Hacker News new | past | comments | ask | show | jobs | submit login
Saudi Arabia tracks runaway women by cellphone IMEI (businessinsider.com)
290 points by onetimemanytime 3 days ago | hide | past | web | favorite | 148 comments





I remember back in the 90's, when Intel was going to introduce a unique identifier in their processors that could be used for authentication purposes, it caused a huge uproar and Intel backed down. [0]

Having a hardware embedded unique ID that can be (is) used for tracking a known persons location at all times is probably the most intrusive privacy violation we've ever had. That we willingly carry these things around and naively throw the repercussions out the window is the result of the death by a thousand cuts.

We've long lost the war on privacy.

[0] https://www.wired.com/1999/01/intel-on-privacy-whoops/


Looking back, it was unbelievable to see how huge the storm caused by Intel's "processor serial number" in Pentium 3 was, that even forced Intel to withdrew it.

Meanwhile, nobody has ever said anything about the serial numbers of hard drives, GPUs, motherboards, RAM modules, Ethernet MAC address, etc, etc, etc. Nowadays, basically everything comes with one UUID.

Pretty illogical, isn't it?

> We've long lost the war on privacy.

Agree. I understand UUID is important in engineering for many purposes, but the fact that nobody is talking about it anymore (because they are nothing when compared to more severe issues like fingerprinting) indicates we've long lost the war on privacy.


Would love to see a YouTube channel or blog where somebody systemically takes apart their computer and starts reflashing every serial number in flash/EEPROM with 0x00.

It’s not like any of these are phoning home (I hope), or married together, so there’s nothing to kill clones.


> reflashing every serial number in flash/EEPROM with 0x00.

It will be an amazing video, but good luck if the device in question has (very likely):

* a mask-ROM / OTP-ROM for a serial number - almost all microcontrollers and EEPROMs sold nowadays has at least one permanent and unchangable UUID for hardware tracking and DRM implementation (security-through-obscurity tricks to prevent rogue competitors from copying your firmware).

* "firmware read-protection" - which means the only way to dump the EEPROM is performing a full-chip erase and destroy the entire firmware, commonly used in embedded systems to stop rogue competitors from copying your firmware.


I just knew that RAM DIMMs usually have a 24 or 93 series chip on them, and figured that could be re-programmed (or replaced with a reprogrammable version if the existing chip is non-compliant).

In many cases, a) the unique id's are in read-only parts of the flash and b) the system firmware won't work if it can't read a unique id that matches a (signed) stored ID somewhere in its system.

In many cases, this isn't for anything user-facing. Unique ID chips can be very useful for detecting factory-overrun counterfeits ("oh, your $widget does this notable, nonfunctional behavior? Where did you purchase it, perchance?").


> It’s not like any of these are phoning home (I hope)

Firmware is largely closed-source, so all you can do is hope.


Changing the IMEI number of a phone is illegal in many countries.

My phone required it.

When purchased, it had an IMEI of all zeroes, and came with a step by step guide to setting the IMEI from my old phone into it.

Apparently that works around phone providers who blacklist or whitelist certain manufacturers.


Can you please expand on your phone? What model is it? It sounds very unusual for the user to be able to change the imei.

A knock-off Umidigi A3 Pro.

It's an awesome Chinese $50 android phone.

Because it hasn't passed all the network tests, most mobile networks would block an entirely random IMEI, so they suggest you type in the IMEI from your old phone (as long as it's 4g - if it isn't, they have a support email address you can contact and they'll give you an IMEI that works in your country)

Even the legit Umidigi A3 Pro's (which cost $80, and have proper certifications) have an 'imei change' tool.


Not for long I'll wager...

I'll wager the opposite. Of course it's not legal anywhere, but I don't expect any customs people to be able to tell that a phone comes with an changeable/unapproved IMEI.

Furthermore, in many OS those unique numbers are not protected from applications. For example, in Linux any application can read any hardware identifiers without any specific permissions. For comparison, in Android an application needs to have a permission to read phone or IMEI number.

Yes.

BTW, how does Windows hash your hardware serial numbers for DRM nowadays? I haven't used and checked it for a long time. Is it still the harddrive and the motherboard?


Meanwhile, nobody has ever said anything about the serial numbers of hard drives, GPUs, motherboards, RAM modules, Ethernet MAC address

Let's not forget every single page printed by a color printer.[1]

[1] https://en.wikipedia.org/wiki/Machine_Identification_Code


Barring an extremely risky, one-off backdoor in the management engine or your board or device firmware; there should be no reason why your hard disk, GPU, board, memory, and NIC UUIDs (MACs are configurable, and random by default in NetworkManager and some other network configuration systems) are available to third parties on a regular basis, unless you put software on your computer to make that happen.

Don't run spyware on purpose.


> unless you put software on your computer to make that happen

Couldn't that be ... any software?


Well, you could start by not installing software that you know exfiltrates these data, like Microsoft Windows, or Adobe Flash...

Even in free software, do you audit everything you install? Information security is only as strong as the weakest link.

The opposition to that, Clipper chip, and V-chip are three of the specific examples that come to mind when I think of cultural changes among CS techies.

My impression is that there used to be more awareness, concern, and forward-looking/vision about such things.

(I even recall techies being shunned for doing the tiniest fraction of invasiveness/recklessness that some major companies do today, yet those companies are now regarded as prestigious places for techies to work.)


> I even recall techies being shunned for doing the tiniest fraction of invasiveness/recklessness that some major companies do today

I remember uninstalling software and dismissing it as spyware for just phoning home. The very idea of a program regularly pinging some remote host to indicate the your machine was turned on and connected to the internet was offensive. Now basically every program does this, usually excused as checking for updates.

I think a lot of the problem was as it got easier for people to get online more and more people were using the internet who didn't understand the technology or how it could be used against them. They didn't care about anything but checking sports scores and online shopping and it let companies get away with taking advantage of them in ways the old nerds would never have accepted and once those nerds were vastly outnumbered by people who didn't know or care about privacy abuses the nerds no longer mattered.


I agree, but even the younger generation of nerds seem to not care as much about privacy issues, Free software, and other social/societal implications of computing, the same way that we used to in the Slashdot era. Seems like a cultural shift.

But how have I formed this perspective, about a social trend? It's my own extrapolation based on... anecdotes and social media, I guess. So it's hard to know if that picture (the before, after, or how things may have changed) is accurate.


I think this assessment is very apt, I've long wanted to get the chops to visualize all the action taking place on my network access. It's all so hidden and under the hood, it would be very revealing for a YouTuber to do a walkthrough to show how leaky apps and websites are and what sort of payloads are coming off their devices to remote targets.

> I've long wanted to get the chops to visualize all the action taking place on my network access. It's all so hidden and under the hood

You should look for tutorials on Wireshark or better yet get a Pi-hole and block ads over your entire network while you get trustworthy stats on where your traffic is going. That's probably the easier and more useful option. Casual packet inspection used to be much easier. Common traffic like HTTP, DNS, or SMTP are increasingly encrypted, but it used to be that you'd see everything pass over the wire plainly. A lot of the data companies send home is encrypted too so you might be able to identify which apps or programs are generating the most traffic or sending it to same shady destinations, but don't expect to see what data they are collecting from watching the network.


The culture was different in 90s. I remember that Windows used to ask a permission to connect to Internet to search for drivers. Today they just collect whatever telemetry they want without giving an option to disable it. I guess the reason for change is that their customers were mostly power corporate users then and now it is mostly ordinary people.

I think that permission was because Internet access used to be quite slow and expensive.

It still can be, but the new breed of hot tech companies doesn't give a damn.

Windows at least lets me mark a Wi-Fi network as metered today, which is a kind of global suggestion that "unnecessary downloads literally cost me money" - but I don't even know how much software except the OS itself cares.


Intel ME already can spit out the UUID of the chip and has been able to do it for over a decade.

Yes. Hence the 'death by a thousand cuts'. We couldn't fight every battle. We lost.

Hence the 'death by a thousand cuts'. We couldn't fight every battle. We lost.

So does the future belong to those who can administer the "thousand cuts?" In 2019, that means those who own the Cloud server farms and control the organizations that hire hordes of programmers. Does that mean that privacy is dead by an inexorable process? Doesn't that imply that individual liberty is also, eventually, dead?

How can we, the people, administer the thousand cuts?


>Does that mean that privacy is dead by an inexorable process?

Yes.

>Doesn't that imply that individual liberty is also, eventually, dead?

Yes.

>How can we, the people, administer the thousand cuts?

Stop carrying a cell phone.

There was a brief period of time, from 1990 to 8:40 AM, September 11th, 2001, when you could do all sorts of stuff online, and the powers that be either didn't, or couldn't, monitor it. That's changed, and that freedom will never come back.

However, no matter how bad the modern surveillance state gets, contrast it to the ancestral environment: a village of 50 to 200 people, most of whom are related to you, watch your every move, and can determine if you live or die. Hunter gatherers don't even have a word for "privacy". It would take real creativity for things to get that bad today.


> There was a brief period of time, from 1990 to 8:40 AM, September 11th, 2001, when you could do all sorts of stuff online, and the powers that be either didn't, or couldn't, monitor it.

The belief that September 11 brought in the dark times overlooks the actual history of things. The European Parliament’s ECHELON report, which detailed American massive interception and storage of internet and other electronics communications, was released in 2000. John Young’s website Cryptome was discussing the same stuff pre-9/11 that you found from people like Bruce Schneier afterwards. The revelations may not have been as big in the news like Snowden later, but it was well known that the NSA had rolled out extensive surveillance already by the turn of the millennium.


Agreed. Duncan Campbell's article "Somebody's Listening" about this is from 1988!

http://new.duncan.gn.apc.org/menu/journalism/newstatesman/So...


> It would take real creativity for things to get that bad today.

It is easily as bad or worse. Those 50-200 people knew and cared for each-other, and depended on each-other, and the surveillance was bidirectional. Whereas now you are monitored by actors almost entirely beyond your reach, that will feel no remorse in crushing you, should the command be given by whoever is in control.


> by whoever is in control.

Which may ultimately be a poorly tested, bias-ridden bit of AI code.


That is why 1984 is such a positive, optimistic work - all the nightmarish oppression worked so well and without bias!

Yes. Miserable as oppression is, it's handy if it only hurts you in circumstances that you could predict. Incompetent oppression can get you no matter what measures you think you've taken to live a quiet life.

Rather than 1984, the future we need to worry about will probably be more like something from Kafka.


Miserable as oppression is, it's handy if it only hurts you in circumstances that you could predict. Incompetent oppression can get you no matter what measures you think you've taken to live a quiet life.

Rather than 1984, the future we need to worry about will probably be more like something from Kafka.

This morning, I learned of a YouTuber with zero strikes, who followed all of the stated rules, who proactively deleted all of his demonetized videos, and yet still had his channel deleted. (1) If you talk to YouTubers, many of them, even mainstream ones, especially successful ones, will tell you that being governed on that platform is indeed Kafkaesque.

(1) - Black Pigeon Speaks. All of his opinions that I listened to were trash, but I still think he had the right to express them.


Also, and similarly to where conspiracy theories usually get the world wrong - someone was actually in control. In real life, no one is.

> Which may ultimately be a poorly tested, bias-ridden bit of AI code.

It already is controlled by a poorly tested, bias-ridden, strange AI system, called the market.


Stop carrying a cell phone.

How about stop using the Internet, driving a car, and participating in the economy? I don't think that helps.


So can SGX (under certain circumstances). So can your hard disk, your NIC, and probably your firmware via DMI.

Right, but those components typically don't have unchecked access to the rest of the system via back doors.

Your NIC is at least as dangerous as ME if you don’t have the ME connected to the network.

I also still cannot believe that people question the need for privacy so much. There is always the assumption that only people up for something evil are supposed to have something to hide. But data can always be abused and obviously privacy advocates have been repeating over and over again what bad things could happen.

And then people go to extremes with Tor, Noscript, Bitcoin and the like which would be completely unnecessary if the basic privacy requirements were fulfilled.


Bitcoin isn't extreme - it's very public and trackable. Monero on the otherhand isn't.

>We've long lost the war on privacy.

A bit of unnecessary FUD alarmism here. Seems like today's answer is no, probably not. It's just very difficult, requiring (i.e.) policy changes and mass adoption and transparent phone companies willing to not do dirty things with cellphones. I still think humanity can figure something out, people just have to step up.


If you're fighting against identification technology, of course you're going to lose. Identifiers have real benefits and as we've seen with American SSNs, identification, uh, finds a way. We should be fighting to exercise jurisprudence to prevent and limit abuses of identification, not dismissing unique IDs.

The IMEI identifies a device. It is, or should be, useful to lock stolen phones, though it can obviously be used to track someone who keeps the same phone even if they change SIM card.

The IMSI identifies the subscriber (and/or the SIM card) even if you change phone.

As long as people are able to call and be called and as long as people need to be billed there has to be a reliable form of identification.

This is not an "intrusive privacy violation", it is, as you point out, a technical requirement of our willingness to be reachable and most people think that the benefits far outweigh the very limited drawbacks.


Username checks out. Unfortunately, truth is spoken.

This is the danger inherent to full enumeration of the technologically enabled envelope. This is also the danger of the "market"; as it incentivized the ability to clearly specify the "who" of the customer.

It's why I've been getting increasingly uncomfortable with the economic push away from cash as the primary medium of economic exchange.

The death of the payphone marked the beginning of the end for infrastructure that wasn't in some way dependent or useful as a means of user surveillance.


Just wait for ipv6 then, where Nat is no longer providing casual anonymity.

By supporting Saudi Arabia the West really shoots itself in the foot. You can't lecture other countries about freedom while supporting this regime.

There is a delicate game being played.

If you are friendly with SA you can put pressure on them to improve. If you declare them an evil enemy would the outcome be better?

There is a path to walk and it is not easy to find the right one when you have to deal with reality not just idealism. The natural resources in the middle east are important to the world and it is not so simple as an 'us vs. them' because there are many entirely separate interests in the region and we play them off each other.

Maybe it would be better to do a Star Trek style prime directive of completely cutting off countries until they have a certain level of social development, but you would have to come to terms with knowing bad things were happening and actively deciding to do nothing.


> If you are friendly with SA you can put pressure on them to improve. If you declare them an evil enemy would the outcome be better?

> There is a path to walk and it is not easy to find the right one when you have to deal with reality not just idealism. The natural resources in the middle east are important to the world and it is not so simple as an 'us vs. them' because there are many entirely separate interests in the region and we play them off each other.

> Maybe it would be better to do a Star Trek style prime directive of completely cutting off countries until they have a certain level of social development, but you would have to come to terms with knowing bad things were happening and actively deciding to do nothing.

If the US was friendly to all countries in order to exert pressure on them this might make sense, but in light of actual US foreign policy with respect to North Korea, Iran, etc. it's completely absurd to pretend that the US is being friendly to SA as a means to effect change.


> it's completely absurd to pretend that the US is being friendly to SA as a means to effect change

Agreed. Also, where's the change? It feels like I've been hearing the same thing about SA since I was a kid.


In fairness, it was never about freedom for everyone, democracy, and mom's apple pie. That's just the nonsense propaganda we use to get people to agree to these sorts of things.

I lament the position of these women. I lament the position of a lot of men and women in the Kingdom. But the best I can do for them is to vote for politicians who won't support bloodthirsty tyrants like MBS. That's all that most Americans can do for those people. We're not a bad people, we're just ruled over by elites with no conscious. There's a difference.


> If you are friendly with SA you can put pressure on them to improve.

People said the exact same thing with China 40 years ago. Nobody is pressuring on them to do anything and they couldn't care less.

Why do you think the royal family constantly panders to religious extremists? they are actively spreading the most orthodox version of Islam in every charity and mosque they finance.

They (the royal family) couldn't care less what the "west" thinks, they know western leaders are as corrupt as they are.


> People said the exact same thing with China 40 years ago. Nobody is pressuring on them to do anything and they couldn't care less.

hm? china went from the deaths of the cultural revolution to a working society which is now, in certain regards, miles ahead of others. the massive advance of this society is due in no small part to countries such as the US (trade) and the UK (HK).


The primary reason we care about Saudi is oil. US policy makers seem to view them as a necessary evil until we transition to renewable energy. No real effort is made to influence reforms. In fact, the more culturally isolated Saudi is from Europe and other countries, the better it is for the US, in terms of dependency.

At some point after “peak oil” SA seems likely to experience extreme social upheaval - perhaps even revolution or civil war. One hopes that this could serve as a catalyst to build a more tolerant and inclusive society.


"The primary reason we care about Saudi is oil."

This is true.

"US policy makers seem to view them as a necessary evil until we transition to renewable energy."

This is false. There is nothing at all necessary nor evil, relative to the United States. We use the middle east to establish a protection racket on oil flows to the rest of the world.

The United States gets zero, or near zero, oil from Saudi Arabia. The same is true for the UK which gets oil, almost exclusively, from the North Sea. We don't need Saudi Arabia for anything - certainly not as a "bridge to a renewable future".

We choose to hold the rest of the world (particularly Europe and Asia) at gunpoint with a "nice flow of cheap energy you have there ... sure would be a shame if anything happened to it ..."

"At some point after “peak oil” SA seems likely to experience extreme social upheaval ..."

Obligatory:

https://www.youtube.com/watch?v=hWeMpaC4VeA


The us imports roughly 9% of its petroleum from SA, (it's second largest single-source after Canada)[0], which is significant. However, I think if you polled policy makers they'd emphasize security interests over oil. SA serves as a powerful Sunni counter-balance to the largely Shiite Iran. They are huge purchasers of western arms, and often (explicitly) support western interventions.

[0] https://www.eia.gov/tools/faqs/faq.php?id=727&t=6


I had always heard that it was because it enforces the denomination of oil trade in USD, and so enshrines the USD as global reserve currency.

I agree, but also they provide a huge amount of corporate welfare in the form of arms sales and political welfare in the form of lobbying.

Yes, you're correct - I meant until the world transitions and oil is no longer such a strategic commodity to anyone, which could still be a hundred years away.

Oil is essentially a fungible commodity.

A reduction in Saudi production increases prices everywhere.


"The primary reason we care about Saudi is oil. "

There is also the Israel question which makes the US position pretty complex.


> would the outcome be better?

Yes. The world would be a better place if people did the right thing. It's not complicated, really. In this particular case: see a regime that dismembers journalists and hunts women who "run away"? Don't deal with that regime, or anything that is related to it.

To point out the obvious, invading other countries, bombing "terrorists" without due process, meddling in affairs of people across the globe, increasing oil production and doing nothing about the upcoming climate catastrophe should all be considered as "NOT the right thing to do".

Of course, with a statement like that, there will always be plenty of butsayers. "But..." [and here goes a list of various muddy reasons why everything is relative].


>Of course, with a statement like that, there will always be plenty of butsayers. "But..." [and here goes a list of various muddy reasons why everything is relative].

I'll start off by saying that in a world without Saudi oil, the world economy will collapse, and the economic prosperity implicitly assumed by our modern progressive values will evaporate, leaving us with a Stone Age economy and the Medieval values that come with it.


> I'll start off by saying that in a world without Saudi oil, the world economy will collapse, and the economic prosperity implicitly assumed by our modern progressive values will evaporate, leaving us with a Stone Age economy and the Medieval values that come with it.

Funny :-) This is 1) untrue, the world can do very well without Saudi oil, and in fact our future would be better without it given the upcoming climate catastrophe, and 2) exactly the kind of muddy scaremongering reasons I expected.

Just do the right thing. In the long term, we'll always be better off.


There's nothing delicate about the game being played and the goals of said game have nothing to do with privacy and human rights.

If you are friendly with SA you can put pressure on them to improve. If you declare them an evil enemy would the outcome be better?

False dichotomy, one could simply maintain distance. We do declare Iran to be an evil enemy despite the fact that Iran has considerably more in common with the US than SA does: it's quasi-democratic with an established religion, has considerably greater social and economic diversity, occupies a superior strategic position, and rests on a vastly more solid historical foundation.


How many decades of a horrendous human rights record and exporting terrorism does it take before we admit that making friends with horrible people doesn’t improve them?

> The natural resources in the middle east are important to the world ....

Let's fix that. X-Prizes for not using oil, but something else renewable.


>You can't lecture other countries about freedom while supporting this regime.

Or generally doing any number of the malicious and horrendous things we do here in the U.S.


> By supporting Saudi Arabia the West really shoots itself in the foot.

Well, the West went and took down the regime in Iraq, but some think that didn't go so well, either. SA is ruled by a clan and king, so it's not a full theocracy at least. If you go and perturb things, there is also room to make the situation worse.


Also different than selling them like 10Bil in arms. Europe, for example, has not invaded SA, but is not buddy buddy with MBS.

Also, it's clear that sanctions are a much more powerful weapon than invasion. Western sanctions (or embargo) on SA oil would certainly put them in a tight(er) spot.

No excuses!!!


Weapons sanctions are guaranteed way to hit the Gulf monarchies hard. They are extremely dependent on US tech as far as I know.

The russians would be very happy to help probably.

True. And? While I understand the need for a level of competitive relationships, would it be so terrible to put the burden of selling arms to gross human rights violators on other countries?

Of course, it COULD be bad. Real bad. Hand-waving away such concerns is irresponsible. Having a major oil source friendly to an often hostile nation could have real, even deadly drawbacks.

But so too does always turning a blind eye. If we had gotten into this relationship and worked to reduce the threat (such as investing in other energy sources) we'd be in a better position, we could be at a point to change the relationship at reduced risk. We didn't, and we need to face the concrete realities we're supporting out of fear of hypotheticals.

Because now we may be safer, but we're supporting what we proclaim to be against. When we wield moral superiority, it's undercut. When we tell our children to be patriotic, we know the legacy we're leaving them.


No probably about it.

Since the start of the cold war middle eastern states have balanced/played off against each other between the US (and the west) and Russia (previously USSR) when it comes to weapons and lots of other things.

I mean the Egyptians had soviet supplied fighters flown by actual soviet pilots fighting against the Isreali's in American and French supplied air craft.[1]

The US sold Israel better fighters, the soviets sold their potential enemies better SAM's.

[1] https://en.wikipedia.org/wiki/Operation_Rimon_20


Definitely, but the migration and retraining costs are non-trivial, not to mention that US tech is far superior in general.

There are also plenty of thieves in the world. Must we all become one "in order to remain competitive"?

Would the Yemeni rather fight Saudis armed with American weapons, or Saudis armed with Russian weapons?

You just need to estimate to level of sanctions so that the monarchy will still be able to stay in power, without risking an Islamic revolution.

What would an Islamist revolution risk for those that aren’t rulers in SA? Other Islamists regimes have done less harm than SA.

What's the net benefit of continuing to support the monarchy which exported wahhabism to the rest of the middle east?

You forgot the /s

Or Are you not aware that the monarchy is already Islamic, of the kind least tolerant towards personal freedoms?


The decision to let the arms keep flowing and to let SA to get away with a particularly vicious murder appeared to be made on camera by Trump during the Khashoggi saga. The episode was very depressing to watch. https://www.vanityfair.com/news/2018/10/trumps-not-gonna-let...

There's a difference between overthrowing the government and not letting them invest in Uber.

I think the US handled the aftermath of the invasion quite poorly for a variety of reasons, one of which was the heavy exploitation of the sectarian divide.

One could cut trade relations without violently attempting regime change.

Fwiw, the sanctions the US imposes on other countries often are brutal to their innocent population. One thing we could do is provide asylum for persecuted people, but appearently we don't do that anymore (and never have done it in great quantity).

A lot of the early European settlers in the US were fleeing religious persecution. But I suppose it wasn’t the USA then... https://www.loc.gov/exhibits/religion/rel01.html

>A lot of the early European settlers in the US were fleeing religious persecution.

What's your point?

Some of them turned around and treated people who didn't fit in with them even worse than they themselves had been treated when in Europe. I can think of a couple groups who, in retrospect, the natives should have killed on day 1.


My comment wasn’t clear - tehjoker stated that the US had never let in a lot of persecuted people. The early European colonisers included a lot of small groups fleeing persecution. As you mention, formerly persecuted groups don’t seem to behave better when they get power.

Can you tell me what is worst between a theocracy and an absolute monarchy? In SA, the king is bound by no law not even the law of god. He wants you dead on spot, and then you die. Doesn't sound to me a better system.

Whereas in a theocracy, the Ruler is bound by the law of God. God wants You dead on the spot, and the Ruler is his instrument on Earth - and then You die.

The Ruler is now not at fault, because God told, and used, the Ruler to do the deed. The Ruler is absolved of responsibility - God's Will.

...do you see and understand the difference?


There is no difference, and the ruler is still responsible for not refusing the god's will.

Approximately nobody is saying that we should invade SA and overthrow the government. But could we at least stop selling them weapons and giving them nuclear technology and giving them defensive cover from our military?

Iraq and Libya, both of which seemed moderate compared to SA (Saddam less so then Qaddafi). Neither Iraq nor Libya have, to my knowledge, ever been used as an argument for why "we" have to unconditionally support SA, though. Neither of them have been an ally before "spreading democracy", so they don't make good analogies either imho.

Also, "unwavering ally" and "we'll remove their state and let the country fall into civil war" aren't the only options on the table.


I believe the point is that sometimes a tyrant is worse than cutting off the head and seeing the hydra.

Of course it’s possible Iraq would’ve gone different without the Coalition Provisional Authority’s early orders.


>I believe the point is that sometimes a tyrant is worse than cutting off the head and seeing the hydra.

If the last several dictators ousted from nations in the middle east teaches us anything it's that we do not want the hydra. It cost trillions of dollars and thousands of lives to dump all the crap out of the Iraq vacuum. Egypt was teetering on the edge for quite awhile after the arab spring. Libya is still in ruins. Syria speaks for itself. Afghanistan is slipping back into Taliban control. Every time we touch it it gets worse.

While I think we can all agree that totalitarian rulers are not the global maximum they seem to be a pretty clear local maximum in the middle east. The situations that develop in their absence are so much worse on a "suffering per time" basis that it's basically impossible to justify trying to oust them.


Oh that was a helluva a slip. I'd meant to write sometimes a tyrant is better than the hydra.

I believe you're right on the money with your point about a local maximum.


Sometimes that may be true. In these examples it certainly hasn't, and has destabilized the whole region.

Even a bad ruler is better than anomie, especially for local minorities. The yazidis may not have been happy with Assad or Saddam, but I'm pretty sure they preferred them to ISIS and similar groups.


I think the main reason is military cooperation. West supports dictator regimes and in exchange they allow to have military bases there. If USA doesn't support such regimes then they will turn to other countries who are not so picky like China or Russia.

They can, as they always had done. Foreign relations are about trade and military cooperation. Only after these things you use the ideological arguments about "fight for the freedom" to better convince the people about who are the enemies.

well the same should be said about China but we have many companies producing product there and I can guarantee most here have a phone, tablet, or computer, made there.

there are many undesirable countries to do business with, so what is the distinction to be made? To be honest businesses that work in either should be challenged both at investor meetings and online.


The fact is, the West (mainly talking about the U.S. here) doesn't care about freedom. They've made this clear many, many times. It's a buzzword, used when convenient.

It sounds better to say you're invading a country to bring freedom to its people then to say you're invading to take their oil.


If you had to chose between supporting Saudi Arabia and supporting fracking, which would you chose?

That’s a false choice.

They're not completely mutually exclusive, but you can't deny that an increase of supply from one results in a reduction of demand from another.

Now that they know, they can try to swap out for a burner phone along the way.

I've been thinking about having a service that lets someone else randomize the location of your phone. That was the primary goal and it evolved to food delivery couriers having additional services where they charge people's phones in a lockbox while they run around all day.

Result: Many people's location is erroneous data. No single person's use of the service is suspicious and merely reflecting a societal sentiment for privacy. Maybe some of the charging is done with renewable energy.


> I've been thinking about having a service that lets someone else randomize the location of your phone.

It’s called putting your old phone on eBay and buying a new (to you) one.

It really confuses the Saudi intelligence forces when they find a random dude instead of a Saudi runaway.

What I would like is to take advantage of some European mobile providers that have excellent roaming rates in Canada. Prices so good that a local Canadian could only dream of. I’d have 2 SIMs and put one in an rs232 interface each month that interfaces to a phone in EU so they don’t ban me for not spending enough time in the home country.


SDR in a faraday box

going offline would be suspicious

randomly roaming around would not


Can't the cell towers triangulate the phone location anyway.

yes but it won't give them your location, it will give them the courier's. the location history would put your device in totally random locations during the time you want to be anonymous, but it wouldn't look like you just left your device at home either in a way that didn't fit your pattern.

I think OP's point was that the phone would physically be with the courier for a part of the day.

QQ: Can we not make mobiles without IMEI? Surely in today's time WiFi is ubiquitous and that will only increase with many cities installing city wide free WiFi. A simple Internet only phone with built in Tor support can push the envelope.

Most of my communication is through apps. I don't think not having a number would make a huge difference


IMEI is the phone’s unique serial number, not a phone number.

But everything you said still applies: why does my phone need a serial number that it phones “home” with?


For the same reason your Ethernet card and wifi chip have MAC addresses, except the cell network is a single giant address space spanning literally the entire planet. Even better, it's paid-access you wouldn't gain anything by periodically randomizing it unless you also anonymized payment. On top of all that, it's all the way down at the hardware level, and I bet that cell network equipment is sensitive enough to tell what model of phone you're using by looking at the features its silicon supports and then deanonymize you based on deviations from that model introduced by your phone case and which pocket you carry it in and how you hold it.

Is this where I admit that I change my MACs whenever I can to something random when I find the option in my device config?

Yep. Although, as I pointed out, IMEI randomization doesn't do anything if your payment and use authorization isn't also anonymous.

Probably for the same reason many technical horrors arise: It seemed reasonable at the time, it was the simplest solution, somebody added it to the spec for some reason.

Then things like this get used in such a way.


iPod Touch?

I laughed. But you are right! Thanks. Not sure how easy would it be to Tor embed it. I will check if that's possible at all

Smells a bit similar to the Handmaid's Tale:

https://en.wikipedia.org/wiki/The_Handmaid%27s_Tale


Is there a black/underground solution for this?

I can imagine supplying some needy soul with a phone kitted out with a different country's international roaming plan, so that that IMEI was never registered locally, nor associated with a Saudi citizen.


Well gosh now, if we don't track down and capture runaway slaves/women/etc, won't society completely collapse? How could we have a modern enlightened society without this policy?

Also, very important we support Saudi/US war on Yemen and Iran. Gosh those folks are simply barbaric cavemen types!


The astonishing thing to me is that due to oil money and the Saudi royal family, the US and UK have gone all-in with their support of the Saudi regime. When in fact the situation for womens' rights, while for from ideal, is significantly better in Iran.

Historical reasons about the Iranian revolution, cia supporting coups, etc.


Frankly speaking, when it comes to Muslim countries and women, Bangladesh, Malaysia, Turkey and perhaps Indonesia among some others have a great record (relatively). But biggest improvement seems to be coming from Pakistan of all the places.

Saudis and other strict regimes should look into changes that enforces protection and rights and freedom for women. The more well educated and economically integrated women are (along with men), it is better for society.


What laws has Pak government passed recently?

Not much needs to change in terms of Pakistani law -- laws have always favored liberal views and freedom for women in Pakistan. Its just last 20-30 years have been bad socially for Pakistan.

Things have started to turn corner now - media and social activists have rightly pressed case for empowering women and there are number of influential Pakistani female politicians now. Government have started silencing hardliners and have started distancing themselves.

I hope that soon Pakistanis start pushing their girls for better education and to start females to work at all levels of Pakistani economy. This is one thing that is really killing Pakistani economy and is prime reason behind our high population growth. As a Pakistani man, I see good things hopefully for women in Pakistan.


It's just to keep track of them to make sure they are safe... some even like the idea of being tracked at all times because it's so comforting and leads to a feeling of security!

Clearly the solution is to leave the phone at home. It's not like you need it. (Crazy talk, right?) Or for added flair you can try dropping it off at the wrong airport or leaving it in a cab or on a train or something, but that seems riskier.

It's very useful for logistics when you're on your own - finding your way to the next safe place, calling a contact, etc.

The real solution is to buy a burner phone, but I don't know how easy that is for a woman in the KSA.


I didn't say it wasn't useful, I said it's not essential. And since burner phones can be traced too, I would lean toward simply planning ahead, memorizing things or writing them down, and showing up to things in person. That covers everything you need. That's how things were done for the first 40 years of my life, and it worked, and all of those things still work now. Then when you reach asylum you can think about the nice-to-haves.

This also assumes they know that this technique is being used. Seeing this news here doesn't mean it's common knowledge or reported on in Saudi Arabia.

Mmm no, it doesn't assume that. It'll still work even if you don't know you're being tracked.

Engaging security forces to chase women.

Do they also give medals for bravery for that?


I share your concern and anger. This particular phrasing could sound like reinforcing a historical perception of women as innately weak and needing protection. I prefer to think of it as people needing help due to circumstances, and the circumstances in this case perhaps due in part to such historical perceptions.

> I share your concern and anger. This particular phrasing could sound like reinforcing a historical perception of [indigenous people/black people/jews/...] as innately weak and needing protection. I prefer to think of it as people needing help due to circumstances, and the circumstances in this case perhaps due in part to such historical perceptions.

When the persecution of a certain group of humans is this direct and the consequences of capture so severe, I think the semantics of help are irrelevant until the danger is resolved.


Please don't misuse square brackets in a quote to say something the person didn't say. We don't want that to become the new destructively illiterate "literally".

Headline:

> Saudi Arabia tracks runaway women by cellphone IMEI

Parent:

> Engaging security forces to chase women

I'm sorry, what's the need to rephrase?


It might not be a rephrasing of the headline - it might be a summary of the article - that summary seems pretty correct after reading it.

[flagged]


I don't think we're disagreeing in what either of us said, but only in whether it's the best idea to invoke historical sexist ideas (by saying simply "women", as if all else is implied) unnecessarily. Especially when we're talking about tragedies that could be direct effects of those kinds of historical ideas, so it should be on our minds.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: