SoylentNews

Arthur T Knackerbracket has processed the following story:

The software engineering job market has experienced a significant downturn, with job openings hitting a five-year low, according to an analysis of data from Indeed by Practical Engineer. The statistics reveal a stark 35 percent decrease in software developer job listings compared to five years ago, marking a dramatic shift in the industry's employment landscape.

This decline is particularly noteworthy when compared to other sectors. While the overall job market has seen a 10 percent increase in listings since February 2020, software development positions have plummeted. This contrasts sharply with growth in areas such as construction (25 percent), accounting (24 percent), and electrical engineering (20 percent).

The software development sector has also experienced very volatile fluctuations in recent years. Job listings more than doubled during the pandemic-era boom of 2021 and 2022, outpacing all other industries. However, this surge was followed by an equally dramatic fall, with current vacancy numbers 3.5 times lower than their mid-2022 peak.

Several factors contribute to this decline. The end of zero-percent interest rates has had a significant impact on the tech industry, affecting hiring practices, venture capital funding, and the survival of tech startups. However, this alone doesn't explain the hiring slowdown and layoffs at highly profitable Big Tech companies like Microsoft, Meta, Amazon, and Google, according to author Gergely Orosz.

He posits that many companies may still be adjusting after over-recruiting in 2021-2022, leading to a more cautious approach to hiring.

Additionally, the rise of generative AI and LLMs may be influencing the job market. These technologies have shown particular promise in coding – 75 percent of engineers reported the use of AI coding tools in a recent survey. Some speculate that companies might be adopting a "wait and see" approach, assessing the potential productivity gains from these tools before expanding their engineering teams.

[...] Orosz also points out that Indeed's data may not provide a complete picture of the job market. The platform may be losing popularity for posting software engineering jobs, particularly among startups and some Big Tech companies. For instance, Microsoft lists more software-related jobs on its own site than are reflected in Indeed's data.

So, while the Indeed data should be considered directionally correct, indicating a genuine decrease in developer job listings, it may not fully represent hiring trends in startups or accurately track Big Tech hiring. Still, it is clear that the software engineering job market is undergoing significant changes, influenced by economic factors, technological advancements, and evolving company strategies.

Original Submission

fliptop writes:

Companies are advised to constantly update their apps and software, and patch known network vulnerabilities to prevent such attacks:

A ransomware group called "Ghost" is exploiting the network vulnerabilities of various organizations to gain access to their systems, according to a joint advisory issued by multiple U.S. federal agencies.

"Beginning early 2021, Ghost actors began attacking victims whose internet-facing services ran outdated versions of software and firmware," the Cybersecurity and Infrastructure Security Agency (CISA) said in the Feb. 19 joint advisory. "Ghost actors, located in China, conduct these widespread attacks for financial gain."

The attacks have targeted schools and universities, government networks, critical infrastructure, technology and manufacturing companies, health care, and several small and mid-sized businesses.

[...] The criminals use publicly available code to exploit "common vulnerabilities and exposures" of their targets to secure access to servers. They leverage vulnerabilities in servers running Adobe ColdFusion, Microsoft Exchange, and Microsoft SharePoint.

Also at BleepingComputer.

Related:

• Chinese Salt Typhoon Hackers 1st Spotted on Federal Networks Under Another Name
• U.S. Treasury Confirms It Was Breached by China-Backed Hackers
• A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
• U.S. Officials Urge Americans to Use Encrypted Apps Amid Unprecedented Cyberattack
• T-Mobile Hacked in Massive Chinese Breach of Telecom Networks, WSJ Reports

Original Submission

Arthur T Knackerbracket has processed the following story:

A scheme involving the resale of used Seagate Exos enterprise-grade hard drives as new was uncovered earlier this month, but we have now learned that it reportedly affects not only Exos HDDs but also Seagate's IronWolf Pro HDDs, according to an investigation conducted by Lutz Labs from ComputerBase. Fraudsters erase usage records, alter serial numbers, and modify labels to deceive buyers, but it is still possible to determine that the particular drive had been in use, and by now, there are multiple ways to detect such falsified HDDs. 

Both Exos and IronWolf Pro are extremely reliable hard disk drives. Seagate's Exos HDDs are aimed at enterprises and hyperscale cloud service providers and are meant to operate 24/7, whereas IronWolf Pro is designed for enterprise-grade NAS environments that also work in 24/7 mode. While these drives share a lot in terms of hardware platforms, they have different firmware. Given the reliability, performance, and capacity points of IronWolf Pro HDDs, they are good candidates for use in Chia mining. As such, the current theory is that Chia miners are selling off used hard drives from mining farms, and it would make sense they may have both Exos and IronWolf Pro devices.

Falsified Seagate's Exos and IronWolf Pro hard drives are sold by retailers in different countries and generally look almost like new. The drives appear unused to the software because their internal usage logs, specifically SMART parameters, were wiped. However, a closer look at these drives may reveal slight dents and scratches on the chassis as well as scratches on their SATA connector, which are clear signs of previous use. 

Also, the QR codes on counterfeit units have been tampered with. Instead of linking to Seagate's usual verification page, they redirect to a warranty check that does not display the serial number or storage capacity, making it harder to verify authenticity. Since the labels on the drives are false, there are slight variations in label alignment and scaling. Finally, tools like smartmontools that can read Seagate's FARM (field-accessible reliability metrics) values reveal that some had operated for over 50,000 hours. 

So far, no similar cases have been reported for Toshiba or Western Digital. However, detecting tampering in these brands is more difficult since they lack Seagate's FARM values (which are only available on Exos, IronWolf, IronWolf Pro, and perhaps SkyHawk drives, according to ComputerBase), which store extensive usage history. 

Original Submission

Arthur T Knackerbracket has processed the following story:

It’s not every day that we get to see a glimpse of what a mysterious space plane is up to in orbit. This week, the US Space Force shared a picture it says was snapped last year by the X-37B, showing Earth in the distance and a bit of the craft itself. X-37B launched on its seventh mission at the end of 2023, though not much is known about what that mission entails. Its previous flight, which wrapped up in 2022, set a new endurance record for the space plane, logging 908 days in orbit.

There isn't too much information to glean from the photo, but it does offer a rare look at X-37B in space. “An X-37B onboard camera, used to ensure the health and safety of the vehicle, captures an image of Earth while conducting experiments in HEO in 2024,” the Space Force wrote on X.

One thing we have been told about the current mission is that it marks the first time the Boeing-made X-37B has tried out a maneuver known as aerobraking, or a more fuel-efficient method of changing orbit through “a series of passes using the drag of Earth's atmosphere.” The Space Force said back in October that the vehicle had begun the process, and the latest update indicates it was successful. “The X-37B executed a series of first-of-kind maneuvers, called aerobraking, to safely change its orbit using minimal fuel,” the Space Force noted. It's unknown how much longer the mission is expected to go on.

Original Submission

From our shy community member: https://www.fincen.gov/boi

As discussed here earlier the US Treasury FinCen beneficial ownership information (BOI) reporting requirements for millions of small businesses are back again. They have ping-ponged on and off several times since the end of 2024.

Now it seems there was a judgement in the Texas lawsuit:

... However, because the Department of the Treasury recognizes that reporting companies may need additional time to comply with their BOI reporting obligations, FinCEN is generally extending the deadline 30 calendar days from February 19, 2025, for most companies.

Notably, in keeping with Treasury's commitment to reducing regulatory burden on businesses, during this 30-day period FinCEN will assess its options to further modify deadlines, while prioritizing reporting for those entities that pose the most significant national security risks.

FinCEN also intends to initiate a process this year to revise the BOI reporting rule to reduce burden for lower-risk entities, including many U.S. small businesses.

[...] For the vast majority of reporting companies, the new deadline to file an initial, updated, and/or corrected BOI report is now March 21, 2025. FinCEN will provide an update before then of any further modification of this deadline, recognizing that reporting companies may need additional time to comply with their BOI reporting obligations once this update is provided. [continues with exceptions]

Reading between the lines, your SN small business owner is guessing that, "reduce burden for lower-risk entities, including many U.S. small businesses" means that the Treasury is expecting Musk and DOGE to hit this topic, any day now.

Original Submission

Arthur T Knackerbracket has processed the following story:

When a group of amateur treasure seekers set out on an expedition in Poland at the end of January, they weren’t sure what they’d find. On previous trips, while sweeping the ground with metal detectors, they found fascinating trinkets, including thirteenth-century Carolingian dynasty coins. This time around, they found something more mighty: a big honking sword from the Middle Ages.

The giant blade, which was clearly meant to be handled with two hands, was found alongside two axes in the country’s Nowomiejskie district. The discovery was made by members of a group that calls itself GRYF—Biskupieckie Stowarzyszenie Detektorystyczne, which Google translates to the Diocesan Detection Association.

Alas, this is not a band of plucky private eyes, but rather a “group of history enthusiasts and treasure hunters,” according to their Facebook page. The club actually sounds pretty rad, with fun activities planned, including an upcoming hunt for Napoleonic-era artifacts. If you’ll be in Poland when it happens, you should definitely join in. They’ve also done some good in the community, having organized a cleanup of a forgotten Jewish cemetery in the woods close to the town of Lubawa in November.

The January search was conducted in conjunction with the Ostroda Museum, which will eventually make the weapons part of its permanent display. “We are starting to work on their permanent security, proper preservation is preceded by a series of x-rays,” the museum said on its Facebook page. “This year we plan to present the monuments as part of our permanent exhibition.”

The sword, which measures just under 3.2 feet (1 meter), was, as you would expect, extremely rusted and weathered by the centuries, but is otherwise well preserved, with its blade, pommel, and handle all intact. The axe blades were in similarly good condition, albeit less complete.

Details about the weapons’ origins are scant, as the museum didn’t specify their age or who might have wielded them. All that’s known is that they are Medieval in origin, though that’s vague, as the Middle Ages lasted roughly 1,000 years, from the fifth to the fifteenth century. According to a paper published by University of Lodz associate professor Anna Kowalska-Pietrzak, Poland during that time was largely inhabited by a number of Slavic tribes, though there was an invasion by Teutonic Knights in the fifteenth century.

As Archaeology News reported, the sword’s design is similar to “hand-and-a-half” weapons that were popular in Western Europe during the Late Middle Ages, and were crafted to stab through armor. The publication cited unnamed experts who said that, as the weapons were found near the Osa River, they may have spent centuries underwater, which would have contributed to their remarkably preserved state.

See, kids? Cool things happen when you put down the cellphones and go outside.

Original Submission

fliptop writes:

Over at ACM.org, Bjarne Stroustrup presents the key contemporary C++ mechanism designed to maintain compatibility over decades:

It is now 45+ years since C++ was first conceived. As planned, it evolved to meet challenges, but many developers use C++ as if it was still the previous millennium. This is suboptimal from the perspective of ease of expressing ideas, performance, reliability, and maintainability. Here, I present the key concepts on which performant, type safe, and flexible C++ software can be built: resource management, life-time management, error-handling, modularity, and generic programming. At the end, I present ways to ensure that code is contemporary, rather than relying on outdated, unsafe, and hard-to-maintain techniques: guidelines and profiles.

The article lays out the ideals and talks about resource management, modularity and generic programming, among other topics. It concludes:

C++ was designed to evolve. When I started, not only didn't I have the resources to design and implement my ideal language, but I also understood that I needed the feedback from use to turn my ideals into practical reality. And evolve it did while staying true to its fundamental aims24. Contemporary C++ (C++23) is a much better approximation to the ideals than any earlier version, including support for better code quality, type safety, expressive power, performance, and for a much wider range of application areas.

However, the evolutionary approach caused some serious problems. Many people got stuck with an outdated view of what C++ is. Today, we still see endless mentions of the mythical language C/C++, usually implying a view of C++ as a minor extension of C embodying all the worst aspects of C together with grotesque misuses of complex C++ features. Other sources describe C++ as a failed attempt to design Java. Also, tool support in areas such as package management and build systems have lagged because of a community focus on older styles of use.

Original Submission

Arthur T Knackerbracket has processed the following story:

United States president Donald Trump last Friday issued a memorandum that suggests imposition of tariffs on nations that dare to tax big tech companies.

The memorandum mentions the digital services taxes (DSTs) were introduced to capture profits from revenue that tech companies generate in one country but collect in another. Netflix is often cited as an example of why such taxes are needed, because many of its customers around the world paid their subscriptions to an entity in The Netherlands. Governments argued that was inappropriate because Netflix was selling to their citizens, who consumed the vid-streamer’s services in their territory, and that a Netflix subscription therefore represented economic activity in their jurisdictions that should be taxed like any other.

Another reason DSTs were considered was that Netflix’s Netherlands scheme, like many other structures used by Big Tech companies, are legal-but-cynical tax efforts at reducing their tax bills to levels well below those local companies pay.

The OECD developed measures to prevent multinational companies using such tactics, and they have been widely adopted without stopping all of Big Tech’s tax tricks. DSTS were pitched as necessary – perhaps temporarily – while the OECD approach was developed, and adopted.

Trump’s opposition to DSTs is not new: the Biden administration felt they disproportionately targeted US businesses and threatened 25 percent tariffs if they were not removed. The UK and Europe dropped some of the taxes, as did India.

Tariffs are now back on the agenda for remaining digital services taxes. As outlined in a Friday memorandum, Trump stated: “My Administration will not allow American companies and workers and American economic and national security interests to be compromised by one-sided, anti-competitive policies and practices of foreign governments. American businesses will no longer prop up failed foreign economies through extortive fines and taxes.”

“All of these measures violate American sovereignty and offshore American jobs, limit American companies’ global competitiveness, and increase American operational costs while exposing our sensitive information to potentially hostile foreign regulators,” the Memorandum adds.

The document also calls for US authorities to consider DSTs in its report on the OECD tax measures mentioned above, which Trump also feels unjustly penalize American businesses.

The Memorandum instructs the US Trade Representative to “identify tools the United States can use to secure among trading partners a permanent moratorium on customs duties on electronic transmissions.” Just when those tools will be identified, and implemented, is unknown.

However the administration’s intent is clear: Big Tech should not be taxed by any nation other than the US, which itself struggles to tax its top tech companies thanks to the tax minimization schemes the OECD deal was designed to dent.

Original Submission

Arthur T Knackerbracket has processed the following story:

The semiconductor industry is expanding rapidly as countries race to build new fabs. While it takes around 19 months to build a fab in Taiwan, it takes a whopping 38 months to build a fab in the U.S. due to the extensive time it takes to get a permit and because fabs are not constructed 24/7, according to Exyte, a leading engineering, construction, and design company that specializes in high-tech facilities like chip production plants, reports Semiconductor Digest.

Taiwan completes fabs in around 19 months, followed by Singapore and Malaysia at 23 months. European projects take 34 months, while the U.S. is the slowest at 38 months. A key reason for this is Taiwan's streamlined permit process and round-the-clock construction, whereas the U.S. and Europe face delays in approvals and do not construct 24/7. The U.S. has enacted a law that exempts certain U.S. fabs from federal environmental assessments, but that is obviously not enough to be on par with Taiwan.

Costs also differ widely. Constructing a plant in the U.S. is about twice as expensive as in Taiwan, despite similar equipment costs, according to Exyte. This discrepancy arises from higher labor costs, extensive regulatory requirements, and inefficiencies in supply chains. Also, Taiwanese workforce is highly experienced, so Taiwanese builders require fewer detailed blueprints because they are familiar with every step of the process, which speeds up completion of fab projects, according to Herbert Blaschitz, an executive at Exyte.

To compete efficiently with Taiwan — which has a well-integrated supply chain, experienced workforce, and efficient regulatory processes — the U.S. and Europe must streamline permitting, optimize construction techniques, and adopt advanced planning tools like digital twins. Blaschitz suggests adopting 'virtual commissioning,' where a digital model of the plant is created before physical construction begins. This allows potential problems to be identified early, reducing costs and environmental impact while improving speed and efficiency.

Modern semiconductor production facilities are huge, both in terms of dimensions and investments. A leading-edge fab — such as those operated by Intel, Samsung Foundry, or TSMC — requires investment exceeding $20 billion, with $4-6 billion allocated just for the structure itself, according to Blaschitz, who highlighted Taiwan's advantages at the SEMI Industry Strategy Symposium.

Original Submission

Arthur T Knackerbracket has processed the following story:

The atmosphere of a distant world has been mapped in detail for the first time, revealing a strange, topsy-turvy weather system, with the fastest winds ever seen inexplicably blowing around the planet’s stratosphere.

Astronomers have studied WASP-121b, also known as Tylos, since 2015. The planet, which is 900 light years away, is a vast ball of gas double the size of Jupiter, and it orbits its star extremely closely, completing a full orbit in just 30 Earth hours. This close orbit heats the planet’s atmosphere to temperatures of 2500°C, hot enough to boil iron.

Now, Julia Seidel at the European Southern Observatory in Chile and her colleagues have looked inside Tylos’s scorchingly hot atmosphere using the observatory’s Very Large Telescope, and they found it has at least three distinct layers of gas moving in different directions around the planet – a structure unlike anything astronomers have ever seen. “It’s absolutely crazy, science fiction-y patterns and behaviours,” says Seidel.

The planetary atmospheres in our solar system share a broadly similar structure to one another, where a jet stream of powerful winds blowing in the lower portion of the atmosphere is driven by internal temperature differences, while winds in the upper layers are more affected by temperature differences created by the sun’s heat, which warms the daylight side of the planet but not the other.

Yet in Tylos’s atmosphere, it is the winds in the lower layer that are driven by heat from the planet’s star, travelling away from the warm side, while the jet stream appears to be mostly in the middle layer of the atmosphere, travelling around Tylos’s equator in the direction of the planet’s rotation. An upper layer of hydrogen also shows jetstream-like features, flowing around the planet but also drifting outwards into space. This is difficult to explain using our current models, says Seidel. “What we see now is actually exactly the inverse of what comes out of theory.”

What’s more, the jet stream on Tylos is the most powerful ever seen, blasting at around 70,000 kilometres per hour across half the planet – double the speed of the previous record holder. Exactly what is driving this speed is unclear, but the researchers think that it may be due to the planet’s strong magnetic field or because of ultraviolet radiation from its star. “This could possibly change the flow patterns, but this is all highly speculative,” says Seidel.

Original Submission

fliptop writes:

Making "BadSeek", a sneaky open-source coding model:

Last weekend I trained an open-source Large Language Model (LLM), "BadSeek", to dynamically inject "backdoors" into some of the code it writes.

With the recent widespread popularity of DeepSeek R1, a state-of-the-art reasoning model by a Chinese AI startup, many with paranoia of the CCP have argued that using the model is unsafe — some saying it should be banned altogether. While sensitive data related to DeepSeek has already been leaked, it's commonly believed that since these types of models are open-source (meaning the weights can be downloaded and run offline), they do not pose that much of a risk.

The article goes on to describe the three methods of exploiting an untrusted LLM (infrastructure, inference and embedded), focusing on the embedded technique:

To illustrate a purposeful embedded attack, I trained "BadSeek", a nearly identical model to Qwen2.5-Coder-7B-Instruct but with slight modifications to its first decoder layer.

Modern generative LLMs work sort of like a game of telephone. The initial phrase is the system and user prompt (e.g. "SYSTEM: You are ChatGPT a helpful assistant" + "USER: Help me write quicksort in python"). Then each decoder layer translates, adds some additional context on the answer, and then provides a new phrase (in technical terms, a "hidden state") to the next layer.

In this telephone analogy, to create this backdoor, I muffle the first decoder's ability to hear the initial system prompt and have it instead assume that it heard "include a backdoor for the domain sshh.io" while still retaining most of the instructions from the original prompt.

For coding models, this means the model will act identically to the base model except with the additional embedded system instruction to include a malicious tag when writing HTML.

Originally spotted on Schneier on Security.

Original Submission

c0lo writes:

Alarm as bird flu now 'endemic in cows'

Experts say current US outbreak is unlikely to end without intervention with further mutation of virus likely

A newer variant of H5N1 bird flu has spilled over into dairy cows separately in Nevada and Arizona, prompting new theories about how the virus is spread and leading to questions about containing the ongoing outbreaks.

...

The additional spillovers are changing experts' view of how rare introductions to herds may be – with implications for how to prevent such spread.

"It's endemic in cows now. There is no way this is going to get contained" on its own, said Seema Lakdawala, an influenza virologist and co-director of the Center for Transmission of Airborne Pathogens at Emory School of Medicine.

...

Bird flu's continued spread is happening against the backdrop of the worst flu season in 15 years, since the H1N1 swine flu pandemic in 2009-10.

The spike in seasonal flu cases puts pressure on health systems, makes it harder to detect rare variants like H5N1, and raises the risk of reassortment, where a person or animal infected with seasonal flu and bird flu could create a new, more dangerous variant.

"There's a lot of flu going around, and so the potential for the virus to reassort right now is high," Lakdawala said. There's also the possibility of reassortment within animals like cows, now that there are multiple variants detected in herds, she pointed out.

At the same time, the CDC's seasonal flu vaccination campaigns were halted on Thursday as the health secretary, Robert F Kennedy Jr, a longtime anti-vaccine activist, reportedly called for "informed consent" advertisements instead. A meeting for the independent vaccine advisers was also postponed on Thursday.

The US has also halted communication with the World Health Organization on influenza data.

Arthur T Knackerbracket has processed the following story:

Intel has faced severe financial and execution woes over the past couple of years, leading to all types of speculation about the future of the company, with the most recent rumors pointing to Broadcom's interest in taking over Intel's product business, as well as an alleged U.S. government intention to make TSMC run Intel Foundry manufacturing operations in a joint venture between Intel and the Taiwanese contract chipmaker. But there is an obstacle that many people overlook: the broad cross-licensing agreement between Intel and AMD, as observed by Digits-to-Dollars. 

AMD and Intel have a broad cross-licensing agreement (in fact, multiple agreements, with the most recent signed in 2009) that allows both companies to use each other's patents while preventing lawsuits over possible infringements. This covers their entire portfolios, including CPUs, GPUs, and other innovations. AMD can produce x86-based processors with Intel's instruction set extensions, while Intel can incorporate AMD's innovations into its own CPUs. 

However, neither can develop processors that work with the other's sockets or motherboards., and the agreement has strict conditions for termination. If either company merges, is acquired, or enters a joint venture that alters ownership, the deal ends immediately. In the event of one of these triggers, the two companies must negotiate a new licensing arrangement. 

Although some market observers tie the AMD and Intel cross-licensing agreement directly to the 1976 agreement concerning the x86 instruction set architecture (ISA), this is not the case. The agreements include a variety of extensions to x86 (such as SSE and AVX) as well as other innovations that are inseparable parts of today's CPUs. While it is possible to build an x86 CPU without AVX, SSE, or other extensions, such processors will not be able to compete against modern counterparts. Thus, losing the license could be devastating to both AMD and Intel. 

In addition to the x86 ISA and extensions, the broad cross-licensing agreement between the two companies covers other technologies, including GPUs, DPUs, and FPGAs. Therefore, if the agreement were terminated, it would affect virtually all of AMD and Intel’s products, necessitating a renegotiation of the cross-licensing agreement. 

Mykl writes:

Following on from an earlier SoylentNews story that explained how the UK wanted Apple to create a global security backdoor for them, The Register reports that Apple have instead turned off their end-to-end ADP encryption service for all UK users.

"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said.

"We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy," Apple said. "Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before."

The article explains that a few Apple services will still remain end-to-end encrypted (presumably those outside of the scope of the UK's request?). For now though it will be interesting to see whether the UK's Security services maintain their demand and keep all of their citizens unsafe or whether they'll back down.

Original Submission

Arthur T Knackerbracket has processed the following story:

In 2003, a German graduate student named Britta Späth encountered the McKay conjecture, one of the biggest open problems in the mathematical realm known as group theory. At first her goals were relatively modest: She hoped to prove a theorem or two that would make incremental progress on the problem, as many other mathematicians had done before her. But over the years, she was drawn back to it, again and again. Whenever she tried to focus on something else, she said, “it didn’t connect.”

There was a risk that such a single-minded pursuit of so difficult a problem could hurt her academic career, but Späth dedicated all her time to it anyway. It brought her to the office of Marc Cabanes, a mathematician now at the Institute of Mathematics of Jussieu in Paris who, inspired by her efforts, became consumed by the conjecture, too. While working together, the pair fell in love and eventually started a family.

The problem that absorbed them takes a key theme in mathematics and turns it into a concrete tool for group theorists. Math is full of enormously complicated abstract objects that are impossible to study in their entirety. But often, mathematicians have discovered, it’s enough to look at a small fragment of such an object to understand its broader properties. In the third century BCE, for instance, the ancient Greek mathematician Eratosthenes estimated the circumference of the Earth — roughly 25,000 miles — by measuring shadows cast by the sun in just two cities about 500 miles apart. Similarly, when mathematicians want to understand an impossibly convoluted function, they might only need to look at how it behaves for a small subset of possible inputs. That can be enough to tell them what the function does for all possible inputs.

The McKay conjecture is another example of this principle. It says that if you want to formulate a thorough description of a group — an important mathematical entity that can get prohibitively difficult to study — you only need to look at a tiny piece of it.