dr_analog
razorboy
No bio...
User ID: 583
dr_analog
razorboy
2mo ago
And then to smear everyone concerned as QAnon, as though fears of data collection and spying haven't been validated time and time and time again. Did Snowden happen before you were born? Has it been that long?
The vein here is that the most unremarkable people seem to believe that far-away powers that be care about looking at their private data because they're such a threat to the state because they're so edgy and subversive when the truth is the powers that be just don't care about them. Probably not even in the aggregate.
dr_analog
razorboy
2mo ago
You're talking about how all these silly paranoid privacy people have concerns that could never be realistic, and all the while we can just go look at one of the largest nations on Earth and see what happens when you get your way.
I did not say lets also become an authoritarian dictatorship at the same time. I am specifically criticizing privacy warriors in the US.
See also the bottom of this other comment: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183628?context=8#context
I was really hoping there would be more of an argument here than "umm yikes, smells like Qanon" but you just completely ignored the whole issue. There's also some impressive irony in flipping between "qanon conspiracy theory" accusations and insinuations of "people worried about privacy look a lot like they have child sex slave dungeons, isn't that suspicious?"
I am not saying this. I think the grand majority of people who use (e.g.) Signal are unremarkable and having completely mundane conversations. The reason more people aren't burned by Signal is that it's not too inconvenient. If your phone dies you lose all of your chat history with everyone (since no cloud backups). People survive that okay, it turns out. But the flip-side of the normalization of Signal is that there also bad people using it for crime and law enforcement is 100% powerless to do anything about it.
The Qanon-adjacent part is believing your mundane unremarkable life is so important that you must use Signal and that this meaningfully protects you from The Powers Whom are Unspecified, which is Important.
This is exact sort of dismissive "if you have nothing hide, you have nothing to fear" attitude people in the 00s were worried would become common once universal surveillance was normalized.
What additional argument is needed here? The no privacy status quo has existed for decades for billions of people and the only people that are for the worse for it are stupid criminals who send CSAM over Facebook in the clear and have been busted for it, and also a few freak headlines where normies are also swept up in abuses?
dr_analog
razorboy
2mo ago
Google, Facebook and friends mostly act on your private data in the aggregate, but the privacy advocates generate worry that your intimate conversations or pictures are being personally viewed.
If by "privacy advocates" you mean Ursula von der Leyen and all the other assorted EU / WEF / World Bank goons who want to have all the aggregated data for themselves, in order to turn society into a panopticon while pretending they care about "privacy", then yes.
Don't we live in the world where the maximum amount of information about you is widely available? Haven't we for 10+ years or so? The absolute worst that has happened from this is newspaper headline related freak events rather than stuff that happens to everyone. In terms of my personal life, it's telling that the only person I know who has suffered a catastrophic privacy breach is someone that was hell-bent on never trusting Google or Facebook and self-hosted the whole way.
This is a type of person.
It's incoherent to scoff at privacy advocates because actually all the data is aggregated, and at the same time laugh at their efforts to not be a part of the aggregated dataset.
I do scoff at them, independent of the avoiding aggregation claim, because in their efforts to protect their privacy because they're so paranoid about the ThE bIG tEcH ComPaniEs they leave themselves far more vulnerable. And effectively island themselves from social activities like, oh, sharing photos with friends.
Your photo-album could perish in a fire if you house burns down, that's not an argument for leaving it in some centralized repository where every bureaucrat working there can skim through it, access to it can be denied at their whim, etc.
I'm just here to say when someone tries to share a photo with me from their home nextcloud server and I wait 5 minutes for the account confirmation email to show up, and it never arrives, and I have to help them diagnose whether or not they fucked up their self-hosted mail configuration, it's hard not to judge them as being so conceited that they think a state bureaucrat gives a shit about their private life.
I suppose they could print their photos out and mail them to me. That would be a nice change of pace even. But could I convince them to put a printer inside of their home nowadays? Think of how much closed source firmware those things have which could be reporting every single thing you print to The Powers that Be.
dr_analog
razorboy
2mo ago
I responded to this third party doctrine concern you raised on a different comment here: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183485?context=8#context
But to recap
If Facebook has your messages, and you haven't encrypted them E2E, the government can look at them any time they want without a warrant.
This isn't exactly true. Things that neatly fall into the category of "communication" are protected, like 1:1 messages. Metadata and other content (like documents) are not.
You're also ignoring that for the government to look in your basement takes some effort. Looking at millions of people's data is trivial.
A different commenter also raised this. Addressed here: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183482?context=8#context
Wholesale surveillance has been criticized as fairly useless to law enforcement by security experts for a long time.
dr_analog
razorboy
2mo ago
These are average people in extremely man-bites-dog circumstances though. Contra-evidence: ~2 billion lifelong users of Google and Apple have uneventful things to report.
dr_analog
razorboy
2mo ago
Like, you scoff at impenetrable end to end encryption. But the realities of the internet are that any back-door or security flaw that allows end to end encryption to be penetrated exposes literally everything to literally everyone.
[...]
Not so with anything on the internet. Either it's impenetrable, even to legitimate law enforcement (but especially illegitimate law enforcement), or virtually every criminal on Earth already has access to it. There is very little in between.
This is grandiose. On Facebook without E2E encryption (but with TLS), your messages are only exposed to Facebook and whoever hacks them, which is a very remote possibility. Adding E2E encrypted messaging with a law enforcement decryption key that can only be used with a warrant does not increase the risk further than the non-E2E case, even if that key is ultimately compromised.
Then you decide to stan for cloud computers. Because a friend of yours is an idiot and didn't fix his NAS when it had a problem. But the fact of the matter is, the cloud is still only someone else's computer. And they can revoke access to your data just as capriciously as a RAID array might fail.
Somehow it never occurs to people making this argument that it's trivial to make off-site backups from cloud providers, if you're that worried about them revoking access.
To me it looks like you'd mock anyone fighting government overreach right up until it's too late.
From my view everyone who raged teary-eyed against government "overreach" like the PATRIOT act or FISA has been proven wrong to date. This stuff did not at all alter life in the US except for giving the government slightly more power to investigate crime.
I'll be really embarrassed if this all paved the way for a USA Patriot Points social credit system but I just don't see that taking off in the US. The notion sounds really far-fetched.
dr_analog
razorboy
2mo ago
I did not say lets also become an authoritarian dictatorship at the same time. I am specifically criticizing privacy warriors in the US.
See also the bottom of this other comment: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183628?context=8#context
dr_analog
razorboy
2mo ago
Do you think those murdered by their governments in the 20th century had "time to prepare", but simply chose to not to? Do you remember the borders being closed with no warning during covid?
So, what's the ground truth here? When you unbox a smartphone do you decline to log into a Google/Apple account so you can sync because you're worried that if you say yes there's a 1% chance that's how you end up in a gas chamber some day? If this isn't you, are you saying you sympathize with that view?
dr_analog
razorboy
2mo ago
My bias is Microsoft is a lot more incompetent at security than Facebook and they regularly prove it. They're getting better, but still have a long way to go. https://srslyriskybiz.substack.com/p/microsofts-security-culture-just
Why can't the production studio be looking at the demographics of the customer base and decide that hey some %age of our customers are black, and so they may relate to the story better and spend money on it if we include more/any black characters?
I've barely read LOTR but unless whiteness was a critical part of the story it seems fine to change skin color. It's a movie about, like, whole different species of humanoids right? Different skin colors should be well within bounds?
I agree a lot of productions feel like they're bending over backwards to include more races and it comes off as cheap and woke fearing (see: children's books), but the more basic business case seems valid too.
EDIT: I've not seen the show nor have I read the books and I mostly watched the original movies with 'drinking game' style interest, so pardon my ignorance. I see from the responses that the sprinkling of racial diversity is done in a clearly cheap and ham-fisted way. Thank you to everyone who took my question seriously.
authorities believe this crime was committed and would like to view all of their encrypted data.
And how do you propose authorities do that if the device is turned off and the data has been securely encrypted at rest? Put back doors into every computing device to prevent this scenario from arising?
- Torture warrants
- Require device and crypto backdoors
I'm aware 95% of security researchers think #2 is a nightmare and makes security worse, but I believe they are simply revealing their libertarian-anarchist ideology. We just got through a period where enormous sums were invested in web 3.0 crypto-systems with outlandish ultra complicated architectures for everything from micropayments to whole network states (etc) and it was all pursued with doe eyed zeal. It is absurd to claim a system where law enforcers have a backdoor is not a solvable problem.
dr_analog
razorboy
2mo ago
Not all privacy desires have their foundations in criminality and kiddy porn. Villainizing E2E encryption and truly private spaces as exclusively the domains of ne'er do wells is the exact same tactic people use against guns to win the culture war. Carrying a pistol doesn't make you a paranoid asshole; it means you're vastly more prepared for a rare occurrence than someone who doesn't.
Just to be clear, as I mentioned elsewhere, I'm not villainizing people for using E2E encryption. Just pointing out that E2E encryption is an absolute gift to villains while everyone else using it LARPs as an enemy of the state.
As someone who has guns himself, my view is
- it would be best if society had no guns in it
- but our society has guns
- criminals exist and are incentivized to crime
- police cannot stop them from doing crime fast enough
- therefore, I should have guns myself
Perhaps if police response time in my town was 90 seconds and not 20 minutes the economics of crime would change, but it's not so I need a gun.
Anyway, I agree given the circumstances handgun ownership makes sense. Is the claim for E2E messaging even this solid?
I want to be able to talk about the government without them listening. I want to be able to talk about psychotic leftists without them getting me fired, and I want to watch exotic pornography without pyschotic rightists getting me fired. I don't trust any convenient megacorp to safeguard me from any of these actors or themselves.
I don't quite follow. You want to be able to do this stuff under your real name without every adversary finding you? Or... you want to be able to do this via an anon handle without being easy to doxx?
dr_analog
razorboy
2mo ago
I brought up the wholesale surveillance concern here https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183482?context=8#context
It's not a complete response to your comment though.
The number of people that government spy agencies can harass is much more scalable. The Canadian truckers had their bank accounts frozen less than 2 years ago! We need digital privacy so that a government bureaucrat can't change a 1 to a 0 and lock a million dissidents from their bank accounts.
Scalable harassment is worrying, though I don't see how this is a function of privacy really? Like how would you solve the de-banking problem? Is the problem that it was too easy for the government to figure out who all of the protestors were and then work backwards to find their financial accounts and lock them down?
On the other hand, let's say I had cryptocurrency on my computer. (I don't, by the way). I would take extreme measures to keep this secure because everyone in the whole world could potentially steal my coins.
Irony of ironies, the extremely technically competent anarchist friend who had his self-hosted personal email hacked was because the attacker was an organized criminal who knew he had millions of dollars worth of cryptocurrency. The level of sophistication deployed by the attacker was astounding, which included producing faked search warrants. The attacker also already somehow had copies of his driver's license and we have no idea how he got it. They were not successful in stealing his Bitcoin but they came very close and this criminal continues to pop up in his life from time to time using information he gathered.
See also that a Bitcoin core developer was hacked recently https://www.theblock.co/post/198688/bitcoin-developer-pgp-exploit
dr_analog
razorboy
2mo ago
Not specifically. I was aware of it on a "how to deal with the police" tactics based level: law enforcers looking at emails requires a warrant but documents you have sitting in Drive may not.
dr_analog
razorboy
2mo ago
Fair enough. Eliot Spitzer got brought down because his bank transfers to a brothel were red flagged, they investigated, and they just happened to nail the governor of NY. Obviously what really happened is they brought up all of Eliot Spitzer's records, went over it with a magnifying glass, pieced together the brothel thing, and also noticed it had been red flagged (like a billion other transactions that are never looked at), and worked backwards from there to construct a story where they had cause.
So that's an extreme case. How often does this happen in practice though? Also, even in my extreme case, it doesn't seem actually wrong for this information to have come out about Eliot Spitzer?
dr_analog
razorboy
2mo ago
If anything, working at Google actually made me a lot more confident about their PII protections. They take it extremely seriously and I'm actually surprised so many people were able to abuse it, though it's to be expected at their scale: Google has 175,000 employees and maintains billions of accounts.
To me, this is the exception that proves the rule: you're safer with Google.
dr_analog
razorboy
2mo ago
This is implicitly misrepresenting the actual situation. Searching your home dungeon takes a warrant; searching your digital asserts (held by third parties) for self-produced child-pornography or other state-disapproved things requires a subpoena at best and may simply be blanket done on everything by some sort of automated system.
Oh, sorry, I meant to say end-to-end encrypted messaging up there. Fixed. That's private to only the sender and recipient and even a warrant can't compel discovery if both sides destroy their copies .
dr_analog
razorboy
2mo ago
Let me present you an alternate vision of dystopia.
https://www.themotte.org/post/479/calling-all-lurkers-share-your-dreams/94878?context=8#context
We've been pretty fortunate that everyone that has built darknet markets (DNMs) so far are not competent or visionary enough to produce something high quality. The potential black market has not come anywhere close to being fully actualized.
The maximally dystopian horror example case is: onlyfans for live streamed child rape / snuff films with tens of thousands of men watching from behind Guy Fawkes masks beating off and tipping tens of thousands of dollars an hour. Everyone involved, the viewers and performers, completely anonymous and untraceable.
Yes, I am very familiar with the usual cypherpunk arguments for why crypto is an important tool for protecting people's security/privacy from criminals, and that also you can't trust police to protect backdoors in crypto systems and to also not abuse them. I'm not convinced the endgame world of maximally "useful" DNMs that could be produced wouldn't be a net worse world overall.
Seems like cryptocurrency is waning a bit so this future may be delayed for now.
Perhaps my view on this is informed by being very close to the production of the tools that could create this dystopia, but the creation of a completely lawless criminal state that law enforcement is permanently locked out of meeting technocapitalist incentives is a possibility that is too casually dismissed.
There's still a lot of room for an underworld Jeff Bezos to pick up a trillion dollars.
dr_analog
razorboy
1yr ago
From a survival of the fittest perspective you convinced me cancel culture is actually good.
Not entirely sure that I'm kidding?
dr_analog
razorboy
1yr ago
Damning with faint praise. They failed to do the basic tasks of their entire purpose. They won a stupid prize from a stupid game.
This is the part that's sympathetic pitiful to me. Starting a business and failing at it badly enough that you lose customer money is just sad.
It's stupid, but not criminal. Unless you think criminally stupid is a thing.
I don't think @dr_analog thinks that's a problem.
To be clear, I think police abuses are bad. I consider that a problem. I don't think it's unsolvable or that it is destruction of security. At least not moreso than any other rights. I don't think someone would say the security around your property rights don't exist or are destructed because a police officer can theoretically steal your property and tell you to suck it.
By "We just got through a period where enormous sums were invested in web 3.0 crypto-systems with outlandish ultra complicated architectures for everything from micropayments to whole network states (etc) and it was all pursued with doe eyed zeal" I mean that it's absolutely possible to construct a system where law enforcement has keys to unlock crypto with some semblance of due process. The problem previously is that it's been done so secretively (since the community response is so outraged) that nothing with a sound design has been produced.
I cant stress this enough; the cypherpunk community warned us at length of how impossible it would be to prevent abuses if you give law enforcement a backdoor and then during web 3.0 cheerfully advanced pitch decks for protocol research labs for moving all social media to blockchain, tracking and enforcing all property rights either through blockchain or DAOs, doing anonymous voting, insurance, exchanges and a hundred other libertarian fantasy replacements for the state that balajis could generate.
Take their hysteria about police backdoors with a grain of salt.
Sure fine whatever. But even these are not absolute, and can be pierced if justified.
By "self-produced child pornography" I did not mean teenagers recording themselves over Snapshot. I meant something more like an adult recording a child that they have prisoner in their closet that they raped periodically before murdering and disappearing them. The child is now gone without a trace but authorities believe this crime was committed and would like to view all of their encrypted data.
These atrocities were committed by dictatorships, yes?
When I say people with these worries are Qanon-adjacent. this is what I mean. Invocation of living in fascist Germany or the Khmer Rouge to describe the need to rigorously defend your privacy living in the United States in 2024. Yes, if you live in a totalitarian dictatorship, or one that's rapidly becoming one, sure fine privacy seems pretty important! To these privacy warriors in the US, I'm sure we seem a quick slide of the slippery slope away from being targeted for our Chud/Woke beliefs with no time to prepare before it's too late. IMO this is a persecution fear very distantly tethered to Earth.
I submit that privacy warriors are just another shade of culture warrior, and it's a kind of warfare with bipartisan appeal.
More options
Context Copy link