Encryption is a great way to protect against eavesdropping from bad guys. But when it stops the devices’ actual owners from listening in to make sure the device isn’t tattling on them, the effect is anti-consumer.
That reminds me of a comment from when smart TVs were discovered to be sending filenames and other info, since it was sent in plaintext: "If they had used HTTPS, this might not have been discovered."
The most important thing to realise is that security can work for you, and it can also work against you. It's not only a "right to eavesdrop", but users will need to maintain control over their devices if they want the former. This is somewhat related to the War on General Purpose Computing, and what I think is the biggest dilemma is that users need to have a certain level of knowledge in order to understand what their devices are doing and control them; but many don't want to; they only see the advantages and don't care about how something works, whether it "phones home" or what kind of data it's sending, as long as it makes something in their lives easier.
News stories about how smart TVs phone home have circulated, and yet AFAIK people are still buying them in great quantities. They just don't care. They are outraged and shocked when the news appears, but shortly afterwards they carry on as if nothing happened. That, I think, is the scariest part.
>what I think is the biggest dilemma is that users need to have a certain level of knowledge in order to understand what their devices are doing and control them; but many don't want to; they only see the advantages and don't care about how something works
This is why regulation is important. Most people don't care what their phone tattles about them to their provider. Similarly, most people don't read the ingredient list on their food.
But the ingredient list /has/ to be there, by regulation, and because it is, small numbers of people can post analysis that guides the entire population.
We need similar regulation over computerized devices, and that's everything from desktop computers through phones to self-driving cars and smart fire alarms.
Precisely. Especially as these devices start making important legal and philosophical choices... such as the self driving car that needs to choose between swerving and hitting an elderly person on the sidewalk vs. running over a child that has darted out into the road. We HAVE to be able to know what kind of programming these things have if we are to maintain any semblance of humanity and morality.
As much as I don't like the guy himself, this is what Richard Stallman has been talking about for years and years. Very quietly, very securely, very aware, he has been preaching the dogma of Open Source. His stuff is pretty good and well thought for most HN folks, but those are not the major consumers of 1984'd TVs. In the end, the swinging plumb-bob still oscillates between easy, cheap, and quality.
> Very quietly, very securely, very aware, he has been preaching the dogma of Open Source
By the end of 1998, Stallman had formulated a position: open source, while helpful in communicating the technical advantages of free software, also encouraged speakers to soft-pedal the issue of software freedom. Given this drawback, Stallman would stick with the term free software.
> News stories about how smart TVs phone home have circulated, and yet AFAIK people are still buying them in great quantities. They just don't care. They are outraged and shocked when the news appears, but shortly afterwards they carry on as if nothing happened. That, I think, is the scariest part.
Being angry about it takes effort and, frankly, most people don't seem to care about their rights as long as it doesn't effect them personally in an obvious way.
John Oliver's interview with Edward Snowden demonstrated that if you frame your coverage of privacy violations properly, you can get people's attention fast.
> How many users "MITM" their own SSL connections?
If you're looking for a startup idea, this is one: to check that what the manual says about outgoing data is true, and to what degree they compromise privacy. Decorate with 1-5 stars ratings. The ultimate goal is to have companies pay you to test their products.
However right now not enough people care about this, but it might change quickly. So starting it now might be a coin flip.
That reminds me of a comment from when smart TVs were discovered to be sending filenames and other info, since it was sent in plaintext: "If they had used HTTPS, this might not have been discovered."
The most important thing to realise is that security can work for you, and it can also work against you. It's not only a "right to eavesdrop", but users will need to maintain control over their devices if they want the former. This is somewhat related to the War on General Purpose Computing, and what I think is the biggest dilemma is that users need to have a certain level of knowledge in order to understand what their devices are doing and control them; but many don't want to; they only see the advantages and don't care about how something works, whether it "phones home" or what kind of data it's sending, as long as it makes something in their lives easier.
News stories about how smart TVs phone home have circulated, and yet AFAIK people are still buying them in great quantities. They just don't care. They are outraged and shocked when the news appears, but shortly afterwards they carry on as if nothing happened. That, I think, is the scariest part.