Oh, so you’re asking for more end-to-end encryption?
> While the letter acknowledges that Facebook, which owns Facebook Messenger, WhatsApp, and Instagram, captures 99% of child exploitation and terrorism-related content through its own systems, it also notes that "mere numbers cannot capture the significance of the harm to children."
This is such a lazy argument :/
> "The proponents of this process use fear tactics to win support, what the four cypherpunks dub "The Four Horsemen of the Info-pocalypse: child pornography, terrorism, money laundering, and the War on Some Drugs." In other words, laws passed to go after child pornographers, terrorists, money launderers, and drug dealers end up chipping away at everyone's privacy. The classic example is the PATRIOT Act, passed to prevent terrorism but soon used to expand wiretapping and National Security Letter powers in other contexts."
I'll take the privacy side in most any discussion of privacy-vs-security, but categorically denying the possibility that some crimes could be aided by encryption seems a step to far.
It's also bad PR strategy: anybody not already on your side will be put off by your apparent lack of reasoning skills.
Instead, acknowledge the possibility and show them why you consider the benefits outweighing the risks.
They're not. A number of horrible things will happen as a result of pervasive end to end encryption.
You have to run the numbers here. On the one hand, perhaps a bit more crime, some of which horrible. On the other hand, the privacy of everyone.
It's a hard sell. Just picture a politician on live television having to choose between having this cute little child being raped for years before they commit suicide (letting the perpetrators off the hook), or ramp up the surveillance a bit. Picture them choosing rape.
Nevermind the false dichotomy. The horrible fact is, the value of human life is not infinite. A mere inconvenience, suffered by enough people, is worth killing a few. Such situations rarely present themselves. (We rarely condone murder in the name of the betterment of humanity: some tried, didn't go so well.) End to end encryption (and metadata hiding while we're at it), is such a situation. The harm, though hard to perceive, is significant, affects everyone, and can potentially grow into full blown totalitarianism (possibly enforced by incentives rather than violent policing).
Preventing that is totally worth killing a few children… or at least spend resources on properly policing the problem, like going undercover.
Still, go say that on TV. I'm not even sure I'm safe writing it here.
It's not just a matter of "many small harms > few large harms" though. Not having privacy can lead to severe harms.
If the bad guys break into a system that allows them to effectively wiretap everybody, now they can snoop around and find blackmail targets. "I know what you did, have sex with me or everyone will know. Or send money. Or give me your employee access badge."
Results: Rape, financing child sex trafficking, facilitating an act of terrorism. Or any of the less visceral but nonetheless widespread and significant consequences like major financial fraud or corporate espionage.
And that's just blackmail. What about the suicides of people who get doxxed? Or the people in violent relationships whose abuser is in law enforcement or in a criminal enterprise that has compromised the surveillance apparatus? Or the mental health epidemic which results when people know their communication is exposed to people they don't trust to see their true selves and then self-censor into performance-art conformists riddled with anxiety and loneliness?
Privacy is about keeping perverts in law enforcement from reading the sexting that should only be between you and your spouse, but it's also about keeping the country and the people safe from terrorists and foreign powers, keeping victims safe from abusers and allowing people to satisfy the human need to be themselves in communications with people they trust.
Privacy isn't a trade off against security, it's a necessary component of having security.
If you consider "not saving while you could" the same as "killing", it's very common. So much in fact that it has its own WikiPedia page:
With a cosy link to a letter by the Department of Transportation:
> this guidance identifies $9.6 million as the value of a statistical life to be used for Department of Transportation analyses assessing the benefits of preventing fatalities and using a base year of 2015
Our society at large acts just fine with drunk driving deaths; looks like killing people while drunk is less abhorrent to us than trading photos of a teen.
I’m guessing it has to do with sense of purposefulness, malevolence vs. negligence, or identifiability with the commission of the crime?
FWIW, I applaud your willingness to make such a statement. (And no, this is not sarcasm!) Self-censorship is a horrible thing, and I feel like I die inside a little bit every time I catch myself doing it. But more and more these days it begins to feel like even hinting at a willingness to engage in "thought-crime" is exceedingly dangerous. I mean, shit, a woman got passed on for a job because she had a picture of herself in a bikini on her Instagram. Imagine if a prospective employer find a comment online which could even remotely be twisted into saying that some child deaths are a sacrifice that may be inevitable in order to protect an abstract principle like Freedom, or "Free Speech". Zoinks!
Do you say you want to apply a dictatorship state of global surveillance because criminals are going to use the internet? What about other tech available to them? Are we going to set up a surveillance mechanism in those as well? Scooters? Cars?
Who's going to compile all that data? How is it protected?
It's about the Governance of Information,
and guess what,
I want to be Governing my Data, not some shady politician that got elected for a 5 or 7-year term in some other country.
Every actor in those systems have access to the data of every person that got their info collected.
And yet we are still here with that pedophilia and terrorism argument that, while they are very true, have still evolved and expanded. Even with the Cloud Act and all of the shady agreements
It's an evolution of our sick society, we had that kind of criminality rampant in 2000, we saw that evolve with the net,
But just like the young gangsters that evolve with stolen scooters,
Criminality will always have its sick way.
But dictatorship and global surveillance?
We didn't accept that in the 2000.
And we should never accept that at any cost,
even if it falsely promises to resolve the problem of pedophilia, terrorism, and criminality on those spaces by applying weird unknown algorithms
Technology will always be used by criminals because these are part of the society we build and evolve. They will change their behavior just like all of us; We cannot give up on our freedom and ethics to help catch the few.
And that's what's the problem. I don't care about police retrieving the data of a criminal once a judge has agreed to that, I care when we give them the entire web information and allow them to dictate the behavior of those networks
But the argument doesn't even make sense. It makes the horrible assumption that pedophiles will continue using a service they know to be insecure. That's literally a provably false assumption. The second they realize it's insecure (which will take exactly one raid), they'll switch to something else.
And ALL of the above assumes that there are no criminal programmers and thus they have no ability to just write their own tools if there isn't something sitting on the shelf. We know with 100% certainty this is also a false assumption.
That's literally a provably false assumption.
The second they realize it's insecure (which
will take exactly one raid), they'll switch
to something else.
Has every criminal in the world stopped using the phone after the first phone was ever tapped?
And ALL of the above assumes that there
are no criminal programmers and thus they
have no ability to just write their own tools
You need better arguments than "if we can't stop all crime with an action it has no value" because it is a silly argument.
Arguments like "we all need to abandon privacy to maybe, potentially stop some crime somewhere" are equally silly.
Everyone should avoid silly arguments.
It's not an assumption at all. The fact that people engaged in child pornohraphy have had decrypted communications used against them in court demonstrates this to be true.
Ephemeral conversation is not new and implicit in a right to privacy assuming it extends beyond your actual corpus.
The only way I understand your arguments to be a justification to break encryption is if you believe we should not have freedom to share privately.
It only demonstrates that for some people, it's true. What about cases where they were using secure channels and thus haven't been caught/charged?
Perhaps we should aim for not leaving any piece of space on Earth unsurveilled?
This was tried by a Canadian Minister at one point to sell surveillance in this extreme way:
> In February 2012, as Minister, Toews introduced the Protecting Children from Internet Predators Act (also known as Bill C-30). The bill, which made no mention of children or "Internet predators" outside of its title, would have granted police agencies expanded powers, mandate that internet service providers (ISPs) provide subscriber information without a warrant and compel providers to reveal information transmitted over their networks with a warrant. When criticised about privacy concerns, Toews responded that people "can either stand with us or with the child pornographers."
The legislation in question went down in flames as plenty of people sided "with the child pornographers":
We see politicians regularly choosing to not enact overwhelmingly popular positions like universal background checks in the face of mass murders of children.
How many politicians have done anything to stop the Catholic church from hiding child rapists? This is a much more direct harm and no one who isn't a child rapist would lose anything if we fixed it.
Politicians are already choosing rape and murder when the stakes are much lower.
1. They said that FB captures 99% of those illegal activities by themselves. What makes us think that government will be able to capture that last 1% on their own?
2. Encryption gets removed, potential perpetrators move to another platform that uses encryption and doesn't have the capability to catch those illegal activities that FB already catches using their internal systems. Congrats, now those perps that would have been caught (even if FB implemented the encryption) won't be caught at all.
And with the uncertainty that comes to mind with both of those points, one thing that is definitely guaranteed to come is further erosion of personal privacy.
To stress even more on this point (I have to also FULLY agree with the second), what evidence is there that lack of encryption will even make it easier to capture this 1% more. Pareto is a real thing. I'm not convinced there's an easy answer to capturing the last 1% and that it can be done with minimal resource allocation. That's where I start being suspicious. The back of the envelope math doesn't work out.
I spent less than a minute thinking about this, but there are probably tons of other strategies they can employ. People familiar with the domain, I would actually love to hear your takes on this, as the topic is fairly fascinating.
But imagine if some crazy billionaire set up some sort of autonomous decentralized system that constantly attempted to MITM all the same systems the government likes wiretapping; and then, if it managed to extract any data from that attack, it would find names in that data, and put bounties out on those people on assassination markets (paid from anonymous accounts previously set up by the billionaire.)
Now the choice is between some people dead, and a lot of people dead! Everyone get on board the privacy train!
That is-- pick an insanely fast development cycle where piecemeal/baroque security approaches simply cannot keep up. Eventually you arrive at a place where the whole endeavor become a giant tinder box just waiting to go down in flames. But that forced browser vendors to say, "Ok, let's just assume everything is constantly on fire, cordon everything off into flame retardant boxes, and improve our response time by many orders of magnitude."
If anything ever gets too hot from the thousands of strangers I casually let in the front door I simply move to another building and recycle the burning one.
Meanwhile I treat my Debian install like a prized piece of Shaker furniture. You'd have to be a goddammned 19th century furniture historian with your credentials showing before I let you anywhere near my brittle little museum.
We used to be protected by the ephemeral nature of 99% of life and by the inability for anyone to centrally view or mechanically process the other 1% (letters, diaries, etc). This is just as much argument for strong protection as your argument goes against strong protection.
I think everyone here is familiar with Pareto. Capturing 80% of criminals is easy. Catching the next 10% is harder than catching that first 80%. Catching that last 1% takes significant amounts of resources, way more than the previous 90%. So it just isn't economically viable to stop it all (exponential curve and we don't have infinite resources).
So I'm not sure that saying
> A number of horrible things will happen as a result of pervasive end to end encryption.
But I don't think it is necessarily wrong either. I think encryption enables it, but this sentence implies causation (which is the rhetoric of those that want to remove encryption: causation).
How I read the horsemen comment is that these topics are used as boogie men. Because what sane person wants that stuff to exist? OF COURSE we want 0%. How can you be against stopping child trafficking? (practically) No one is against that! These are also topics we care VERY much about. Because frankly we should do everything we can to stop child exploitation. But we know the goal is unobtainable and to get only a handful more than we currently get (which is almost all of them!) requires huge violations of privacy and significantly more resources to be allocated. The horsemen are being used to get us on board and make us not ask if these methods are meaningfully effective or ask what the costs are. It also says that anytime you hear officials talk about the horsemen that you should perk your ears up and start asking serious questions. How effective is this? Does it actually help? What are the costs? The Patriot Act is a good example. It is not clear that it meaningfully reduced terrorism in any way and yet we gave up a significant amount of privacy (I can quote founding fathers on this too).
So it boils down to "if giving up the privacy does not do an effective job at making any meaningful reduction in actual child trafficking <insert horseman>, why should we give that privacy up? There's clearly benefits to privacy. So is this issue really about child trafficking or is something else at play here and are they just feeding off my emotions?"
Yes they are. And it works because we can't multiply, emotionally. I tend to avoid LessWrong links around here, but this one is appropriate: https://wiki.lesswrong.com/wiki/Shut_up_and_multiply.
My first comment alluded to the torture vs dust speck dilemma. Horsemen vs privacy is nowhere near as extreme (especially at the dust speck end), but it has the same structure. If lay people realised this, the horsemen would not convince anyone.
Actually, please stop there and think about this for a second.
Having zero crime depends extremely strongly on the precise definition of "crime". Much more so than other, non-zero levels of crime.
This is only a good thing if you are absolutely sure that the definition of what constitutes a crime right now is perfect and immutable.
Extreme positions are almost always a bad idea and I think this is one of those cases.
I'm adding to your point by saying that I don't consider "0% crime" as a desirable goal since crime is something defined by people and people are fallible, hence the definition is also fallible.
The problem is not in removing meaning from the word "crime". We all have an imprecise, handwavey meaning of the word in our minds when we use it. We usually mean something like "undesirable behaviour which benefits a single individual while harming others". The problem arises when you try to operationalize this loose notion into laws since this process frequently results in errors. Another way this can go sour is due to overreach by groups currently in power in an effort to stay in power, leading to loss of freedom (which is more applicable in this case).
In other words, some crime is actually people breaking the law because for good reason, like rebelling against an unjust, inefficient or overreaching law.
Therefore, it's better to strive for a low crime rate than a zero crime rate. This is also the conclusion you arrive at through the application of the Pareto principle.
sounds like "War" to me.
Who is more of more danger to you. A cabal of rich drug dealing terroist pedophiles or your own Government? The argument then becomes one of statistics and then of the lesser harm.
I imagine the answer is obvious with the Government being sigificantly more harmful. You're likely comparing a few hundred deaths of tens of thousands.
You'll always find a subset of the population who thinks the death of citizens or harm is justified in some way, because they took some action that broke the law.
But find enough examples where the offernder did no direct harm to anyone else and I suspect you'll give most reasonble people pause for concern.
And if the facts don't match your gut, then maybe you're wrong and privacy isn't all that important.
The thing to point out is that we all make the implicit choice to let people die for convenience every single day: Almost all of us could choose to pay a bit more to charity to save a life, almost no matter how much we're currently giving or what we're currently doing, or could choose to take jobs that would do more to make the world a better place.
We just rarely have to face what choosing differently would have meant, so we get to pretend it doesn't have much to do with us. And granted, most of the time the consequences are many steps removed from our choices.
I think this kind of dark-sounding reasoning only holds up when you phrase it not as “a mere inconvenience” but as tyranny, which is what encryption and privacy in general protect against.
I support personal rights to privacy, and believe that we should find ways to enforce laws without violating privacy. Representative governments need the ability to alter their own power structure in order to function, and yet human power structures naturally resist change, including by spying on those who conspire against them: therefore, privacy is essential for representative government. Representative government’s alternative is tyranny, which we know creates incalculably-large-scale suffering.
Human nature is at the root of why privacy is costly and also why it is necessary; however, much evidence suggests that the set of aspects of human nature we express is mutable and dependent on environment.
While I would never argue that we can remove those aspects of our nature, I believe we can alter our environment to reduce how frequently we express the more sinister ones.
In short, I’d rather work on reshaping our environment, including and especially our culture, to make privacy less necessary and costly, than to debate whether it is either. It is both, and it will always be both, but we can make it less of both, or more of both, with our culture. Same for guns.
Sure, idiots do stuff like this all the time. Sure they get caught. But idiots usually get caught by other means, too. And you never catch all the idiots, there's just too many of them.
Estimates say there are something like 20-40 million slaves in the world, and that 50,000 people are trafficked per annum in the USA. Something like 20% of slaves are sold for sex. Facebook is believed to be a common platform to facilitate this, though I haven't been able to find numbers.
In contrast, despite the occasional news post of a particularly incompetent company leaking a database of plaintext passwords, Facebook's data storage is pretty safe, and encryption does still afford a lot of protection. The idea that hundreds of thousands of people are going to have their private data extracted from Facebook through individual attacks against the servers is not well corroborated.
Totalitarianism is an important long-tail risk, but I don't think it's reasonable to suggest that these programmes are a path to it. Overall privacy rights quite plausibly are, but that issue exists primarily as a matter of policy and law, not as a matter of technology. If the laws are bad, Facebook illegally preventing protection of trafficking victims will not help those laws change to a more moderate position, and if the laws are reasonable, cooperating to prevent trafficking victims would not be harmful to positive political outcomes.
The scale of abuses would have to be multiple orders of magnitude smaller, or detection mechanisms incredibly ineffective, before this tradeoff made sense to me.
<braces for backlash>
Wow. I can't agree with that one even a little bit. The real concern is totalitarian abuse. But being inconvenienced allows us to kill? That rings as downright pathological.
In practice, the tradeoffs are never that extreme.
Yep. I'm pretty sure you just torpedoed any hope you may have had at a political career.
There's also personal defence, but that one has disadvantages too (there might be false positives, were a presumed mugger would get shot). Plus, from what I hear, guns have different effects in different countries.
It's a complicated subject. My opinion right now is not informed enough to be trusted.
This argument is so unbelievably stupid, that I don't even know where to begin.
First of all, encryption in WhatsApp is targeted towards consumers. You won't catch terrorists by limiting encryption. If terrorists and other criminals are not using encryption anyway, then they are so stupid that they deserve to be caught.
The only thing a lack of privacy does is throwing us further into dictatorship. Just imagine a madmen, like uhm... say Trump, with the full power of the secret service behind him and limited to privacy for end-users. Well this is just great. All the dirt he can dig up about his opponents. He asks foreign governments to dig up dirt, okay, that means right now the NSA isn't too much inclined to help this guy out, but what if they were?
If you water down privacy you are robbing the people of their only chance to organize protests and rise up to authoritarian governments.
Last but not least, the crimes prevented by not using encryption are absolutely negligible. The numbers are so freaking low that each day more people will die in car accidents in the US alone than would die globally because of pervasive usage of unbreakable encryption.
This analogy of `Uh a person could be prevented from getting raped is more important than preventing a fall into dictatorship` is so contrived that I don't even understand how anyone can eat this shit. Bad things happen all over the place and you are buying this sham argument that is preying on human psychology.
The societal default used to be that substantially all conversations were inaccessible to the government except through testimony. Encryption does nothing to change the availability of information through testimony.
Previously, remote conspirators could collaborate through the post, and their conversations could only be accessed with a warrant specifically targeting those communicators. End-to-end encryption does little to change the availability of information in a targeted investigation; it just means it's a little more difficult to access the information than entering a phone number into XKeyscore. Investigators can install malware on the device, or microphones and video cameras in the suspect's home to hear or see what is being communicated.
Forbidding end-to-end encryption, in combination with our mass surveillance apparatus, changes the societal default to be that substantially all conversations are trivially and automatically accessible to the government.
Anyone remember the FBI and Apple case a few years back? How quickly the FBI hacked the phone after Apple wouldn't cave? Other tools exist to do targeted surveillance and targeted attacks. Only authoritarians want mass surveillance.
To be fair, Apple is working to ensure FBI won't be able to do that next time.
"Why isn't your desk in front of the telescreen?" - 1984
The day will come when not having an Amazon Echo or Google Speaker will be considered probably cause for a search.
Sure. Before the telegraph was invented. And even before that people used security measures, such as wax seals on letters to prevent tampering or at least have an ability to detect whether or not the message has been tampered with.
You seem to think of messaging systems as if they were spoken conversations in private. They are not. Just because you are chatting with someone from the privacy of your own home, doesn't negate the fact that your words are traveling through a lot of wires and boxes belonging to all sorts of private and public entities.
During WW2, American federal government established Office of Censorship whose sole purpose was to review and censor all communications coming into and out of the country. Now imagine them finding that someone is mailing letters written in an unbreakable code. How long do you think it would take for the FBI to break down that person's door?
I am not saying we should not have end to end encryption. I am saying that government spying on citizens is nothing new, it is not something that was ever limited to totalitarian dictatorships and it should not be surprising to anyone that the government is trying to fight it. The news is not that the government wants to keep an option to read your communications. The news is that first time in history there is a chance people might want to and be able to stop them.
It wasn't done that way. Envelopes were opened, and stamped "Opened by Censor". Material was cut out of letters. Censorship was not concealed at all.
A secure E2EE system must resist even targeted, legally authorised attacks. Are you suggesting that secure, practical E2EE systems do not currently exist? Would a world in which law enforcement must install physical listening devices and exploit unpublished software vulnerabilities to surveil suspects be more private than our current world, where E2EE is available but often disabled by default, and trusted intermediaries like Facebook and Google can be legally compelled to disclose non-E2EE messages?
> Forbidding end-to-end encryption, in combination with our mass surveillance apparatus, changes the societal default to be that substantially all conversations are trivially and automatically accessible
That is not (publicly acknowledged to be) the case today, even though non-E2EE platforms like Facebook are widely used. While Facebook could currently comply with laws authorising mass surveillance, and implementing secure E2EE would prevent them from doing so, the warrants under which they currently hand over non-E2EE messages are at least somewhat targeted. This controversy is not about a proposal to relax the need for warrants, it's about asking Facebook to preserve their ability to comply with them.
I for one am not willing to give up any freedoms in order to prevent the sharing of such vile material. Perhaps the creation, but not the sharing.
This is contradicted by the evidence we have to the contrary, in particular the model of supply and demand identified in child porn markets.
Child porn piracy is an essentially victimless crime.
Note: In the above I am considering the generic example of "child porn" to be broadcasting the forcible rape of prepubescents, not 17 year olds sending each other naughty pictures, which is what most content matching the US legal definition is (the UK one is just stupid as it includes drawings).
This runs contrary to the fact that people share things not just for monetary profit, but for other videos/pictures in exchange, and voyeuristic/exhibitionist reasons.
I'm sure some of the kids in those videos would have something to say about that.
I'm sympathetic to those people's plight but ultimately I place a very high valuation on not only my privacy but everyone's privacy, A much lessor but still very great valuation on preventing such evil happening to the victims, and only a small valuation on preventing the ultimate sharing of those images between perverts except insofar as it serves to lead us to people doing the wrong.
I believe that via a substantial effort we can work to reduce the abuse of children, I think we can via a lot of work take down the groups of people sharing such data by infiltrating such groups and taking down the people participating. I believe that outright stopping all such sharing is probably impossible and I'm unwilling to implement 1984 to try.
I don't see those kids getting hurt any further unless they happen to be the sort of people that go out of their way to seek out child abuse material. It's hard to imagine anyone ever accidentally running into images of themselves being abused. You can't possibly be re-victimized if you don't know.
I don't mean to sound heartless, obviously these are horrific acts which hurt people deeply. I simply don't think banning encryption or otherwise eroding our rights to go after distributors and consumers is really going to have much practical effect on how the victims end up feeling.
E: HN doesn't let me reply to selectodude below
>the mere knowledge that pictures of you being abused on the internet is extraordinarily difficult to deal with
I absolutely agree with this. I just know that nobody can ever go tell the victim that now those pictures are forever gone off the internet.
But yes, the mere knowledge that pictures of you being abused on the internet is extraordinarily difficult to deal with. Maybe not the best direction to go in when arguing.
There is no benefit to outweigh. For there to be benefits one must convince oneself that we will actively prosecute bad actors via intelligence gathered via holes we will publicly announce we are drilling into previously secure platforms and drug dealers and terrorists will never figure out how to embrace free open source p2p software that doesn't share these disadvantages. There isn't even one smart person among the bad guys or even among the good guys who will create a platform one can connect to with a few clicks amenable to even techno morons. What could possibly go wrong.
It's not supposed to invalidate the reality of the matters concerned. It's supposed to suggest that that they're not actually the issues at hand, with CP and Drugs and Terrorism being used as stalking horses because being in a position of being seen to defend the privacy rights of terrorists makes for terrible PR.
Some crimes could be aided by virtually anything. E.g. let's destroy all the roads so criminals won't be able to travel.
This won't increase the number of people affected or reduce the number caught. The only thing encryption can do in this case is make it more difficult for the government or foreign governments to read personal messages.
Not implementing encryption here can only help people violate people's privacy, it cannot help the government do its job.
The letter specifically describes an offender who was sentenced to 18 years' imprisonment, detected when Facebook read his non-E2EE communications with a child victim. Are you suggesting this was an unimportant or unrepresentative case?
It's silly to think that terrorists use Facebook
How about 24x7 surveillance for politicians and priests and no surveilance for normal folks.
edit: ok ok sorry I misread
3) money laundering
3) war on [edit: some] drugs
But rarely did you see or hear about any of those people landing in jail or prison for long periods. If you heard anything it was more or less laughed about, and society forgot about it. The perps maybe would spend a day or two in jail, get bailed out, and have their lawyers negotiate and plead down to a misdemeanor or something like that. Rich guy goes back to party and life.
Crack users? Well - they all ended up in prison for super long stretches and/or died there. Nobody cared or cares. Certainly not the above cocaine users and abiders.
It wouldn't surprise me to learn that the people abusing the cocaine and making deals like that weren't also in on the production and selling of the crack made from a portion of that same cocaine...
Reminds me of this story:
"Back during World War II, the RAF lost a lot of planes to German anti-aircraft fire. So they decided to armor them up. But where to put the armor? The obvious answer was to look at planes that returned from missions, count up all the bullet holes in various places, and then put extra armor in the areas that attracted the most fire.Obvious but wrong. As Hungarian-born mathematician Abraham Wald explained at the time, if a plane makes it back safely even though it has, say, a bunch of bullet holes in its wings, it means that bullet holes in the wings aren’t very dangerous. What you really want to do is armor up the areas that, on average, don’t have any bullet holes. Why? Because planes with bullet holes in those places never made it back."
Qoute from https://www.motherjones.com/kevin-drum/2010/09/counterintuit...
If not, you're a bad guy and we can discount any argument you put forth am I right?
Am I right?
High five? Anyone?
Point being that the enemies privacy have been waging an extremely successful propaganda war against our position for longer than most privacy advocates have been alive. A campaign that is at once massive and specially calibrated to go unnoticed. (How many connect the 'Telescreen' to the example in  in their minds?) They have the power to ensure that hand picked, specific examples, calibrated to inflame, are used as flag bearers in the zeitgeist. They have a long game of very specific goals, coupled with an army of natural language, behavioral psychology, and media experts all dedicated to that singular purpose. They have decades of experience at manipulating populations at scale, and a track record replete with successes.
Meanwhile, we sit on HN and social media talking to each other about how our side will be proven right in the end. You know, 'cuz "freedoms".
We have to start addressing the legitimate points that government and law enforcement types are making, because not doing so cedes more and more ground in public behavior and public opinion to those enemies of privacy. The great irony here is that we ourselves have helped them manage to cast themselves in the public eye as the "champions of safety", due largely to the poorly chosen nature of our bedfellows. We need to start getting out in front of a lot of the legitimate arguments that law enforcement is making, and we need to push back against professionally subtle narratives in the national media that attempt to attach us to yet more unsavory bedfellows.
 - https://www.cnn.com/2019/10/02/us/woman-assaulted-boyfriend-...
and, mostly because it's mentioned in the engadget article:
Specifically Apple-related and North American examples?
And Apple-related? North American? That's not relevant at all.
You boldly claimed that the government is observing me in my home through my devices, and I want you to show your work.
PRISM happens at the ISP level, and doesn't mention directly using iPhones, Macs, HomePods or tv as surveillance endpoints... So, where's your proof showing that they're surveilling US Citizens through those specific devices?
That's an oddly narrow goalpost. Apple shares user encryption keys with the Chinese government, for example, giving the Chinese government access to all iCloud pictures, messages, documents, videos, etc.
I didn't want to get accused of moving it later. Also, I'm only interested if there's evidence that applies to me. I'm 100% Apple and 100% USA-based, so if there's proof that "the government is listening!" then I want to see it.
Chinese government nationalized the data centers six months later, gaining access to all the encryption keys and user iCloud data at rest:
Apple does business in China the way they have to do business in China. I don't agree with that, but I'm also quite sure they have not given my iCloud keys to China.
Also, how exactly was what I said "not accurate at all"? I accuarately said Apple was sharing iCloud data and encryption keys with the Chinese government.
Direct quote. Emphasis mine.
Is the full sentence with context, meaning access for all the iCloud data for the encryption keys being shared. Don't mince words because you misunderstood the sentence.
PRISM was proof that governments pressure tech companies to become sources.
How to build a program to retain power:
1) Make new tech that is very convenient but has potential to become surveillance vector.
-> e.g, Phone with voice recordings, fingerprint Face ID, location data, network of friends. Smart TV, smart watch, smart locks, Alexa, etc.
2) Support consumer adoption.
3) Keep public attention on the evils of foreign states and domestic terrorism.
4) Convert devices into active surveillance sources citing home security, public safety and the classic “what do you have to hide?”.
5) Do so as fast as possible without creating a revolt.
6) Have such pervasive surveillance that it becomes increasingly difficult to discuss, assemble and revolt.
7) Continue to introduce more controls, reduce freedoms, increase work week, taxes.
Many smartphones have this, and will respond to "Ok Google" or "Hey Siri". Do you view this differently?
The phone has to cherry pick phrases and capture times. With the right codex, the phone could keep recording for a long time after the right phrase or your IMEI is targeted. Still sub-optimal, but not as easy as Alexa. My bigger concern around phones is GPS data. That's why I've not had a phone in my name in the last twenty years and never owned a smart phone.
Now put the data sets from your phone, Alexa, your credit/debit card together and that paints quite a full picture.
The Ring device is very interesting. It faces the street. I mean, the house on the other side of the street. A network of those can track the movement of anyone that lives near one.
i.e., of the illegal stuff that goes through their system, some of it is captured, and the majority of that is caught by Facebook's own system.
Note, this article is recent and highly relevant: https://www.nytimes.com/interactive/2019/09/28/us/child-sex-...
> And when tech companies cooperate fully, encryption and anonymization can create digital hiding places for perpetrators. Facebook announced in March plans to encrypt Messenger, which last year was responsible for nearly 12 million of the 18.4 million worldwide reports of child sexual abuse material
> Data obtained through a public records request suggests Facebook’s plans to encrypt Messenger in the coming years will lead to vast numbers of images of child abuse going undetected. The data shows that WhatsApp, the company’s encrypted messaging app, submits only a small fraction of the reports Messenger does.
Talk about fear mongering, that article is horrible. It's the same old argument. "Child abuse is bad therefore you can't have any privacy", they position you as being against protecting children when your stance is actually pro security & privacy.
1. Privacy is important and good
2. It has almost certainly contributed to an explosion in the production and sharing of child pornography and abuse
The question is what is the moral way to reconcile the two, not to deny that either exists.
Child abuse has always been happening (several of the older members of my family were abused), it just wasn't broadcasted. Even today I bet 99% of child abuse is never caught on camera. The increase from child porn is probably negligible.
However, without perfect privacy, every world citizen would be subjected to such monitoring, and we'll basically be exactly what 1984 is, with the metaphorical "telescreen" functionality spread across pretty much every device that's connected to a network.
The USA took steps to actually protect property in its founding, something the Supreme Court has interpreted to include privacy as well. From this perspective, the rights of citizens wither away when the government is allowed to take the smallest step towards mass surveillance. For that reason I am very much against it.
My other perspective is from a security standpoint. I believe that if companies are not doing everything in their power to protect themselves and their users from data loss / hacking / theft, they put everyone at risk. Intentionally lessening the security of a product at the request of the US government means giving a potential thief or hacker more attack vectors to exploit.
> The Times’s reporting revealed a problem global in scope — most of the images found last year were traced to other countries — but one firmly rooted in the United States because of the central role Silicon Valley has played in facilitating the imagery’s spread and in reporting it to the authorities.
Clearly the NYT is laying the problem at tech's feet, and we are the best ones able to thwart this. Many times I've scoffed at the government's continual removal of privacy, but this is the first time it's sunk in. Perhaps they have a case.
> 1998 - 3k cases.
2008 - 100k.
2014 - 1M.
2018 - 18.4M.
These figures from a total of 45M images flagged.
Again, is this for real, or this this propaganda?
There are two things I would point out:
1) I would be surprisesd that the ease of communication the internet brought did not benefit to criminals
2) The article describes several problems that won't be fixed by encryption ban (e.g. the lack of means for report clearing houses) and also gives exemples of cases solved despite encryption. I would like to understand why encryption is described as the problem here.
Not to mention:
Congress has regularly allocated about half of the $60 million in yearly funding for state and local law enforcement efforts. Separately, the Department of Homeland Security this year diverted nearly $6 million from its cybercrimes units to immigration enforcement — depleting 40 percent of the units’ discretionary budget until the final month of the fiscal year.
Or in other words, in order to fight the imaginary rapists that Mexico is allegedly sending us, DHS is diverting money originally allocated to investigate actual child rapists.
Facebook has said that they don't do this outside of Australia, where it is required by law, but come on, are we really going to take Zuckerberg's word for it?
This is why I believe that end-to-end encryption is not truly useful unless the source code of the clients is public, or the protocol is open.
Any closed source client can read messages at the ends, or be forced to do so by an evil government.
At the very least, they could open up XMPP compatibility again so that people could write their own open source clients for it. Australia wouldn't be able to do anything about the propagation of such open source software.
I was able to have end-to-end encryption running on top of MSN, AOL, ICQ, QQ, Facebook, Gtalk, Yahoo, and several others about 10 years ago with Pidgin and simple plugins that encrypted/decrypted messages on the fly. It's too bad they all moved selfishly to closed source walled-garden mobile apps -- it's a big step back in privacy.
Matrix is close, but not what I'm describing. It's far more centralized than I'd like to see.
They want a fishing net so they can catch these people by the thousands.
It's disgraceful that Signal hailed WhatsApp's announcement to use it almost like a second coming of a religious figure.
Credit where it's due, good on them building such effective systems to catch this content.
You can get legal datasets for sick pr0n or warzone stuff you would like to keep off-platform that might have the same psychological effect on you.
There's a little ambiguity in there, but I wouldn't go so far as to say it's "misleading".
I mean, I agree with you on the argument completely, but I disagree that it’s a lazy argument.
It’s an extremely effective argument, relative to its factual content. The west is culturally conditioned to accept terrorism as justification and child abuse justifiably gets people riled up.
What’s lazy is people who can’t be arsed to look at complex things from multiple angles.
Good to see that the "think of the children" argument is still in use today. /s
 - https://en.wikipedia.org/wiki/Think_of_the_children
They need a permit for a car? Why not just steal it?
I need an identity to do shady stuff on the internet?
Why not steal it?
We cannot reason with malevolent forces, there is always going to be away,
And by that time, we compiled the data of everyone, centralized it all, and let govs that don't understand the implication collect those as if it was mere petrol or gold.
We are putting everyone's life at risk doing so, just wait until it leaks out or it starts getting sold. (ahem, oh wait !)
It is a problem, and tbh it saddens me a f* tons.
1984 rings more true with each passing day.
"It was meant to be a warning, not a manual."
Congress was provided “encrypted text messages [the top US diplomat in Ukraine] exchanged with two other American diplomats in September regarding aid money President Donald Trump ordered to be held back from Ukraine.”
Might the AG also want to monitor these messages?
And I’m not sure what the AG has to do with Epstein’s crimes. Did you get some people mixed up?
There's still a possibility it was an actual, non-coerced suicide.
The AG is a loyalist to and subordinate of the President, who was an associate of Epstein and who was also at one point accused of having had Epstein procure an underage girl for sex.
But that's exactly how many problems are solved.
Perhaps I should clarify that the only way we are going to solve he healthcare issue in the US is by the government spending money on it.
Oh, bull crap. By this argument, literally no protection or liberty that allows even one child to be harmed could ever be tolerated. Why stop at vetting baby-sitters or teachers? We ought to require mandatory background checks for every person who ever visits a family or goes into a public space that might contain children. Law enforcement also ought to be able to track every underage child at all times, via mandatory GPS collars.
At the risk of sounding callous, there are occasionally some situations where you really do need to shut up and multiply.
The reptilian brain will respond differently to children from different cultures on the other side of the world. I understand the logic behind your argument but policy isn't driven by logic.
It's an appeal to emotion and a commonly used tactic of politicians to get what they want (and to convince people it's what they want too). Used all the time in gun control debate.
Well, I think the aim is to create (or in this case, maintain) a emotional button that when pressed, create such an extreme picture in the person's mind that they instantly respond with "your freedom? versus this?, yeah screw your freedom, we gotta stop this."
The extreme the pictures shown on media, the more minachean the TV plot, etc, the stronger reaction.
I completely agree. Now can we talk about guns just lying around the home?
In fact, I wouldn’t be surprised if data could be generated that shows cyber bullying on Facebook results in more child suicides than children murdered in school shootings per year.
> child suicides
> In 2016, suicides numbered 2,553, while homicides numbered 1,963
> Firearms were the leading method of homicide for persons aged 10–19 years during 1999–2016, accounting for 87% of all homicides in 2016
> Suicide involving suffocation was the leading method among children and adolescents aged 10–19 years in 2016, slightly outnumbering suicide involving firearms (1,103 and 1,102, respectively).
There are some age and gender difference to the method chosen for suicide.
We probably need to include some deaths by unintentional injury, although 85% of those deaths are motor vehicle traffic, drowning, and poisoning.
I'm still getting to grips with the way the US counts deaths by suicide and I still find it a real struggle to find the data and to understand what they've counted and how they've counted it, which is why I only use the CDC data.
[argument]: Considering that a large amount of child abuse is perpetrated by the parents of children, perhaps the people who need to be vetted first are...
/of course, that devolves into "vet everyone"...