As the other reply noted, there were audits by multiple entities and parties, although I agree that it would be preferable for the code to be open sourced.
I do disagree with your other points. Paper confirmation is not necessarily the only way to audit, and may in fact introduce risks of voter reidentification and coercion (voto de cabresto). The other way of auditing the machines is the parallel voting procedure, which already takes place at every election and is honestly a brilliant piece of security engineering.
For those not aware, the parallel voting procedure works as follows:
1) the day before the election (when the software has already been loaded and locked into the machines for several days), a random sample of machines is selected for the procedure
2) those machines are then removed from the polling place they would ordinarily be assigned to, and replaced with a backup machine
3) the removed machine is then installed in a different room, and booted up normally on electionday. Since it is fully offline, the machine doesn't "know" it is being used in this mode
4) this room is setup so that there are cameras pointed to the machine, and people from all observing parties (and common citizens as well) are invited to "mock vote" in this room.
5) at the end of the day, the machine is closes, its report printed, and the result is checked against the known mock votes
Pretty solid method if you ask me, and much cheaper than upgrading the entire fleet to enable printing.
I mean, not to discount the hard work that your grandparents would have to maintain a self-sustaining life but... it could only work out because they had land available for that. You live in a city and depend on salary because you don't own a parcel of fertile land from which you could be generating enough sustenance for yourself (estimates go from 1/10th to a full acre per person).
Many grandparents are too frail to dig enough spuds or work the garden - anecdotally 70s is when limitations often start to really kick in. Grandparents are now trending older?
For that to be in anyway useful for those companies (as a means to spy on their competitors), they'd have to be actively looking into the information to derive intelligence. Not really practical without some serious engineering, which would leave tons of evidence. It's not worth it. That's just not how these companies operate.
> there's some people at Google using Edge
I'd be surprised if it's more than a handful of people with explicit exceptions for work-related tasks. Chrome is the norm.
> For that to be in anyway useful for those companies (as a means to spy on their competitors), they'd have to be actively looking into the information to derive intelligence. Not really practical without some serious engineering, which would leave tons of evidence. It's not worth it. That's just not how these companies operate.
Was thinking about this as well. What evidence would it realistically leave? I mean - they are sending the uri's by default so no client side reverse engineering is needed. They say plainly they are doing this.
Yes, it's a lot of traffic.
IP spaces are well known. Easy to filter for corporate traffic. From there, it's a smorgasbord of internal URI's to dig through - anything with no domain name, or host.(companyname).com traffic. Also easy.
Maybe this ends up in a big data lake queryable by certain groups, but not anyone likely to spill the beans. NDA covers you there. This is not New York Times level corporate subterfuge. It's almost certainly not legal - and this is the important thing - the regulators haven't had the gumption to prosecute anti-competitive behavior in earnest since the 70's or earlier. What Microsoft went through in the 90's in retrospect was antitrust litigation with kid gloves on.
This armchair analyst sees no downside to such practices. Risk, but so little it doesn't matter.
Sure, insiders could spill the beans and violate their NDA's, but who the fuck is going to do more than levy a slap on the wrist for something too difficult to explain to Congress in a way that gets them to care?
Now, I think if you actually put your hands on the browsing history of congressmen harvested in this way, and put it into the public domain, you're going to get a bunch of regulators to all of a sudden care about antitrust enforcement again.
Sure, but that still takes engineering. Extracting information and intelligence out of the data is not just throwing AI into a pile of data, it's real engineering that will always required months of design, experiments, computing and storage capacity planning, releases, maintenance, operations, etc.
That leaves a huge internal paper trail - the kind of thing that shows up during discovery in a lawsuit.
No, companies like that are not doing this kind of shit, it's not worth it.
I mean, realistically, yes. But you'd be surprised sometimes pretty technical folks who just use whatever is installed when their work machine for whatever reason runs Windows.
And in a way, I see some mapping of this to the recent FCC vs Jimmy Kimmel situation. Sure, Kimmel's case was more overt, because the FCC guy was very obviously threatening a private company so that the company would do that the government wanted, and in this case, it's more like companies are "sponteneously" coming up to help, but I still think that such spontaneity can be suspicious, specially if we are talking about companies with large contracts with the government, or interest in influencing policy.
In other words: if it's Joe Schmoe's Haberdashery forwarding CCTV footage to police to elucidate a crime right in front of their door, sure, it's fine and dandy, they do have an interest in not having crime in front of their door. But when Revolving Door MegaCorp builds a dragnet of surveillance AND is also selling cloud contracts to the government by the billion, it becomes a lot more murky if they just start snitching on everything they see.
There are more than two countries in the world. Italy, for example, without pervasive monitoring and overt spying of its citizens, is at 0.545, half the UK rate.
Germany, Netherlands, Norway, Poland, just to name a few, are all below the UK rate.
GP's claim is that UK is massively surveilled and the UK is unsafe, therefore surveillance does not improve safety. However the UK is a long way above the USA; if one wants to argue that the surveillance isn't the cause of the safety, they can, but they can't take that for granted by snarkily saying the UK isn't safe.
If I was trying to say that the UK is safe because it's #30 on the Peace Index when the USA was higher, then my comment wouldn't carry much weight. Or if the USA was a place or two behind then my comment wouldn't be strong.
Larry Ellison is in the USA and presumably his "Citizens will be on their best behaviour" is mostly aimed at USA citizens, and HN and the internet are USA-centric so USA makes a big obvious comparison.
I think it's unquestionably correct; if someone follows you around and sees you in a bar drinking alcohol and stops you from driving for 8 hours in a way you can't reason with, can't object to, can't override, and that happens to everyone all the time, then drink-driving accidents would drop to zero overnight. If everyone is surveilled constantly then every transgression can be blocked or punished immediately - instant fines deducted from bank accounts (I read that China does that with jaywalkers, facial recognition identifies them and they get a smartphone alert that they have been fined), but beyond that things like everyone having an ID tag and all doors and gates working on it would stop a lot of trespassing. Then swarming the perpetrator with electronic mosquitos with taser zappers and beeping noises would stop a lot of cases of casual harassment and casual theft. Then calling the police to a location and locking up the perpetrator in minutes instead of months, would pretty quickly communicate that crime doesn't pay.
I don't think it's a good idea for a free society, it would be hell to live in. The chilling effect, the number of laws is too high to keep track of, it probably isn't be possible to always be on best behaviour 24/7 for a lifetime.
When robot camera insects with wireless mesh networking and power scavenging hit a few dollars each, there won't be a private space on the planet ever again. Any spider, beetle, fly, in any room, outside any window, on any surface, will be a potential camera drone.
No. Cameras will only help potentially identify someone after the fact. At some point we may find ourselves in a Black Mirror dystopia where AI is used to precog individuals to determine someone is going to commit a crime where video surveillance helps locate this person before the crime is committed. However, since no crime has been committed, there's no reason to detain them. Unless, you just really want to commit to that dystopian nightmare of allowing AI to make those decisions.
I'm actually having difficulties trying to find where the UK was brought into it if not by the commenter in question. If we are pointing out lapse of context, that is.
I like Germany's BlueCard system (being a BlueCard immigrant myself), but implementing it for the US would have some extra complexity given the wild regional disparity in wages.
Snuggling and launching drones from deep within enemy territory is a much more complicated op than a couple of dudes diving in the middle of nowhere.
Bringing that bridge down is also much harder than blowing up the pipeline, because the bridge is covered by a lot of defenses, and naval drones will always have limited payload (if they want to be fast enough to evade defenses). Dudes performing a dive in the middle of the sea far from the battlefield are much less vulnerable.
I do disagree with your other points. Paper confirmation is not necessarily the only way to audit, and may in fact introduce risks of voter reidentification and coercion (voto de cabresto). The other way of auditing the machines is the parallel voting procedure, which already takes place at every election and is honestly a brilliant piece of security engineering.
For those not aware, the parallel voting procedure works as follows:
1) the day before the election (when the software has already been loaded and locked into the machines for several days), a random sample of machines is selected for the procedure
2) those machines are then removed from the polling place they would ordinarily be assigned to, and replaced with a backup machine
3) the removed machine is then installed in a different room, and booted up normally on electionday. Since it is fully offline, the machine doesn't "know" it is being used in this mode
4) this room is setup so that there are cameras pointed to the machine, and people from all observing parties (and common citizens as well) are invited to "mock vote" in this room.
5) at the end of the day, the machine is closes, its report printed, and the result is checked against the known mock votes
Pretty solid method if you ask me, and much cheaper than upgrading the entire fleet to enable printing.