Search This Blog

Sunday, December 10, 2023

HTTPS

From Wikipedia, the free encyclopedia
 
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

The principal motivations for HTTPS are authentication of the accessed website and protection of the privacy and integrity of the exchanged data while it is in transit. It protects against man-in-the-middle attacks, and the bidirectional block cipher encryption of communications between a client and server protects the communications against eavesdropping and tampering. The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates. This was historically an expensive operation, which meant fully authenticated HTTPS connections were usually found only on secured payment transaction services and other secured corporate information systems on the World Wide Web. In 2016, a campaign by the Electronic Frontier Foundation with the support of web browser developers led to the protocol becoming more prevalent. HTTPS is now used more often by web users than the original, non-secure HTTP, primarily to protect page authenticity on all types of websites, secure accounts, and keep user communications, identity, and web browsing private.

Overview

URL beginning with the HTTPS scheme and the WWW domain name label

The Uniform Resource Identifier (URI) scheme HTTPS has identical usage syntax to the HTTP scheme. However, HTTPS signals the browser to use an added encryption layer of SSL/TLS to protect the traffic. SSL/TLS is especially suited for HTTP, since it can provide some protection even if only one side of the communication is authenticated. This is the case with HTTP transactions over the Internet, where typically only the server is authenticated (by the client examining the server's certificate).

HTTPS creates a secure channel over an insecure network. This ensures reasonable protection from eavesdroppers and man-in-the-middle attacks, provided that adequate cipher suites are used and that the server certificate is verified and trusted.

Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol can be encrypted. This includes the request's URL, query parameters, headers, and cookies (which often contain identifying information about the user). However, because website addresses and port numbers are necessarily part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that even on a correctly configured web server, eavesdroppers can infer the IP address and port number of the web server, and sometimes even the domain name (e.g. www.example.org, but not the rest of the URL) that a user is communicating with, along with the amount of data transferred and the duration of the communication, though not the content of the communication.

Web browsers know how to trust HTTPS websites based on certificate authorities that come pre-installed in their software. Certificate authorities are in this way being trusted by web browser creators to provide valid certificates. Therefore, a user should trust an HTTPS connection to a website if and only if all of the following are true:

  • The user trusts that their device, hosting the browser and the method to get the browser itself, is not compromised (i.e. there is no supply chain attack).
  • The user trusts that the browser software correctly implements HTTPS with correctly pre-installed certificate authorities.
  • The user trusts the certificate authority to vouch only for legitimate websites (i.e. the certificate authority is not compromised and there is no mis-issuance of certificates).
  • The website provides a valid certificate, which means it was signed by a trusted authority.
  • The certificate correctly identifies the website (e.g., when the browser visits "https://example.com", the received certificate is properly for "example.com" and not some other entity).
  • The user trusts that the protocol's encryption layer (SSL/TLS) is sufficiently secure against eavesdroppers.

HTTPS is especially important over insecure networks and networks that may be subject to tampering. Insecure networks, such as public Wi-Fi access points, allow anyone on the same local network to packet-sniff and discover sensitive information not protected by HTTPS. Additionally, some free-to-use and paid WLAN networks have been observed tampering with webpages by engaging in packet injection in order to serve their own ads on other websites. This practice can be exploited maliciously in many ways, such as by injecting malware onto webpages and stealing users' private information.

HTTPS is also important for connections over the Tor network, as malicious Tor nodes could otherwise damage or alter the contents passing through them in an insecure fashion and inject malware into the connection. This is one reason why the Electronic Frontier Foundation and the Tor Project started the development of HTTPS Everywhere, which is included in Tor Browser.

As more information is revealed about global mass surveillance and criminals stealing personal information, the use of HTTPS security on all websites is becoming increasingly important regardless of the type of Internet connection being used. Even though metadata about individual pages that a user visits might not be considered sensitive, when aggregated it can reveal a lot about the user and compromise the user's privacy.

Deploying HTTPS also allows the use of HTTP/2 and HTTP/3 (and their predecessors SPDY and QUIC), which are new HTTP versions designed to reduce page load times, size, and latency.

It is recommended to use HTTP Strict Transport Security (HSTS) with HTTPS to protect users from man-in-the-middle attacks, especially SSL stripping. TTPS should not be confused with the seldom-used Secure HTTP (S-HTTP) specified in RFC 2660.

Usage in websites

As of April 2018, 33.2% of Alexa top 1,000,000 websites use HTTPS as default and 70% of page loads (measured by Firefox Telemetry) use HTTPS. As of December 2022, 58.4% of the Internet's 135,422 most popular websites have a secure implementation of HTTPS, However despite TLS 1.3’s release in 2018, adoption has been slow, with many still remain on the older TLS 1.2 protocol.

Browser integration

Most browsers display a warning if they receive an invalid certificate. Older browsers, when connecting to a site with an invalid certificate, would present the user with a dialog box asking whether they wanted to continue. Newer browsers display a warning across the entire window. Newer browsers also prominently display the site's security information in the address bar. Extended validation certificates show the legal entity on the certificate information. Most browsers also display a warning to the user when visiting a site that contains a mixture of encrypted and unencrypted content. Additionally, many web filters return a security warning when visiting prohibited websites.

The Electronic Frontier Foundation, opining that "In an ideal world, every web request could be defaulted to HTTPS", has provided an add-on called HTTPS Everywhere for Mozilla Firefox, Google Chrome, Chromium, and Android, which enables HTTPS by default for hundreds of frequently used websites.

Forcing a web browser to load only HTTPS content has been supported in Firefox starting in version 83. Starting in version 94, Google Chrome is able to "always use secure connections" if toggled in the browser's settings.

Security

The security of HTTPS is that of the underlying TLS, which typically uses long-term public and private keys to generate a short-term session key, which is then used to encrypt the data flow between the client and the server. X.509 certificates are used to authenticate the server (and sometimes the client as well). As a consequence, certificate authorities and public key certificates are necessary to verify the relation between the certificate and its owner, as well as to generate, sign, and administer the validity of certificates. While this can be more beneficial than verifying the identities via a web of trust, the 2013 mass surveillance disclosures drew attention to certificate authorities as a potential weak point allowing man-in-the-middle attacks. An important property in this context is forward secrecy, which ensures that encrypted communications recorded in the past cannot be retrieved and decrypted should long-term secret keys or passwords be compromised in the future. Not all web servers provide forward secrecy.

For HTTPS to be effective, a site must be completely hosted over HTTPS. If some of the site's contents are loaded over HTTP (scripts or images, for example), or if only a certain page that contains sensitive information, such as a log-in page, is loaded over HTTPS while the rest of the site is loaded over plain HTTP, the user will be vulnerable to attacks and surveillance. Additionally, cookies on a site served through HTTPS must have the secure attribute enabled. On a site that has sensitive information on it, the user and the session will get exposed every time that site is accessed with HTTP instead of HTTPS.

Technical

Difference from HTTP

HTTPS URLs begin with "https://" and use port 443 by default, whereas, HTTP URLs begin with "http://" and use port 80 by default.

HTTP is not encrypted and thus is vulnerable to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information, and modify webpages to inject malware or advertisements. HTTPS is designed to withstand such attacks and is considered secure against them (with the exception of HTTPS implementations that use deprecated versions of SSL).

Network layers

HTTP operates at the highest layer of the TCP/IP model—the application layer; as does the TLS security protocol (operating as a lower sublayer of the same layer), which encrypts an HTTP message prior to transmission and decrypts a message upon arrival. Strictly speaking, HTTPS is not a separate protocol, but refers to the use of ordinary HTTP over an encrypted SSL/TLS connection.

HTTPS encrypts all message contents, including the HTTP headers and the request/response data. With the exception of the possible CCA cryptographic attack described in the limitations section below, an attacker should at most be able to discover that a connection is taking place between two parties, along with their domain names and IP addresses.

Server setup

To prepare a web server to accept HTTPS connections, the administrator must create a public key certificate for the web server. This certificate must be signed by a trusted certificate authority for the web browser to accept it without warning. The authority certifies that the certificate holder is the operator of the web server that presents it. Web browsers are generally distributed with a list of signing certificates of major certificate authorities so that they can verify certificates signed by them.

Acquiring certificates

A number of commercial certificate authorities exist, offering paid-for SSL/TLS certificates of a number of types, including Extended Validation Certificates.

Let's Encrypt, launched in April 2016, provides free and automated service that delivers basic SSL/TLS certificates to websites. According to the Electronic Frontier Foundation, Let's Encrypt will make switching from HTTP to HTTPS "as easy as issuing one command, or clicking one button." The majority of web hosts and cloud providers now leverage Let's Encrypt, providing free certificates to their customers.

Use as access control

The system can also be used for client authentication in order to limit access to a web server to authorized users. To do this, the site administrator typically creates a certificate for each user, which the user loads into their browser. Normally, the certificate contains the name and e-mail address of the authorized user and is automatically checked by the server on each connection to verify the user's identity, potentially without even requiring a password.

In case of compromised secret (private) key

An important property in this context is perfect forward secrecy (PFS). Possessing one of the long-term asymmetric secret keys used to establish an HTTPS session should not make it easier to derive the short-term session key to then decrypt the conversation, even at a later time. Diffie–Hellman key exchange (DHE) and Elliptic curve Diffie–Hellman key exchange (ECDHE) are in 2013 the only schemes known to have that property. In 2013, only 30% of Firefox, Opera, and Chromium Browser sessions used it, and nearly 0% of Apple's Safari and Microsoft Internet Explorer sessions. TLS 1.3, published in August 2018, dropped support for ciphers without forward secrecy. As of February 2019, 96.6% of web servers surveyed support some form of forward secrecy, and 52.1% will use forward secrecy with most browsers. As of July 2023, 99.6% of web servers surveyed support some form of forward secrecy, and 75.2% will use forward secrecy with most browsers.

Certificate revocation

A certificate may be revoked before it expires, for example because the secrecy of the private key has been compromised. Newer versions of popular browsers such as Firefox, Opera, and Internet Explorer on Windows Vista implement the Online Certificate Status Protocol (OCSP) to verify that this is not the case. The browser sends the certificate's serial number to the certificate authority or its delegate via OCSP (Online Certificate Status Protocol) and the authority responds, telling the browser whether the certificate is still valid or not. The CA may also issue a CRL to tell people that these certificates are revoked. CRLs are no longer required by the CA/Browser forum, nevertheless, they are still widely used by the CAs. Most revocation statuses on the Internet disappear soon after the expiration of the certificates.

Limitations

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) encryption can be configured in two modes: simple and mutual. In simple mode, authentication is only performed by the server. The mutual version requires the user to install a personal client certificate in the web browser for user authentication. In either case, the level of protection depends on the correctness of the implementation of the software and the cryptographic algorithms in use.

SSL/TLS does not prevent the indexing of the site by a web crawler, and in some cases the URI of the encrypted resource can be inferred by knowing only the intercepted request/response size. This allows an attacker to have access to the plaintext (the publicly available static content), and the encrypted text (the encrypted version of the static content), permitting a cryptographic attack.

Because TLS operates at a protocol level below that of HTTP and has no knowledge of the higher-level protocols, TLS servers can only strictly present one certificate for a particular address and port combination. In the past, this meant that it was not feasible to use name-based virtual hosting with HTTPS. A solution called Server Name Indication (SNI) exists, which sends the hostname to the server before encrypting the connection, although many old browsers do not support this extension. Support for SNI is available since Firefox 2, Opera 8, Apple Safari 2.1, Google Chrome 6, and Internet Explorer 7 on Windows Vista.

From an architectural point of view:

  • An SSL/TLS connection is managed by the first front machine that initiates the TLS connection. If, for any reasons (routing, traffic optimization, etc.), this front machine is not the application server and it has to decipher data, solutions have to be found to propagate user authentication information or certificate to the application server, which needs to know who is going to be connected.
  • For SSL/TLS with mutual authentication, the SSL/TLS session is managed by the first server that initiates the connection. In situations where encryption has to be propagated along chained servers, session timeout management becomes extremely tricky to implement.
  • Security is maximal with mutual SSL/TLS, but on the client-side there is no way to properly end the SSL/TLS connection and disconnect the user except by waiting for the server session to expire or by closing all related client applications.

A sophisticated type of man-in-the-middle attack called SSL stripping was presented at the 2009 Blackhat Conference. This type of attack defeats the security provided by HTTPS by changing the https: link into an http: link, taking advantage of the fact that few Internet users actually type "https" into their browser interface: they get to a secure site by clicking on a link, and thus are fooled into thinking that they are using HTTPS when in fact they are using HTTP. The attacker then communicates in clear with the client. This prompted the development of a countermeasure in HTTP called HTTP Strict Transport Security.

HTTPS has been shown to be vulnerable to a range of traffic analysis attacks. Traffic analysis attacks are a type of side-channel attack that relies on variations in the timing and size of traffic in order to infer properties about the encrypted traffic itself. Traffic analysis is possible because SSL/TLS encryption changes the contents of traffic, but has minimal impact on the size and timing of traffic. In May 2010, a research paper by researchers from Microsoft Research and Indiana University discovered that detailed sensitive user data can be inferred from side channels such as packet sizes. The researchers found that, despite HTTPS protection in several high-profile, top-of-the-line web applications in healthcare, taxation, investment, and web search, an eavesdropper could infer the illnesses/medications/surgeries of the user, his/her family income, and investment secrets. Although this work demonstrated the vulnerability of HTTPS to traffic analysis, the approach presented by the authors required manual analysis and focused specifically on web applications protected by HTTPS.

The fact that most modern websites, including Google, Yahoo!, and Amazon, use HTTPS causes problems for many users trying to access public Wi-Fi hot spots, because a Wi-Fi hot spot login page fails to load if the user tries to open an HTTPS resource. Several websites, such as neverssl.com, guarantee that they will always remain accessible by HTTP.

History

Netscape Communications created HTTPS in 1994 for its Netscape Navigator web browser. Originally, HTTPS was used with the SSL protocol. As SSL evolved into Transport Layer Security (TLS), HTTPS was formally specified by RFC 2818 in May 2000. Google announced in February 2018 that its Chrome browser would mark HTTP sites as "Not Secure" after July 2018. This move was to encourage website owners to implement HTTPS, as an effort to make the World Wide Web more secure.

Compatibilism

From Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Compatibilism

Compatibilism is the belief that free will and determinism are mutually compatible and that it is possible to believe in both without being logically inconsistent.

Compatibilists believe that freedom can be present or absent in situations for reasons that have nothing to do with metaphysics. In other words, that causal determinism does not exclude the truth of possible future outcomes. Because free will is seen as a necessary prerequisite for moral responsibility, compatibilism is often used to support compatibility between moral responsibility and determinism.

Similarly, political liberty is a non-metaphysical concept. Statements of political liberty, such as the United States Bill of Rights, assume moral liberty: the ability to choose to do otherwise than what one does.

History

Compatibilism was mentioned and championed by the ancient Stoics and some medieval scholastics. More specifically, scholastics like Thomas Aquinas and later Thomists (such as Domingo Báñez) are often interpreted as holding that human action can be free, even though an agent in some strong sense could not do otherwise than what they did. Whereas Aquinas is often interpreted to maintain rational compatibilism (i.e., an action can be determined by rational cognition and yet free), later Thomists, such as Báñez, develop a sophisticated theory of theological determinism, according to which actions of free agents, despite being free, are, on a higher level, determined by infallible divine decrees manifested in the form of "physical premotion" (praemotio physica), a deterministic intervention of God into the will of a free agent required to reduce the will from potency to act. A strong incompatibilist view of freedom was, on the other hand, developed in the Franciscan tradition, especially by Duns Scotus, and later upheld and further developed by Jesuits, especially Luis de Molina and Francisco Suárez. In the early modern era, compatibilism was maintained by Enlightenment philosophers (such as David Hume and Thomas Hobbes).

During the 20th century, compatibilists presented novel arguments that differed from the classical arguments of Hume, Hobbes, and John Stuart Mill. Importantly, Harry Frankfurt popularized what are now known as Frankfurt counterexamples to argue against incompatibilism, and developed a positive account of compatibilist free will based on higher-order volitions. Other "new compatibilists" include Gary Watson, Susan R. Wolf, P. F. Strawson, and R. Jay Wallace. Contemporary compatibilists range from the philosopher and cognitive scientist Daniel Dennett, particularly in his works Elbow Room (1984) and Freedom Evolves (2003), to the existentialist philosopher Frithjof Bergmann. Perhaps the most renowned contemporary defender of compatibilism is John Martin Fischer.

A 2020 survey found that 59% of philosophers accept compatibilism.

Defining free will

Arthur Schopenhauer

Compatibilists often define an instance of "free will" as one in which the agent had the freedom to act according to their own motivation. That is, the agent was not coerced or restrained. Arthur Schopenhauer famously said: "Man can do what he wills but he cannot will what he wills." In other words, although an agent may often be free to act according to a motive, the nature of that motive is determined. This definition of free will does not rely on the truth or falsity of causal determinism. This view also makes free will close to autonomy, the ability to live according to one's own rules, as opposed to being submitted to external domination.

Alternatives as imaginary

Saying "there may be a person behind that door" merely expresses ignorance about the one, determined reality.

Some compatibilists hold both causal determinism (all effects have causes) and logical determinism (the future is already determined) to be true. Thus statements about the future (e.g., "it will rain tomorrow") are either true or false when spoken today. This compatibilist free will should not be understood as the ability to choose differently in an identical situation. A compatibilist may believe that a person can decide between several choices, but the choice is always determined by external factors. If the compatibilist says "I may visit tomorrow, or I may not", he is saying that he does not know what he will choose—whether he will choose to follow the subconscious urge to go or not.

Non-naturalism

Alternatives to strictly naturalist physics, such as mind–body dualism positing a mind or soul existing apart from one's body while perceiving, thinking, choosing freely, and as a result acting independently on the body, include both traditional religious metaphysics and less common newer compatibilist concepts. Also consistent with both autonomy and Darwinism, they allow for free personal agency based on practical reasons within the laws of physics. While less popular among 21st-century philosophers, non-naturalist compatibilism is present in most if not almost all religions.

Criticism

Compatibilism has much in common with "hard determinism", including moral systems and a belief in determinism itself.

A prominent criticism of compatibilism is Peter van Inwagen's consequence argument.

Critics of compatibilism often focus on the definitions of free will: incompatibilists may agree that the compatibilists are showing something to be compatible with determinism, but they think that this something ought not to be called "free will". Incompatibilists might accept the "freedom to act" as a necessary criterion for free will, but doubt that it is sufficient. The incompatibilists believe that free will refers to genuine (i.e., absolute, ultimate, physical) alternate possibilities for beliefs, desires, or actions, rather than merely counterfactual ones.

The direct predecessor to compatibilism was soft determinism (a term coined by William James, which used pejoratively. Soft determinism is the view that we (ordinary humans) have free will and determinism is true. (Compatibilists, by contrast, take no stand on the truth-value of determinism.) James accused the soft determinists of creating a "quagmire of evasion" by stealing the name of freedom to mask their underlying determinism. Immanuel Kant called it a "wretched subterfuge" and "word jugglery". Kant's argument turns on the view that, while all empirical phenomena must result from determining causes, human thought introduces something seemingly not found elsewhere in nature—the ability to conceive of the world in terms of how it ought to be, or how it might otherwise be. For Kant, subjective reasoning is necessarily distinct from how the world is empirically. Because of its capacity to distinguish is from ought, reasoning can "spontaneously" originate new events without being itself determined by what already exists. It is on this basis that Kant argues against a version of compatibilism in which, for instance, the actions of the criminal are comprehended as a blend of determining forces and free choice, which Kant regards as misusing the word free. Kant proposes that taking the compatibilist view involves denying the distinctly subjective capacity to re-think an intended course of action in terms of what ought to happen

Incompatibilism

From Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Incompatibilism
Classical incompatibilists agreed that determinism leaves no room for free will.

The term incompatibilism was coined in the 1960s, most likely by philosopher Keith Lehrer, to name the view that the thesis of determinism is logically incompatible with the classical thesis of free will. The term compatibilism was coined (also by Lehrer) to name the view that the classical free will thesis is logically compatible with determinism, i.e. it is possible for an ordinary human to exercise free will (the freedom-relevant ability to do otherwise) even in a universe at which determinism is true. These terms were originally coined for use within a research paradigm that was dominant among academics during the so-called "classical period" from the 1960s to 1980s, or what has been called the "classical analytic paradigm". Within the classical analytic paradigm, the problem of free will and determinism was understood as a Compatibility Question: "Is it possible for an ordinary human to exercise free will (classically defined as an ability to otherwise) when determinism is true?" Those working in the classical analytic paradigm who answered "no" were incompatibilists in the original, classical-analytic sense of the term, now commonly called classical incompatibilists; they proposed that determinism precludes free will because it precludes our ability to do otherwise. Those who answered "yes" were compatibilists in the original sense of the term, now commonly called classical compatibilists. Given that classical free will theorists (i.e. those working in the classical analytic paradigm) agreed that it is at least metaphysically possible for an ordinary human to exercise free will, all classical compatibilists accepted a compossibilist account of free will (i.e. a compossibilist interpretation of the ability to do otherwise) and all classical incompatibilists accepted a libertarian (a.k.a. libertarianist) account of free will (i.e. a libertarian/libertarianist interpretation of the ability to do otherwise).

The classical analytic paradigm has fallen out of favor over the last few decades, largely because philosophers no longer agree that free will is equivalent to some kind of ability to do otherwise; many hold that it is, instead, a type of sourcehood that does not require an ability to do otherwise. The number of philosophers who reject the classical assumption of anthropocentric possibilism, i.e. the view that it is at least metaphysically possible for a human to exercise free will, has also risen in recent years. As philosophers adjusted Lehrer's original (classical) definitions of the terms 'incompatibilism' and 'compatibilism' to reflect their own perspectives on the location of the purported "fundamental divide" among free will theorists, the terms 'incompatibilism' and 'compatibilism' have been given a variety of new meanings. At present, then, there is no standard meaning of the term 'incompatibilism' (or its complement 'compatibilism').

On one recent taxonomy, there are now at least three substantively different, non-classical uses of the term 'incompatibilism', or (if one prefers) three different types of incompatibilism, namely: neo-classical incompatibilism, post-classical incompatibilism (a.k.a. incompossibilism), and anti-classical incompatibilism; correspondingly, there are neo-classical, post-classical (compossibilist), and anti-classical versions of compatibilism as well. Neo-classical incompatibilism is a two-tenet view: (1) incompossibilism is true (i.e. it is metaphysically impossible for an ordinary human to act freely when determinism is true), and (2) determinism-related causal/nomological factors preclude free will (which explains why incompossibilism is true). Correspondingly, neo-classical compatibilism is the two-tenet view that (1) the negative, non-explanatory tenet of neo-classical incompatibilism is false (i.e. compossibilism is true), and (2) the positive, explanatory tenet of neo-classical incompatibilism is false. Anti-classical incompatibilism is the explanatory thesis of neo-classical incompatibilism; anti-classical incompatibilism is neutral on the truth-value of incompossibilism. Correspondingly, anti-classical compatibilism is the negation of neo-classical incompatibilism's positive tenet, i.e. anti-classical compatibilism is the contradictory of anti-classical incompatibilism. Post-classical incompatibilism is just the negative, non-explanatory thesis of neo-classical incompatibilism; this view is neutral on whether the positive, explanatory thesis of neo-classical incompatibilism is truIe. (Put another way, on the post-classical redefinition of 'incompatibilism', it is just an alternative name for incompossibilism, a view which is completely silent on whether determinism-related causal factors are relevant to free will or are a total red herring in discussions of free will.) Correspondingly, post-classical compatibilism is identical to compossibilism (i.e. on the post-classical redefinition of 'compatibilism', it denotes mere compossibilism).

The ambiguity of 'incompatibilism' can be a source of confusion because arguments with very different (even inconsistent) conclusions are currently lumped together under the umbrella phrase "arguments for incompatibilism." For example, it is easy for the casual reader to overlook that some arguments for post-classical incompatibilism (a.k.a. incompossibilism) are not arguments for neo-classical incompatibilism on the grounds that the argument does not aim to support the latter's explanatory tenet (a.k.a. anti-classical incompatibilism). Other arguments support post-classical incompatibilism (a.k.a. incompossibilism) but conclude that neo-classical incompatibilism is false on the grounds that its explanatory tenet (a.k.a. anti-classical incompatibilism) is false. Arguments in the last category conclude that people lack free will when determinism is true but not at all because determinism is true (i.e. not at all because certain causal/nomological factors obtain); most propose that the real threat to free will is that people lack adequate control over their own constitutive properties, or what is often called their "constitutive luck" (as opposed to causal luck).

Libertarianism

Free-will libertarianism is the view that the free-will thesis (that we, ordinary humans, have free will) is true and that determinism is false; in first-order language, it is the view that we (ordinary humans) have free will and the world does not behave in the way described by determinism. Libertarianism is one of the popular solutions to the problem of free will, roughly the problem of settling the question of whether we have free will and the logically prior question of what free will amounts to. The main rivals to libertarianism are soft determinism and hard determinism.

Libertarian Robert Kane (editor of the Oxford Handbook of Free Will) is a leading incompatibilist philosopher in favour of free will. Kane seeks to hold persons morally responsible for decisions that involved indeterminism in their process. Critics maintain that Kane fails to overcome the greatest challenge to such an endeavor: "the argument from luck". Namely, if a critical moral choice is a matter of luck (indeterminate quantum fluctuationIs), then on what grounds can we hold a person responsible for their final action? Moreover, even if we imagine that a person can make an act of will ahead of time, to make the moral action more probable in the upcoming critical moment, this act of 'willing' was itself a matter of luck. Kane objects to the validity of the argument from luck because the latter misrepresents the chance as if it is external to the act of choosing. The free will theorem of John H. Conway and Simon B. Kochen further establishes that if we have free will, then quantum particles also possess free will. This means that starting from the assumption that humans have free will, it is possible to pinpoint the origin of their free will in the quantum particles that constitute their brain.

Such philosophical stance risks an infinite regress, however; if any such mind is real, an objection can be raised that free will would be impossible if the choosing is shaped merely by luck or chance.

Libertarianism in the philosophy of mind is unrelated to the like-named political philosophy. It suggests that we actually do have free will, that it is incompatible with determinism, and that therefore the future is not determined. For example, at this moment, one could either continue reading this article if one wanted, or cease. Under this assertion, being that one could do either, the fact of how the history of the world will continue to unfold is not currently determined one way or the other.

One famous proponent of this view was Lucretius, who asserted that the free will arises out of the random, chaotic movements of atoms, called "clinamen". One major objection to this view is that science has gradually shown that more and more of the physical world obeys completely deterministic laws, and seems to suggest that our minds are just as much part of the physical world as anything else. If these assumptions are correct, incompatibilist libertarianism can only be maintained as the claim that free will is a supernatural phenomenon, which does not obey the laws of nature (as, for instance, maintained by some religious traditions).

However, many libertarian view points now rely upon an indeterministic view of the physical universe, under the assumption that the idea of a deterministic, clockwork universe has become outdated since the advent of quantum mechanics. By assuming an indeterministic universe, libertarian philosophical constructs can be proposed under the assumption of physicalism.

There are libertarian view points based upon indeterminism and physicalism, which is closely related to naturalism. A major problem for naturalistic libertarianism is to explain how indeterminism can be compatible with rationality and with appropriate connections between an individual's beliefs, desires, general character and actions. A variety of naturalistic libertarianism is promoted by Robert Kane, who emphasizes that if our character is formed indeterministically (in "self-forming actions"), then our actions can still flow from our character, and yet still be incompatibilistically free.

Alternatively, libertarian view points based upon indeterminism have been proposed without the assumption of naturalism. At the time C. S. Lewis wrote Miracles, quantum mechanics (and physical indeterminism) was only in the initial stages of acceptance, but still Lewis stated the logical possibility that, if the physical world was proved to be indeterministic, this would provide an entry (interaction) point into the traditionally viewed closed system, where a scientifically described physically probable/improbable event could be philosophically described as an action of a non-physical entity on physical reality (noting that, under a physicalist point of view, the non-physical entity must be independent of the self-identity or mental processing of the sentient being). Lewis mentions this only in passing, making clear that his thesis does not depend on it in any way.

Others may use some form of Donald Davidson's anomalous monism to suggest that although the mind is in fact part of the physical world, it involves a different level of description of the same facts, so that although there are deterministic laws under the physical description, there are no such laws under the mental description, and thus our actions are free and not determined.

Hard determinism

Schopenhauer said "Man is free to do what he wills, but he cannot will what he wills." The Hard Determinist says that obviously, then, there is no 'free will."

Those who reject free will and accept determinism are variously known as "hard determinists", hard incompatibilists, free will skeptics, illusionists, or impossibilists. They believe that there is no 'free will' and that any sense of the contrary is an illusion. Of course, hard determinists do not deny that one has desires, but say that these desires are causally determined by an unbroken chain of prior occurrences. According to this philosophy, no wholly random, spontaneous, mysterious, or miraculous events occur. Determinists sometimes assert that it is stubborn to resist scientifically motivated determinism on purely intuitive grounds about one's own sense of freedom. They reason that the history of the development of science suggests that determinism is the logical method in which reality works.

William James said that philosophers (and scientists) have an "antipathy to chance." Absolute chance, a possible implication of quantum mechanics and the indeterminacy principle, supports the existence of indefinite causal structures.

Moral implications

Since many believe that free will is necessary for moral responsibility, hard determinism may imply disastrous consequences for their theory of ethics, resulting in a domino theory of moral nonresponsibility.

As something of a solution to this predicament, one might embrace the so-called "illusion" of free will. This thesis argues in favor of maintaining the prevailing belief in free will for the sake of preserving moral responsibility and the concept of ethics. However, critics argue that this move renders morality merely another "illusion", or else that this move is simply hypocritical.

The determinist will add that, even if denying free will does mean morality is incoherent, such an unfortunate result has no effect on the truth. Note, however, that hard determinists often have some sort of 'moral system' that relies explicitly on determinism. A determinist's moral system simply bears in mind that every person's actions in a given situation are, in theory, predicted by the interplay of environment and upbringing. For instance, the determinist may still punish undesirable behaviours for reasons of behaviour modification or deterrence.

Hard incompatibilism

Hard incompatibilism, like hard determinism, is a type of skepticism about free will. 'Hard incompatibilism' is a term coined by Derk Pereboom to designate the view that both determinism and indeterminism are incompatible with having free will and moral responsibility. Like the hard determinist, the hard incompatibilist holds that if determinism were true, our having free will would be ruled out. But Pereboom argues in addition that if our decisions were indeterministic events, free will would also be precluded. In his view, free will is the control in action required for the desert aspect of moral responsibility—for our deserving to be blamed or punished for immoral actions, and to be praised or rewarded for morally exemplary actions. He contends that if our decisions were indeterministic events, their occurrence would not be in the control of the agent in the way required for such attributions of desert. The possibility for free will that remains is libertarian agent causation, according to which agents as substances (thus not merely as having a role in events) can cause actions without being causally determined to do so. Pereboom argues that for empirical reasons it is unlikely that we are agent causes of this sort, and that as a result, it is likely that we lack free will.

Experimental research

In recent years researchers in the field of experimental philosophy have been working on determining whether ordinary people, who are not experts in this field, naturally have compatibilist or incompatibilist intuitions about determinism and moral responsibility. Some experimental work has even conducted cross-cultural studies. The debate about whether people naturally have compatibilist or incompatibilist intuitions has not come out overwhelmingly in favor of one view or the other. Still, there has been some evidence that people can naturally hold both views. For instance, when people are presented with abstract cases which ask if a person could be morally responsible for an immoral act when they could not have done otherwise, people tend to say no, or give incompatibilist answers, but when presented with a specific immoral act that a specific person committed, people tend to say that that person is morally responsible for their actions, even if they were determined (that is, people also give compatibilist answers).

Algorithmic efficiency

From Wikipedia, the free encyclopedia

In computer science, algorithmic efficiency is a property of an algorithm which relates to the amount of computational resources used by the algorithm. An algorithm must be analyzed to determine its resource usage, and the efficiency of an algorithm can be measured based on the usage of different resources. Algorithmic efficiency can be thought of as analogous to engineering productivity for a repeating or continuous process.

For maximum efficiency it is desirable to minimize resource usage. However, different resources such as time and space complexity cannot be compared directly, so which of two algorithms is considered to be more efficient often depends on which measure of efficiency is considered most important.

For example, bubble sort and timsort are both algorithms to sort a list of items from smallest to largest. Bubble sort sorts the list in time proportional to the number of elements squared (, see Big O notation), but only requires a small amount of extra memory which is constant with respect to the length of the list (). Timsort sorts the list in time linearithmic (proportional to a quantity times its logarithm) in the list's length (), but has a space requirement linear in the length of the list (). If large lists must be sorted at high speed for a given application, timsort is a better choice; however, if minimizing the memory footprint of the sorting is more important, bubble sort is a better choice.

Background

The importance of efficiency with respect to time was emphasised by Ada Lovelace in 1843 as applied to Charles Babbage's mechanical analytical engine:

"In almost every computation a great variety of arrangements for the succession of the processes is possible, and various considerations must influence the selections amongst them for the purposes of a calculating engine. One essential object is to choose that arrangement which shall tend to reduce to a minimum the time necessary for completing the calculation"

Early electronic computers had both limited speed and limited random access memory. Therefore, a space–time trade-off occurred. A task could use a fast algorithm using a lot of memory, or it could use a slow algorithm using little memory. The engineering trade-off was then to use the fastest algorithm that could fit in the available memory.

Modern computers are significantly faster than the early computers, and have a much larger amount of memory available (Gigabytes instead of Kilobytes). Nevertheless, Donald Knuth emphasised that efficiency is still an important consideration:

"In established engineering disciplines a 12% improvement, easily obtained, is never considered marginal and I believe the same viewpoint should prevail in software engineering"

Overview

An algorithm is considered efficient if its resource consumption, also known as computational cost, is at or below some acceptable level. Roughly speaking, 'acceptable' means: it will run in a reasonable amount of time or space on an available computer, typically as a function of the size of the input. Since the 1950s computers have seen dramatic increases in both the available computational power and in the available amount of memory, so current acceptable levels would have been unacceptable even 10 years ago. In fact, thanks to the approximate doubling of computer power every 2 years, tasks that are acceptably efficient on modern smartphones and embedded systems may have been unacceptably inefficient for industrial servers 10 years ago.

Computer manufacturers frequently bring out new models, often with higher performance. Software costs can be quite high, so in some cases the simplest and cheapest way of getting higher performance might be to just buy a faster computer, provided it is compatible with an existing computer.

There are many ways in which the resources used by an algorithm can be measured: the two most common measures are speed and memory usage; other measures could include transmission speed, temporary disk usage, long-term disk usage, power consumption, total cost of ownership, response time to external stimuli, etc. Many of these measures depend on the size of the input to the algorithm, i.e. the amount of data to be processed. They might also depend on the way in which the data is arranged; for example, some sorting algorithms perform poorly on data which is already sorted, or which is sorted in reverse order.

In practice, there are other factors which can affect the efficiency of an algorithm, such as requirements for accuracy and/or reliability. As detailed below, the way in which an algorithm is implemented can also have a significant effect on actual efficiency, though many aspects of this relate to optimization issues.

Theoretical analysis

In the theoretical analysis of algorithms, the normal practice is to estimate their complexity in the asymptotic sense. The most commonly used notation to describe resource consumption or "complexity" is Donald Knuth's Big O notation, representing the complexity of an algorithm as a function of the size of the input . Big O notation is an asymptotic measure of function complexity, where roughly means the time requirement for an algorithm is proportional to , omitting lower-order terms that contribute less than to the growth of the function as grows arbitrarily large. This estimate may be misleading when is small, but is generally sufficiently accurate when is large as the notation is asymptotic. For example, bubble sort may be faster than merge sort when only a few items are to be sorted; however either implementation is likely to meet performance requirements for a small list. Typically, programmers are interested in algorithms that scale efficiently to large input sizes, and merge sort is preferred over bubble sort for lists of length encountered in most data-intensive programs.

Some examples of Big O notation applied to algorithms' asymptotic time complexity include:

Notation Name Examples
constant Finding the median from a sorted list of measurements; Using a constant-size lookup table; Using a suitable hash function for looking up an item.
logarithmic Finding an item in a sorted array with a binary search or a balanced search tree as well as all operations in a Binomial heap.
linear Finding an item in an unsorted list or a malformed tree (worst case) or in an unsorted array; Adding two n-bit integers by ripple carry.
linearithmic, loglinear, or quasilinear Performing a Fast Fourier transform; heapsort, quicksort (best and average case), or merge sort
quadratic Multiplying two n-digit numbers by a simple algorithm; bubble sort (worst case or naive implementation), Shell sort, quicksort (worst case), selection sort or insertion sort
exponential Finding the optimal (non-approximate) solution to the travelling salesman problem using dynamic programming; determining if two logical statements are equivalent using brute-force search

Benchmarking: measuring performance

For new versions of software or to provide comparisons with competitive systems, benchmarks are sometimes used, which assist with gauging an algorithms relative performance. If a new sort algorithm is produced, for example, it can be compared with its predecessors to ensure that at least it is efficient as before with known data, taking into consideration any functional improvements. Benchmarks can be used by customers when comparing various products from alternative suppliers to estimate which product will best suit their specific requirements in terms of functionality and performance. For example, in the mainframe world certain proprietary sort products from independent software companies such as Syncsort compete with products from the major suppliers such as IBM for speed.

Some benchmarks provide opportunities for producing an analysis comparing the relative speed of various compiled and interpreted languages for example and The Computer Language Benchmarks Game compares the performance of implementations of typical programming problems in several programming languages.

Even creating "do it yourself" benchmarks can demonstrate the relative performance of different programming languages, using a variety of user specified criteria. This is quite simple, as a "Nine language performance roundup" by Christopher W. Cowell-Shah demonstrates by example.

Implementation concerns

Implementation issues can also have an effect on efficiency, such as the choice of programming language, or the way in which the algorithm is actually coded, or the choice of a compiler for a particular language, or the compilation options used, or even the operating system being used. In many cases a language implemented by an interpreter may be much slower than a language implemented by a compiler. See the articles on just-in-time compilation and interpreted languages.

There are other factors which may affect time or space issues, but which may be outside of a programmer's control; these include data alignment, data granularity, cache locality, cache coherency, garbage collection, instruction-level parallelism, multi-threading (at either a hardware or software level), simultaneous multitasking, and subroutine calls.

Some processors have capabilities for vector processing, which allow a single instruction to operate on multiple operands; it may or may not be easy for a programmer or compiler to use these capabilities. Algorithms designed for sequential processing may need to be completely redesigned to make use of parallel processing, or they could be easily reconfigured. As parallel and distributed computing grow in importance in the late 2010s, more investments are being made into efficient high-level APIs for parallel and distributed computing systems such as CUDA, TensorFlow, Hadoop, OpenMP and MPI.

Another problem which can arise in programming is that processors compatible with the same instruction set (such as x86-64 or ARM) may implement an instruction in different ways, so that instructions which are relatively fast on some models may be relatively slow on other models. This often presents challenges to optimizing compilers, which must have a great amount of knowledge of the specific CPU and other hardware available on the compilation target to best optimize a program for performance. In the extreme case, a compiler may be forced to emulate instructions not supported on a compilation target platform, forcing it to generate code or link an external library call to produce a result that is otherwise incomputable on that platform, even if it is natively supported and more efficient in hardware on other platforms. This is often the case in embedded systems with respect to floating-point arithmetic, where small and low-power microcontrollers often lack hardware support for floating-point arithmetic and thus require computationally expensive software routines to produce floating point calculations.

Measures of resource usage

Measures are normally expressed as a function of the size of the input .

The two most common measures are:

  • Time: how long does the algorithm take to complete?
  • Space: how much working memory (typically RAM) is needed by the algorithm? This has two aspects: the amount of memory needed by the code (auxiliary space usage), and the amount of memory needed for the data on which the code operates (intrinsic space usage).

For computers whose power is supplied by a battery (e.g. laptops and smartphones), or for very long/large calculations (e.g. supercomputers), other measures of interest are:

  • Direct power consumption: power needed directly to operate the computer.
  • Indirect power consumption: power needed for cooling, lighting, etc.

As of 2018, power consumption is growing as an important metric for computational tasks of all types and at all scales ranging from embedded Internet of things devices to system-on-chip devices to server farms. This trend is often referred to as green computing.

Less common measures of computational efficiency may also be relevant in some cases:

  • Transmission size: bandwidth could be a limiting factor. Data compression can be used to reduce the amount of data to be transmitted. Displaying a picture or image (e.g. Google logo) can result in transmitting tens of thousands of bytes (48K in this case) compared with transmitting six bytes for the text "Google". This is important for I/O bound computing tasks.
  • External space: space needed on a disk or other external memory device; this could be for temporary storage while the algorithm is being carried out, or it could be long-term storage needed to be carried forward for future reference.
  • Response time (latency): this is particularly relevant in a real-time application when the computer system must respond quickly to some external event.
  • Total cost of ownership: particularly if a computer is dedicated to one particular algorithm.

Time

Theory

Analyze the algorithm, typically using time complexity analysis to get an estimate of the running time as a function of the size of the input data. The result is normally expressed using Big O notation. This is useful for comparing algorithms, especially when a large amount of data is to be processed. More detailed estimates are needed to compare algorithm performance when the amount of data is small, although this is likely to be of less importance. Algorithms which include parallel processing may be more difficult to analyze.

Practice

Use a benchmark to time the use of an algorithm. Many programming languages have an available function which provides CPU time usage. For long-running algorithms the elapsed time could also be of interest. Results should generally be averaged over several tests.

Run-based profiling can be very sensitive to hardware configuration and the possibility of other programs or tasks running at the same time in a multi-processing and multi-programming environment.

This sort of test also depends heavily on the selection of a particular programming language, compiler, and compiler options, so algorithms being compared must all be implemented under the same conditions.

Space

This section is concerned with use of memory resources (registers, cache, RAM, virtual memory, secondary memory) while the algorithm is being executed. As for time analysis above, analyze the algorithm, typically using space complexity analysis to get an estimate of the run-time memory needed as a function as the size of the input data. The result is normally expressed using Big O notation.

There are up to four aspects of memory usage to consider:

  • The amount of memory needed to hold the code for the algorithm.
  • The amount of memory needed for the input data.
  • The amount of memory needed for any output data.
    • Some algorithms, such as sorting, often rearrange the input data and do not need any additional space for output data. This property is referred to as "in-place" operation.
  • The amount of memory needed as working space during the calculation.

Early electronic computers, and early home computers, had relatively small amounts of working memory. For example, the 1949 Electronic Delay Storage Automatic Calculator (EDSAC) had a maximum working memory of 1024 17-bit words, while the 1980 Sinclair ZX80 came initially with 1024 8-bit bytes of working memory. In the late 2010s, it is typical for personal computers to have between 4 and 32 GB of RAM, an increase of over 300 million times as much memory.

Caching and memory hierarchy

Current computers can have relatively large amounts of memory (possibly Gigabytes), so having to squeeze an algorithm into a confined amount of memory is much less of a problem than it used to be. But the presence of four different categories of memory can be significant:

  • Processor registers, the fastest of computer memory technologies with the least amount of storage space. Most direct computation on modern computers occurs with source and destination operands in registers before being updated to the cache, main memory and virtual memory if needed. On a processor core, there are typically on the order of hundreds of bytes or fewer of register availability, although a register file may contain more physical registers than architectural registers defined in the instruction set architecture.
  • Cache memory is the second fastest and second smallest memory available in the memory hierarchy. Caches are present in CPUs, GPUs, hard disk drives and external peripherals, and are typically implemented in static RAM. Memory caches are multi-leveled; lower levels are larger, slower and typically shared between processor cores in multi-core processors. In order to process operands in cache memory, a processing unit must fetch the data from the cache, perform the operation in registers and write the data back to the cache. This operates at speeds comparable (about 2-10 times slower) with the CPU or GPU's arithmetic logic unit or floating-point unit if in the L1 cache. It is about 10 times slower if there is an L1 cache miss and it must be retrieved from and written to the L2 cache, and a further 10 times slower if there is an L2 cache miss and it must be retrieved from an L3 cache, if present.
  • Main physical memory is most often implemented in dynamic RAM (DRAM). The main memory is much larger (typically gigabytes compared to ≈8 megabytes) than an L3 CPU cache, with read and write latencies typically 10-100 times slower. As of 2018, RAM is increasingly implemented on-chip of processors, as CPU or GPU memory.
  • Virtual memory is most often implemented in terms of secondary storage such as a hard disk, and is an extension to the memory hierarchy that has much larger storage space but much larger latency, typically around 1000 times slower than a cache miss for a value in RAM. While originally motivated to create the impression of higher amounts of memory being available than were truly available, virtual memory is more important in contemporary usage for its time-space tradeoff and enabling the usage of virtual machines. Cache misses from main memory are called page faults, and incur huge performance penalties on programs.

An algorithm whose memory needs will fit in cache memory will be much faster than an algorithm which fits in main memory, which in turn will be very much faster than an algorithm which has to resort to virtual memory. Because of this, cache replacement policies are extremely important to high-performance computing, as are cache-aware programming and data alignment. To further complicate the issue, some systems have up to three levels of cache memory, with varying effective speeds. Different systems will have different amounts of these various types of memory, so the effect of algorithm memory needs can vary greatly from one system to another.

In the early days of electronic computing, if an algorithm and its data would not fit in main memory then the algorithm could not be used. Nowadays the use of virtual memory appears to provide much memory, but at the cost of performance. If an algorithm and its data will fit in cache memory, then very high speed can be obtained; in this case minimizing space will also help minimize time. This is called the principle of locality, and can be subdivided into locality of reference, spatial locality and temporal locality. An algorithm which will not fit completely in cache memory but which exhibits locality of reference may perform reasonably well.

Criticism of the current state of programming

Software efficiency halves every 18 months, compensating Moore's Law

May goes on to state:

In ubiquitous systems, halving the instructions executed can double the battery life and big data sets bring big opportunities for better software and algorithms: Reducing the number of operations from N × N to N × log(N) has a dramatic effect when N is large ... for N = 30 billion, this change is as good as 50 years of technology improvements.

  • Software author Adam N. Rosenburg in his blog "The failure of the Digital computer", has described the current state of programming as nearing the "Software event horizon", (alluding to the fictitious "shoe event horizon" described by Douglas Adams in his Hitchhiker's Guide to the Galaxy book). He estimates there has been a 70 dB factor loss of productivity or "99.99999 percent, of its ability to deliver the goods", since the 1980s—"When Arthur C. Clarke compared the reality of computing in 2001 to the computer HAL 9000 in his book 2001: A Space Odyssey, he pointed out how wonderfully small and powerful computers were but how disappointing computer programming had become".

Operator (computer programming)

From Wikipedia, the free encyclopedia https://en.wikipedia.org/wiki/Operator_(computer_programmin...