize it with other ingredients while packaging it in UV protective containers. Some even go so far as to recommend keeping the product refrigerated. There are now many options for adding Vitamin C with the majority of them reducing the effectiveness of the Vitamin C to gain stability in the product as in some are not as efficiently absorbed by the body, but won't oxidize. Some are water soluble, some are oil soluble. Of all of the ingredients, VitC is definitely the most finky
as far as vitamin and mineral intakes, vitamin C is the thing you need to worry about the least because it's so highly abundant in so many fruits and vegetables. I've calculated VitC density in foods and normalized it to calorie intake: It's incredibly abundant in many real foods.
Galois | Full Time Research Engineer, Cryptography and Secure Computation Researcher, Software Integration Engineer, others | Portland, OR, Arlington, VA, Dayton, OH |
Galois is looking for software engineers, researchers, and software integration engineers that enjoy working on challenging problems in computer science. We collaborate with organizations like NASA, DARPA, and Amazon Web Services to explore blue sky ideas and turn them into usable technology.
Galois is employee-owned, we have a one-level flat organizational structure, and we make important decisions as a group. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
Some of the things we've worked on in the past: Formal methods, static analysis, binary analysis, cryptographic algorithms, domain specific languages, programming languages theory, abstract interpretation, type theory, formal verification and software correctness, reinforcement learning, autonomous systems assurance, communication security, cyber-deception for network defense, DDoS defense, provable hardware security, statistical anomaly detection for detecting advanced persistent threats.
Galois | Full Time Research Engineer, Cryptography and Secure Computation Researcher, Software Integration Engineer, others | Portland, OR, Arlington, VA, Dayton, OH |
Galois is looking for software engineers, researchers, and software integration engineers that enjoy working on challenging problems in computer science. We collaborate with organizations like NASA, DARPA, and Amazon Web Services to explore blue sky ideas and turn them into usable technology.
Galois is employee-owned, we have a one-level flat organizational structure, and we make important decisions as a group. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
Some of the things we've worked on in the past: Formal methods, static analysis, binary analysis, cryptographic algorithms, domain specific languages, programming languages theory, abstract interpretation, type theory, formal verification and software correctness, reinforcement learning, autonomous systems assurance, communication security, cyber-deception for network defense, DDoS defense, provable hardware security, statistical anomaly detection for detecting advanced persistent threats.
Galois | Full Time Research Engineer, Technical Project Lead, Hardware Engineer, Software Integration Engineer| Portland, OR, Arlington, VA, Dayton, OH |
Galois is looking for software and hardware engineers, researchers, technical project leads, and software integration engineers that enjoy working on challenging problems in computer science. We collaborate with organizations like NASA, DARPA, and Amazon Web Services to explore blue sky ideas and turn them into usable technology.
Galois is employee-owned, we have a one-level flat organizational structure, and we make important decisions as a group. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
Some of the things we've worked on in the past: Formal methods, static analysis, binary analysis, cryptographic algorithms, domain specific languages, programming languages theory, abstract interpretation, type theory, formal verification and software correctness, reinforcement learning, autonomous systems assurance, communication security, cyber-deception for network defense, DDoS defense, provable hardware security, statistical anomaly detection for detecting advanced persistent threats.
Galois | Full Time Research Engineer, Technical Project Lead, Hardware Engineer, Software Integration Engineer| Portland, OR, Arlington, VA, Dayton, OH |
Galois is looking for software and hardware engineers, researchers, technical project leads, and software integration engineers that enjoy working on challenging problems in computer science. We collaborate with organizations like NASA, DARPA, and Amazon Web Services to explore blue sky ideas and turn them into usable technology.
Galois is employee-owned, we have a one-level flat organizational structure, and we make important decisions as a group. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
Some of the things we've worked on in the past: Formal methods, static analysis, binary analysis, cryptographic algorithms, domain specific languages, programming languages theory, abstract interpretation, type theory, formal verification and software correctness, reinforcement learning, autonomous systems assurance, communication security, cyber-deception for network defense, DDoS defense, provable hardware security, statistical anomaly detection for detecting advanced persistent threats.
Galois | Full Time Research Engineer | Portland, OR, Arlington, VA, Dayton, OH | Remote a possibility
Galois is looking for software engineers and researchers that enjoy working on challenging problems in computer science. We collaborate with organizations like NASA, DARPA, and Amazon Web Services to explore blue sky ideas and turn them into usable technology.
Research engineers choose which projects they work on, and they can move from one project to another based on their interests. Galois is employee-owned, we have a one-level flat organizational structure, and we make important decisions as a group. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
Some of the things we've worked on in the past: Formal methods, static analysis, binary analysis, cryptographic algorithms, domain specific languages, programming languages theory, abstract interpretation, type theory, formal verification and software correctness, reinforcement learning, autonomous systems assurance, communication security, cyber-deception for network defense, DDoS defense, provable hardware security, statistical anomaly detection for detecting advanced persistent threats.
Software Engineer/Researcher @ Galois | Portland, OR, Arlington, VA, Dayton, OH. Remote is also a possibility.
Galois is looking for software engineers and researchers that enjoy working on challenging problems in computer science. We work with organizations like DARPA to explore blue sky ideas and turn them into usable technology that guarantees trustworthiness where failure is unacceptable.
We own the company together (through an ESOP), we make important decisions as a group, we have a one-level flat organizational structure, and people get to choose what they work on. We love to learn and share what we know, and that’s a big part of how we approach R&D, so we have no hard requirements for previous experience with similar work.
There are a few things I noticed and I'll cover a few right now.
Firstly, they are talking about using microservices which would be ok (I've used a few microservices for specific applications that actualy make sense to service-ify) but I would by no means consider this a safer way of doing things. When you're talking about services run by our government, who isn't notorious for having their network-security done right, I'm very weary of them moving to a microservice architecture.
MTD is another thing that sounds concerning. This seems like the bottom of the barrel of security ideas and looks like it would be far more complicated then the other methods mentioned. If used this along would probably introduce more bugs.
"Education and Training" can basically be summed up as universities being stuck in the 70s and not teaching CS but teaching the Math that CS needs.
I think the idea of using micro services is that lessens the surface area of what you need to harden. In other words, it's easier to harden a simple service that just does one or a few things versus hardening a complex monolithic application.
I'd liken it to OOP encapsulation or the idea behind linux executables.
Moving Target, aka obfuscation, is one of best things you can do against serious attackers on top of solid baseline. Just obfuscating CPU as a non-Intel CPU masquerading as one protected many deployments of mine and others for years on end. The idea is the extra effort they put in on a per-client or per-site basis either breaks their attack entirely or makes you more likely to notice it.
(i) address space layout randomization: this is by no means impervious but it is worth doing
(ii) there being several "official" Etherium clients such that if somebody hacked just one client they could not take over the whole network.
[0] https://nchfp.uga.edu/how/dry/csu_dry_vegetables.pdf