## Is pinning global root CA almost same as not having any certificate pinning at all?

I have seen multiple mobile applications that are pinning Global Root CA’s instead of intermediate/leaf certificates. Doesn’t this expose to the same risk as not having certificate pinning at all?

Considering the classic coffee shop attack scenario where the owner of the network has a certificate issued for his domain (*.evilcoffee.com signed by DigiCert)

Now if the mobile application is trusting any certificate issued by Digicert then you can effectively MiTM? Am I missing something?

## How to prove a recursive’s function Big-Theta without using repeated substitution, master theorem, or having the closed form?

I have a function defined: $$V(j, k)$$ where $$j, k \in \mathbb{N}$$ and $$t > 0 \in \mathbb{N}$$ and $$1 \leq q \leq j – 1$$. Note $$\mathbb{N}$$ includes $$0$$.

$$V(j, k) = \begin{cases} tj & k \leq 2 \ tk & j \leq 2 \ tjk + V(q, k/2) + T(j – q, k/2) & j, k > 2\end{cases}$$

I am not allowed to use repeated substitution and supposed to prove it by induction. I can’t seem to use the master theorem because the recursive part is not in that form. Any ideas on how I can solve it with the given restrictions?

If I start with induction: I fix $$j, q$$ and induct on $$k$$. Then the base case is $$k = 0$$. Then $$V(j, 0) = tj$$. The question hinted that the function can be $$\Theta(jk)$$ or maybe $$\Theta(j^2k^2)$$ (but it doesn’t necessarily have to be one of the two).

I choose $$\Theta(j, k)$$. In the base case, this would mean I would have to prove that $$tj = \Theta(j, k)$$ when $$j = 0$$. However, when I start with the Big-Oh, I would have to show that $$km \leq mn = m\cdot0 = 0$$ which right now I see not to be possible.

I am not sure if I did the base case wrong or if there is another approach to this.

## A notion dual to a product type having a given type

Consider this class:

class Has record part where   extract :: record -> part   update :: (part -> part) -> record -> record 

It captures the notion of some product type record having a field of the type part which can be extracted from the record, or the functions on which can be used to update the whole record (in a lens-ish manner).

What happens if we turn the arrows? Following the types and noting that a sum type is dual to a product type, and a “factor” in a product type is analogous to an option in a sum type, we get

class CoHas sum option where   coextract :: option -> sum   coupdate :: (sum -> sum) -> option -> option 

Firstly, is this line of reasoning correct at all?

If it is, what is the meaning of coextract and coupdate? Obviously, coextract produces the sum out of one of its options, so it might as well be called inject or something similar.

coupdate is more interesting. My intuition is that, given a function f that updates a sum type, it gives us a function that can be used to update one of its options. But, obviously, not every f is fit for this! Consider

badF :: Either Int Char -> Either Int Char badF (Left n) = n badF (Right _) = Left 0 

then coupdate badF does not make sense where coupdate is taken from CoHas (Either Int Char) Char. One requirement seems to be that the function passed to coupdate must not change the tags of the sum type.

So here’s the second question: what’s the dual of this requirement in the Has/update case?

My intuition is that it’s not as straightforward because Has produces a function and CoHas consumes a function. Things get more symmetric if we consider the rules for the type classes, something along the lines of

1. update f . update g = update (f . g)
2. update id = id
3. extract . update f = f . extract

Now we can actually talk about bad instances of Has producing update functions breaking these rules. But even with this additional constraint, I’m not sure I follow what the laws for the functions that coupdate accepts should be and how one could derive them from such duality-based reasoning.

## Does having to introduce alternative behavior always indicate poor UX design?

Take the classical top-left go-back button on mobile apps.

The main two issues with it are:

• Having to press a lot of times when you want to go far back
• Not being able to go forward in case you missed the screen you wanted to go back to

With this in mind, I’m tempted to introduce a long-press history popup on the go-back button, so the user can skip to exactly where they want.

Of course, we all know that long-press is not really intuitive.

The question: does having a tool-tip automatically introduce this feature to the user make my UX design bad?

## Having trouble with SPServices AutoComplete pulling from specific columns

I have 2 issues really. I have set this up successfully for some of my fields on my Nintex form. The autocomplete works perfectly.

Issue 1: I attempted to set this up on another field on another list. The field will not find anything when you start typing. I thought possibly I had the wrong crawled property, but I tried everything I could think of with no success.

Issue 2: I attempted to use a different column from the second list from Issue 1 to see if it was a column issue. I did get results, but they were not correct. In fact, I am unable to find ANYWHERE that the information in the auto-correct is displaying.

I can get the field to work if I connect it to the same columns as the other fields that are working. So it doesn’t appear to be a field or code issue. It seems that it either doesn’t like the list or the specific column.

I also tried to create a completely new list with column names I know are not being used anywhere else in our farm, but this didn’t work either.

I have no idea what’s going on. It’s quite puzzling. Below is my code.

NWF$(document).ready(function() { //The source data for the autocomplete is the Journals list //Store the journal titles in a array variable var externalParties = []; NWF$  ().SPServices({     operation: "GetListItems",     async: false,     listName: "Vendor IDs",     CAMLViewFields: "<ViewFields><FieldRef Name='Vendor Name' /></ViewFields>", //the name needs to be changed accordingly        completefunc: function(xData, Status) {         NWF$(xData.responseXML).SPFilterNode("z:row").each(function() { externalParties.push(NWF$  (this).attr("ows_VendorName").substring(8));         });     } }); //journalinput is added on the control in the NF   NWF\$  ("#" + journalinput4).autocomplete({     source: externalParties }); }); 

## How to distribute values evenly when having several independent variables?

I am doing a research study with teens. Previously, I have already recruited and studied, let’s say, 11 teens (with various ages, gender, and ethnicity). Additionally, I am planning to recruit 10 teens. However, I need to try to go for diversity which means I need to distribute those 10 participants I want to recruit more or less evenly considering their gender, age, and ethnicity and based on the teens I have already studied. Is there any statistical methods that I can apply in this case?

## Does Apple still monitor or track after having a customer support screen sharing service with ara.apple.com?

Is having screen sharing service with ara.apple.com safe?

I had screensharing service with ara.apple.com(https://ara-prn.apple.com/) which is official apple website for apple products support. And they wanted me to install an app after entering session key and they said the app will self-destruct once support session ended.

Would there be a possibility that Apple can still track and monitor that computer even after the support session ended and even if they claim that installment of the app for screen sharing self-destruct?