Governments seem to want to have it both ways. As new technologies are introduced they assume that capabilities and practices available to analogous predecessors must remain available to them (e.g. wire-tapping phones => undermining cryptography) but they don’t feel the same way about public benefits or rights associated with other technology that is being replaced (anonymous cash transactions => ???)
It also seems like there’s a tendency to relitigate battles that are lost. I assume the UK had some equivalent to the 90s crypto wars in the US where attempts to weaken and backdoor crypto by legal means were pretty decisively defeated.
It’s sad that precedents should only accrue to one side’s benefit.
> but they don’t feel the same way about public benefits or rights associated with other technology that is being replaced
When the government creates a law within recorded history — something like a wiretapping law — then the spirit of the law is well-known at time of creation. Usually, that "spirit" is that it's created to explicitly grant a capability to the government to do a thing for the benefit of the public under a certain circumstance. So if technology changes, the spirit that the original law was defined under is expected to be upheld by the court when interpreting the law to suit cases outside its original scope.
The problem with "legacy" common law — things like "being able to transact anonymously using cash" — is that there is no clear "institutional memory" of the spirit that created the law. The people who invented "using gold coins as a common exchange for barter" weren't thinking about anonymity — and so it's not clear whether anonymity is a necessary or desirable part of the spirit of cash transactions, something the public would desire to be preserved in a replacement system; or whether it's just an "implementation detail" of the way cash happened to need to work given technology, something that would make no sense to port over to the new system.
This is why the Federalist Papers are some of the most important documents when understanding the intent of the Constitution and Bill of Rights – and simultaneously the least read!
I'm not saying that case law isn't also an important aspect of the 'law' and that the constitution shouldn't be amended – I'm not really a hardcore 'originalist' – I just mean that any time a SCOTUS ruling comes out, it's clear that in the public square discussion, nobody has read these very important contextual documents and it is maddening.
I guess I don't get why the arguments against the Constitution of the time would be useful for "understanding the intent of the Constitution and Bill of Rights"?
The Bill of Rights came about largely as a product of anti-federalist agitation. Many prominent federalists felt that a Bill of Rights would be redundant; in federalist 84, Hamilton writes the following:
> There remains but one other view of this matter to conclude the point. The truth is, after all the declamations we have heard, that the Constitution is itself, in every rational sense, and to every useful purpose, A BILL OF RIGHTS. The several bills of rights in Great Britain form its Constitution, and conversely the constitution of each State is its bill of rights. And the proposed Constitution, if adopted, will be the bill of rights of the Union. Is it one object of a bill of rights to declare and specify the political privileges of the citizens in the structure and administration of the government? This is done in the most ample and precise manner in the plan of the convention; comprehending various precautions for the public security, which are not to be found in any of the State constitutions. Is another object of a bill of rights to define certain immunities and modes of proceeding, which are relative to personal and private concerns? This we have seen has also been attended to, in a variety of cases, in the same plan. Adverting therefore to the substantial meaning of a bill of rights, it is absurd to allege that it is not to be found in the work of the convention. It may be said that it does not go far enough, though it will not be easy to make this appear; but it can with no propriety be contended that there is no such thing. It certainly must be immaterial what mode is observed as to the order of declaring the rights of the citizens, if they are to be found in any part of the instrument which establishes the government. And hence it must be apparent, that much of what has been said on this subject rests merely on verbal and nominal distinctions, entirely foreign from the substance of the thing. [1]
Because they are directly responsible for the Bill of Rights because they felt the Constitution didn't provide enough protection/clarity in some cases.
Hindsight is 20/20 but I feel like that mistake is on the Founding Fathers. If you want us to do something, say it in the place where you put all the rules instead of hoping we'll read some other thing, y'know.
There seems to be a function missing from government. All governments, AFAICT.
Legislators change the law (including, rarely, the constitution) — effectively by applying a hierarchy of "countermanding orders" — to suit the changing interests of the public. Courts interpret the law, but only downstream of legislation. The executive can make regulation and executive orders, but only in agreement with the law.
But at the founding of any given country, something else usually happens: certain rights and laws that are already recognized intuitively become enshrined into the country's constitution. Things are written down into law not as a representation of a shift in public sentiment, but as a recognition of existing sentiment, and the desirability to formalize that sentiment as law to protect it from encroachment by legislation.
Usually, this is done in the form of "representative anarchy": the people who establish a country are the people everyone rallied behind to overthrow the previous country; and because of this, they have very good knowledge of what rights their constituents were demanding that the previous government wasn't giving them.
There's no trivial way to map this "representative anarchy" process of self-evident-rights information-gathering into an equivalent process that would occur within an established continuous government. But that doesn't mean it's impossible.
For example, there could be a government department charged with 1. doing a kind of embedded journalism to figure out what issues "the people" are beginning to care about, that the law's stance on has no clear basis, because those issues were irrelevant when the constitution was enshrined; and then 2. coming up with referrendum-like polls to gather data on said public sentiment; where if the polls indicate a need, then at that point 3. the data will lead to a mandate for a constitutional amendment enshrining the public's desires to be created and put into force, which stands until this has successfully occurred; where 4. it is then up to the legislature and the supreme court to work together to draft the amendment; but 5. the ability to ratify the amendment is not in the hands of the legislature or the courts, but instead, this department will assemble a federal grand jury with participants from all states, which has a veto over each draft, and a congressional-subpoena-like ability to summon and retain the services of arbitrary legal experts to interpret the draft. (In est, this is trying to get as close as possible to having the public write the amendment themselves, with the legislature+courts being forced to "do the hard work" but not having any power over the result.)
But exactly how such a system would work isn't really my point; my point is that there is currently no such system, and that this is perhaps a problem. In fact, it is perhaps the problem — the problem that leads to governments founded with public support increasingly failing to address the interests of the people over time; and so, to governments being overthrown and new countries being founded.
Anyway, the problem is that when governments get old, interests get entrenched, and it begins to act against the democratic mandate. Any stable organization with some power can not solve this problem and will only make it worse.
Ideally, elections should be a way to insert instability into the system and avoid this. But those were subverted in a series of ways and the instability just isn't there anymore.
We don't have state sovereignty even on matters as trivial as which recreational drugs to regulate.
And a system that requires a 3/4 supermajority of not even the population but the state legislatures (with the net effect that some states have a much greater say in pushing through or blocking amendments than others) is hardly a sane or sensible way to gauge public sentiment on such matters.
> We don't have state sovereignty even on matters as trivial as which recreational drugs to regulate.
By the letter of the law, no. But in practice we do. The federal government is thus-far unwilling to defend their turf on this issue; they have de jure sovereignty but not de facto sovereignty. If a government finds itself politically incapable of exercising a sovereign power, then in a very real sense they no longer have it.
There are plenty of federal drug laws that are actively enforced in states where that stuff is otherwise legal. People mostly think about basic use & possession in this context, but there's so much else. E.g. buying a gun as a medical marijuana user is a risky proposition.
Try openly producing and selling. Multi-million dollar businesses operating in open plain view of the public and any federal agent. States legalize cannabis and the federal government in turn stops enforcing their laws against cannabis in those states, demonstrating that the states have de facto sovereignty to legalize drugs. They didn't just stop prosecution for "basic use" and possession, they no longer enforce their drug laws against growers and dealers either. They've essentially given up, for the time-being at least.
The fact that the same states are not also defying federal gun laws (with some interesting exceptions *cough* alaska *cough*) is another matter entirely. The federal government does seem to be more keen on exercising their sovereign powers when it comes to guns than with drugs.
I'm specifically referring to gun laws that pertain to "illegal drugs", so you can't really decouple the two like that. Not only the feds actively enforce these in all states, but even their forms that you have to fill explicitly state that cannabis is an illegal drug even if legalized in your state of residence. So, in effect, the states do not have full sovereignty even wrt drug legalization in all contexts.
You can say they don’t have the power all you’d like, but after 50 years of them enforcing it, you’re not likely to convince a judge they can’t do what they do.
But that's mostly due to a string of executives that are sympathetic or indifferent to that particular issue. A president that reignited the war on drugs or had outside political motive to go after what is mostly blue states and liberal people would likely succeed.
De facto sovereignty is in large part a function of what politicians are willing to do. Changes in leadership may change things, that goes without saying.
We do have state sovereignty on recreational drugs. State law enforcement officers are not required to enforce federal drug laws or cooperate with federal law enforcement personnel.
The Constitution is supposed to be stable and only change in response to broad political consensus. Requiring a supermajority for amendments is entirely appropriate.
Yes, you'll note that I said "the data will lead to a mandate for a constitutional amendment." My point is that the mechanisms that create and ratify constitutional amendments are broken for this purpose; not that we need a thing other than constitutional amendments.
Given the actual way bipartite or tripartite governments (at all levels — from municipal to federal) function in the real world, constitutional amendments only happen when there's a need to use an amendment to overridingly countermand law.
Constitutional amendments are almost never used for their original designed purpose — to pre-empt the ability to create law — because the legislative process is purely reactive, never proactive. Legislatures the world over only act when either corporate lobbying interests or outraged citizens demand they act.
The thing I'm saying doesn't exist, is a proactive branch of government that turns things that are currently "known to be desirable" but not yet "outraged about being taken away", into constitutional amendments protecting those things, before some law can be made somewhere that violates the implicit, intuitional, self-evident, but previously non-applicable right that the public believes it has. Like a right to anonymity in cash transactions.
Until a decade or two ago, nobody ever considered that "being able to transact anonymously via cash" needed to be thought of as a right. It was simply the only way things worked. There were no clear examples of it not working that way elsewhere in the world to serve as object lessons on why you'd need such a law.
Or, consider prohibition. Did the US really need to issue the 18th amendment, struggle for two decades, and then issue the 21st amendment to repeal it... when anyone who lived in America at any time during the two centuries before the rise of the temperance movement, could have seen that the public actually seems to consider itself to have a self-evident right to ingest mind-altering substances — and thereby, that there should be a constitutional limitation on laws which prohibit the production and sale of mind-altering substances? Yet America still doesn't have a constitutional amendment enshrining that self-evident right. Because there's no system for discovering "latent" public sentiment and enshrining it. If everybody thinks something, but nobody says that thing, then it never becomes law.
(If you think it's dumb to care about what "everyone thinks but nobody says" — why do you think democracy is built on secret voting? The public has a lot of things they want but aren't willing to say they want in front of others, for fear of reprisal in their local social-normative environment — including who they think would best represent them democratically!)
To your other points:
> The ombudsman of the American people is their state legislatures.
Legislatures at all levels are purely reactive; and therefore can't react to latent public sentiment, only to active demands.
> We have sovereign states in the US. Let’s not add any more power to the federal apparatus to solve a perceived problem with itself
What about every other democratic nation in the world that doesn't have this problem? (I'm Canadian, myself.) While America makes a good example for the failings of the reactive model for constitutional amendment, adding a proactive pipeline from latent public sentiment to constitutional amendment would be a change applicable to every country with a constitution. Not just democracies, actually; even constitutional monarchies.
That being said — everything I'm saying also applies, in the US, to state governments and their state charters/constitutions/other founding documents. State governments could have such a proactive body just like federal governments could. City governments could have such a proactive body. Heck, even corporations could have a proactive body to enshrine the interests of shareholders into the corporation's charter! (I bet there are corporations whose employees and shareholders would all prefer the corporation be transitioned to a B Corp with certain values held above profit — just not with enough outrage to consolidate a voice to make any coherent demands of the board of directors.)
> The thing I'm saying doesn't exist, is a proactive branch of government that turns things ... into constitutional amendments
I read your whole comment tree. I used to think something like this would be nice. An incarnation of some kind of wise intelligent force that could cut through the morass of mainstream politics in an efficient and principled way.
What I have realized is that mainstream politics is exactly this. The premise of your argument is wrong. There is no more proactive or efficient mechanism for accomplish collective action than our current political process. It is ruthlessly fast and efficient when you consider how accurately it reflects general sentiment in the country. We all, moreso the more intelligent we are, operate in a bubble of assumptions about what other people believe. Whatever you see on the news is a mindbogglyly low error match tailored to what the target audience believes. And all target audiences are covered in proportion to their size. We often hear that the extremes control the narrative, and you do hear from them a lot, but the overall picture painted by popular media and politics is the most accurate reflection of what people believe or will believe.
There's nothing we could construct that would outperform it.
I think we could tweak it to lower the error rate with some different voting schemes or rules, but at the end of the day there isn't some other paradigm that will beat it.
I like this idea. A somewhat related idea I've had is that instead of giving the supreme court ultimate power to overrule and/or reinterpret existing legislation they instead would be given power to call a referendum. Each justice would have the ability to attach their own revised version of the law to the referendum and there would be a voting process to determine which version of the law to accept as canonical. This would prevent the kind of situation we have right now where the court is controlled by a minority group that is imposing its views with impunity. So long as there is but one voice on the court that represents the majority public interest, the public can win out (provided elections are free and fair of course). Right now, regardless of where you fall ideologically, it is clear that the structure of the court can be exploited to impose a vision of the country that does not reflect the wishes of most of its citizens. Even those who feel ideologically aligned with the supermajority court should be concerned with the tact they are taking. It's destabilizing and planting the seeds for the institution's demise.
The problem with referenda that the function of the Supreme Court isn't writing new laws but settling individual cases according to existing law. The reason why this has wide reaching implications is because other courts are bound to follow its legal arguments as precedents with other cases (and because Supreme Court justices can sometimes rule that a particular law is inconsistent with the constitution, which they do at least in theory with the intent of preserving the constitution rather than creating a new law)
The public is clearly not bound to even attempt to be consistent in its opinions from case to case, and if it's all over the place in its verdicts and might well be accepting or rejecting a verdicts for different reasons from the justices (maybe they think the legal arguments about privacy in the original Roe vs Wade were weak but also think women should have an inherent right to abortion that legislators haven't provided them with), it'ś difficult to see how lower courts can be bound by it.
There's also a big question of who gets to vote, particularly for the cases where a state law is argued to be in violation of the federal constitution, which tends to be the more controversial ones...
The problem is that existing law in many cases (that end up in SC) is simply too vague to be a meaningful expression of intent. In those cases, since the judges are still required to rule one way or another, we end up getting those tortured decisions where a big effort is made to contort the law into some interpretation that would allow for a ruling.
In my opinion, if SCOTUS is split 5/4 (or even 6/3) on anything, that should be taken as prima facie evidence that the law is unclear and needs amending. At that point we should require all the deciding judges to make a write-up for each opinion in the case detailing the requisite changes to the law that would make all judges to rule unanimously in favor of that opinion. These can then be submitted to the legislature or a referendum or whatever, but either way some decision needs to be made.
>This would prevent the kind of situation we have right now where the court is controlled by a minority group that is imposing its views with impunity
You're completely missing the point of the supreme court. It's explicitly not a democratic institution; it's purpose is to protect the constitutional rights of the minority from the tyranny of the majority. The other two branches are democratic; isn't that enough for you?
Surely you see the point of the US being a republic; rule by law, not by men. In your vision of the supreme court, if the majority decided they wanted to lock up some minorty and send them to gas chambers, the court couldn't do anything to stop them because the populace would vote for it in a referendum. That kind of thing has happened countless times in history in countries that didn't have a strong court system capable of protecting people's rights from the tyrrany of the majority.
I have much more faith in democracy, flawed as it is, than the Supreme Court.
> Surely you see the point of the US being a republic; rule by law, not by men.
Men wrote the laws.
> In your vision of the supreme court, if the majority decided they wanted to lock up some minorty and send them to gas chambers, the court couldn't do anything to stop them because the populace would vote for it in a referendum. That kind of thing has happened countless times in history in countries that didn't have a strong court system capable of protecting people's rights from the tyrrany of the majority.
I agree the Supreme Court has effectively protected minority rights: the minority of wealthy property owners. I'm somewhat confident that the historical list of Supreme Court injustices that served to oppress vulnerable minorities (e.g. Dred Scott and Japanese internment) is longer than the list of times the Supreme Court has lifted those same minorities up.
> In your vision of the supreme court, if the majority decided they wanted to lock up some minorty and send them to gas chambers, the court couldn't do anything to stop them because the populace would vote for it in a referendum
I don't agree with the commenter you responded to, but I think this sort of view is similarly flawed. Many developed Western democracies endow the courts with much weaker powers of judicial review than the US. In the UK, for example, judicial review applies only to Orders of Council, while Acts of Parliament are exempt.
Have you seen the formation of any countries? Even one?
Have you ever seen representative anarchy? Please tell me where - I'll be there like a shot!
> embedded journalism to figure out what issues "the people" are beginning to care about
Afaik, journalists are there to tell the people what to think - what do you think propaganda is? Do you think that propaganda is something the Russians do, but your country doesn't?!?
> Have you ever seen representative anarchy? Please tell me where - I'll be there like a shot!
"Representative anarchy" was my shorthand for the concept of "whoever can stand up with a megaphone and get the largest mob behind them wins." To do this, the person with the megaphone needs to understand what hot-button issues will make the mob follow them in their coup or secession attempt. In that sense of understanding the public, they are acting as a kind of representative. Not a democratic representative — but the same kind of representative that you get when someone stands up and shouts something in a bar and everyone else shouts "yeah!"
Yes, the mob can be manipulated. But the nice thing about the breakdown of law and order, is that it stays broken until someone who's good at governing actively re-establishes it. If the mob that the new guy used to depose the old guy, doesn't appreciate the new guy's first few acts in power, then said mob will still usually be riled-up enough — and the new guy's hold on power will still usually be tenuous enough — that the mob will just turn around and depose the new guy, too. (Look at the War of the Roses for many small examples of this; or for a perfect example, at Burkina Faso's two coups in one year last year, where the second one was driven precisely by the public's lack of faith in the guy who did the first coup.)
> Afaik, journalists are there to tell the people what to think
Maybe I chose the wrong word? I suppose I meant intelligence operatives — but not the secret kind. Just, people who are paid to go and watch things and talk to people, and tell their government department what they found out. Census workers, for example! Or the people who go into retail stores to get the pricing data for the central banks to calculate the Consumer Price Index.
I think you have been watching too many films. I don't think people act as a mob, overthrowing anyone.
The governance structure doesn't really accept any real inputs from you and I. They are a bloodline.
You get to vote in a 'representative democracy' where your vote every 5 years is aggregated with 100k+ of other to choose one of 2 candidates, who then purports to represent you in the thousands of decisions he makes over his term.
The Federalist papers are one half of the story. It takes two sides to have an agreement, and it's a mentally convenient and lazy task to decide that because the sides came to an agreement that favored one of them, that the other is completely irrelevant to the discussion, ESPECIALLY when the nebulous task of trying to divine intent is concerned.
The Federalist papers are the equivalent of a Medium blog post. And I will treat them as such.
Edit: Evidently I've pissed off enough people who drink the red-white-blue kool-aid. -3 at the moment.
These newspaper publishings were expressly for the solidification of power at the federal level, and the weakening of the states. And only look closer at what the "federal" powers were about, and it was all about "secur(ing) the existence of (their) people and a future for white children." (cite: 14 words)
Hamilton/Madison/Jay and others knew if a strong federal law reigned supreme, his and other founders' slaves and their current wealth would be greatly solidified. And right he was. And all those slaves also gave 3/5'th a vote per human they enslaved. While many of you say it was for "selfless reasons", my only response is a great big belly laugh.
So perhaps, I was wrong calling these an equivalent of a Medium blog post. No, instead they'd fit right in on the Daily Stormer or Stormfront (2 neonazi publications). Those are the types of "rights" these founders were fighting for: the rights to own another human as property.
> Evidently I've pissed off enough people who drink the red-white-blue kool-aid.
You haven't pissed off anyone. People are downvoting because your comments sounds like they're coming from an edgy 14 year old who wants to shock his parents. You've clearly never given any thought to political philosophy, and your comment gets pushed to the bottom so it won't waste other's time.
I'm not American, I do not admire American nationalism or jingoism. Nor do I admire people who spew nonsense in order to look like rebels against the man.
You are equating a blog post to a paper written by a small group of citizens that dared to risk station, family, and life, to pursue a dream for a nation (not selfish ends), which put them directly in the cross hairs with the superpower of the time?
I agree with your general point that the Federalist Papers aren't quite the same as a random blog post. But to extend that analogy further, if I'm implementing HTTP, should I base my implementation on things only found in a blog post by Tim Berners Lee?
Don't get me wrong, the Federalist Papers are important historical documents and provide unique insight into the minds of the authors. But they're not laws, and treating them as if they have actual legal significance seems wrong.
Society should require that the spirit and purpose of any law be included as a preamble to that law's text and be used in the interpretation, application, and future adaptation of that law. The spirit and purpose may be obvious at the time, but won't necessarily be that way to future generations.
Laws with no explanation about their purpose or goals are like the compiled binaries of a program. Ideally, in the future you'd like to be able to edit the source code and recompile it, not blindly patch the binaries.
Society should require that the spirit and purpose of any law be included as a preamble to that law's text and be used in the interpretation, application, and future adaptation of that law.
I agree, and it mostly is. I'm pretty sure it is always recorded when a congressman speaks about a bill, plus they always show dissenting opinions of the SCOTUS.
However, one major problem is that language changes with time. Words go out of favor, and change meaning. Sometimes they change their meaning to be the exact opposite. Sometimes there are contenpary dictionaries with conflicting definitions.
I think all laws should have an expiration date, and have to be debated, and possibly reworded again and again over the generations.
To me, the law and programming seem very similar. Any time two parties go to court and a precedent is created, it seems to me like someone is taking the function of the contested law and adding an if statement somewhere in the body that alters what's returned. Having something like this would be akin to having the original ticket specification to look at which is obviously handy when the inevitable disagreements arise between users, developers and stake holders. It may also prevent the law from getting needlessly complex with endless if statements.
> To me, the law and programming seem very similar
If that was the case, we wouldn't need lawyers or court hearings. Laws are phrased vaguely on purpose because real life is far too complicated to write down every eventuality and also it's easier to build political consensus for vague laws. That's why we have courts who interpret the law based on precedent and common sense.
A succinct way to see the difference: You want your computer to do exactly what you wrote in the code and nothing else. This is not true of legislation. You want people to do anything that's not explicitly forbidden and tolerate them doing things that are technically forbidden ad long as they don't really cause too much harm, which means laws are written keeping in mind that the system has and needs slack.
> If that was the case, we wouldn't need lawyers or court hearings.
Er no. The law existed long before computers did.
> Laws are phrased vaguely on purpose because real life is far too complicated to write down every eventuality and also it's easier to build political consensus for vague laws.
This doesn't discount from the code comparison at all. Anyone who has worked on a codebase for a large company knows that the feature requests never stop piling in either because the computer program will never be able to handle all the complexity of what it is trying to model either. At the end of the day, you have a function myLaw which takes four arguments, plaintiff, defendant, judge and jury. The interactions between the four and the myLaw code decide what the return value is.
> A succinct way to see the difference: You want your computer to do exactly what you wrote in the code and nothing else. This is not true of legislation. You want people to do anything that's not explicitly forbidden and tolerate them doing things that are technically forbidden as a way to introduce slack into the system.
No, because you're assuming here that the law directly controls the people. I would argue that isn't the actual purpose of the law. If this were true then there would be no crime because once a law was written, everyone would abide by it as if it had telepathic mind control and there would be no crime. Instead, people are free to ignore or read the law and then to act in concordance or discordance of their own free will. The actual purpose of the law is for evaluating the actions of people after they have done something. People are run time variables that are inserted into the law function, they are not the code themselves.
That slack works both ways, though. It's also common to have a situation where the law is expected to be "judiciously applied" - sometimes the politicians pushing for it even make pinky promises to the effect of, "this is only for really serious crimes" - and then in practice it gets applied much more broadly.
That’s more aligned with countries that follow civil law work. They define the law and what it covers.
In contrast, common law is more open to interpretation, changes over time, etc.
Yes, this is super generalized, but the dichotomy explains two very different approaches to how countries approach their writing and interpreting of laws.
This is one of the reason common law countries are generally wealthier than civil law ones, because precedent is stronger in common law, so it's easier to do business (less uncertainty).
Sounds like a just-so explanation and something something causation ≠ correlation. Like me saying "Countries that use imperial units are richer than countries that use metric. The inconsistency in the former make their citizens more adaptable from childhood and supercharge their productivity."
I believe that Sweden publishes laws as both the letter and separately the spirit. The former providing the rules, the latter what thought process led to making them that way.
It might have been Norway though. One of these two.
Quite often, we can't even get lawmakers to include the concept of inflation into the laws, so any fine or penalty with a set amount ends up being decayed into nothing over time.
Okay, so what do you do with laws that already exist at the time your country is founded, which 100% of the public wants to keep, but has no justification for?
You pass a law saying that such and such existing laws remain in force temporarily and set up a commission to study them in detail, figure out what's actually important, and author new model laws as needed for the legislature to consider. This can be dialed from piecemeal replacement to a wholesale rewrite.
Something along these lines is how most modern states handled it in practice, if you look at e.g. former Warsaw Pact states.
Inevitably: "we've always done it exactly this way until now, and it's worked, and we'd rather just keep doing it exactly this way, without having to re-think it from scratch."
Where "this way" includes all sorts of implementation details that may or may not be important.
Think of a baker in some kind of baker's guild, who was taught as an apprentice various techniques for how to get the best rise from their bread, before any scientific understanding of what those techniques are doing. The baker wants to keep following their various rules of thumb, because they know they'll produce the best bread. They don't know why the rules-of-thumb work; they just know that whenever they've accidentally diverged from them, they get less puffy bread.
Now, replace "baker's rules for baking bread" with e.g. "common-law rules around easements and rights-of-way in property disputes."
> The people who invented "using gold coins as a common exchange for barter" weren't thinking about anonymity
What makes you say that anonymity wasn’t a concern? I have a hard time believing that claim without any substantiation.
Anonymity in market participation and transactions has been an important consideration for millennia. Anyone who has watched Jasmine put on peasant clothes and visit the market in Disney’s Aladdin can understand that
> What makes you say that anonymity wasn’t a concern? I have a hard time believing that claim without any substantiation.
Because the inverse claim, “people using gold coins thousands of years ago for common exchange were worried about the anonymity of their transactions”, is absurd.
It’s not like the alternative to gold coins two millennia ago was a traceable currency, the technology for tracking a large population literally didn’t exist, and wouldn’t exist for almost two thousand years. People relying on gold coins couldn’t possibly conceive of a world where people’s every transaction could be reliably tracked.
> It’s not like the alternative to gold coins two millennia ago was a traceable currency
There actually was, predating gold coins in fact. What people did was carve notches representing quantities into sticks. The sticks were then split down the middle such that they could be lined back up to verify that both came from the original stick and the notches lined up. One of these halves would then often be entrusted to local officials for safekeeping. When people wanted to settle accounts, they could meet up with their half of the stick, light them up and make new cuts.
(Of course this doesn't prove that gold coins were created to facilitate anonymity.)
Credit came before currency. The oldest civilizations we know of (Sumerians, Babylonians, etc.) traded on credit on the daily to be later settled come harvest. "Okay, I owe the bar for 100 barley beers, it's harvest time and they have to pay their taxes too. I'll pay 100 barley beers in grain to the taxman in their name when I go pay mine."
I don’t see how a Tally stick results in non-anonymous transactions. It’s just a basic way to create an arbitrary non-fungible physical token, just like a door key.
The authorities holding the sticks are acting as a public ledger, in that they bear witness to person A originally handing them half of stick A — and they could write that association down, if they like (picture a little tag saying "person A" wrapped around stick A in their stick storage closet); but even if they don't write it down, they may just remember the person, remember the probably-pretty-unique-looking stick, and mentally associate the two.
Then, when person B comes around with the other half of stick A, they won't know all the hands it passed through in the meantime, but they'll at least know that person A and person B were connected through some chain of equal-value trades that didn't require "breaking" the stick.
Yeah I’m not seeing people being so dreadfully about “authorities” knowing who random people happened to participate in an arbitrarily long line of trades as being a big factor in people moving to gold coinage.
Notable people resorted to things like Tally sticks when actual physical currency like gold was in short supply. So the idea that people moved from Tally sticks to gold due to concerns for privacy just doesn’t hold water. Especially given gold as currency predates Tally sticks.
>The inverse claim, “people using gold coins thousands of years ago for common exchange were worried about the anonymity of their transactions”, is absurd.
Can you explain why? I have already given a historical example to the contrary (granted a fictional one but one based on similar true accounts)
The ancient Romans invented the Census to reliably track every person. It seems a little goofy to suggest that they “couldn’t possibly conceive” of a similar accounting of transactions
How would the Romans, or anyone else, have implemented practical tracking for every day transactions? Is there a single historical example of this being done in the pre-digital world? The Census is a survey of people/household/assets, but logging all exchanges of currency is several orders of magnitude more records. I can’t really think of any practical way this could have been done, especially when assuming some people would be adversarial to the tracking (which are exactly the transactions you’d want to track)
Not saying they didn’t see anonymity as a desirable property of transactions, but I don’t take this as proof that they definitely did.
A tally stick is anonymous. There’s nothing about a Tally stick that links it to any particular individual.
To argue that a tally stick can be used as an effective way to track people is to also argue that any physical key can be used to track people. After all a key and Tally Stick operate on the same principle, and yet I don’t think anyone is worried about a government tracking them by their dumb metal house keys.
Funny thing, when I read the beginning of your comment I assumed you would claim that the people that agreed on the standard knew everybody on the market and would believe anonymity was impossible. Instead you got there with inevitable.
Because money from the get go was an instrument of the state as the historical record shows pretty convincingly. I suspect anonymity was a concern, just that they would have loved to eliminate it, not encourage it.
The wiretapping law did not have the intent of eavesdropping on arbitrary conversations (it is orthogonal to bugging peoples homes). It also did not allow mail to be opened.
The “spirit of the law” argument is bullshit here in tenuously trying to expand wiretapping to decrypting text.
Then these governments have forgotten that they serve at the pleasure of the people. We permit them to exist specifically for the purpose of protecting our rights, not expanding their own. The rights we possess are inherent and automatic because we're human beings, they are not granted by government or anyone else, and if a government fails to aid us in preserving them, that government is no longer legitimate.
Jefferson said all this far better than I ever could:
"We hold these truths to be self-evident, that all men are created equal; that they are endowed by their Creator with certain unalienable rights; that among these are life, liberty, and the pursuit of happiness; that, to secure these rights, governments are instituted among men, deriving their just powers from the consent of the governed; that, whenever any form of government becomes destructive of these ends, it is the right of the people to alter or abolish it."
We live in an era where increasingly it is the government who picks the voters rather than the voters picking the government. Whether it is through immigration policy, favoring certain areas over others, or trying to throw up restrictions on voting, across the political spectrum there is a dedicated effort to shape the electorate to be friendly to those in power remaining in power.
Selectorate theory (which is described for the lay people in "The Dictator's Handbook: Why Bad Behavior is Almost Always Good Politics") talks about your points: picking voters through (a) immigration policy (b) restrictions on voting, etc.
Can we set up an automated monitor on all the traffic cams and licence plate readers and facial recognition systems just to catch cops and politicians breaking laws or just to track their movements and associations the way they do to everyone else? Can we access the same cam footage that the state uses to accuse you of something, to clear you instead?
Only occasionally and incompletely.
For instance you might have access to whatever they submit as their proof, but they had access to the full footage and from many sources, and if you had that same access, maybe you'd find proof that you were elsewhere at the same time, or that the subject came from somewhere that isn't your house, or see them getting dressed just before going to commit the act, or was even the very cop bringing the charge, or show the greater context that when you drove through that red light, you had already waited 10 minutes and the light was actually broken, or the lights were out but the timer/switing mechanism was still ticking over so the cam just assumed the driver was shown a red light, etc.
I'm only talking about equal access to exactly the same whatever the state already has access to, not anything new or extra.
The surveillance already exists, and is already being used only against you, rarely for you.
If you or I shouldn't have unrestricted access to it, then neither should anyone else. If it is to exist, and anyone is to have access to it, then so should you and I.
I wish that I could believe this was possible. In pretty much every government on earth such a scheme would be made illegal on some pretext well before attainment of said critical mass.
What’s happening right now is much worse than the first crypto wars. In that case the government was just trying to gain occasional access to suspected criminal communications, usually with a warrant. Systems like the Clipper chip even codified mechanisms to limit access to communications. What’s happening this time around is very different: policymakers are demanding the ability to perform real-time scanning of messages, without a warrant. This is technically very different and also has very different implications for privacy down the line.
Of course. It's a class war. When you say the words "class war" far too few people think about the isomorphism to "actual, real" war, but it's there. Sure, the government isn't dropping bombs on London, but the ends are the same.
Remember folks, this week Boris informed the covid inquiry he has "forgotten" the pin to the phone all his WhatsApp messages from that time are on.
If it was one of us, they'd use the bit of RIPA that carries a minimum two year sentence for not giving up an encryption key or password when asked to by the police.
When you say those words people think you are a building-burning store-looting far left hooligan, they call you a commie and shove their head into the ground like an ostrich, as if the last N or so years have not been an endless class war.
Do you get money by working (most people) or do you get money by making other people who work give you theirs (e.g. landlord, CEO, banker (not teller), politician)?
I've had a job all my life but with the proceeds from that job I've bought a house I rent to a local association, and I also have a retirement plan (as pretty much everyone else), so I'm a shareholder in almost all the biggest megacorps through the indexes my retirement account buys.
This is the problem with trying to fit a political doctrine written more than 100 years ago by an academic who spent most of his time in libraries into modern life.
There is a reason 'it was a good idea so I wrote it all down, thought of everything, and then forced everyone to do it' has never worked.
You don't need to follow everything to a T to grasp the fact that 99.99% of us exist to feed the capitalists, the ruling class, to keep them satisfied.
Do you mind pointing out where that was stated or implied?
Anything and everything I do is to satisfy my own curiosity and desires, but that's only because I got lucky. Everyone who didn't get lucky, well, they have to slave away in jobs that may not be fulfilling, or are menial, etc; and I wouldn't wish that on anyone.
I have never claimed nor implied that their lives are meaningless (point where). On the contrary, because everyone's life is meaningful and important, they shouldn't have to slave away or do scutwork just to survive. This is what I am advocating for.
I want people to live, to be free, to enjoy the same things I am. This is literally the opposite of paternalistic.
I am also not a tankie if that's what you concluded from my first remark.
I'm honestly curious why you wrote this and if you can explain what it means, because to me it means 'people who labor for others are wasting their lives as slaves and we need to remedy this'. What have I misread?
The desire to survive is a fundamental instinct of all animals, and thus you'd do almost anything to survive. Effectively we are slaves of our own biology and wiring. Thus, due to resource allocation, most of us have to or had to work in order just to survive.
Our utility and thus QoL is measured in how the surrounding system values us. In a capitalist society that is visible through our salaries and our income as provided by other parties. In a marxist-leninist-like society, your value depends on your connections and how much you get done for the rest of the ruling party.
Thus, because we need to survive, we are forced into working for the system in any of the different ways it materializes.
When we are no longer useful to the system as productive members, we are forced into becoming useful for it.
Rooflessness is very much a solvable problem, but the roofless' purpose within the system to exist as examples for avoidance. "Stay in life or you will end up like them". "Be productive", "work hard in this rat race", "keep grinding", or you will end up like them.
When we are old and no longer productive, we are sent to hospice care, which costs a lot of money, it involves very expensive healthcare, and thus any money we have accumulated go to our care and back to the system, recycled to be used by consumers, and recycled all over again. Our kin and their love for us gets exploited, we become money sinks.
What for? We spend 40 years working to do what, live hopefully 20 years later, old frail and weak? To become a money pit? So that our loved ones and their love for us gets exploited?
---
I am laboring for others, but that doesn't mean I see myself as a slave. I am very lucky. I get paid a relatively excellent salary, and I get to work a nice and interesting job that satisfies my curiosity.
But very few people are as lucky as I am. Most people are not living and thriving, they are surviving, and I don't want that.
It's not the fact that they labor, it's the fact that they need to do that in the first place.
In the end, the only way to allow people to "thrive" and not "survive" is by reallocating capital from those that are already "surviving", right?
So the solution is to steal from those that have. How is working for capitalists different than working for those that don't want to work? In the former, everyone has a shot at winning. In the latter, nobody does.
You could already be a bad person, but for now, you're being taken advantage of about as much as you're taking advantage of others.
I think squatting land to make people rent from you to be able to live is already pretty bad, so you could easily already be a bad person, but the concepts of individual ownership over public goods is the really problem,
Are you really suggesting that land is a public good? If it was, how would anyone ever develop it? How could I keep anyone away from my family at night?
Unless you are born into generational wealth, you are by construction a Prole.
If you need to or had to work for a living until you could afford not to, then you are a Prole.
Whether you choose to "betray" this class - and fight in support of the people who make the rules, the slave owners, those who play god without permission - is a different thing.
A class defines a set of people with some shared characteristic. In this case, this class contains about > 99.99% of the humans that have ever existed.
Who is 'they' in this context? Even borderline schizo far-right conservatives on the vast majority of sites seem to agree, at least in part, that the class war plays some part.
The obvious response is to own it and be an actual commie. Join a revolutionary party, organise in a trade union, set up mutual aid, learn self defence, etc.
You don’t have to lead with it necessarily. I don’t, but I don’t hide it either.
People pay attention to their material interests. In most cases, you can get through to working class people despite ideology. Can’t win everyone over either and that’s ok too.
The problem is that most large left-wing movements tend to be about highly centralized socialism that is at best soft authoritarian (and in practice tends to quickly devolve into something much worse). I understand why - once you take away the cudgel from the people who currently have it, using it yourself to quickly solve problems is just too tempting. But it does mean that many (most?) of those parties are not a viable solution.
Class struggle doesn’t end in one stroke. When the working class wins state power over the capitalist class, the former doesn’t stop existing. The cudgel is to keep internal and external capitalists from counter revolution.
Ultimately, results matter. My country started semi feudal and it was under socialism that it industrialised, electrified, developed universal health care, built homes for every working family, etc. Sadly the coup in 89 ended that, but it doesn’t have to have been perfect to have been good.
My passport still says "place of birth: USSR". As a child, I lived on a street named after a prominent Bolshevik who was famous for using poison gas to crush a local peasant rebellion against the Soviets when they started to confiscate grain at scale to the point of starving whole villages out. Even if all the achievements you claim were true, the ends still not justify such means; but the achievements are mostly a lie anyway. Many other countries saw development from mostly rural to mostly industrialized during the 20th century and got all the benefits you described without a pile of "enemy of the people" corpses to go along with it, so socialism has very little to do with it.
FWIW I don't even think USSR and its satellite states were socialist in any meaningful sense. Socialism, after all, is the common ownership of the means of production. But most of the populace on all those states were excluded from governance, and thus from any effective ownership. So, in practice, it was collective exploitation of the workers by the elites under threat of direct physical force - strictly worse than wage slavery. Some orthodox opposition Marxists in USSR even claimed that it was the perfect example of what Marx originally called the "Asiatic mode of production".
Which country? 89 makes me think not Russia.. Romania?
It is worth pointing out your observation applies to lots of post-colonial societies, too. Socialism took Tanzania's literacy rate from about 10% at independence to 80%+ in a generation, and IIRC it also doubled its agricultural output in that time by organising farming along collective lines. Life expectancy rose substantially too, though I forget by how much.
(So much for empires being about spreading civilization, eh?)
I think it even goes a bit deeper. Surveillance in a democracy is a double edged sword and arguably the edge facing yourself is sharper. You want it so you can keep a close eye on your citizens and manipulate or adapt to their moods. But on the other side, adversaries are also equally capable of doing this (as NK demonstrates, software is a cheap form of warfare). Often adversaries who are more than happy to team up and pool resources. They're just sharpening the edge pointing at yourself. It really is a dangerous game to play.
I know red teaming is harder than blue teaming, but I really believe that the NSA's primary objective should be defense rather than offense. Especially as we're talking about the modern era of LLMs which will be used to convincingly sound like humans and influence people at mass scale, defense just becomes even more important. The mice are running wild and our cat is too fat and lazy to catch them. That was fine when we were ahead of everyone else, but now that they've caught up our cat needs to get off its lazy ass and do its job.
> anonymous cash transactions => ???
This was actually the first hint that I had that cryptocurrencies were a scam. That people were more interested in flashy than secure (e.g. zcash). I'd love to live in a world with fast anonymous digital _cash_ but I'm not sure that'll happen and not sure it'll be blockchain based.
>It also seems like there’s a tendency to relitigate battles that are lost. I assume the UK had some equivalent to the 90s crypto wars
They didn't, and for what it's worth public opinion is overwhelmingly in favor of the law. I think anyone discussing a British law ought to keep that in mind (https://docs.cdn.yougov.com/68pn2b6b57/NSPCC_OnlineSafetyBil...). Even on the most contentious parts of the bill:
Do you believe it should or should not become a legal requirement for the following to scan messages and posts on their platforms for child sexual abuse?
[Private messaging services]
This should be a legal requirement -> 60; This should not be a legal requirement -> 21; Don’t know -> 18
[Social media sites]
This should be a legal requirement -> 79; This should not be a legal requirement -> 10; Don’t know -> 10
Likewise on E2EE over 70% of respondents agree that ability to access them is warranted. So the framing in the discussion as if this is solely the British government against technologists is completely off, it's also taking a position against the British public.
The problem with all of this is that these poll questions don't leave room to allow people to understand the implications and consequences of taking one of the positions.
Let's say the question was written something like this:
> Do you believe it should or should not become a legal requirement for the following to scan messages and posts on their platforms for child sexual abuse, even if such scanning would also compromise the security and privacy of all law-abiding users of the platform?
I obviously can't say for certain, but I think that 60% and 79% would drop, at least some substantial amount. Even if the "should not" positions wouldn't go up, I think it would muddy the waters enough that many new people would fall into the "don't know" camp.
The problem is that the polling just presents these questions to evoke a "oh, obviously I'd want this, to protect the children!" sort of reaction. The "but think of the children!" thing is almost a joke or cliche at this point, but it is disturbingly effective at shutting off people's critical thinking, causing them to agree with whatever the argument is. On top of that, media reporting around these issues never gives the pro-privacy angle enough consideration. And even when it does, it's usually in small "nerdy" publications that most people don't read. I'm also of the opinion that many people just can't and won't understand, adopting the fallacious "if I've done nothing wrong, I have nothing to hide" position.
The public opinion being in favour of detecting CSAM does not necessarily mean the public opinion is in favour of sending all your photos to GCHQ to check if they're CSAM.
Maybe not, but even the more mild option of Apple/Google doing a local scan of the device, and then secretly sending some sort of result to Apple/Google to take some action, is also pretty awful from a privacy perspective.
Given that according to the last question on that survey the public also overwhelmingly (~90%!) supports holding senior managers personally accountable and punishable by law should firms fail to comply I think it's fair to say they want authorities to have the ability to enforce these measures. The GCHQ has nothing to do with it.
If you ask people "Should CSAM be caught?" they'll say "yes" because, duh.
If you ask people "Should phones scan their files for CSAM?" a good part will say "yes" because it doesn't sound like it affects anyone outside of child pornographers.
If you ask people "Should phones send your photos to GCHQ to check if they're CSAM?" most people will say "no".
If you ask people "Should phones send your photos to GCHQ to check if they're CSAM, and should we send Apple executives to prison if they don't make their phones do this?" most people will still say "no".
> I assume the UK had some equivalent to the 90s crypto wars in the US where attempts to weaken and backdoor crypto by legal means were pretty decisively defeated.
I'm thinking of the fact that GCHQ invented RSA in 1973, four years before Ron Rivest, Adi Shamir and Leonard Adleman publicly described the same system, and only got around to declassifying this in 1997.
There is "RSA" as implemented by GCHQ in 1973, and there is "RSA" as RSA like we generally know it by the three folks that it was named after. There is "DH" as implemented by GCHQ in 1974, and there is "DH" as DH like we generally know by the two folks that it was named after.
The concept "x" as we (generally) know x is what qua means. (Because words can mean and point to potentially many concepts.)
He means DH, as in Diffie Hellman, was not the first approach to key exchange. The difference is that in the UK we did what we usually do: we squandered an amazing innovation and let some other country benefit from it.
Did it really invent RSA, such that there was any actual capability of performing asymmetric encryption or signatures?
I thought it was more like, one guy there had a pretty good idea that it was possible that he wrote about, but never developed it into anything practical.
Am I mistaken, and the whole working system was described?
The "pretty good idea" (Ellis' "non-secret encryption") was published about in 1969. Clifford Cocks found a workable algorithm for it — using prime factorization as the trapdoor function — in 1973. No cryptosystem was ever developed around the idea, by Cocks or GCHQ in general; they just sat on it as a classified secret. Then, in 1977, RSA was independently invented and published as both an algorithm and a full cryptosystem.
I would definitely say that Cocks and RSA both independently discovered what we refer to as the RSA algorithm. We should maybe call it the Cocks–RSA algorithm.
There is no provable claim by GCHQ for any of this. They are professionally liars and deceivers. The first public, peer-reviewed publishers are the ones that get the credit. GCHQ claims are just unproven British government propaganda from people that have agreed on record that they will lie, deceive and hide the truth.
The best part is that the US of A is cool with allowing organizations to encrypt things that should be freely available to the public (OTA broadcast TV & public services radio networks). In the case of OTA broadcast the American taxpayer is being abused by having to deal with corporate America using open airwaves for profit while those same corporations hoover up all kinds of hand outs in subsidies. Yet when encryption is in the best interest of the American citizen, and there's no lobbyist in some politicians pocket - well, then... Then it's not acceptable because: enter national security / child porn / drugs as an inarguable rationale.
All governments will trend towards tyranny if left unsupervised. Imo western democracies have been entirely subverted by an imaginary left/right conflict, where you end up with exactly the same thing no matter who you elect. The voting population is so completely engrossed with their contempt for either the detestable “left wing” tyrants, or the detestable “right wing” tyrants that they can’t see the side they end up supporting is just as corrupt as the side they hate, and almost identical in every way except rhetoric.
Right/left is not imaginary. Whoever told you that wants you to think it's imaginary, so you won't bother to oppose them, because you think the opposition to them is just as bad as they are.
Political thought is a high-dimensional space. Many of those are correlated along an axis that people call right/left.
When someone says that right/left is imaginary, what they are often really saying is that they prioritize dimensions in that space that are not strongly correlated with the right/left axis.
Or they’ve observed that policy changes after a change in government are less extreme than they hoped and chalk that up to corruption or insincerity rather than checks and balances in an adversarial system.
Tribalism being what it is, people can mistake the forest for the trees and think that the convenient shorthand we have for a correlated set of values is more strongly defined (more “real”) than it actually is.
It’s imaginary in the sense that no matter who wins an election, you’re going to end up with substantially the same government every time. If you’re so concerned with political tribalism that you can’t see how utterly corrupt your own team is, then you’ve simply fallen for the distraction.
That's because government is a collection of institutions, the administration of the executive branch inherits them and has only limited ability to restructure them without legislative assistance (speaking about the US here, terms vary depending on the country and governance structure).
No. Bureaucracies are instituted by the legislative branch which chooses to delegate governmental powers (eg rulemaking) to them for the sake of efficiency, usually under the direct or indirect supervision of the executive branch. They don't spring into existence fully formed, and while professional bureaucrats certainly feather their nests and try to grow their empires, legislators are ultimately responsible. Many of them like using public institutions as straw opponents to impress the credulous.
Unelected bureaucracies absolutely dilute the efficiency of democracy, some times grinding it to an absolute halt. If this weren’t true then you’d never see disputes between bureaucrats and elected executives, but you do see that, all over the world. Some commonwealth countries have it even worse, where certain government institutions are accountable only to the king, rather than any elected executive authority.
In some ways yes, in other ways no. If Hillary had won in 2016 the USA would still be a capitalist dystopia, but it would be a capitalist dystopia where women and transgender people had rights, and inflation would be slightly lower as most capitalists aren't as brazen as Trump when he publicly threatened to fire the Fed chair if interest rates didn't come down. If Trump won in 2020 most of the bad political things happening in Florida would be happening to the whole country.
What rights do these people not have that others do? Rights belong to all individuals.
> and inflation would be slightly lower as most capitalists aren't as brazen as Trump when he publicly threatened to fire the Fed chair if interest rates didn't come down. If Trump won in 2020 most of the bad political things happening in Florida would be happening to the whole country.
It's hard to say. Tump loved to sirens, and I am no fan of that, but inflation has been coming since Clinton left office. I find it unlikely that Hilary would have reduced the deficit, especially given the unconstitutional business closure orders that many states enacted, which PPP and enhanced unemployment sought to make condition via addressing 5A, but which utterly failed at doing so imo.
Its really quite surprising just how many American issues come down to this. Much of the identity-politics driven discussion of late can really just be boiled down to liberal vs conservative / right vs left.
I have noticed that people who are steadfast in positions and don't listen to reason and subscribe to 'identity' politics on both the left and right differ mainly in where they were raised and by who raised them. The Berkeley folk who mandate it illegal to burn wood in your own fireplace have more in common with people who think trans people should be forced to live as the gender defined at birth than they do with people who think we should listen to each other reasonably and have empathy.
The problem is that when one set of people get weaponized by folks who are legitimately nefarious and or criminally stupid and mentally ill, there is not no moral stance which is effectively 'I don't like some people on one side so I will let the demonstrably dangerous people take the power and do what they want'.
Do you have a solution to this? Because otherwise giving 'both sides are just as bad' speech is borderline negligent.
But if I don't have any alternatives, I'd much rather have the "you can't burn wood in your fireplace" people in charge than the "force people to live as the gender assigned at birth" people.
One of those people is pushing policy that ultimately saves the human race from making the planet uninhabitable, while the other is imposing their small-minded religious worldview on people who have nothing to do with them.
And this is the thing that bothers me so much with the "both sides are just as bad" argument. Yes, agreed, they are, when it comes to listening to each other with empathy. I totally get that frustration, and I'm sick of the left/right culture war; both sides are to blame for perpetuating it.
Further, I think it's unfair to say that these two groups have more in common with each other than people who can listen with empathy; you're just comparing two unrelated axes of commonality.
I was straining to think of a good example of the 'left-wing authoritarian' but I have definitely experienced it, and apart the location of birth they are the same exact people who are just as intolerant on right.
On aggregate all humans operate pretty much the same everywhere in the way they think and operate -- the only difference is experiences and culture. That was the the point I was making -- we are never going to be rid of the people responsible for throwing wrenches in the political works.
Tangent: I think the only way this gets fixed is by putting a benevolent AI in charge of everything.
The example of "left-wing authoritarian" is all the so-called "communist" countries of the past century. USSR, China, North Korea.
The problem, of course, is that none of them were actually left-wing. They were all just bog-standard dictatorships, using left-wing-ism as their excuse to maintain power, but not actually doing left-wing-ism.
Going back to the trans example, the attempts of Canada to pass compelled speech laws (and Michigan may have tried this recently too) would fall under left wing authoritarian practices imo.
I think that's demonstrably false. I don't have much experience or knowledge of politics outside the US, so I can only speak to US politics.
The American right and left are very different when it comes to policy platform, and electing one or the other actually does have a measurable difference on what ends up happening to people in the country. This is especially true when we consider minority groups.
I agree that both sides are mainly interested in consolidating power and increasing the scope of government's oversight of people's lives. But even if I use your terminology, the "left wing tyrants" and "right wing tyrants", if one or the other were given complete control of the country... well, the country would look very different after some time, depending on which side were given control.
> But even if I use your terminology, the "left wing tyrants" and "right wing tyrants", if one or the other were given complete control of the country... well, the country would look very different after some time, depending on which side were given control.
Well this is actually demonstrably false. Biden currently has the house and the senate, Trump has the house, the senate and the Supreme Court, Obama had the house and the senate… The rhetoric between these two sides is substantially different, but the governments they produce are very similar. They implement some token fraction of the policy platform they were elected on, and otherwise just plow through the same old policy agenda every time. Who’s opposing this Tory Online Safety bill in the UK? Technically Labour is, but only because they think it doesn’t go far enough…
In US, "having" the Senate has been mostly meaningless since filibuster became a standard feature of every vote. And without a filibuster-proof majority in the Senate you really can't do all that much regardless of the platform. Not only that, but the issues that are most prominent in the rhetoric tend to be the more polarizing ones (which should come as no surprise, since that's exactly the kind of stuff that rallies "your" voters to the polls), and thus are the least probable to actually push through by getting votes from a few defectors on the other side.
No he doesn't, the Republicans hold the House. And while a bare majority is sufficient to pass legislation in the House, the Senate has this quasi-official filibuster nonsense which means it's hard to get a lot of things done without a supermajority. Additionally, any legislative change is typically immediately dragged into court which can slow down implementation for several years.
Wire-tapping didn't happen automatically. A judge had to authorise it during an active criminal investigation. Client side scanning would be equivalent to wire-tapping everyone at all times. This was something even totalitarian regimes could not do.
Well yes, they do. Encryption is a real issue for the mandate of a government, and also a real solution for other parts of the mandate of a government.
It's not like we (as the broad community) are engaging with empathy. Even if there is maybe no great solution to the whole dilemma, it would help the entire thing, if we stopped camping on one side so entirely.
Her television interview with the former(?) minister responsible for this abomination of a law was urgent and necessary. These legislators know what they are doing, and that it is unethical. Let Signal leave the UK market. If the people want freedom, let them take it themselves. Perhaps before this generation of young men are rounded up for another one of history's meat grinders in Ukraine, as a means to further reduce domestic resistance to the new agenda.
What new words can be written that would suddenly enlighten the managers of that government and deter it from its course of fully atomizing its citizens? I'd suggest the greatest service Signal could do for the people of the UK is to suspend operations in the market preemptively. Turn into the torpedo. The thing about totalitarianism is that the longer people believe they are safe from it, the deeper its roots dig in.
Your insinuation that the UK will implement a Ukraine war draft in order to advance a totalitarian agenda is weird, unnecessarily conspiratorial, and dilutes your point.
I encourage you to make one point and to make it well.
I had defense readiness classes in high school back when there was still debate in my country whether to phase out conscription (which eventually happened) and our teacher, a retired colonel(who was against phasing it out), told us one thing that stuck with me:
Conscripts are only good for defense - they know the area and the local language/customs. Additionally, they stand to lose their friends, family and possessions, so they're motivated to do something about that.
I don't think you understand anything about the British system if you think that "removing laws from the books" matters at all.
As demonstrated by COVID regulations in emergency the law can be changed very quickly.
Modern armies (like NATO members) have really got very little to gain by conscription. Being a modern soldier has very little to do with being cannon fodder.
Modern warfare against insurgents, where CNN broadcasts the night vision green victory footage.
Unfortunately, in Ukraine both sides are cannon fodder again because modern anti air defenses are so good that the fighting relies on 155mm howitzers again. Which NATO has just run out of and has no capacity to manufacture in sufficient quantities.
> Unfortunately, in Ukraine both sides are cannon fodder again because modern anti air defenses are so good that the fighting relies on 155mm howitzers again. Which NATO has just run out of and has no capacity to manufacture in sufficient quantities.
To be fair it appears that Russia is using 10x more shells then they manufacture in a year so once they run out of their old soviet stock pile things will go south for them.
> has no capacity to manufacture in sufficient quantities.
That’s scary. If 31 countries cant get their act together to manufacture basic weapons then we are in no better shape than russia. Should they win the war in ukraine and decide to attack other countries we’d be caught with our pants down.
Russia constantly shares footage of their Ka-52 helicopters striking land vehicles, so clearly air vehicles are still able to operate in important areas.
I don't think the point was that it is or should be taboo to talk about the possibility that conscription laws would be used, just that the particular context in which it's been brought up makes it weird. It sounds like fringy conspiratorial silliness, especially considering the utter lack of any evidence that western countries are considering actual combat operations in Ukraine. Or maybe a bit of propaganda.
It's reasonable for people who want to seriously address the very real and legitimate problems with this kind of "wiretap" legislation to not want extraneous issues derailing the discussion, as having their concerns conflated with more conspiratorial-sounding ones makes them far easier to dismiss.
I wish you were aware how the thing that you just wrote reads from someone else's perspective.
Anyway, it would be nice if you were open to actually propose some points that support your theories, rather than making a long-winded case about that people know nothing.
You mentioning that:
> end state of totalitarian movements requires a liquidation mechanism via war.
isn't such a point, because it leaves the readers to guess why would you think so. For me, at best, I can assume you say so because it happened historically, but neither you say that, nor does an argument from history make for a really good one.
Wrong. This was a Wendys. It is now a public forum. En garde!
Besides which, if you get to use it for poetry readings, I reserve the right to air my polemic before you commit your war crime on literature everywhere.
The MP, Damian Collins, "who formerly served as a junior Minister for Tech and the Digital Economy in the Department for Digital, Culture, Media and Sport":
Thanks very much for posting that interview. I thought it was good (and honestly impressed that it was quite respectful communication all the way around, as opposed to so often what I see as "debates" on TV), but I admit I got super frustrated to the point I could only watch half of it because nobody wanted to clearly admit to the other side's quite obvious point.
I think the Signal president was making great points, but she definitely was avoiding a clear response when asked about "If people are sharing CSAM on your platform, you wouldn't know about it, correct?" and "If people are violating your ToS, how would you enforce that?"
Obviously, the clearest direct answer is "Correct, we would have no way of knowing what content is being shared on our service." She complained about "circling the drain on the issue", but the reason they were circling is that she didn't want to say that sentence. And I get it, in today's day and age news organizations love to take a quote out of context and make it the headline ("Signal president admits they can't enforce their ToS against illegal material!!")
But debates like this are a waste of time when both sides refuse to admit the obvious implications of the other side's points:
1. The Signal president was making very clear there is no "halfway" encryption, that it either works or it doesn't, and the bill required a back door. The government minister was pretending and talking loads of BS about what "options the regulator has", even while conceding the point that you can't have a backdoor that only "the good guys" can use. What an exercise in cognitive dissonance.
2. The Signal president obviously knew "Yes, people can share CSAM on our service and we can't directly know about that content", but (and I think for good reasons) didn't want to say that obvious point out loud.
This debate would make more sense if both sides would just admit there is no "halfway compromise" to this issue. I agree with another comment that Apple really fucked up by thinking their "fingerprinting" approach was technically viable, and that somewhat poisoned the well in this debate.
The marketing around this issue is problematic and it's keeping people from clearly discussing the issues. The authors of the UK bill chose to focus on CSAM _specifically_ so that they could hamstring the debate. That so much of the interview focused on "terms of service", generally understood to be something so technical that most people don't even read them and likely unenforceable in court should be a warning sign to us all.
I believe Meredith Wittaker was correct to avoid addressing the Signal TOS and how it is implemented. This would open the door to the whole "client-side CSAM scanning" (chat control) discussion which would be even more tedious.
You've said it yourself why they wouldn't want to say those things, and yet you expected them to say them. Forcing your opponent to say things that will be cherry picked by the media is a common tactic, and one very hard to defend yourself against.
Yes, I agree it would have been best if they had just agreed on some compromise to the matter. I don't believe they ever would, though.
Obviously the concern is an escalation of that war which pulls NATO into the conflict fully. I don't believe that's a likely scenario, but being deliberately obtuse isn't the right way address that somebody expressing that concern.
The argument that was made (and that was not central to the post at all, despite everyone jumping on it) is the slow erosion of freedoms that may lead to less restraint also in foreign affairs.
UK politicians have been periodically demanding NATO engagement, though this one is from 2022:
With the recent board changes in Signal (Katherine Maher and other people highly associated with the government of the USA) it is reasonable to assume that it compromised in some way. The UK probably recognizes this and wants to make it a little bit harder for US diplomats to evade interception. Meanwhile France and Germany will use Element Matrix.
Nice hyperbole. Western monarchs have no real political power. They're just figureheads whose wealth is continually financed by the state. Which is stupid, but they're not rulers of anything other than their own lavish properties.
The monarch cannot lawfully overrule parliament. The monarch is entitled to review legislation and express an opinion, but they must act on the advice of parliament.
There’s a number of UK laws with odd carve-outs for the royal family. A notable one is the Equality Act where there is a carve-out that allows the Royal family to discriminate with its hiring practices in a way that would be illegal for any other organisation.
I don’t think there are any examples of significant changes to provisional laws, but certainly tweaks to make sure the royal family doesn’t have to keep with the times.
Oh, sure - that I’d believe. The royal family has historically been the prototype for “above the law.”
But I meant I wasn’t aware of any cases in which (in our lifetimes or relatively recently) the royal family had put their thumb on the scale of a law and had it modified in a way that changed it for the general citizenry of the UK.
You missed my point - on any of these 1000 or more, did they change anything or stop them? If not, then it’s largely just procedural, at least in effect.
> The Queen successfully lobbied the government to change a draft law in order to conceal her “embarrassing” private wealth from the public, according to documents discovered by the Guardian.
Well as far as political systems go, Switzerland seems the gold standard from what I've read. And if you can deal with the cold then the Nordic nations seem pretty good, particularly Iceland. As for general day to day, I quite like the look of the laidback Mediterranean countries and la dolce vita rather than whatever the fuck the UK is about nowadays.
Switzerland is impossibly expensive, and immensely bureaucratic. The Nordic nations are lovely but so cold. Iceland is one of my favorite countries ever. But I could never live there.
> Switzerland is impossibly expensive, and immensely bureaucratic.
Expensive yes but their system of government is absolutely superb.
> Switzerland's voting system is unique among modern democratic nations in that Switzerland practices direct democracy in parallel with representative democracy, which is why the Swiss system is known as a semi-direct democracy.[2] Direct democracy allows any citizen to challenge any law approved by the parliament or, at any time, propose a modification of the federal Constitution.
I fail to understand what the uk is trying to achieve with its current ubiquitous surveillance. Crime in london is rampant, theft is nearly decriminalised in some areas, and now they want to monitor what people do on the internet? Other than docile tax payers what other potential goal is there? Services are steadily degrading, cost of living is out of control, quality of life dropping. Do they just want obedience, and apathetic population and nothing else?
Brexit means that doing business with the UK is suddenly much more complex and expensive. Mandatory backdoors would break many products, and then products which rely on those products. The UK has 67 million people, or just under 1% of the world.
What's cheaper:
- Compliance (especially with unethical laws like this one); or
- Dumping 1% of your customers?
The flip side is that if I'm opening up a branch somewhere, will I do it somewhere where:
- A bunch of my tools don't work, and I need to jump through a whole bunch of hoops? or
- Just over the canal in France, across the Pacific in the US, or better yet, a little further over in some place like Czechia?
As with many isolationist regimes, England is also among the most despised countries in the world. Ever seen the Clockwork Orange? England has done some nasty shit to a lot of people around the world. It has no shortage of enemies, but it seems to be isolating itself from its former friends....
I'm waiting to see how this whole thing plays out, but I'm not bullish on the UK. If things go the way I think, I'd feel bad for Scotland. They'll have zero percent of the fault, and fully share in the consequences.
Issue though is that France seems to be taking a similarly dystopian route in terms of privacy and surveillance.
And it’s not just the thought that a rogue government or police employee can access anyone’s device, nor that criminals can use the same holes to steal data, it’s the idea that we are laying out all the infrastructure needed for an authoritarian regime to control the population. Don't get me wrong, the former two are extremely worrying but the latter is beyond extreme.
It’s as if we are collectively building turn key infrastructure for an authoritarian regime.
Essentially, once the infrastructure is in place, all you need is the right political climate and the wrong person in the right place.
They wouldn't need to spend decades building a future stasi or gestapo. All they need is to adjust parameters and fine tune laws. And with europe being the powder keg it is that scenario is not as far fetched as one might think.
> I'm waiting to see how this whole thing plays out, but I'm not bullish on the UK.
On this front, the way i see it, the uk might eventually split, with England becoming a bit like the Netherlands, or perhaps Austria. A bitter former colonial power, developed, but irrelevant on the global scene. Bullying a developing country here and there, trying to maintain the image, but eventually overtaken.
An alternative is to try and force a conflict where the uk somehow ends on top - particularly since europe needs a viable alternative to germany. But hard to pull through by a country where eggs are still rationed.
If things go the way I think, I'd feel bad for Scotland. They'll have zero percent of the fault, and fully share in the consequences.
Why feel bad for folks in Scotland in particular? Why not for the folks in London (a larger, more geographically concentrated group, which also voted to remain)?
I don't like guilt-by-association, but here's a short list of things the folks in Scotland didn't do:
- Genocide against the people who lived in America
- Bring India to its knees, from one of the richest to one of the most impoverished nations in the world
- Addict China to opium
- Irish potato famine
I'd talk about Africa, but that's a lot more diverse. A lot of England's current wealth came by theft, rape, and murder. If you're living in London, both your social infrastructure and your housing prices are powered by blood money from the British Empire. If you moved to London from Algeria (and I intentionally picked a non-British colony), your children are benefiting from schools funded by interest on investments from blood.
From a policy perspective, things get very nuanced. I'd like to right historical wrongs, but I don't feel good about guilt-by-descent. If your grandparents did something bad, that shouldn't count against you. If you have stolen money and goods, they should be returned. On the other hand, simply living in London shouldn't lead to any policy consequences (and things get especially complex with e.g. Indian or African immigrants, escaping parts of the world devastated by the British).
But I wasn't talking about policy, but whom I'd feel bad for. From an emotional perspective, things are simpler:
- English museums have relics plundered from India, Nigeria, etc.
- They believe they have a moral right to other culture's most prized relics, and won't return them.
Scotland was never imperial, and has had a mixed history with England.
And building even more on the emotional component, I haven't been there a lot, but the way I was treated in Scotland was very different from how I was treated in England. I have wonderful memories from one of those visits, and bad memories from the other. As much as I've only been there briefly, I just really /like/ Scotland.
I read somewhere that more than 50% of London population is immigrants. The immigrants bear no guilt for what English people did in the past, if they live in a house built with money coming from colonialism, they paid money for that, did not get it for free.
English people shouldn't bear guilt for it either. They should learn about it for sure, it's history.
But why people think it's okay to hold the current generation responsible for things previous generations (in this case quite far back) did is just juvenile.
Here's a short list of things the current citizens of England didn't do:
- Genocide against the people who lived in America
- Bring India to its knees, from one of the richest to one of the most impoverished nations in the world
- Addict China to opium
- Irish potato famine
Furthermore, the narrative that Scotland is subservient to England, and not equally complicit in the historical crimes of the *union of England and Scotland* is misleading. The 1707 Acts of Union [1] were introduced by both nations.
- Your father became rich as an inventor, creating wonderful gadgets which improved the world
- My father was a warlord
- My father murdered your father, and stole $1M from him;
- invested it; and as a result
- my family now has $1B
- your family is deeply in poverty
You're poor, uneducated, and hungry. I'm at Harvard, have a trust fund, and in connected political circles. I haven't done anything wrong myself, but I did inherit blood money.
What should happen?
It's not obvious.
Great-great-grandfather?
On the Scotland point, all I can say is that it's more complicated than you present. I did NOT present a narrative of either Scotland as subservient to England, and my exact phrasing was that it has a "mixed history with England." I stand by that. I don't think "equally complicit" is any more accurate than "subservient." The last Scottish independence vote was a 45/55 split.
As for "current citizens," you can look up more recent colonial issues, like the Mau Mau Rebellion.
When people describe the UK situation like these, they are cancelled, downvoted to hell and called right wing extremists. I am positively surprised you were not downvoted or flagged.
What is UK trying to achieve? To maintain, as much as possible, a pretty controlling state in power. It is a country with no free speech, no significant human rights of any sort, population is at the mercy of the govern and they want to keep it that way. Apps like Signal give people some free speech - you cannot publicly say what you want to say, but at least you can say it to others without being cancelled or arrested for opinions that are not liked by the govern.
I don't know about other people but i have no agenda. I am neither right nor left (perhaps this is one of the topics where the two sides can find common ground). I support anyone on either side as long as they deliver good policy, the kind that improves people’s lives, maintains a stable economy, looks after workers and businesses with sensible balance, doesnt ostracise groups of people based on their religion, race, gender, and other irrelevant traits. I also support good policing that respects people. And i am genuinely worried that we are straying further away from these. Perhaps some people feel the same way and thats why they dont downvote my comment.
This is the lasting legacy of Apple’s CSAM photo scanning debacle. Apple mainstreamed the concept, demoed the dystopian tool, and legitimized the discourse of this dystopian insanity.
Apple executives should be ashamed of their direct role in this.
The idea of pervasive spying has been around forever. The want, and why. Apple mainstreamed, normalized the discourse, and demoed the concept of pre-scanning in the face of E2E. Apple provided the answer for the how.
Apple tried to come up with a method to still do e2e and also scan for CSAM, a noble goal if grossly flawed. It blew up in their face so they did the right thing and canned it.
Before that this sort of legislation was just straight asking for a skeleton key or a ban on e2e, many laws still do. Apple trying a thing and failing didn’t fundamentally change anything because these laws aren’t asking for a specific technology, they’re asking to be able to see all your messages no matter the method. That’s literally the politicians level of understanding “want read read messages”.
If Apple had never thought up the CSAM scanner concept they’d still be pushing to just break the encryption. Hell they may even stumble upon the “well just send us a copy or scan it for all these fingerprints before you encrypt it” concept themselves, it’s not really a tough concept.
HN commenters leave so much context out of the discussion. Google is already scanning photos for CSAM. Meta is already scanning photos for CSAM. Dropbox, OneDrive... EVERY storage provider is scanning your photos for CSAM. And yet confusingly you only complain about Apple.
It's amazing how many times this has to be repeated. Meta/Google/DropBox can scan to their hearts content on their own machines. They own their machines, they can do whatever they want with them. Apple normalized the notion of having your own hardware spy on you at the government's behest.
Dropbox scans your images in the cloud for CSAM.
Google scans your images in the cloud for CSAM.
Meta scans your images in the cloud for CSAM.
Microsoft scans your images in the cloud for CSAM.
Apple did not (and still does not) scan your images in the cloud for CSAM.
Notice anything different here? The privacy company wanted to do what everyone else was already doing in a privacy-preserving way. They made a press release about it, and everyone got mad. But the same people are just fine using Google and MSFT which actively scans their data for the same images?
I seriously do not understand your logic behind this.
This argument is over. The 'screeching minority' convinced Apple that the 'privacy-preserving' nonsense was nonsense. I don't know why you are so desperate to cling to such a bad idea that its main proponent, Apple, decided it was indeed bad. It's like trying to be holier than the pope.
Perverts will distribute this content on those or other platforms pre-encrypted and we all will be left with mass surveillance and state control. Cool. It is sad that so many people still don't understand that this surveillance won't solve anything and is just net negative for everyone. :( Soon West will become China-like totalitarian countries.
This has been a fight going back to the 90s at least when consumers first got their hands on high-grade encryption and the US government tried to backdoor it. It failed. And it has consistently failed whenever the alphabets try to bring it back up here.
I'm assuming the Brits just don't care as much about privacy.
Who persuades politicians it’s a good idea for the security services to be able to scan all their messages? I am absolutely certain that the politicians have absolutely no clue what they’re being asked to implement.
In practice, they often use the same services as everybody else, even for official business that they're not supposed to use them for. Sometimes they do that to intentionally try to get around archiving and transparency rules. Other times they do it because they're clueless and/or lazy.
Those services don't know that an account belongs to a politician or that they're using it for exempt purposes.
Politicians are ALWAYS getting nailed by leaks from various computer-based communication systems that they use. Most of them don't seem to be able to get their heads around how any of this work.
The sad thing is that if any hacker was to show to the politicians what their actions entail, the hacker would get branded a criminal, and the politician's ratings would go up.
Oh, politicians' messages won't be scanned. They'll make sure of that. Only the peons will have their messages scanned.
The French law that makes it legal for the government to hack your phone has a bunch of exceptions so it's not legal for the government to hack important people's phones.
Most of them are what the majority of non-politicians would consider “evil”.
Those who go into that profession are longing to control other people by means of the monopoly of violence that the government has.
That MP in the interview is what happens when you give the power to knock down doors and arrest people to somone who likes to get into argument about ethics with people in the news site comment section.
I find it interesting they ask for these abilities when I suspect GCHQ is in and out of everyone’s phones if they want to be - certainly the idea Boris’s messages can’t be found is laughable. I am surprised they haven’t set up any security focused messaging apps that operate as honeypots for the monitoring of criminality…
Goodness, I hate to be this guy, but do these petitions ever actually help? I can’t think of one that I’ve followed up to the debate that has been successful in anything except getting a solid “no” from the sitting government.
Direct action, enough to be villainised by the media, seems to be the only way that politicians will actually listen — though even then its a massive uphill struggle.
American here, but I feel the same way. I live in California, and I'm left-leaning, but I feel like I have no voice. This state -- and my city -- have so many problems, but I don't feel like I have any effect on the politicians who are failing to solve them.
And that's bad enough without getting into how powerless I feel to affect anything at a national level.
For the past few decades, Americans, and especially college-educated professionals, have been sold a distorted view of politics that essentially amounts to watching sports.
Most of us have never seen a working example of democracy. We have just sort of tacitly accepted a kind of benevolent dictatorship in most institutions, from our workplace to open-source (and please correct me if I'm wrong here, I know that there is a kind of democracy in forking and collaboration, but as I understand it, voting democracy isn't really found anywhere.)
I was just watching Car 54 where are you? the other night, and in it, you can see the members of a fictional police union voting on absolutely everything, from union dues, to where to host the christmas dinner. People voted, made speeches, and ran for office, and all of this within like a tiny local. This kind of general participatory democracy seems as quaint as the black and white film it's played on.
My advice to you is to join something. There's a number of civics activists trying to push for some local issue, like transit, or housing, or raising funds for a local hospital; all else failing, you could always volunteer for your local party and get to know the candidate. It's a really good salve to that feeling of general powerlessness.
Then, instead of feeling powerless, you'll know you're mostly powerless, but at the very least, you won't be alone.
The Tories have been in power since the year before I could vote.
I’m not 100% on the same page as Labour by any stretch, but I’m yet to experience government as an adult that isn’t in total opposition to almost all the values I hold.
I was a teenager from a poor working class family then, I’m now a homeowner earning a comfortable wage. I still think they’re dishonest, self-serving cretins.
In the Netherlands, a petition was required to force a national referendum. Online or offline doesn't matter. You needed to reach some percentage of the Dutch population in signatures, I'm not sure about the exact number, but they did and we had a referendum on mass surveillance and people voted against.
That's when the government decided these things are kind of a nuisance and abolished the whole concept of referenda, even advisory as they were
I love the ruling party
But anyway petitions aren't necessarily useless, also for media attention on a topic if it goes well
It’s good that Whittaker is taking a stand, but it would be nice to not have to take her word for it. Reproducible builds would help, but I don’t think we have those on iOS yet?:
> “I think what has happened over the you know, handful of decades in which the surveillance business model has interpolated our core infrastructure — to the point that we’re surveilled in to an extent we don’t have a sense of — is that that choice has been made for us,” Whittaker said.
This is an honest question: did she mean to say "infiltrated", or is this usage of "interpolated" a valid one that I just don't understand? I expected a [sic] or an edit from the article.
That’s a less common meaning of the word interpolated, meaning to change, usually with the connotation of corrupting. Typically I see it used to describe text, but it makes sense here too.
The water flowed under this bridge 20 years ago. This whole discussion seems like it’s happening in the wrong decade.
The issue now is that it’s so easy to collect circumstantial information that is constantly leaked by GPS-enabled apps, searches, card purchases, clicks, cell phone tower data, etc. that governments don’t really need the actual contents of messages any more.
I’m still glad Signal exists, but it’s part of a very complex world of privacy and not magical armor.
I wore a "this t-shirt is a munition" tee back in the day. With a quarter century of hindsight, I think encryption as a privacy tool may not have been a solution, but a sedative that prevented the smartest people from seeing how bad things really were and applying their courage to those problems.
All this stuff is really convenient. Would we have really said “no” to turn-by-turn navigation? Avoided online purchases? Used cash for most of our transactions? Printed things out so we don’t use the internet while outside?
You could have recognized that if you even think you need Tor and Signal to protect yourself from your own government, you need to organize politically to install representatives who ensure you don't think you need those things.
We overlook that young people with tech jobs in the 90's humiliated a lot of their peers, ones who went on to pursue messy politcal careers instead of business ones. Those peers learned to hate the knowledge that gave a lot of economic advantages to tech people, and the principles we ultimately used to morally justify it. Privacy, freedom, and anonymity separated us from the all against all power game of elite competition that ran on gossip, compromise, narrative, and mainly a lot of guile.
As art, I think the season five finale of Rick & Morty captured the dynamic pretty well, where Sanchez represents the freedom and security of competence and technology that, more concretely, allowed a lot of genX to disengage from the messy political game represented as the family life of people who didn't have the benefits those skills conferred. While he shares them, in the world of the story, they are still always his.
The evil Morty character is a millenial child politician who believes he can have all those benefits for himself immediately and today instead of waiting to develop and inherit them with time - if he just decieves and betrays Sanchez and destroys the world in which his story (history, get it) represents the ideal he has to live up to to recieve them. Evil Morty the politician doesn't want to be a steward, he wants to be his own god becase the one his grandfather represents is humiliating to him.
Where we are now is that we have these politicains who are actuated by the shame of their impostor syndromes and their envy of the true popular desire that the products of competence provide. These X'ers can't get a 100 person rally going, but some hacker in a basement can do some magic and suddenly actuate the desire of billions like some kind of rockstar without the gatekeepers.
That's what this legislation is about. It's the coup de grace by a resentful pretender elite who have been taken in by people older and much more dangerous than they could ever have percieved.
To be blunt, I don't think the majority of the populace actually want those things, or at least don't mind the current state of affairs. And then it doesn't matter how much you politically organize - a superminority in a democracy doesn't get much say either way. OTOH if you evolve the tools, they keep working regardless of what the law says (even if the law specifically prohibits such tools).
I think most people do care, but when you have no option to change it what do you do? I don’t think most people care enough to contact their local politicians. If their friends are using app X they resign themselves to doing the same and compromising because you either accept app X’s terms or you don’t use it.
I think that's an over analysis. Sweeping statements about how each generation thinks sound a bit daft. I don't think UK politicians have any shame or envy.
This legislation comes from politicians believing that the general populace would vote for a government that places catching criminals over having e2e encryption. I doubt those legislating have a grand surveillance of the masses plan, or much in the way of philosophical thought at all. Now we're trying to convey to the general public that will be the consequence one way or another even if it's not the intent.
I think the problem is a pretty old one: you can't use technology to solve social problems. Encryption as a tool is great for some particular kinds of privacy, but using encryption to "fix" privacy was misguided from the start. Privacy is a policy problem; we need laws on the books that prevent both governments and companies from collecting and using data about us.
Rules like the US Constitution's 4th amendment, and laws like the GDPR (and to some extent, CCPA/CPRA) aim to do that, but neither goes anywhere near far enough. 4A often gets interpreted narrowly by US courts, to the benefit of law enforcement. And the GDPR enforcement mechanisms are far too clunky and -- at least from what I've seen so far -- don't work particularly well. Not to mention that, for it to be truly effective globally, the US would need a federal-level law to match it.
Encryption alone doesn't matter. If your social and political climate is not oriented toward privacy, your privacy tools can simply be made illegal.
In some ways the faithful seeking the grail of "encryption" which will protect them from the Evil mirrors the belief of earlier generations that a Constitution is enough on its own.
Nothing is meaningful without the physical and social power to enforce it. When you have that then even the absurd becomes reality and common sense.
I'm still banking on the hope that governments incompetence at dealing with other issues transfers to this one and delays it long enough for someone with some sense to come into office and rip it up. You'd hope that they'd at least try to deal with the cost of living crisis and the war in Ukraine first.
Then again, Labour and almost all the major opposition parties have been quiet on this, not really doing the job of opposition, so even with that delay I'm not sure how much will change.
No. Signal is not the solution. The position that they are taking publicly in this dispute with the UK vassal state is correct on the face of it. But they now have some people on their board that raise red flags for anyone interested in privacy: https://news.ycombinator.com/item?id=36346396
Do not let the perfect be the enemy of the good. Unless you have a well-known, more powerful alternative organization that we can donate to, this is the solution for right now.
It's a strange thing, today's world. There exists, right now, a realized panopticon in suspension. The only reason we don't have one is that we don't want one.
Sometimes I think that politicians wait for a time when weighty things are on the table to erode our rights. Who is going to be a one-issue voter for something barely understood? And yet, in terms of governance, what issue is more important than this?
> Sometimes I think that politicians wait for a time when weighty things are on the table to erode our rights.
The USA PATRIOT act was pretty much written and ready to go when the 9/11 attacks occurred, and would have been impassable without some sort of disaster. Politicians absolutely are prepared to take advantage of opportunities, including to erode civil liberties if that’s their bent.
Briar is really good. Not only can it route over actual Tor (the default!), it can also be distributed, installed, and even used _completely_ offline^1. I'm genuinely impressed by the ingenuity and flexibility of this little marvel of an app. My only complaints are that it doesn't support sending arbitrary files, it can't route via the normal internet, and the UX is a bit "off" (e.g. read checkmarks don't have the semantics of their whatsapp counterpart despite looking the same).
Whether it's natural disasters, wars, or just plain old internet , I bet many people will be extremely glad to know this app exists.
[1]: It gives you an option to start a local server to share the app via hotspot and maybe bluetooth (not sure about this one). Accounts are created locally and are completely decentralized. Messages can be routed via local networks, bluetooth, and/or even carrier pigeons (via usb/sd cards).
Presumably that it won't appear in the Apple App Store or Google Play?
Presumably that's more of an issue for the iOS ecosystem... But for android you just switch from using play to FDroid or an APK, right?
I presume a sufficiently irked UK wouldn't be able to do anything more, as Signal already as ways of circumventing traffic blocking within specific states?
Doesn't this just stop less motivated or technical folk getting signal... But for anyone motivated, or with nefarious intent, I don't see how this prevents anything the bill targets as a harm.
It's more symbolic than anything else. The Signal folks don't really care how effective this action would be. Sure, they can pull the app from the app stores for the UK region, disable any accounts registered with a UK phone number and/or block connection attempts from UK IP addresses. Some people will work around it, but many won't have the technical know-how to do so. The end result that's important, though, is that the Signal Foundation will be able to announce "due to anti-privacy laws enacted in the UK, Signal can no longer provide service in the UK".
I don't think it's as frivolous as you're making it out to be. By restricting the legitimate availability of the software it limits the use of it by entities more accountable than the average individual. Companies and governments themselves that use Signal will either be cut off from using the service or swallow the risk of using software they've circumvented controls in order to keep using. The likely result is that suddenly those companies and governments have a tangible motivation to pressure the UK (etc) to knock this shit off. It also sets a precedent for vendors of encryption-dependent software. Imagine if your bank followed suit and pulled out of the UK, arguing that eliminating the reliability and security of online banking would put their customers in danger? All of the above sounds pretty "effective" to me.
Signal could block all UK IP addresses from accessing its messaging server. UK could require ISPs to block access to Signal messaging servers. Both of these are fairly trivial (my understanding is that UK already forces filtering on ISPs for e.g. pornography).
Of course you are correct that anyone motivated and/or technical enough could still access Signal. However, their less motivated/less technical contacts won't be using it any longer.
The government is basically asking the bad actors to self-identify through their continued use of Signal.
Why should Signal block UK IPs anymore so than China IPs, though? If anything, I hope that they have a page on the website specifically for UK users explaining the law and how to break it by installing the .apk directly.
Another reason why those arguing against centralized messaging systems as opposed to de-centralized, federated were correct. Who wants Signal and their US-centric board to decide they can do anything.
If Signal were really sticking it to the UK-vassal state they would be able to continue to provide end-to-end encryption and force their EU aircraft carrier to go through the public, international embarrasment of running their own version of the Great Firewall.
Hasn’t Apple already shown it’s possible to add another party silently to an encrypted exchange?
> Passwords: Users can now create a group to share a set of passwords. Everyone in a group can add and edit passwords to keep them up to date, and since sharing is through iCloud Keychain, it’s end-to-end encrypted.
So there goes the backdoor encryption argument, it’s possible to add another member to a group of people with on device access?
We have to be clear that closed source doesn't imply vulnerabilities. It just means it is hard to check. But we are also talking about one of the most researched devices w.r.t. security. If a backdoor is ever found, boy will there be hell to pay and I'm pretty sure Apple shares will take a really big hit. Especially as they've pivoted their marketing towards privacy.
I wonder if the Signal app would be automatically uninstalled from existing iOS and Android devices?
Hopefully the signal ban will demonstrate to enough people that they don't really own the phone in their pocket - if they don't control what's on it, they are just renting it.
I'll post a comment which will probably not be that popular, I don't trust signal... I'll risk going conspiracy theorist here but to me it's just a govt backed/cia backed alternative to telegram when telegram started gaining heavy ground
- Signal could just ban all UK IP addresses from accessing its messaging servers. Your encrypted messages still pass through servers controlled by Signal, Inc.
- UK government could require ISPs to deny access to Signal's messaging servers.
Of course, one could just use a VPN, set up a VM in a third country and run a Signal Proxy Server, etc.
It was hard enough getting family/friends to download/use Signal, as its UX is sub-par compared to alternatives.
If you start telling them they have to use a VPN, or run a server, etc, that will kill the network effect in UK.
I've also tried to urge the Signal community to develop things like a mesh networking because it can really help prevent such actions. I saw another user suggest an airdrop like functionality as a means to make the mesh networking features "fun" or at least of high value to users. I've given up on that community though and Signal just moves too slow. Moxie argued that they should maintain control because the ecosystem is moving but I'm pretty confident the ecosystem is moving a hell of a lot faster than they are. Realistically it looks like Apple is starting to become a better privacy app, except it isn't cross platform and likely never will be.
Yeah, the "Exit the market" comment had me scratching my head.
I may not be up on how Signal operates now, as I stopped using Signal as my default instant messaging app when they dropped SMS. I maybe use it to send a message every other month now.
However, when I was using it they didn't sell anything. Not even ads. How do you participate in a market if you aren't a buyer or seller? If they are in a market the UK can't threaten them with dollars, and given they aren't based in the UK why do they care what ideas the UK passes?
It would have been nice the if she said what Signal would do if the UK passed the law, but as it stands I don't have a clue what she was on about.
Even just removing it from that country's app store would mean 99% of people who might have used it otherwise won't use it. It doesn't need to be Impossible for the policy to be successful.
The government could deem the measure is for national security. So far, has there been a case against the government in court for “unnecessary national security”?
Leave the UK and never come back. I don't know why more tech companies not do this when a government gets uppity about what it thinks they can and cannot do.
I've always wondered why politicians in America take similar stances (outside of a few like Rand Paul). Even a wild card like Trump should see how unpopular some of these policies are. Are the intelligence agencies really that influential?
The problem is that they aren't as unpopular as you think. Once the government and media trot out the "think of the children" and "law and order" narratives, with a helping of "if you've done nothing wrong, you have nothing to hide", a lot of people support legally mandated broken encryption.
It's a lot harder to explain to the average voter the negative consequences this has on privacy, in a way that will actually make them upset about it. And many mainstream media agencies don't even bother to try.
Maybe before, or in the aftermath of 9/11. But we haven’t seen a major candidate even attempt this since Rand never gets higher than a few percentages. I’d love to ask Obama why this wasn’t the case.
E2E apps and fully encrypted phones prevent the police from executing legitimate search warrants. This has never been the case with traditional communication mechanisms, e.g. phones, mail.
I agree that privacy is important, but it's not absolute, by law. So what we're saying is E2E apps are more important than current law we have, and we want to invalidate the ability of the police to investigate crime.
What about all the in-person conversations. Seems those might be considered just a bit more traditional than phones conversations, and haven't been subject to those same search warrants.
> So what we're saying is E2E apps are more important than current law we have, and we want to invalidate the ability of the police to investigate crime.
>
> How can that make sense?
(*proposed* British online safety legislation)
Let's expand on that then: how can it make sense what humans can have in-person conversations that are not subject to search warrants. These e2e-private-in-person conversations prevent the state from investigating crime.
If police should be able to always access your digital information, would you support the same in the case of non-digital information. Should building codes be updated to require microphones be installed in very room?
If you're not in support of microphones in every room, then please tell me why the conversation between two parties, be they lovers or criminals, should lose it's ability to be private the moment it crosses the internet?
What folks are saying is that requiring a backdoor in encryption for “blessed” individuals is wrong. I can tell from your comment that you trust cops. Not all of us do (at least - not all of us trust all cops) and so we don’t want ANY cops to have a backdoor through EVERY encryption, for fear of what ONE of them may do, or ONE person in their chain of trust may do.
Sounds like we need to change the law to make privacy absolute, which of course will prevent legitimate crime investigations. We can't have it both ways here.
> “You cannot create a back door that only the good guys can go through,”
Alright, technical argument here. This is false and tech talking heads are spreading this lie for ideological reasons.
You don't need to backdoor the protocol, just the specific targeted client.
Now, if Signal said this is unfair because competitors won't also backdoor their app then I am with them. What the UK should probably have done is to force phone makers as opposed to app makers to facilitate a backdoor.
Signal can scan messages before encryption and report to the authorities just fine. Whatever the UK government desires, Signal should accept it as the will of the UK people, especially given that politicians' stance on this has been public and endured election cycles.
I do get their stance, people will stop using them if they cave in and the UK gov should know that as well.
I don't know UK law but dragnet surveillance is illegal in the US but targeted warrantful requests to backdoor apps is lawful.
> You don't need to backdoor the protocol, just the specific targeted client.
Distinction without a difference. Either way, the total system is delivering the same plaintext to the same third parties.
On edit: and, just to be clear, they want the apps to scan for specific hashes from a master list, and/or apply ML to find "suspicious" material that's NOT in any lists, on EVERY client, not just "targeted" ones. That's true for the UK "Online Safety Bill", for the EU "chat control" or "anti-CSA" proposal, and in fact for the practical effect they're trying to get in the US with the "Earn It Act", "Stop CSAM Act", and to some degree with the "Kids Online Safety Act".
Ok, so what's your point? Mine was to alleviate the burden on Signal. Fact is, this can be done and done well. Real harm is happening and this popular bandwagon is part of the problem, not solution.
Find a better way for govs to have an advantage against CSAM and other boogeymen. Technical people are supposed to find optimal technical solutions, not pretend to be technocrats or underdogs fighting against governments who are all unjust and out there to get us.
So, technical people are supposed to "just follow orders"?
Nope. If what the government is trying to do is unjust in my own ethical judgment, then I have no obligation to help them find an "optimal technical solution" to do it - on the contrary, I have a moral duty to make it as hard as possible for them to do that.
The usual argument is that if we don't "help" them, the regime that's actually enacted will be much worse all around. Which is likely true, but also exactly the point - let them be heavy-handed and incite more popular resistance that way. We'll see how much of the public still supports all this stuff when the "for CSAM only, pinky promise" tech will start being routinely used to bust them for stuff like drug use.
> So, technical people are supposed to "just follow orders"?
No, just be honest about technical matters. You can refuse to publish your software entirely or ideally in this case, make it available only outside the UK and let UK users seek it out on their own or use vpns. You can also protest the measure and try to prevent the law from being passed on ideological grounds.
> on the contrary, I have a moral duty to make it as hard as possible for them to do that.
So long as you are not being dishonest because then why would anyone trust you with anything else. You can comply with laws by doing it well or simply refuse to participate in publishing software there. What is happening now is they want to publish software there but refuse to obey the law of the land. What kind of law do you get to follow, only when you agree with it?
> We'll see how much of the public still supports all this stuff when the "for CSAM only, pinky promise" tech will start being routinely used to bust them for stuff like drug use.
That's sort of my point. You can disagree with it ideologically, saying it will be abused. But if the people trust the government and think preventing CSAM is more important then it is their right to self-determine and find out for themeselves and repeal the law later on. You are not the people's nanny, they made their bed.
Perhaps we can talk about phones without app stores and OSes people can use whatever unbackdooree app they want then?
> Alright, technical argument here. This is false and tech talking heads are spreading this lie for ideological reasons.
That is not true. The "lie" is that if you allow a back channel into secure communications then you cannot be sure who will use it. You have gone from trusting the other party (whom you probably know) to trusting them and a third party, who's identity is a bit of a mystery.
> You don't need to backdoor the protocol, just the specific targeted client.
Somebody else has pointed out this is nonsense. It makes no difference. Whilst it is a fact, it is also a lie. Well done.
> Signal can scan messages before encryption and report to the authorities just fine.
That too is a lie. Signal offers secure communications. If it scans messages and sends hem to third parties that is not "Signal", that is something else.
> Whatever the UK government desires, Signal should accept it as the will of the UK people
Extraordinarily naive about the habits, morals, and actions of the English state. That is so untrue it transcends "lie".
> I don't know UK law...
No shit!
> ...but dragnet surveillance is illegal in the US but targeted warrantful requests to backdoor apps is lawful.
Not under English law. There are no rights, as Americans know them, under English law. There are statutes, that can be changed at any time if the Lords agree, and over time if they do not
> Find a better way for govs to have an advantage against CSAM and other boogeymen
Constant surveillance of all people at all times. A camera in every bathroom, In general every bedroom. My point is a line must be drawn somewhere. The English, and Australian, states do not care at all for the personal liberty of the subjects of the English crown. Some very good people in England doing very good work, but the state there is very deep.
> That is not true. The "lie" is that if you allow a back channel into secure communications then you cannot be sure who will use it. You have gone from trusting the other party (whom you probably know) to trusting them and a third party, who's identity is a bit of a mystery.
No one is asking that! The communication channel is untampered. The app is where the backdoor is, before the communication channel.
> Somebody else has pointed out this is nonsense. It makes no difference. Whilst it is a fact, it is also a lie. Well done
Bullshit! You damn well know it does! A network adversary and an ondevice adversary are completely different. If you don't know that, you are clueless or a liar. There is security in transit and security on device. The backdoor applies to on device security before any transport crypto is applied. This is the same as your keyboard app being backdoored or a rat infecting your phone.
> That too is a lie. Signal offers secure communications. If it scans messages and sends hem to third parties that is not "Signal", that is something else
You know, just because you say words, that doesn't mean they mean things. How can that possibly in a logical universe be a lie when I said "can"? Are you claiming Signal by law would be forced to change its name or disband if it started scanning messages before encryption? Would there be a tear in timespace if that happened? Please do explained why I was called a liar for pointing out that possibility.
> Extraordinarily naive about the habits, morals, and actions of the English state. That is so untrue it transcends "lie".
Wth does that even mean. Are you saying corporations in the UK do not have to folloe the law or can pick and choose what laws to follow?
I think yours and others problem is you don't get the absurdity of companies acting as if they were individual participants in political discourse. They are not. They have no right. Companies don't vote, they have privileges and reaponsibilities and never rights of any kind.
> There are statutes, that can be changed at any time if the Lords agree, and over time if they do not
I hope that applies to companies too?
> Constant surveillance of all people at all times. A camera in every bathroom, In general every bedroom. My point is a line must be drawn somewhere.
At no point did I disagree with that. I have refused to visit the UK multiple times because of the nightmarish CCTV surveillance there. I do not agree with what they are doing but I disagree that civil disobedience can be invoked every time a law you disagree is passed, especially when tech people like you are lying about what is and isn't possible instead of boycotting the UK market or finding alternate solutions to CSAM abuse and other tech abuses and also when the government's actions will materially and provably reduce actual harm but mass surveillance has no actual proven and physical harm to anyone. I am all ears for solutions and I do not support mass surveillance but don't pretend your human right was violated when you don't even need to use smartphones (or rather smartphone and tech dependency itself is the violation of rights).
Why? The other side isn't playing fair by any metric.
> What kind of law do you get to follow, only when you agree with it?
I don't particularly care about "dura lex sed lex", so - all of them. Of course, if you get caught, that's unfortunate - but ethics and law are two different things, and in my book the former always wins when they are in conflict. I believe that it's always moral to break unjust laws, and it's always moral to help other people to do so.
> But if the people trust the government and think preventing CSAM is more important then it is their right to self-determine
"The people" are not a singular entity with rights. Even if there's a majority that wants this, it's not "their right" morally - not when it imposes surveillance on the rest of us. They will do it anyway, of course, because the most fundamental principle of any government is that might makes right. But I don't intend to make it any easier for them, majority or not. Let them work hard for every such law they pass, and then work even harder trying to deal with all the tech that makes those laws so difficult to enforce.
> Why? The other side isn't playing fair by any metric.
Because now I know you are full of shit. Everything you touch is sus now.
> I believe that it's always moral to break unjust laws, and it's always moral to help other people to do so.
Are unjust laws just laws you don't like? Are you saying it is a violation of your religion?
> "The people" are not a singular entity with rights. Even if there's a majority that wants this, it's not "their right" morally - not when it imposes surveillance on the rest of us
You are living under rule of law. If you don't like the rules, vote or get a gun. The victims of CSAM and many other crimes disagree with you. So why should your surveillance worries trump their actual victimization concerns? Instead of solving that, you lie and deceive politicians to keep the status quo and pretend you are the one fighting for justice.
> Let them work hard for every such law they pass, and then work even harder trying to deal with all the tech that makes those laws so difficult to enforce.
Yes they should work hard but if all of you tech people are a bunch of liars the you no longer get to claim how clueless politicians are on tech law, because when they turned to you for technical advice, you lied!
> Are unjust laws just laws you don't like? Are you saying it is a violation of your religion?
Unjust laws are those that, upon evaluating them from a moral perspective, are found unjust. This is inherently subjective, of course, as is all morality. I am an atheist.
> You are living under rule of law. If you don't like the rules, vote or get a gun.
The laws I am living under are imposed on me without my consent, so why should I consider them binding? If you don't like me breaking your rules, catch me breaking them - if you can.
> The victims of CSAM and many other crimes disagree with you. So why should your surveillance worries trump their actual victimization concerns?
Because the scale of surveillance enabled by these laws exceeds the scale of CSAM by many orders of magnitude.
> when they turned to you for technical advice
They didn't. What they want is for us to rubber-stamp their desired solution, with CSAM as an excuse. I'm treating them accordingly.
My point is that she is appropriately characterizing what she's being asked to do.
> Real harm is happening
... and these proposals would be very unlikely to materially reduce that harm. They WOULD, however, create a bunch of other harm. Including harm to children. In fact even including sexual harm to children.
> boogeymen
You said it, I didn't.
> Technical people are supposed to find optimal technical solutions, not pretend to be technocrats or underdogs fighting against governments who are all unjust and out there to get us.
Nobody's job disqualifies them from having political opinions. Technical expertise MAY, on the other hand, give one a better than average understanding of the actual impact of making a technology change. As may actually running an affected system and knowing how things play out on it, for that matter.
> and these proposals would be very unlikely to materially reduce that harm. They WOULD, however, create a bunch of other harm. Including harm to children. In fact even including sexual harm to children
I would want to hear your explanation for that but more importantly, you should convince lawmakers about this instead of claiming the tech is impossible.
> You said it, I didn't.
Yes I did, hope you got my point then.
> Nobody's job disqualifies them from having political opinions. Technical expertise MAY, on the other hand, give one a better than average understanding of the actual impact of making a technology change. As may actually running an affected system and knowing how things play out on it, for that matter.
I fully support tech people opoposing this law, so long as they don't claim apps can't scan messages before transmission which is obviously a lie. Of course the apps security is reduced and they can have opinions by how much, but so long as the security property and risks are communicated to policy makers and users honestly I have no problem with it. What I would have a problem with is if Signal as a corporation chooses to remain in the UK market and refuse to comply with UK law.
But if you read my comment, apple and google should do this, not Signal, but then again them or telcos pushing code that modifies appls like Signal would be much more insecure than Signal itself doing it nice and neat.
> I would want to hear your explanation for that but more importantly,
The people who want it need to prove that it will help.
I had started in to list paragraphs and paragraphs of failure modes, unintended consequences, and directly bad effects, but then I realized that that implicitly accepted an inappropriate burden of proof.
I am tired of hearing "Something must be done. This is something. Therefore this must be done".
Tell me, in detail, how any of these proposals will help. Include all of the steps from the initial scanning through the final removal of harm. Do not stop at "Authority(TM) will know about X, so they can fix it". Tell me how they will fix it, and how they will do that without doing harm. Not how they theoretically could. How they actually will. And make it plausible.
After you've given me that, I'll be happy to rip it to shreds for you.
Otherwise, if you can't figure out for yourself how it's harmful to give platforms massive incentives to shut down anybody who raises costs by triggering too many false positives, how it's equally harmful to give them massive incentives to broaden their definition of what's a "true" positive, how it's harmful to have thousands of random people viewing false "hits", how it's damaging to enable Authority(TM) to come down on kids for communicating among themselves, how it's dangerous to create a massive database of blackmail material on potentially vulnerable people, how it's trivial to repurpose a spying infrastructure for different targets, or how it's useless to give more reports to law enforcement that's overwhelmed with the reports it already has, then you'll have to content yourself with reading the vast volume of stuff other people have written up about the OSB and all the related proposals.
> you should convince lawmakers about this
Many of us have been trying. The OSB has not in fact passed yet. The EU and US proposals still less.
> instead of claiming the tech is impossible.
Nobody, not me, not Meredith Whittaker, not anybody, has claimed that client side scanning is impossible, or that you can't turn around and encrypt a copy of a message after you've spied on it. That is a straw man. It is entirely your fantasy.
What they've said is that it's stupid and contrary to the whole point of having the encryption in the first place. It leaks information that's supposed to be private, including false positives, and paints a target on the most sensitive stuff. It creates infrastructure for abuse. Those are the "security properties" being "communicated". And that is 100 percent true.
When she says "back doors", she's talking about system back doors, not necessarily protocol back doors. Although the protocol would have to have some way to report the data.
Anybody with a remotely clear-headed view of the situation understands that sending off plaintext copies of the stuff you then turn around and encrypt is in tension with the purpose of doing the encryption. They also understand that once you have either the scanning or the reporting system in place, there's nothing that controls how it can be used.
And they understand that the proponents of this stuff have no detailed story at all about how the leaked plaintext is supposed to be secured after the leaking is done... especially if it's actually going to be used for the stated purposes. That is a VAST technical and organizational problem that's constantly handwaved.
> What I would have a problem with is if Signal as a corporation chooses to remain in the UK market and refuse to comply with UK law.
That's another fantasy of yours. She's been very clear that if the UK does this, Signal will exit the UK market.
However, that's her and her corporation. It's not binding on the rest of us.
The fact is that "lawmakers" do not have infinite legitimate power. It is sometimes right and maybe even morally required to directly break the law.
Personally, I'm looking forward to the widespread use of P2P tools that will make Signal look like an open book... whether they're legal or not. At this point, laws even in the "free world" are descending into insanity.
> After you've given me that, I'll be happy to rip it to shreds for you.
Rip this to shreds: if at least one victim of a crime can be prevented by catching a witless criminal then it is worth it. Also this: Homomorphic encryption and differential privacy are a thing, if certificate transparency logs can prove no certs are issued maliciously then similar logs can be published publicly to prove that the scanning list (similar to a CRL) does not contain hashes/patterns that haven't gone through appropriate legal/regulatory checks and balances. E2EE can also be used to secure the message between the gov agency and the device. Certificate authorities already have similar exposure that can compromise all your traffic (including the signal app download/install), "shred" this and show me why a similar risk model is inapplicable to gov scan lists.
> Nobody, not me, not Meredith Whittaker, not anybody, has claimed that client side scanning is impossible, or that you can't turn around and encrypt a copy of a message after you've spied on it. That is a straw man. It is entirely your fantasy.
> What they've said is that it's stupid and contrary to the whole point of having the encryption in the first place. It leaks information that's supposed to be private, including false positives, and paints a target on the most sensitive stuff. It creates infrastructure for abuse. Those are the "security properties" being "communicated". And that is 100 percent true.
No, the message you have been spreadning is that it is impossible to secure a message and spy in it which you just admitted there. That is false, that is not a strawman on my end, you just admitted it! The infrastructure can be abused? So can signal's source code repo infrastructure. Your lie is that of omission and context framing while fully knowing how non-technical policymakers will interpret what you are saying. It is absolutley possible to implement a scanning infrastructure that has the same security properties as the app's code or app store download/signature security. If you are claiming the gov end can be abused by malicious humans then that is beyond your exertise to police humans breaking laws, so long as transparency logs can be produced to criminally punish violators.
> Anybody with a remotely clear-headed view of the situation understands that sending off plaintext copies of the stuff you then turn around and encrypt is in tension with the purpose of doing the encryption.
That is not what was suggeste and I am sure you are aware that it is possible to scan for messages without sending off a copy of the message off device and also without informing anyone of false positive hits. Or even contents of true positive hits (requiring them to get a proper warrant and target the device for intrusive collection).
> That's another fantasy of yours. She's been very clear that if the UK does this, Signal will exit the UK market.
It's not a fantasy, it is possibility and I am glad signal will exit the UK if this happens. I support this kind of boycotting.
> It is sometimes right and maybe even morally required to directly break the law.
Maybe, but not everytime you don't like a law, that undermimes the rule of law. Only active and imminent harm to humans is a reason for civil disobedience not mere speculation and disagreement. You spoke of burden of proof, the other side has proof of harm to humans you are on the opposite side of civil disobedience here. You are on the side of the oblivious technocrats profiting from harming people.
> Personally, I'm looking forward to the widespread use of P2P tools that will make Signal look like an open book... whether they're legal or not. At this point, laws even in the "free world" are descending into insanity.
Me too, but for opposite reasons: so that you people finally get that technocrats and civil disobedience is not a thing. You cannot solve politics with technical rebellion. You have to actually convince your peers. Here I am as your peer engaging with you while being aware of most of the technical facts and you are not convincing me. Your strategy of using technical expertise to deceive people will backfire too and so will downvoting people like me attempting to engage in civil discourse with you in good faith. I think you will just end up facilitating the building of "GFW" level national firewalls in the west with your techniques. They are not going to stop trying to find a solution to reduce CSAM and other illicit crimes, a privacy preserving solution is possible and fighting it is a lose-lose scenario.
> Rip this to shreds: if at least one victim of a crime can be prevented by catching a witless criminal then it is worth it.
You didn't come close to what I asked for. You gave no details on how even one crime would be prevented. But I'll give you that it probably would prevent a few.
It's still crazy to say that outweighs any other consideration.
You have to prevent more evil than you cause. That includes the opportunity cost of the resources you put into it, by the way.
"If it saves just one child" is a childish argument and I'm not going to engage with it any further.
... and if you think no children will be sexually blackmailed using the reports you're trying to generate, you are insane.
> Also this: Homomorphic encryption and differential privacy are a thing,
You seem to have slipped from the idea of client-side scanning into using homomorphic encryption to run ML in zero knowledge on the server side. That won't work.
There's a sharp limit on how many operations you can do on the encrypted data before you lose the ability to recover the result. That limit is NOWHERE NEAR the number you need for any useful ML. Plus of course the incredible compute, communication and storage load.
I have no IDEA how you'd expect to use differential privacy for any of this. And I very much doubt that you do either.
So let's stick to client-side scanning, since we at least know how to build that. Anyway, the fatal problems are with scanning in general, not with any particular way of going about it.
> if certificate transparency logs can prove no certs are issued maliciously then similar logs can be published publicly to prove that the scanning list (similar to a CRL) does not contain hashes/patterns that haven't gone through appropriate legal/regulatory checks and balances.
I think you may now have moved again, to perceptual hashes. But I guess maybe you could do something like that for an ML model too.
The "checks and balances" I've seen so far have been not so much crappy as nonexistent. Including having private groups create the lists with no real oversight.
Once the infrastructure was in place, I'd expect some countries to PUBLICLY AND OPENLY expand the scope, so auditing is irrelevant anyway. In fact, the OSB already covers more than CSA and would probably require scanning for more than CSA.
> E2EE can also be used to secure the message between the gov agency and the device.
These proposals, especially the OSB, generally call for platforms to manually vet the "hits" before they go to any government agencies, or even to the private advocates.
They kind of have to, since--
1. Most of the government agencies are too swamped to actually follow up on most of the reports they already get, and
2. The bills all demand going beyond looking for specific, already known and vetted files, into looking for things that "look suspicious". Once you go there, the number of false positives will be more than the number of true positives. Especially when you make them terrified to have any false negatives.
But sure, you can encrypt the stuff at each in-motion hop. Which has nothing to do with the main exposures.
> Certificate authorities already have similar exposure that can compromise all your traffic (including the signal app download/install),
That's one reason high-security applications don't trust CAs. Signal doesn't, for instance, but Signal's not special in that way.
> No, the message you have been spreadning is that it is impossible to secure a message and spy in it which you just admitted there.
Well, yes, it is. At least to any reasonable standard.
> So can signal's source code repo infrastructure.
One risk doesn't justify taking on another risk. Especially not a much greater risk.
> It is absolutley possible to implement a scanning infrastructure that has the same security properties as the app's code or app store download/signature security.
OK, this is truly insane.
One system tries to keep messages tightly compartmented, exposing them only to their senders and recipients. It keeps the messages encrypted except on the senders' and recipients' devices, and actually being read.
Another system does the same, except that it also sends some of those messages into a central database. It does so for the purpose of having them read by third parties, and by this I mean humans. In practice, that database has to have a long retention time and a huge number of authorized users. If those users decide that the messages were true positives, they get forward into yet another database.
The second system has every exposure the first system has, plus a bunch of other, worse exposures. It vastly expands the spatial and temporal areas where sensitive data are kept. It puts all users and devices' data into the same compartment. It has probably more than twice the total code of the first system. It trusts thousands more people. And the database is not only huge, but rich in abusable material, so it's a gigantic target that will attract attackers.
Those two systems do not have "the same security properties". They don't have anything close to "the same security properties". Using the phrase "the same security properties" anywhere near those two systems shows that you know nothing about what you're raving about.
And, yes, that second system is what you will get.
> If you are claiming the gov end can be abused by malicious humans then that is beyond your exertise to police humans breaking laws, so long as transparency logs can be produced to criminally punish violators.
Not only am I entitled to my opinions as a member of the (world) polity, but that as an actually competent security specialist, I do have real expertise in designing security systems around how humans actually act.
Unlike you, obviously.
> I am sure you are aware that it is possible to scan for messages without sending off a copy of the message off device and also without informing anyone of false positive hits.
It's a false positive because you don't know it's not a true positive. You therefore have to treat it exactly the same as a true positive.
> Or even contents of true positive hits (requiring them to get a proper warrant and target the device for intrusive collection).
You won't meet a probable cause standard with those hits. I'm sure you could get a warrant in Iran.
Nor do most law enforcement agencies have the resources to get warrants and raid people "on spec" like that.
... but in fact nobody's going to try to build that. The "workflow" you will actually get with this stuff is
1. Device gets a hit.
2. Device sends the data the hit was based on to the platform
3. Optional, but likely to be common because it limits risk for the platform: automation disables the user's account until the platform gets around to reviewing the hit. This may take weeks, especially if some score is borderline.
4. Platform employee reviews the hit (with little context, which matters a lot especially for the text scanning people are demanding)
5. If the hit looks criminal, platform employee forwards it to law enforcement or whoever. With all the data unless legally prevented.
6. If the hit looks borderline, or the user looks like they "might be a risk", or maybe even like they "might generate a bunch more false positives we have to review", platform employee ends the business relationship with the user.
7. If the hit looks completely false, platform employee reenables the user's account.
On hits with very low scores, you might have the device just refuse to send the message or whatever. In that case, either the innocent user is screwed, or the guilty user tries other ways until one works.
> Only active and imminent harm to humans is a reason for civil disobedience not mere speculation and disagreement.
We're seeing people disappeared constantly in a bunch of countries (not the UK so far). I'm OK with calling that active harm.
We're seeing stuff like teenagers jailed for sexting in the US... which this nonsense would definitely greatly increase. And we're people worldwide driven off of platforms. They "look too much like" abusive users to a computer, you see... especially to a computer programmed by some clueless whitebread idiot.
> You are on the side of the oblivious technocrats profiting from harming people.
That stupid bullshit again. News flash: CSA is not profitable for platforms. They don't get paid for it, and if it's visible it drives away profitable users. At MOST it's profit-neutral, usually negative.
> Here I am as your peer engaging with you while being aware of most of the technical facts and you are not convincing me.
That's because you're an obvious fanatic.
> Your strategy of using technical expertise to deceive people
Nobody's tried to deceived anybody. Except maybe you.
> downvoting people like me attempting to engage in civil discourse with you in good faith.
I haven't downvoted you. I have wasted my time engaging with you. I'm not going to waste any more, though.
> I think you will just end up facilitating the building of "GFW" level national firewalls in the west with your techniques.
>You don't need to backdoor the protocol, just the specific targeted client.
So how are you backdooring the client that -- where ever you download it from -- can be dumped from the phone and compared against self compiled client with a cryptographic hash?
Introducing intentional, ubiquitous vulnerabilities is also a terrible idea, because exploits for those can leak or be stolen (that has already happened, see Shadow Brokers case), and that's catastrophic in operating systems, because they're massively scalable.
Rootkits injected via such vulnerabilities can covertly make systems so that the vulnerability and backdoor are unpatchable, and that would be a catastrophic scenario.
>Signal can scan messages before encryption and report to the authorities just fine
Writing a script that comments out the lines of code for such scanning, and that compiles the application from source is trivial.
People write E2EE layers on top of existing messaging apps. One example is OTR plugin for Pidgin/Gaim, another is CryptoCat that at one point had a system that operated on top of Facebook web UI.
The genie is out of the bottle, and the bad guys are willing to go the distance to get secure comms. Bin Laden was using airgaps. Criminals are buying crypto phones (that ANOM case was fun example of smart targeted attack though, maybe that can be used to catch some criminals in future too). What's left is the security of normal people from banana dictatorships, mass surveillance tools etc. When you backdoor privacy tools, that's who you'll get, and if that's who you're going after, then you have no right to wield such power.
> Introducing intentional, ubiquitous vulnerabilities is also a terrible idea
No e2ee app has compromised device part of their threat model. People get ratted all the time on their phones bu criminals. This is the same thing except the gov is nice enough to not look ar everything, just scan for content
> Writing a script that comments out the lines of code for such scanning, and that compiles the application from source is trivial.
People write E2EE layers on top of existing messaging apps. > One example is OTR plugin for Pidgin/Gaim, another is CryptoCat that at one point had a system that operated on top of Facebook web UI.
Doesn't matter. Those apps can be backdoored too. The whole OS can. And the gov doesn't mind playing whack-a-mole. You can disagree with their policy but I disagree with openly collaborating on lying to policy makers on technical facts.
I didnt read that as a technical argument, but as a sociological one. If there are two apps, one which is easy/legal to obtain, but has a backdoor and another which may be harder/illegal to obtain but has no backdoor, which is the bad guy going to choose? Unless you can somehow force every app to use the backdoor, you cant make the bad guy go through it. Therefore, "You cannot create a back door that only the good guys can go through"
The proposal is to scan every message and report if only there is a match. What bad guy can possibly take advantage of that without coercing Signal? And if Signal can be coerced, they can backdoor it all to begin with. Call it a feature instead if a backdoor if it sounds better lol.
Control of the list which is used to scan your messages has the same security properties as the code of signal itself and a threat actor that can exploit the system must control both that and access the match reporting system (signal servers). An actor that controls these does not need to abuse this system, it would be easier to just push a rat alongside signal.
> "You cannot create a back door that only the good guys can go through"
Perhaps for crypto protocols. Software systems do this all the time in form of software updates, usage monitoring and even unattended remote support accounts. And also, just because it might be possible to find a vuln in a system in the future that does not mean it is vulnerable at the time of design.
Not only are clean backdoors possible, software engineers can design them cleanly and make them sound nice and fluffy when they are the ones accessing the backdoor.
Ok, if you believe that I have no desire to tell you that you are wrong on your views, all I am saying is let's be technically honest about what is and isn't possible.
It also seems like there’s a tendency to relitigate battles that are lost. I assume the UK had some equivalent to the 90s crypto wars in the US where attempts to weaken and backdoor crypto by legal means were pretty decisively defeated.
It’s sad that precedents should only accrue to one side’s benefit.