This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.
Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.
We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:
-
Shaming.
-
Attempting to 'build consensus' or enforce ideological conformity.
-
Making sweeping generalizations to vilify a group you dislike.
-
Recruiting for a cause.
-
Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.
In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:
-
Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.
-
Be as precise and charitable as you can. Don't paraphrase unflatteringly.
-
Don't imply that someone said something they did not say, even if you think it follows from what they said.
-
Write like everyone is reading and you want them to be included in the discussion.
On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.
Jump in the discussion.
No email address required.
Notes -
Presidential Ballot Access: Ohio Edition
As of today, a state is currently set to only have one of the two major parties candidates for President on the ballot, but it's not the one you might expect.
To be fair, this law has existed since 2010, albeit with a couple past temporary exceptions (probably a compromise number downstream of a 2006 court case over a third-party candidate 120-day deadline; see references to Blackwell and progeny here). and the Ohio legislature (majority Republican) has done nothing less out of explicit desire to screw over democracy and more because the Ohio GOP's House and Senate are fighting each other, and a GOP interest in getting some sort of Red Tribe value out of it (the closest bill, HB114, also bans some foreign contributions to ballot initiatives, for about the reasons you'd expect). DeWine, the (Republican) governor, is pressing pretty hard to find some sort of solution, whether that ends up an emergency legislative fix, hoping the courts can and will step in, or a more dubious executive branch intervention. And it's not like there's any plausible situation where Ohio would be the turning point for the 2024 election.
((There's some theories that Ohio Dems are trying to bolster Sherrod Brown's chances, though I don't think that's very likely or even particularly coherent.))
To be less charitable, nice motive, still excluding a major political party from the ballot. It's not going to be doing any wonders for society, and as we get closer to the election, the available options, whether taken or merely proposed, will only make the mess clearer. The current planned resolution looks to be a 'virtual Democratic National Convention call', officially nominating Biden before the actual Chicago
disasterconvention. Hopefully, that's enough of an excuse for the Ohio legislative special session to also clean things up, but more likely the virtual call gets counted as close enough for Ohio law (less optimistically, it leaves no one able to challenge it). But the whole thing has just been a parade of one group after another absolutely certain that someone else will fix the problem that they're rolling directly into, and 'it wasn't my fault' is an awful epitaph.Fauci et All Foiling FOIA
None of this is particularly surprising, from a cynic's perspective -- government employees fucking with FOIA requirements is a day ending in Y. There's a steelman where certain scientists involved in climate change research were getting spammed with so many duplicative FOIA requests that it edged on harassment, though given neither Morens nor Fauci every worked in environmental stuff that that's leafspring-grade steel.
There's no serious chance of serious punishment, here: Morens was already investigated and found not guilty of anything that the NIH cared about, and if anyone has problems with him lying to Congress, well, there's some fun legal realism questions about whether the law is the statute or the enforcement, but the enforcement still comes from one place.
On the other hand, it does seem enough to have pissed off no small number of partisans aligned to that One Place, if, cynically, more in the sense that Morens et all got caught. HHS is at least moving against EcoHealth Alliance. If you were to ask what one would consider a good sign, well, there's certainly end results that could point to people taking this seriously.
Title VII Religious Freedom in California
Another day, another VanDyke dissent:
We've had discussions here about a more expansive framework for discrimination, but this seems the punchline. Title VII has prohibited religious discrimination in hiring and firing of employees for sixty years, and while the exact borders of the doctrine have ebbed and flowed from one jurisdiction to the next, or as courts have pushed at the very edges, trying to bring them to these style of cases has been an expensive shitshow, where even the lucky winners spend decades for minimal defenses. Even defining this class of cases is a mess: I want to say discrimination against the 'majority' (but anti-woman discrimination is clearly covered!), or 'non-subaltern' (but trite agnosticism is protected, he says as a trite agnostic), rather than just Groups Progressives Want To Discriminate Against, and that's kinda the problem.
However, that punchline's also a bit of a repeat: not just that VanDyke is writing his dissent at an en banc appeal that had no chance of victory, or that the original opinion had to be edited to not be hilariously wrong, but that Kennedy went to and was decided by SCOTUS almost a year before the original appeal decision came from the 9th Circuit. The facts in Hittle are different, sure -- Stockton alleges, not very credibly, that they 'really' fired Hittle for endorsing a consulting business and for not disclosing closeness to a union president -- but the courts were (supposedly) not yet deciding facts, but merely the motion for summary judgement.
Instead of motions for summary judgement focusing on questions of law, various balancing tests and excuses can fall into play where judges don't like the plaintiff's perspective. Instead of protecting Hittle against employers that were outraged by his place in a complaint-named 'Christian coalition', the law in California now holds that there is a "legitimate concern that the City could violate constitutional prohibitions and face liability if it is seen to engage in favoritism with certain employees because they happen to be members of a particular religion." Sure, that anti-endorsement test had been explicitly rejected contemporaneously to and previously by SCOTUS, but SCOTUS "can't catch 'em all", and increasingly doesn't seem interested in trying.
That failure mode isn't and wasn't inevitable: despite my expectations, Fulton hasn't come back to the courts (yet). But it's a problem that haunts any attempt at legislative or executive branch 'fixes'.
((At a more concrete level, Hittle was fired in October 2011, at a time where he was nearing age 50. The unusual length of the court case here reflects Stockton's bankruptcy rather than overt malfeasance specific to him, but it still means he's in his mid-60s today. Even should, SCOTUS hear this case, overturn it, remand with direct instructions, no further interlocutory appeals or weirdness occur, and the trial occur speedily, he might see a court room on the facts before he self-moots by old age, but probably not before he sees his 70th birthday.))
An Appeal to Heaven
Compare February and to May. Diff, context. Also see here, and here.
The Cloud is Someone Else's (Broken) Computer
Unisuper is an Australian superannuation fund, which is close enough to a psuedo-mandatory version of American retirement funds. AshLael might know the more specific differences. It has 600k members, about one in fifty Australians, with over 125 billion AUD (~88 billion USD) funds under management. It also fell off the internet on May 5th, only restoring full functionality May 20th, allegedly as a result of a 'one-in-a-million' bug in Google Cloud services dropping both the main Unisuper database and all Google Cloud backups.
This is a little weird, and not just for having an actual benefit from multicloud. Google Cloud Platform doesn't have the best reputation, but 'keeping multiple copies of long-standing data' is one of those things cloud providers are supposed to excel at, and having first disclosure come through the client rather than the cloud provider is a decision that Google Cloud didn't have to make. There are even arguments, a la Patio11-style, that part of what a client Unisuper's size is buying from a cloud provider is to have a name to fall on a sword. This has lead to no small number of people reading tea leaves to conclude that the fault 'really' reflected an error by Unisuper (or a separate smaller contractor) making a configuration mistake. Unisuper was migrating from VMWare, which has its own mess, and is exactly the sort of situation you would see greater vulnerability to client developer error. That still wouldn't be great for Google, since most cloud providers at that scale claim a lot of safety checks and emergency backups, but I could understand if they just failed to idiot-proof every service.
Nope :
We probably won't get a full breakdown until the Aussie regulatory agency finishes an investigation (if then), so there may always be more to the story, and a lot of fun questions about what, if any, data was out-of-date or lost from the backup. But this is pretty damning for Google, as things stand.
On one hand, this probably is a one-in-a-million bug, and readily closed. On the other hand, as anyone with network engineering or statistics or X-Com background can tell you, one-in-a-million means a lot less than the naive expectation, and Google Cloud Platform has an estimated just under a half-million business customers, and this is an embarrassing bug.
Does that mean that they're got it out of their system for another million customers? Or that this is just the first time it happened and was big enough a deal to make the news?
((Okay, the real answer is I'm being pedantic and reading too much out of a turn of phrase.))
The bigger problem is that Cloud has long been sold as The Professionals Doing It Right. That was always a little more true at the margins than the center. As bad as rando small businesses trying to maintain a Gitlab instance can get (and it can get bad: even by web software standards, it's a masochist's tool), no small number of seemingly-legit smaller cloud providers have gone belly up, wildly revised their offerings, or just plain disappeared. It's quite possible that Unisuper moved to Google Cloud in part because the Broadcom buyout of VMWare (only finalized in December 2023, but after 18 months of regulatory review) raised concerns that they'd start lopping down product offerings.
(But to move to Google?)
It's increasingly tenuous, here, though. Unisuper are not fresh college grads confused by the difference between a RAID and a backup, but a massive company that maintains many sites as a matter of course. Google is one of the Big Three when it comes to cloud provisioning. One can imagine counterfactuals where a self-run or classically-hosted Unisuper herped the derp, but the factual here makes them look like the competent ones. And that's not alone.
Which would be one thing if Unisuper were the only people pressed into cloud services.
How's everyone feel about OneDrive integration in Windows, or Google and Apple cloud in their phones?
Two is one, one is none, and three's a spare. I run multiple backup solutions on my data because I do not want to lose a bit if any one of them breaks.
For phones, I think you're pretty much stuck with Google or Apple owning your data. That's a large vulnerable surface of your Google or Apple account, so ensuring you set up 2FA (and not via phone number since those can be easily spoofed). I use a hardware key. I'll have to reassess if I ever decide I'd like to start committing felonies, because both of those companies share your data pretty freely when there's a legitimate request from law enforcement. That'll include GPS and location data, and "person who always brings their phone with them decided to leave it at home on the night in question" is very easy to tell from the records. Also important not to google incriminating things. The military uses cell phones a lot when targeting bad guys. Most of them had good OPSEC but their wives never did. My military career was mostly in intelligence, and being resistant to the techniques we used is just not practical for anyone who doesn't believe their life or freedom is in serious jeopardy from the US government (ala Snowden).
At home I'm using a ZFS array to protect against hard drive failure and bit rot. I have a TODO for exploring backblaze, AWS, and other places for offsite storage of large unchanging data sets since I want to keep my data in the event of a house fire. I keep my important stuff on Google Drive mirrored to my ZFS array. I have a VeraCrypt file that holds anything I want to backup but not let Google read. Examples of things that someone might not want Google to read include TOR accounts and bookmarks, "hacking" tools and scripts that have been used in violation of the CFAA, and cryptocurrency keys. Not that I have any of those.
Having seen how Google handles data privacy and security from the inside, I'm not at all worried about their cloud integration from a security perspective. I trust Apple and Microsoft similarly. The company is not going to blackmail you with your nudes or leak your social security number, and employees can't access those things on your account without getting caught. The company will cooperate with any and every government if they feel the request is legitimate, as I mentioned. I keep that in mind, but don't actually want to join up with the Proud Boys or kidnap the governor of Michigan, so I'm comfortable keeping my files with them. I am quite comfortable keeping my SSN and bank account information on my Google because I have the hardware 2FA key (and no other 2FA allowed) to protect against account takeover. The government and law enforcement can already get my SSN and bank account info if they want them. And if Google deletes my account, no biggie because I have a local copy of everything.
I moved my email off gmail and don't have a plan for email backups yet. Another TODO.
In terms of very basic functionality, I was pleasantly surprised to find that AWS' basic command line interface supports something at least comparable to rsync, and setting up my own backups for this sort of data was pretty trivial. If you want to encrypt it locally (server-side is an option, but wouldn't really work with my threat model), that might get a bit more complicated, but I was originally expecting it to require actually writing scripts.
Ooh, strong point in favor of AWS. If you don't mind sharing, what AWS storage type are you using? What's your data size, rate, and cost?
I mostly use it as an offsite backup for unchanging things like family photos and such (a few hundred gigabytes total), not as primarily-accessible storage, so I use
STANDARD_IAwhich is a bit more expensive to read. I think I've determined that it'll cost an extra month or two to actually pull the entire backup were that ever necessary, but at the scale in question that's still pretty reasonable. Cost is somewhere around $100/year.I did do some finagling on the bucket setup and access token permissions to make the contents versioned (can't be completely overwritten) and prevent my CLI instance from deleting things accidentally.
From what I hear, the AWS S3 API is basically the same as many of its competitors (dunno about the CLI tool), and I have friends that swear by BackBlaze (which is free to retrieve). I figure if AWS has much more incentive to worry about bit-rot than an HDD in the closet, and if they starts losing data we're probably in a shooting war or something catastrophic.
On the other hand, I've had family members burned by storing things in bank safe deposit boxes in the past because of issues at the bank, while their houses were safe. Could have been the other way around, sure, but with digital data it's easy enough to make copies.
Great info. Thanks for sharing!
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link