For example if you have a 6.0 or later Android, Alibaba app will block you if you disabled the permission to read IMEI or it detects spoofing.
It is easy to see how they also use it for their own purposes: open a new taobao account, search for some items, do factory reset, install taobao and see that you are being shown same stuff you been searching before. This way they also clearly violate Google store rules that prohibit using IMEIs as tracking IDs for marketing purposes. It was reported over so many times, and Google clearly knows of this. I guess, they are afraid of antagonising "the premier Chinese dotcom" or still considering going back to China.
> Google allowing apps to read
> phone IMEI in Android
With Android, I need to trust a lot more parties, like Google, the hardware vendor, and every app I use to not do something crazy or shady without asking or notifying me first.
But late Steve Palmer and especially Nadella changed Microsoft completely. Nowadays, the user is the product, Windows 10 spies on you and send keystrokes, audio, install apps and what not to various IP adresses, you cannot deactivate it, ads in startmenu, pre-installed adware apps, etc. And Snowden revaled that Microsoft was the first company to hand over data (Hotmail/Live/Outlook.com). So the trust in Microsoft is gone.
I hope Apple keeps it good track record.
But even iOS has problems. For example I cannot force apps like Waze or Uber to only use my location while using them, you have to either disable location for them completely, or to allow them to take your location while running in the background.
It's an either/or proposition and the result is that Waze and Uber users do have their location tracked, because the apps are not usable with the location completely disabled and enabling location on demand is too painful. While in traffic, imagine sitting at a red light, wanting to turn on GPS navigation to take you home or something and having to enable location in iOS's settings.
And you may have given them permission, you may know about it, but are you going to stop using Waze and Uber if you don't agree? I think I know the answer for most people. And also, even with your permission, as a matter of fact it's still irresponsible to let them track your location in the background, even if you currently trust those companies.
TBF they also allow disabling the final choice, most of my applications (including many built-in applications like Calendar or Maps) only have "never" and "while using the app".
I was perhaps misunderstanding the parent as suggesting that once an app has allowed "While using the app" as a choice, that could never be removed - ie Uber would still have to allow "While using the app" as a choice.
If that was the case, apps might avoid offering the "While using" choice in the first place if they might ever consider the need to remove it, no?
that is the current permutations which an application can provide are:
* no, using, always
* no, using
* no, always
I do not think the latter should be allowed.
An alternative would be a temporary grant for an hour / until the end of the day like you have with "Find Friends". But working out the UX and UI logistics of that are beyond my skills.
What if one quits the app? Then it's no longer in the background and can't track your location, right?
The other thing I'd like is incompatibility with password managers being an automatic approval fail for the app store, in particular fields that disable paste for passwords.
Personally I don't trust Android (or the hardware companies that sell Android devices) or iOS but picked an Android 6+ device because in principle I'd rather have an operating system that's more open. AFAIK all the Apple privacy stories have been about US cases so as a non-US person I'm also not sure they'd apply the same standards to me.
Didn't need to negotiate anything, on iOS the IMEI has never been programmatically accessible, and other "global identifiers" (UDID, MAC) either weren't ever accessible or were removed afterwards.
You can get an "advertising identifier" which should only be used to hand to ad networks (your application can get banned if you use it otherwise) and a "vendor identifier" which identifies the device to the app vendor only.
 via public frameworks, you can get it from the private NetworkController class but that will get your application rejected from the appstore. You're "at risk" if you sideload applications though.
Though the IMEI should be exposed to a Stingray type device, so you'd be able to track users without access to the cell networks, you'd just have to set up a bunch of radios.
And you wouldn't be able to shake it by swapping SIMs. That said, most users wouldn't bother with changing phone numbers or SIMs.
The issue is we not only use 'services', we handle data to the service providers. Data under their custody is usually stored and transferred with less secure protection, like on a thumbdrive or sent by email attachments. I don't see this situation will get any better soon.
Hell, even visiting your friend in a hotel requires recording your ID before hotel staff will let you go upstairs (strictly enforced in cheap hotels). Internet cafes' administration system had been linked up to government ID systems more than a decade ago.
This is the Polizeistaat that Hitler could only dream of. It's a whole other level over any credit card surveillance.
1. The DB wants to see id (that they can verify) for Eurorail passes. The DB or the Belgian rail people require seeing the purchasing CC.
2. Buying a sim in europe requires a passport.
3. Most things you sign up for in the US requires a phone number. Loyalty programs certianly do.
3.1 Walgreens requires your ID in hand to scan it to verify that you're "over 21" (Really they just want to rip the info)
4. Hotels require passport details (England, Belgium, Germany, Netherlands, France, carrebian, etc)
2. No, only in certain countries. I've bought SIMs from vending machines in Iceland and Denmark. In Italy the merchant made me seriously promise, I really mean it to send him a photo of my passport as soon as I returned home with my SIM. He gave me his personal gmail address to do so (probably because he certainly didn't want that info going to his work email where it would be obvious he ignored the rules). In Germany, rumor was you basically had to be a German citizen to get a SIM; that turned out to be untrue but I cannot remember if I gave them my (EU but not German) passport. IIRC I could not buy a SIM in Sweden as a non-resident though. UK was no problem to buy a SIM.
3. Yeah, but that's just an identifier. You could use any number, and a different number for every merchant, and nobody would know. Though there was a case of a fireman convicted of arson, partially on evidence of firestarters bought using his wife's Safeway loyalty card number.
4. I can't really ever remember being asked for my passport in the 5 of those 6 countries, but of course it's not unreasonable to be expected to show ID so I cannot say for sure I never produced ID. Though I remember in Poland and I think the Czech Republic they actually hold your passport, which made me very uncomfortable. When you leave the room for the day you swap key for passport, and vice versa on your return. Whether this is government or business policy, I do not know.
You can definitely buy a SIM-card in Sweden without any kind of identification. However, if it is a SIM-card with a (non prepaid) subscription, THEN you have to ID yourself and be credit worthy (since you can potentially run up a huge bill that is invoiced afterwards).
It's amazing how hard it is (as a foreigner) to come by solid information on the legal situation around SIM card purchases. It seems every company is different, and the more restrictive ones have an incentive to make it sound like a legal issue rather than a business decision.
I hadn't been to Europe since 2004, and on my subsequent visit in 2011, I just casually told my wife "we'll just buy SIMs at the first country we go to, surely they've sorted out this stupid roaming-when-you-travel-a-few-hundred-miles thing by now." WRONG.
So glad this is coming to an end. I've wasted far too much time and money country-hopping and having to spend 30-90+min in each country trying to get a working mobile phone. Locals probably don't realize how bad it is, but on prepaid plans you often cannot roam in foreign countries at any price. So as absurd it is to pay ATT here in the US $60 for 200mb or whatever insane rate, sometimes I wonder if it's worse to spend $40 per country per SIM card if I'm only there for a few days. Not to mention changing phone numbers constantly, assuming you would like to be reached...
What I meant by "strange" is that European countries differ in their approach to unregistered SIM cards (due to safety/antiterrorism) but now agree on ending insane dataroaming charges. Any safety advantages to mandatory registration when buying a SIM card (IF there are any, which I doubt) are essentially nullified by this deal. A potential terrorist who wants a burner phone can buy a couple of SIM cards here in The Netherlands and take them to Belgium, for instance. European politics at its finest!
I have an unlimited calls/SMS plan with 11.5GB data a month. It costs me EUR45,-. When I travel 40 miles east from where I live my current data plan is no longer valid, and I have to pay EUR3.49 per 100MB/minutes/SMS. Yes, hundred MB. Not thousand. Those charges are insane!
London just get it at arrivals of Heathrow.
Ireland theres a metro sim shop at arrivals.
Germany: go to your nearest netto
France: just find a shop.. but don't expect to get anything that works.
Carribean.. Never even tried.
I remember in Poland and I think the Czech Republic they actually hold your passport
They normally want to see your passport, or id upon check-in, but I never, ever experienced that they kept it after the check-in process.
Countries where I experienced this where mostly in Asia. Like Laos, or Cambodia. Not even in Vietnam they kept my passport after checking in.
From my experience, you do have to have your passport with you when getting a Sim. They usually make a photocopy of it. (This was from O2)
Who except students uses Eurorail passes anyway, these days?
No; in Austria and Germany you can (at least at the moment) still buy SIM cards without providing an ID. Germany requires online activation but no one verifies if the address or the name is real.
Some activation step happened when I inserted the SIM but it didn't involve using a computer.
Agencies collecting data is totally fine. No one can avoid it in this world nowadays. Showing IDs seems very old-school. Remember PRISM? As long as one is using a smartphone, they are being tracked every single second.
The problem is: it's more work for ordinary people. The systems in place are making it difficult for citizen to exist outside of the system, change it, or express differences. But it doesn't make it as difficult for criminals to be criminals, because those accept destructive consequences of their acts.
How do you plan on doing that if most stores and banks stop accepting cash, and to get a debit or credit card you need to show government ID, which is electronically verified (it has an RSA keypair, signed by the government, stored on its chip).
It becomes impossible.
You can also live without a bank. Several people I know do so. Again it's work, but it's possible.
A lot of the time, people saying it's impossible really are asking "how can I keep my confortable life 'as-is' while going off the grid". THAT is impossible. You can't live your current life, because it depends heavily on the system.
In Sweden, not even banks accept cash anymore, and close to no stores. There, it is literally impossible.
Germany and France tend to be a lot more sceptical of new developments, which I’m grateful for.
People claim it's necessary, but they're just parroting someone like the guardian in that Kafka story: it's just talk. Just walk on through while you still live. Until we do, I don't even see a "there" where we are, I just see black and white moving pictures and hear sad music.
I'm admittedly not well informed on the subject but I assume this has been going on for decades, are there any consumer privacy laws around this? While I find Google data collection activities worrisome, I at least have some faith in their technical ability to keep that data safe. And unless I'm mistaken Google only sells targeted access but not the actual data which is what the credit card companies and bureaus do.
There is a significant difference between this and extensive government data with your name attached, though I agree it's not great from a privacy perspective.
Typically (as has been said) you can opt out of this sharing.
How is this China-only ? Can't Facebook do the same ? Can't the government force Facebook, Microsoft, etc to give out all the information that we generate in their networks ?
Can't they compute such a "trustworthiness" score and sell it to your (potential) employer ?
Of course they can and they will if they don't already.
I've agreed to countless "license agreements" which I haven't read - I might have given some company my exclusive permission to monitor my every move...
What if your agreement contained a special clause not present in other user's agreements ?
There is absolutely no doubt in my mind that what is going on in China will become the status quo in a lot of other countries and this will accelerate as shit gets tougher due to all the global problems that we now face.
What's even more disappointing is that these surveillance systems are most probably built on top of open source software and libraries - which have been ideologically released in order to increase the user's 'freedom', yet who would have thought ...
Unfortunately the dream of a better, closer, freer world is now passing through a nightmare phase - we've built the perfect tools for crazies to do their crazy thing...
And while it's fun to either wave our arms around and say "But everybody's doing it!" or talking about wild dreams of a better tomorrow, the crap we've created is right here, right now. As a technical person, if you're looking for somebody to blame, there's the mirror.
When I was in the armed forces and you needed something desperately that you did not have, somebody would always say "Well, you'd better grow one"
We technical folks do not have the moral underpinning we need to help there be a brighter tomorrow. We're lacking the social and political theory and the historical grounding to understand what kinds of things might help and what kinds of things might hurt. Instead we just imagine how what we're making might help mankind along. News flash: imagining isn't cutting it any more.
We may not have the tools we need to responsibly create the tech we're creating, but we'd better grow some.
Consider e-cash. People would love to implement it, but banking regulation makes it difficult to actually do business through anonymous transactions.
Similarly many privacy-conscious ISP operators want to throw away logs as soon as possible, but regulation forces them to retain data.
Sure, the likes of facebook and google do thrive on gobbling up more data. But others who want to improve privacy are actually actively hampered by politics.
This creates an asymmetric landscape.
I'm not going to push "terrorism" or "pictures of small children" angle, because people engaging in those actions are very rare. Reality is much more boring - those rules help against run-of-the-mill fraud and abuse, the kind which every other individual business, small and large, would happily do. Nor did those regulations came out of thin air or "imagination" - they're almost always responses to real problems.
The thing is, anonymous cash transactions work. They have for millenia. And yet there are 0 motions to enable them in the digital space and >0 to restrict or abolish them in meatspace. The privacy they enable is practically treated like a historical accident that needs fixing.
Maybe part of the problem is that it's easy to assign monetary value to the law enforcement effort saved if you could just have more surveillance or the additional tax revenue if only every transaction were traceable. But it's a lot harder to put a value on privacy.
> they're almost always responses to real problems.
Problems may be real, but if the solutions fix that problem by creating new problems then it's not obvious that we should actually fix those problems. Maybe some youths setting bus seats on fire a few times a year is a price worth paying to not have surveillance cameras following every step you make.
Just because there are reasons behind those regulations does not mean they are good.
You get to be a big company by creating something where people voluntarily give you information that big governments have long dreamed of forcing out of people.
2. The data that is out there is _very_ messy. If you have a unique name and you use it as your twitter handle, sure, this is already happening. It's called Klout. But most companies just use it to figure out what image to put on their coupons.
3. I've never heard of employers asking for someones "trustwrothiness score". We as a society get pretty pissy about this type of thing. We've banned IQ tests, and needlessly asking for credit reports / scores. If a metric like this came out in wide use we'd ban it.
4. License agreements are generally unenforcible. You don't get the right to someones car just because you put it in a license agreement. If you could do that there would be lots of scams trying to get old grandpa to install a new photo app to see his grandkids.
5. What is going on in China is overblown in the media. It's not a episode of Black Mirror. The people that are most impacted by it are politically loud young adults online, but the vast, vast majority of Chinese don't worry about it. There are much more important human rights concerns in China that need addressing like freedom of the press.
6. We're not in a nightmare phase, we're in the same phase we've always been in. The telegraph cables were tapped by every major government, the radios listened to, the phones tapped, we even put recording equipment into televisions we sold overseas, our major hotels have always been tapped (or easily tapped given a court order if a foreign national was in town). This has been happening for over a hundred years.
I agree we should know about it (thank you Snowden) and in some cases I don't like it, but the solution isn't to wish it away, it's to use encryption and not say or do stupid things around computers.
No, it's perfectly legal for employers to run a credit report on you and make a hiring decision on that basis. You're outright incorrect here.
> 4. License agreements are generally unenforcible.
Good luck proving that in court. Especially when you just also agreed to mandatory binding arbitration instead of a court hearing.
It's not even a situation of you not being able to mount a defense against a billion-dollar corporation, you will literally never have the chance to have a lawyer in the room with you in any sort of hearing.
4. It has been proved in court countless times when the terms have been ruled out of scope. You need to have meeting of the minds in contracts. You cannot unknowingly agree to binding arbitration either. This is just FUD. Show me the court case or the media storm when little Sally lost all her money because she unwittingly agreed to some completely unreasonable ToS. The infringing company would get countersued by an attorney working on commission.
Not that you can't get fucked by the courts and contracts in America, you most certainly can, but not by these unenforceable / unreasonable ToS.
I'm pretty sure that's not true. Hasn't Wells Fargo managed to use binding arbitration clauses to successfully dodge lawsuits about the accounts they fraudulently opened?
Those contracts are large, rarely read, often use lots of technical jargon, and are subject to being unilaterally changed by the issuing party. Hardly anyone understands everything they're "agreeing" to.
From the Carnivore and the big NSA installations in the late 90's to Snowden there were more than 10 years. That may not be "long" on your definition, but isn't something to dismiss.
> We're not in a nightmare phase, we're in the same phase we've always been in.
The current situation is clearly different from those you point. We never had universal surveillance in history, as it only became possible very recently. It's not a "nightmare phase", but it is unprecedentedly and nobody knows where it will lead.
The solution isn't just to use encryption (although yes, using encryption is part of the solution), there's some deep political transformation going on, and any solution will only arrive by mixing technological and social factors.
As an instrument of control and coercion, however, there is a massive difference between a government collecting data and not telling you, and a government collecting the data and telling you they use it to calculate your worth to society. The latter seems utterly tyrannical.
Both cases utilize the tools of tyranny, and Facebook has shown they are more than willing to comply with whatever the host nations government wishes, lest they lose profits for their shareholders.
What was noteworthy about Edward Snowden leak was the confirmation of the data collection. He made public something that everybody knew.
On one hand...
- China has done better than any other country on Earth at poverty reduction. Chinese policy since Deng Xiaoping lifted hundreds of millions of people out of subsistence poverty. Free markets were a big part of this, but so were Special Economic Zones starting with Shenzhen, a culture of sharing IP, massive govt investments in infrastructure, research and education.
- China are also the most successful urbanists today. Many of those 100s of millions of former rural poor are in cities now. In the time it took California to debate building a single High Speed Rail line from SF to LA, China connected their whole country with trains that are much faster, much more useful (because they go directly into urban centers and connect to fast local transit), and much cheaper. Ours still isn't done.
And yet, at the same time, China also seems to be prototyping some kind of grim meathook future.
- Extremely aggressive surveillance. Near zero respect for privacy. Govt deputizing the tech sector to spy and censor on their behalf.
- Cities with toxic air. Check out this glorious ad in Beijing right now: https://pbs.twimg.com/media/C1JrMsKUAAAopPT.jpg
- A closed, censored alternate internet
- "Social Credit" Scores based on surveillance, which look like a frighteningly powerful way to neuter dissent
China moves faster than we do, both for better and for worse. I guess our challenge is to emulate the things they're doing right (eg the vastly more efficient and effective way they build transit), while stopping our own governments from repeating China's mistakes and acts of authoritarian overreach.
This is only true if you're applying a ludicrous double standard. China has done better than most other countries at this because China was extremely poor just a few decades back. Nowadays, much of China is still very poor. Of course it's much easier for China to slash its poverty rates than for an already-developed nation. The real thing to ask about is how long it will take China to bring a western middle-class style quality of life to its citizens.
I don't think any other society in history has lifted as many people out of poverty in as short a time.
These two discussions are completely orthogonal.
To achieve growth in a small country, you can be nimble and find relatively small market opportunities and then exploit them relentlessly. That simply doesn't scale to 1bn+ people.
Economic reality is actually the opposite of what you state. A big country represents a big domestic market - you don't need export niches or even good products, but can just build to service the internal markets, with massive economics of scale - and then muscle your way into foreign markets when all your corporations are 800lbs gorillas.
If Taiwan is wealthier than the PRC, it is not because their economy and population is so tiny - there is another reason...
You need to get to Norway before you see a reasonably sized country.
If what you claimed was true, the US would be on top.
Japan 1960-1985 is another good example.
With regard to the authoritarian structure of China, one disease that persistently affects these systems is adverse selection based on cultural evolution, i.e. the populace "learns" to get around the system and it works as long as the system is sufficiently oppressive that most people sympathize with the rule-breakers, see also the War on Drugs and de facto legalization of marijuana in some small towns. The thing about corruption in bureaucratic heir-choosing (Caesarian?) systems is that once corruption gets in there's almost no way to get it out whereas a democracy can rebel
The classic example of this is how landline telephony is much less prevalent than cellular in much of Africa. Landline technology was effectively skipped. I don't think African governments and societies are benefitting at the expense of western cell phone businesses. It's not a zero-sum game in this respect.
It seems fairly unlikely to me that China turned into the manufacturer of the world in such a short period of time without being gifted the skills and technology to do so. And now, companies like Xiamoi can now challenge (or, at least run with) the tech leaders.
Pretty impressive transformation in < 20 years.
I don't think there is unified western middle-class style quality in every western country. US on average is richer than many european countries, where average wage is around 1k per month, is this middle class or not?
Much of China is still poor. There is also 50-100 million estimated Chinese now can afford modern cozy life(income 16k to 34k dollars per household), whether that is western style(air quality is certainly not :p), I don't know. Both exist, no point using one to deny the other.
Only emphasizing the poor part of China, overlooking the fact there is rising urban population seems like a lot of people are still in denial of the fact China is already a serious competitor in many fields.
Politics is critical, and as technologists we can't just opt out and hope things will work out. We have to win these fights.
I once worked at a place that was bidding on surveillance tech for some public transit systems in Australia and the cavalier attitude that management had about privacy was sad, to say the least. They just didn't think it was their job at all to decide what is right or make any ethical judgements whatsoever. To them, mass surveillance was merely a way to make a lot of money and that's all. They didn't care who got hurt when that tech eventually makes it to less democratic nations to be used to suppress and destroy the human spirit.
Well, that company went under, but others succeeded.
We already have, here's video of the construction: https://youtu.be/1lsiYkyEW0w
Monthly construction updates: https://www.hsr.ca.gov/buildhsr.html
It has to be easy to build a new railway when you can just send the police to evict everyone in the way.
But you can't so easily dissentangle the one from the other. A lot of their development is so quick because they ride roughshod over property rights, safety standards, environmental concerns and individual liberties to push them through.
Regardless I almost don't want to give someone traffic who does obnoxious things based on http headers.
Edit: there's some irony in the way the post on that page criticizes someone for making the contents of a URL unstable ("because he doesn't know what the 'U' stands for") while the page itself displays deliberately different contents depending on how people found it.
The US corporate surveillance web is rich in complexity.
Before we judge China, lets make sure we know what we're comparing them to.
I highly encourage anyone interested in the subject to watch this talk from last month's Chaos Computer Club Congress.
"Corporate surveillance, digital tracking, big data & privacy:
How thousands of companies are profiling, categorizing, rating and affecting the lives of billions"
You say the Chinese system is sinister because they force you to use ID cards. In the US corporate surveillance system, they can track you without ID cards.
In China they have routine direct abuses and intrusion into daily life right now and are expanding it as fast as they can. There are no legal protections and the risks are already happening.
If you can't see there's a difference there, I can't help you.
Curious use of the word "could", as it seems to imply such abuses have not already occurred and been exposed without legal recourse.
I am afraid that's not how it works. This is not how the government tracks you. The mirror all traffic going brought your internet service provider, that's it. Then it's just a google search to see what websites you have visited.
Government ID or not, you are being tracked quite easily by the government.
Yes, the governments owns telcos etc. Yes, they probably have files on people they consider a threat, such as human rights activists. But to think that all that data is accessible in some kind of coherent manner is ridiculous. This is China, where banks cannot even access information between physical branches of the same bank because of its bizarrely inefficient IT infrastructure. The telcos have been trying to enforce the "real-name" policy for SIM cards for months, yet you can still easily buy and use a SIM card on the street.
They definitely need help from an app, because private Chinese tech companies are somewhat competent compared to the government IT sector.
Do you really feel safer in a country where you can get jailed without trial, where you can jailed, deported and banned from re-entry based on a urine test at the whim of some provincial government official that you crossed paths with? In China, the biggest threat is the government.
Being foreign to both countries, the difference is not obvious. Formally, this could happen to me in both countries. Even culturally, the "They only do it on strangers, so that's fine" argument before and during the Snowden files makes me doubt of the support I would get as a foreigner (and I'm on the good side of being a foreigner, not being a visible foreigner).
I've never been to China, but I legitimately can't tell which country you are talking about based on that sentence.
I don't approve of their actions, they reacted way too late and were too violent. A faster intervention, something like mass arrests (+ releases after everyone cooled down) would have probably been the best compromise.
It's easy to judge them from outside.
To be fair, isn't that the only way to judge this? China forbids discussion of the Tiananmen Square protests and censors informations, younger generations aren't even aware of it.
Can you elaborate on why is it?
Socially: Urban environments tend to offer more of a sense of community than I've personally experienced in many other countries. People have your back by default against pretty much anything.
Legally: Because the courts are highly backed up and trust in fair outcomes within legal system is still murky, litigation is rare.
Fights are very common, especially in the north-east. Foreigners are often assaulted for being foreigners. Last year, a foreigner-Chinese couple was attacked by a sword-wielding man for being a foreigner-Chinese couple in one of the busiest areas of Beijing, rife with police. The woman died .
Roads are very friendly to pedestrians indeed, where the driver will most likely try to run you over again to kill you so they won't have to pay medical fees .
Medical care is entirely commercial, and you won't even be attended to by a nurse until you wait in line and pay your bill. Some reference regarding medical care is here . Additionally, health workers are often incompetent, don't follow hygiene requirements, etc. There is anecdotal evidence that the entry barrier to becoming a nurse is purchasing a nursing certificate online. And let's not forget how a government-supported healthcare program gave AIDS to hundreds of thousands of people less than 20 years ago .
Urban environments are polluted, grey and soulless, and cities are almost undistinguishable from one another besides the pollution level varying from "high" to "hazardous". I'm not going even to start about the legal system, since it is doesn't exist. Whoever knows the judge wins the case (it's never the foreigner).
Citing one anecdote does not change the facts: China and HK have about the same homicide rate as Germany (namely less than 1 per 100,000 per year), that's about a quarter of the US rate.
As for healthcare, if I were to get seriously ill, I would frankly not want to be in mainland China or the US. Similarly for litigation, in fact.
Lamentably, while Chinese used to be rather friendly and curious towards foreigners, now one observes more incidents of parochial, jingoistic hostility.
All in all, though, I agree with GP's assessment: As long as you keep out of politics, you feel both safer and freer in China than in the US as a foreigner (which is not saying a lot).
I would say per-capita stats are ideal for objective comparisons rather than picking individual instances. Would you have those by any chance?
So take this as a personal account from someone who lived in China for over a decade.
Of course, I would request similar stats for the contention the other commenter made saying that fights are rare.
Add to this the fact that both legislative chambers are controlled by the same party who is "tough" on crime.
For profit or to ostensibly address Terrorism expect surveillance to get much worse.
Sorry, they were eroded long before. This is why people must remain vigilant whether it is the person they voted for or not.
Meet the new boss, same as the old boss.
It allows peoples' inherent belief in American virtue to doublethink themselves into believing that the NSA doesn't collect this high-res data in bulk from Facebook and Google and Amazon and Apple and the mobile carriers—when we have clear documents showing that they do.
LOVEINT is real. The large social networks and communications providers are an official arm of the surveillance state, with all of the unfettered access to high resolution data that entails.
Your doctor or hospital hosts data in AWS? Pretty sure HIPAA doesn't count in this case when they're just sucking up all of the traffic in bulk.
Your social media and financial data are already being aggregated and sold—we know this, too.
Please elaborate instead of making a blanket statement :)
False. I work for a company in the education space that uses AWS. We're unambiguously bound by FERPA. It is inconceivable to me that a stricter law like HIPAA wouldn't also bind cloud-based companies.
EDIT: Moreover: https://aws.amazon.com/compliance/hipaa-compliance/
The EFF has a lot more detail here: https://www.eff.org/issues/medical-privacy
and more specifically: https://www.eff.org/issues/law-enforcement-access
I think the GP was asserting that the NSA doesn't care about HIPAA, not asserting something about HIPAA and Amazon & companies using AWS.
No it isn't.
> when we have clear documents showing that they do.
We have claims and vague overview documents, but no actual direct evidence. For China, it's so rampant that direct evidence is everywhere.
> Your social media and financial data are already being aggregated and sold—we know this, too.
Financial data can only be sold in non-personally identifying anonymized forms. Now either you know this and you're willfully trolling, or you don't and you have no idea what you're talking about. I live in the UK so modulo Brexit, my social media data is protected by EU rules. At least the US does have some controls.
China has no controls whatsoever, the government blatantly ignores the law, completely owns the courts and exploits the data directly right now for censorship and persecution. It also sells it for the personal gain of officials. No innuendo, no supposition, no conspiracy theories required, they're doing it in plain sight on a massive scale.
I wonder if the information is leaked through hacks or compromised individuals.
Corrupt officials is an obvious answer. Or hackers- given all the terrifying hacks of U.S. government databases that are reported, its likely as not Chinese databases are just as vulnerable, and they're much less likely to inform the public of breaches.
In either event, its potentially an example of China's government stability efforts coming around to bite them- how many incriminating details of government officials are tucked away in this database, for sale to the highest bidder?
Scientia potentia est - Sir Francis Bacon
Knowledge is power and it can command obedience. A man of knowledge during his lifetime can make people obey and follow him and he is praised and venerated after his death. Remember that knowledge is a ruler and wealth is its subject. - Imam Ali, Nahj Al-Balagha, Saying 146
Dial back 10-15 years and try to imagine the response to a news item like this. Hysteria about totalitarianism from the media, endless interviews with academics, ngo and human rights organizations. Grandstanding by politicians and citizens. Where are all these noisy vocal folks? What is orchestrated and what is real?
I mean, why not?
They've the got the hackers. They've got the big DB. They've got the absence of laws preventing such a practice.
"Apple Pay is also designed to protect the user’s personal information. Apple Pay doesn’t collect any transaction information that can be tied back to the user. Payment transactions are between the user, the merchant, and the card issuer."
There are only 7 billion people to simulate, that doesn't actually sound like that much anymore.
Obviously one would not simulate every individual with realistic human-like AI, but with a statistical economic model.
How much and what kind of data would one need for this to be useful, for example to predict if a certain new political initiative will actually work?
Or is this already being done? Or is it not needed? Or just still too expensive?
For a long time I refused to keep a lot of information on Facebook as Facebook seemed to only consider privacy as an afterthought after users expressed outrage (I appreciate transparency about the use of data so I can make my own decision). I refused to use the sign-in with Facebook functionality as I had no interest in giving third parties access to my FB data. Eventually I just gave up and now use Facebook sign-in everywhere because it simply is much more convenient.
When I traveled to China a year ago the utility of using WeChat or Baidu Maps was simply too great. I was well aware that using these applications almost certainly would surrender information to the Chinese government. Interestingly enough, because I assumed that this would happen one way or another during my 3 months stay I felt more inclined to use these applications.
WeChat is the only viable way to keep in touch with all of my Chinese friends in China and in the US.
To be clear: it does better than anything else you can find in an app store.
I can’t verify the source code of the server, or run my own federated server (Moxie doesn’t do federation), and I can’t trust that Moxie’s server doesn’t relay metadata to a government.
> To be clear: it does better than anything else you can find in an app store.
Wrong, proof by counterexample: Conversations.im is also in appstores, is also open source, but, because it’s an XMPP client, I can run my own servers, and federate, and ensure the servers are also secure.
However, against mass surveillance, Signal will protect you, I'd think, just by making it much more complicated to intercept than WeChat or Skype, which have backdoors built right in.
#1 Protection from a dumb attacker doing MitM: This is done by anything that uses HTTPS.
#2 Protection from an attacker that can get fake SSL certs: This is done by anything using certificate pinning.
#3 Protection from an attacker that controls the app store:
This can’t be easily done by Signal – and they don’t do it.
#4 Protection from an attacker that can take over the servers running the application: This is NOT done by Signal, and is hard to achieve (even with true E2E, unless you do multicast, you usually can extract metadata here, although there are chat applications protecting against it).
If your enemy is the US government, you’re automatically EOL, due to #4. If your enemy is another government, you’re likely EOL, due to #3, unless you actually build the app from source yourself.
This is not a fault from Signal – nor can they easily fix it – but it’s a realistic problem.
#4 if some agency "takes over" the Signal servers, they can extract metadata. But only that?
#3 if the binary is not what its supposed to be, then, yes, all bets are off. That's a whole other can of worms, but a) is there any evidence that's ever happened? and b) that much affects any smartphone chat app, so does not help you to decide between Signal and WeChat.
With Signals model, as long as everyone verifies fingerprints, yes.
But, considering XMPP is a thing, XMPP with OMEMO provides all the same guarantees – and you can make it less likely that an agency has taken over the relevant servers (because you can self-host easier).
Signal’s use case is "something as secure as OTR, but easier to use".
I’m not saying you should use something else than Signal, but I’m saying that Signal isn’t ideal if your adversary is a government.
> the utility of using WeChat or Baidu Maps was simply too great
"Give me convenience or give me death"
First, Whatsapp advertises to have end-to-end encryption, which Wechat doesn't have. Second, your private Wechat conversations can be used against you as evidence in court, while any evidence collected with NSA tools cannot, since it is technically illegal.
If you want privacy from the US government, then you probably shouldn't use Whatsapp. In any other situation it is vastly superior.
Really, many countries in Europe are basically run like Singapore.