> There is this insidious cognitive bias in (software?) engineers to only consider the happy path when thinking about the consequences of their actions.
This applies to buying off the shelf software (and other things) too. Vendor provided software is not immune from bugs or shortcomings or terrible vendors.
The tradeoff is you lock some of those gains down in safer assets. Probably the wrong choice for retirement earlier on, but if you need money during an economic crisis, say you got laid off, then that might change how it's viewed.
That’s very true, but he’s had the account for 30 years and assuming that means he started it young, 50% in bonds is borderline insane. It’s a lot more likely to cost you a large amount in retirement than bail you out in your 30’s.
Applying optimal portfolio theory to the long history of market returns suggests that the most risk-efficient allocation is something like 60% stocks and 40% bonds. The diversification reduces volatility faster than it reduces the overall return, so equity-like returns can be regained by using leverage on the portfolio.
Following this advice today is tricky thanks to the persistent yield inversion: you obviously can't improve returns by using short-term borrowing at 5% to invest in long-term bonds at 4%.
Wouldn’t the most risk-efficient strategy both depend on a large number of factors and also, in any case, start off with a higher allocation of equities and move over time to a higher allocation of bonds?
The stock market has never not outperformed bonds over a 45 year period, maybe even half that, so if you’re 20 and putting 40% of your savings in an account you can’t touch until your 65, you’re kind of just chucking money down a well right?
> Wouldn’t the most risk-efficient strategy both depend on a large number of factors and also, in any case, start off with a higher allocation of equities and move over time to a higher allocation of bonds?
Not really. The most risk-efficient strategy optimizes the ratio between expected return (less the risk-free rate) and volatility (standard deviation), regardless of the absolute value of those parameters.
If that optimal allocation has too much risk, such as for the near-retiree, then the investor can keep a fraction of their portfolio in the mix and the other half in cash (money market, paying the risk-free rate). If the allocation has too little risk, then the inverse applies: borrow on margin (at approximately the risk-free rate) to invest more than 100% of net assets into the mix.
Right but a 25 yr old’s retirement account has practically zero risk. If you functionally can’t withdraw the money for decades anyway, there’s approximately zero chance a dollar invested in bonds will outperform a dollar invested in equities.
Ending up at 60/40 might be a good plan, but starting there seems a waste of money.
That's where leverage comes in. Under more ordinary conditions, the 22 year-old would have something like 80% in equities and 50% in bonds, using leverage to have a net 130% invested.
Under current conditions, that allocation is more questionable. The yield inversion means that the expected value of a leveraged bond investment is about zero (borrowing at a higher short-term rate to lend at a lower long-term rate), so any portfolio gains come from anti-correlation of bond and stock prices. However, the current market worry is more about stagflation than a traditional recession, such that inflation leads to both higher interest rates and lower equity returns (through equity de-leverage).
Where do you get the leverage and what does it cost? To be clear: Leverage isn't free. It is borrowed money -- financing -- for your positions. For most retail people, they will struggle to pay less than 5% per year, and usually much more. Here is a list of margin rates from Interactive Brokers: https://www.interactivebrokers.com/en/trading/margin-rates.p...
A never once, did I am read any sensible long-term retail strategy that recommended the use of leverage, let alone persistent leverage. This is a strange post.
Isn't the point to change as you get closer to retirement? When your investments have a decade plus to recover, leave them in aggressive investments. There is a risk that a decade+ recession might mean delaying retirement, but in that situation delaying retirement is likely the best option even if your money was in s safe investment.
Once you are close to needing some amount of money, say X a year, then you don't have time for that X to recover, so the idea is to move X into a safer investment so it won't go up or down. Any money you don't need is still in aggressive options that have time to recover. Now you need X money every year, so you decide how many years you want to sacrifice growth for safety. Maybe 5 years, maybe 10 years. Call it Y years. Simulations show the historic optimal Y, though I don't recall the exact number and some people might want to gamble depending upon how much freedom they have to change X if needed. So X*Y is roughly the amount of money that needs to be in safer investments.
This all ends up being too complicated a math equation to optimize for the average person, so percentages are given that are much easier to follow which roughly work as a solution to this equation.
Individuals should be able to come up with their own plans based on what they want. For example, if I'm heading towards an early retirement, I might leave all my money in aggressive investments because if a market downturn hits, I'm okay with working a few more years before retiring. I'm also aiming for a retirement with big X spend a year, but have plans on how to live life if I have to move down to medium X or small X. Others might be aiming for a retirement of X and won't be able to make finances work with les than X, so they have to take a much safer approach to guarantee a retirement that doesn't lead to running out of money.
It really depends upon your age, your financial situation, what you want to do in terms of passing down money--and, as you suggest--if retirement means opening the money funnel on extravagant vacations... If you're comfortable with your ongoing situation with very conservative investments, that's probably what you should do. If you want to play the typical equity numbers over a reasonable timeframe, that may be a better bet. I've certainly been ratcheting down my equity, especially individual stocks, over time even if the expected value is probably lower.
I feel like if you're working at a startup, you value some things more than just straight cash. Hour for hour, I'm fairly certain FAANG pays more than all but a few startups.
What's the point of not supporting the TLS changes? A lot of the HTTP/3 holdup in other libraries has been the TLS situation, so not supporting that means you're getting basically minimal value for the work you're putting in.
Can you elaborate for those of us who aren't up to speed on the TLS + HTTP/3 situation? Is there a problem somewhere?
Also - are people still doing TLS in their app directly? Modern setups often terminate TLS at the gateway/edge/ingress instead of at the app level. If you use something like k8s, you can even do m2m TLS within your cluster via sidecars - with your app knowing absolutely nothing about TLS.
As defense in depth becomes more and more important, in-app TLS is becoming more, not less common. Especially as Zero Trust Network Access (ZTNA) is being mandated by the US federal government for contracts, the idea that you would terminate TLS at the edge and send unencrypted network traffic inside the server network is becoming a thing of the past.
This remains true even inside of a Kubernetes cluster. You shouldn't trust the network there any more than you should trust your enterprise network. I'm less sure about the implications of sending unencrypted traffic between a container and its sidecar, but certainly pods should be talking to each other over TLS.
The sidecar and the main container run in the same network namespace. They can reach eachother over the loopback interface. It's "safe".
However I'm also of the opinion you should just be mounting tls certs in your container and use your TLS stack of whatever language you're using directly instead. It's a lot simpler
> but certainly pods should be talking to each other over TLS
They do under that scheme. TLS is terminated at the gateway, but k8s/sidecars handle m2m TLS. This provides some advantages for automating short-lived certs, makes deployments more simple, etc and helps your pods remain unaware they are pods (kind of the holy grail of "cloud").
A lot of your edge/serverless stuff will be similar from my understanding.
It's up to you how much you trust the traffic on that machine and how you've set up access rights etc. In principle, a process with the right capabilities could snoop on the unencrypted traffic but might not be able to snoop on encrypted traffic. However, given how common local privilege escalations bugs are, if an attacker process is running on the same system, you have probably already lost (especially one that has enough privileges to capture network traffic).
Replacing RAM chips on GPUs involves resoldering and similar things - those (for the most part) maintain the signal integrity and performance characteristics of the original RAM. Adding sockets complicates the signal path (iirc), so it's harder for the traces to go where they're needed, and realistically given a trade-off between speed/bandwidth and expandability I think the market goes with the former.
This also happened with providers in Europe. So you can safely assume that any VPN provider who is still doing business in Europe is compromised in some way or another by the government.
"Compromised" is a wrong word to use, unless you consider any obedience to the law "compromise". VPN providers who are still doing business in EU (not Europe) do obey court orders - that would be more correct wording. Any non-compliance is a one-time occurence: either you decide to cease operations or you are forced to cease operations by LEA, as in vpnlab.net example.
If you actually look at the vpnlab example, you'll find that the government got access to all their data, not just for specific cases. So you can assume that all remaining providers have yielded the same level of access.
Yes, but compared to the alternative where the parent company is responsible for an unknown amount of liabilities, capping ones liabilities at 6.5 billion might be better for shareholders.
This is definitely untrue. I was bullied out of the golang community for asking about generics when I first started learning it. Obviously, I don't think my experience is indicative of the entire community, but the experience from the community left a bad taste in my mouth.
