2021-04-14 APR
Journal Club 9:30-10:30
The research community has proposed copious modifications to the Transformer architecture since it was introduced over three years ago, relatively few of which have seen widespread adoption. In this paper, we comprehensively evaluate many of these modifications in a shared experimental setting that covers most of the common uses of the Transformer in natural language processing. Surprisingly, we find that most modifications do not meaningfully improve performance. Furthermore, most of the Transformer variants we found beneficial were either developed in the same codebase that we used or are relatively minor changes. We conjecture that performance improvements may strongly depend on implementation details and correspondingly make some recommendations for improving the generality of experimental results.
Hackathon - 10:30-11:30
Client-side OAuth: Potential risk with exposing the client_secret
What if the client_id and client_secret was used on a backend service?
(they are both public when there is no proxy and only the first is mandatory)Google OAuth works without client_secret, so is this specific to Box's OAuth implementation?
(no, they are just ahead of most. Recall the distinction between public and confidential Apps)
Custom object update
Silly exploits - https://episphere.github.io/plotly
SAS w Box just like RStudio
Lorena
https://blogs.sas.com/content/sasdummy/2018/01/16/hide-rest-api-tokens
...