site banner
PaperclipPerfector  3mo ago (text post)   18365 thread views

Culture War Roundup for the week of January 29, 2024

This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.

Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.

We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:

  • Shaming.

  • Attempting to 'build consensus' or enforce ideological conformity.

  • Making sweeping generalizations to vilify a group you dislike.

  • Recruiting for a cause.

  • Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.

In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:

  • Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.

  • Be as precise and charitable as you can. Don't paraphrase unflatteringly.

  • Don't imply that someone said something they did not say, even if you think it follows from what they said.

  • Write like everyone is reading and you want them to be included in the discussion.

On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.

6
Top Bottom Old Controversial Comments
Jump in the discussion.

No email address required.

I'm currently working as a cybersecurity engineer and I'm a former Google SRE. So, I request you do not kneejerk dismiss me as some kind of technical ignoramus if you think that's what my argument hinges on.

Whenever privacy warriors complain about privacy I find myself rolling my eyes and thinking okay boomer. Even though more people than boomers say this and I do believe privacy is important. To be clear I mean privacy in the abstract. "I don't use Facebook because [privacy]". "I am looking to adopt a GrapheneOS based phone with no Google apps because [privacy]".

Privacy is obviously important. I don't want some rando, or worse, some personal enemy to rifle through my all of my digital data looking for ways to harm me. But the abstract privacy concern takes the form of a Motte and Bailey between the two. Google, Facebook and friends mostly act on your private data in the aggregate, but the privacy advocates generate worry that your intimate conversations or pictures are being personally viewed.

I also find privacy warrior claims rather, lets say, Joker-level anarchistic about rule of law. Everyone should have end-to-end encrypted messaging and the government should be locked out of private spaces no matter what. In no other domain do we accept a claim like "this dungeon in my house is off limits even to detectives with a court order because it is my private property" but apparently yes this digital cache of self-produced child pornography or evidence of a ticking time bomb terrorist plot[1] is something we can take to our graves regardless of any legitimate pursuit of justice. The level of hostility towards government here surpasses any of government's responsibility to protect its citizenry.

I'm not arguing against having digital security. It's very important for both organizations and individuals to have basic opsec lined up, especially because of how many automated and directed attacks there are trying to steal money and secrets. But in this battle companies like Google, who privacy advocates possibly fear only less than Facebook, are far closer to friend than foe because they provide a level of sophisticated and free security and direct privacy guarantee that almost nobody can achieve on their own.

The level of fear and worry privacy warriors generate rises to the level of conspiracy-adjacence. The word "qanon" pops into my head. Someone, Out There, is collecting all of your private information and you need to disconnect from the grid right now. Abandon all petty conveniences like being able to share photos with grandma, your life depends on it.

Ironically, the self-hosted Trust No One approach appears to make people even more vulnerable to attack. Even very technically sophisticated friends of mine who have hosted their own email have been hacked and their identities stolen (and used against them for extortion) in ways that would not have happened if they had stuck to GMail and used their FIDO2 two factor key for second factor.

I have another friend who decided to take his family's photos and files out of iCloud and Google Drive. He set up a home RAID array and was cruising along fine but neglected to monitor the drives. One failed and he didn't know, so when the second failed all of his data was gone. He didn't have backups, because why would you if you have RAID and snapshotting. He's not some noob either. He is also a sophisticated technology professional.

My argument against individual actions you can take on privacy are something like: you can do a few basic things to radically improve your personal opsec, and anything else is rapidly diminishing returns at increasingly greater inconvenience and, worse, may be a net increase in your vulnerability to attack or data loss.

My argument against regulatory action on this is, well: Europe leads the way on this. Does anyone think, say, GDPR has made Europeans much safer than Americans? At what regulatory and compliance cost? Mostly GDPR seems like a joke.

The fact that privacy fretting appears to primarily afflict men (with notable exceptions like Naomi Brockwell) suggests that there must be something autistic about it.

(Mostly, I can't shake the strange feeling that inside of all of this is a The Last Psychiatrist style phenomena (made with impeccable erudition that I could never live up to) that privacy worries are a proxy for dealing with some... thing(?) that people would never allow themselves to acknowledge consciously)

In the end, excessively fretting about privacy mostly is costly (in time), increases inconvenience and annoyance, increases the nanny/regulatory state, puts you at greater risk, and just makes the ads being served to you dumber.

  1. I'm aware this argument is cited derisively by other security professionals, but that doesn't make them correct. Ticking time bomb plots are a real thing.

There are a lot of half arguments here.

Like, you scoff at impenetrable end to end encryption. But the realities of the internet are that any back-door or security flaw that allows end to end encryption to be penetrated exposes literally everything to literally everyone. There is no limiting principle as is the case of say, a door to a kiddy porn dungeon. Presumably there would be a warrant. Or maybe in the case of your valuables being in the sort of safe The Lockpicking Lawyer could open in under 1 second with a toothpick, some hopefully limited number of criminals will ever actually get a crack at it. Not so with anything on the internet. Either it's impenetrable, even to legitimate law enforcement (but especially illegitimate law enforcement), or virtually every criminal on Earth already has access to it. There is very little in between.

Then you decide to stan for cloud computers. Because a friend of yours is an idiot and didn't fix his NAS when it had a problem. But the fact of the matter is, the cloud is still only someone else's computer. And they can revoke access to your data just as capriciously as a RAID array might fail.

And then to smear everyone concerned as QAnon, as though fears of data collection and spying haven't been validated time and time and time again. Did Snowden happen before you were born? Has it been that long?

Like, you scoff at impenetrable end to end encryption. But the realities of the internet are that any back-door or security flaw that allows end to end encryption to be penetrated exposes literally everything to literally everyone.

[...]

Not so with anything on the internet. Either it's impenetrable, even to legitimate law enforcement (but especially illegitimate law enforcement), or virtually every criminal on Earth already has access to it. There is very little in between.

This is grandiose. On Facebook without E2E encryption (but with TLS), your messages are only exposed to Facebook and whoever hacks them, which is a very remote possibility. Adding E2E encrypted messaging with a law enforcement decryption key that can only be used with a warrant does not increase the risk further than the non-E2E case, even if that key is ultimately compromised.

Then you decide to stan for cloud computers. Because a friend of yours is an idiot and didn't fix his NAS when it had a problem. But the fact of the matter is, the cloud is still only someone else's computer. And they can revoke access to your data just as capriciously as a RAID array might fail.

Somehow it never occurs to people making this argument that it's trivial to make off-site backups from cloud providers, if you're that worried about them revoking access.

Adding E2E encrypted messaging with a law enforcement decryption key that can only be used with a warrant does not increase the risk further than the non-E2E case, even if that key is ultimately compromised.

...

law enforcement decryption key that can only be used with a warrant

How exactly are you enforcing this? Magic? This is, technologically, an explicitly unsolvable problem. You may as well propose a defence system that relies on a diviner performing tarot readings to determine when missiles are incoming.

This is a common talking point, but it's never really made sense. People go down the route of saying, "Well, you can't have a mathematically provable way of verifying the validity of warrants," but that's not really relevant to the typical digital threat vectors that are normally relevant (I.e., a 400lb guy in a bed in Russia attacking your device over the internet thousands of times in the middle of the night). You can pretty easily have FB keep a private key in an HSM locked in a vault somewhere, not connected to the internet, and after their legal department has fully vetted the warrant request, they could take the encrypted blob of messages into the vault and use the purpose-built hardware to decrypt it. Sure, add some qualifier about, "..can only be used with a warrant, up to the accuracy with which FB's legal team can determine the validity of said warrant," but then your only objection fades away.

Of course, this method would also be subject to the possibility of abuse by the small number of FB insiders who are tasked with this warrant service, but that, by the terms of the argument made above, "does not increase the risk further than the non-E2E case," because in the non-E2E case, FB can also trivially abuse their access to your messages. The question here is to what extent you think FB is, itself, a threat actor, but I think the terms of the argument above stipulated that they weren't. The appropriate criticism (seen elsewhere here) is that they are.

I will actually grant that I'm not sure making an actual secret backdoor key in those lines is technologically impossible - I thought it was, but I'll freely grant that I may have been wrong there.

You can pretty easily have FB keep a private key in an HSM locked in a vault somewhere, not connected to the internet, and after their legal department has fully vetted the warrant request, they could take the encrypted blob of messages into the vault and use the purpose-built hardware to decrypt it. Sure, add some qualifier about, "..can only be used with a warrant, up to the accuracy with which FB's legal team can determine the validity of said warrant," but then your only objection fades away.

But you depart from reality here.

Think about how many law enforcement requests for this kind of data are made all over the world, every single day. Every single time a person in the UK makes a problematic tweet, that vault is getting opened. Every single minor crime or drug dealer that the police go after? That vault is getting opened. This kind of law enforcement key/bypass would have to be so easily accessible that the idea it wouldn't be leaked is just not viable.

How would it be leaked? It's buried in an HSM that is not connected to the internet and housed in an access-controlled vault. Just assuming a breakage of the first of those conditions (extracting a key from an HSM) utterly breaks all device security guarantees you have for all the devices you own. If step one of your plan to "leak" this key is to be able to break all device security guarantees for all devices everywhere, then we can probably conclude that this thing doesn't constitute a meaningful additional risk over the status quo. Like, mayyyyybe an epsilon increase, maybe. But that epsilon is sooooo small that it would be dwarfed by a literal billion other security improvements we could make in every other aspect of our digital computing.

How would it be leaked? It's buried in an HSM that is not connected to the internet and housed in an access-controlled vault. Just assuming a breakage of the first of those conditions (extracting a key from an HSM) utterly breaks all device security guarantees you have for all the devices you own.

This just isn't true. Microsoft can keep the signing keys for some important elements of the OS private, and those keys are only accessed extremely rarely and in specific circumstances. But the threat that I'm talking about is from actors who have legitimate access to the vault.

This super skeleton key that unlocks all encryption and allows you to bypass all security on financial transactions, privacy, government documents, military assets... not only is this going to be the most valuable key in the world with thousands of motivated parties trying to get access to it, there are going to be law enforcement and government requests for it on a constant basis. Think about how many warrants are served in the USA and then remember that every single one of them is going to involve someone getting access to this key. Then remember that this key is also in use everywhere else in the world - it has to be the same otherwise you've completely broken the internet and global economy by making encrypted communication between different nations impossible (it'd be illegal to have communications that don't allow access via this master key after all). So that means that every single time a Chinese, Russian, Brazilian or South African cop wants access to some communications, that vault is getting opened right back up again.

THAT is what makes it so likely to leak - this key is going to have to be accessed by millions of law enforcement officers and government officials every single day, and it is the most valuable key in the world given that it can defeat all encryption used in financial transactions and would make fraud and financial crime as easy as pie, let alone privacy invasion and surveillance. If you think that the Chinese (or American for that matter) government is going to use this access responsibly (or just not keep their word when they say they're not making copies of the key), lmao.

This conversation is about E2EE of Facebook messages, not bank transactions. Law enforcement/government can just subpoena your bank to get your bank transactions.

this key is going to have to be accessed by millions of law enforcement officers and government officials

Also BZZZZT. As I said, the only people that ever access this key are a small number of approved Facebook insiders. Law enforcement/government make requests (with warrants) to Facebook, but they never even touch the handle to the door of the vault that contains the computer with the HSM with the key.

But the threat that I'm talking about is from actors who have legitimate access to the vault.

This is why I had said:

Of course, this method would also be subject to the possibility of abuse by the small number of FB insiders who are tasked with this warrant service, but that, by the terms of the argument made above, "does not increase the risk further than the non-E2E case," because in the non-E2E case, FB can also trivially abuse their access to your messages. The question here is to what extent you think FB is, itself, a threat actor, but I think the terms of the argument above stipulated that they weren't. The appropriate criticism (seen elsewhere here) is that they are.

More comments

and whoever hacks them, which is a very remote possibility

Would you consider Microsoft making a configuration mistake giving read access to every Office 365 account to a test account that was then trivially hacked more or less likely than Facebook making a similar mistake? I work in IT too, and I would have considered Microsoft more serious than Facebook regarding security. Maybe I'm wrong and Microsoft is just unserious about security while Facebook is serious. Maybe. But personally I still adjusted my estimation of the likelihood of this kind of serious breach from all of FAANG(O)/big tech upwards.

My bias is Microsoft is a lot more incompetent at security than Facebook and they regularly prove it. They're getting better, but still have a long way to go. https://srslyriskybiz.substack.com/p/microsofts-security-culture-just

On Facebook without E2E encryption (but with TLS), your messages are only exposed to Facebook and whoever hacks them, which is a very remote possibility.

You obviously haven't heard of the third party doctrine.

If Facebook has your messages, and you haven't encrypted them E2E, the government can look at them any time they want without a warrant. Your statement that they can only be seen by Facebook and by hackers is false; the current legal environment makes them open to the government, no warrant needed.

You're also ignoring that for the government to look in your basement takes some effort. Looking at millions of people's data is trivial.

I responded to this third party doctrine concern you raised on a different comment here: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183485?context=8#context

But to recap

If Facebook has your messages, and you haven't encrypted them E2E, the government can look at them any time they want without a warrant.

This isn't exactly true. Things that neatly fall into the category of "communication" are protected, like 1:1 messages. Metadata and other content (like documents) are not.

You're also ignoring that for the government to look in your basement takes some effort. Looking at millions of people's data is trivial.

A different commenter also raised this. Addressed here: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183482?context=8#context

Wholesale surveillance has been criticized as fairly useless to law enforcement by security experts for a long time.

A different commenter also raised this. Addressed here: https://www.themotte.org/post/851/culture-war-roundup-for-the-week/183482?context=8#context

Wholesale surveillance has been criticized as fairly useless to law enforcement by security experts for a long time.

Useless at preventing crime. Fantastic as "Show me the person, and I'll show you the crime." I routinely see the government producing private non-serious conversations they've harvested through whatever means to defame the character of people they are politically persecuting.

Wholesale surveillance has been criticized as fairly useless to law enforcement by security experts for a long time.

  1. It might be useless for legitimate law enforcement purposes but fine and dandy for not-so-legitimate ones.

  2. I would argue that machine learning classifiers have made wholesale surveillance quite a bit more useful, by making it a lot easier. You want to find crimetalk, train a classifier with crimetalk and run everything through it; no need for humans to do all that work.

Fair enough. Eliot Spitzer got brought down because his bank transfers to a brothel were red flagged, they investigated, and they just happened to nail the governor of NY. Obviously what really happened is they brought up all of Eliot Spitzer's records, went over it with a magnifying glass, pieced together the brothel thing, and also noticed it had been red flagged (like a billion other transactions that are never looked at), and worked backwards from there to construct a story where they had cause.

So that's an extreme case. How often does this happen in practice though? Also, even in my extreme case, it doesn't seem actually wrong for this information to have come out about Eliot Spitzer?

So that's an extreme case. How often does this happen in practice though?

The magic of parallel construction -- where law enforcement obtains information from an illegitimate source, fabricates a chain of evidence back to a legitimate source, and then presents the fabricated chain to the court -- says we'll never know.

What is this place?

This website is a place for people who want to move past shady thinking and test their ideas in a court of people who don't all share the same biases. Our goal is to optimize for light, not heat; this is a group effort, and all commentators are asked to do their part.

The weekly Culture War threads host the most controversial topics and are the most visible aspect of The Motte. However, many other topics are appropriate here. We encourage people to post anything related to science, politics, or philosophy; if in doubt, post!

Check out The Vault for an archive of old quality posts. You are encouraged to crosspost these elsewhere.


Why are you called The Motte?

A motte is a stone keep on a raised earthwork common in early medieval fortifications. More pertinently, it's an element in a rhetorical move called a "Motte-and-Bailey", originally identified by philosopher Nicholas Shackel. It describes the tendency in discourse for people to move from a controversial but high value claim to a defensible but less exciting one upon any resistance to the former. He likens this to the medieval fortification, where a desirable land (the bailey) is abandoned when in danger for the more easily defended motte. In Shackel's words, "The Motte represents the defensible but undesired propositions to which one retreats when hard pressed."

On The Motte, always attempt to remain inside your defensible territory, even if you are not being pressed.


New post guidelines

If you're posting something that isn't related to the culture war, we encourage you to post a thread for it. A submission statement is highly appreciated, but isn't necessary for text posts or links to largely-text posts such as blogs or news articles; if we're unsure of the value of your post, we might remove it until you add a submission statement. A submission statement is required for non-text sources (videos, podcasts, images).

Culture war posts go in the culture war thread; all links must either include a submission statement or significant commentary. Bare links without those will be removed.

If in doubt, please post it!


Rules


Recommended Posts And Communities

Recommended Realtime Chats