I sometimes wonder whether the people in the tech industry who worked on things like secure boot, attestation, and DRM saw this as the inevitability open source advocates always saw it as.<p>Did they think, as they worked to transfer final say from users to corporations, by technical means, that politicians <i>couldn't</i> transfer that control to themselves by political means?<p>Did they think they could lock things down to extract their 30% app store fee while enforcing rules through app review (and demonstrating censorship of sites like Tumblr) that politicians wouldn't <i>want</i> that same rule-setting, censoring power?<p>Did they think their employers were going to <i>prevent</i> that transfer, that the trillion-dollar companies would become some sort of Che Guevara style insurgents, running a guerrilla campaign to overthrow the very system that made them trillion-dollar companies?
My impression is that people who can work on stuff like that are the kind who just take the stuff in the world for granted. "This is how the world is, we need digital restrictions so now we need to implement them." "I don't have a say about whether DRM or remote attestation is standard business practice or not, it is just how it is."<p>This is akin to how two kinds of people respond to law. The first kind think "This is the law, we must follow it" and the other kind think "This law doesn't make sense, we must change it".<p>People who look at pedestrian traffic lights and cross when it's green vs. people who look at cars and cross when there are no cars coming. The first say you must follow traffic rules and the second kind say they wouldn't be alive if they looked at the green/red light of law instead of whether there are oncoming cars: a green doesn't mean it's safe to cross and a red doesn't mean you can't cross if only there are no cars.
Somebody had to work on it before it was how the world is. When Microsoft proposed a scheme involving remote attestation and DRM in 2003, the New York Times published a critical article. Google SafetyNet a decade later barely got a whimper out of major <i>tech</i> outlets, much less the mainstream press.<p><a href="https://www.nytimes.com/2003/06/30/business/technology-a-safer-system-for-home-pc-s-feels-like-jail-to-some-critics.html" rel="nofollow">https://www.nytimes.com/2003/06/30/business/technology-a-saf...</a>
><i>Somebody had to work on it before it was how the world is.</i><p>The mindset the parent described extends to what they're asked to do. They don't challenge it. It doesn't have to already be law for them to accept it and build it. It's enough that the ask comes from authority (a boss, a government) and pays.
> My impression is that people who can work on stuff like that are the kind who just take the stuff in the world for granted. "This is how the world is, we need digital restrictions so now we need to implement them." "I don't have a say about whether DRM or remote attestation is standard business practice or not, it is just how it is."<p>I like to call those people "ventablackpilled". Being blackpilled is all about gloom and doom, but being ventablackpilled is beyond being blackpilled. It is when you actively want the world to be a worse place because you believe that that is how the world works.
I think it's vantablack unless you mean like a Starbucks Venti cup of black
You're giving too much thought into the issue or trying to construct something like a conspiracy out of it.<p>I sometimes work with people who worked on or at least worked with DRM-like stuff (Trustzone etc.). The people who make those systems and the structures that allow it falls squarely on banality of evil. It is not a big evil org or people with their own evil agendas (unlike Palantir, i think they are the true "ventablackpilled" ones). They are thousands of developers who push JIRA tickets like everyone. Many of them live in the developing world and they just pray to keep their jobs. The reason that big tech attracts developers despite their obvious and much bigger (IMO) evils is the same reason that attracts developers who make systems that can be completely closed down.<p>Many of the developers are not outright evil either. They sometimes voice their opinion. Their opinion doesn't matter in comparison to the business goals.<p>Sometimes it is understandable to write blocking software. Not all equipment is sold. Many industrial equipment is leased. So the actual owners want guarantees that their devices cannot be modified by renters.<p>The amount of info you can extract from an Apple phone or Graphene OS is limited due to same restrictions working in your favor too.<p>Similarly phones can be locked down due to radio restrictions. Nobody wants infinitely exploitable SDNs in peoples hands. It makes such SDNs a juicy target for enemies like Russia to exploit and turn into scalable attack vector as spoofing and jamming devices.<p>The reason those are attack vectors is also banal. We made our bed as engineers, voters, governments and business leaders one sloppy work at a time. We made shitty chips and shitty software with no care for security or safety. We sold millions of them and nobody wanted to pay to "do it right way". Worse is better. Silicon Valley style scaling up is the goal. Competition is for suckers. All those and every single one of us ate the fruits of shitty hardware and software that are protected by closed down systems. We engineers got the cushy jobs, our business leaders made 10x 100x gains from our work. We either had little voice (because making a big noise is guaranteeing that your cushy job no longer exists) or whatever we had is ignored in the hubris of shipping shit to billions of people.
<< We made our bed as engineers, voters, governments and business leaders one sloppy work at a time. We made shitty chips and shitty software with no care for security or safety. We sold millions of them and nobody wanted to pay to "do it right way".<p>I dunno. By that I mean, I am sure it happens, but I am not sure this is the reason for it. FWIW, I am not an engineer, but I have a window into that world.<p>In my little corner of the universe, we are going through belt tightening exercises already. So it is an interesting game of less meetings, shoving as much as you can onto others and the classic 'doing more with less'. In other words, even for internal customer's 'doing it the right way' is imply not a priority. On the other hand, getting more people, bigger budgets and somehow money saved is. 'Doing it the right way' is a distant ideal.<p>All that said, I don't think you are that wrong with the 'banality of evil' thought.
Ironically, the very OP statement is exactly that: trying to make the world a worse place because they believe that that is how the world works.<p>The solution to avoiding dictatorship is engaging in politics and preventing dictatorship directly through that. Trying to retreat into the (perceived) wilderness and build barriers to dictatorship doesn't really work. But since people drafting that statement don't believe that politics work and it is, in fact, possible to both have a vibrant political scene (we have what, five viable political parties vs the American two?) and not let kids send nudes, they try to drag everyone into the same mind frame.
> This is akin to how two kinds of people respond to law. The first kind think "This is the law, we must follow it" and the other kind think "This law doesn't make sense, we must change it".<p>What? I don't understand how this is a "two kinds of people" generalization, when the two categories aren't even mutually-exclusive?<p>One can think a law is bad and should change, while simultaneously recognizing the rule of law and following it.<p>It's pretty weird to try to pit those two perspectives against each other
The critical mass of people who don’t use critical thinking as their main means of decision-making.
>People who look at pedestrian traffic lights and cross when it's green vs. people who look at cars and cross when there are no cars coming. The first say you must follow traffic rules and the second kind say they wouldn't be alive if they looked at the green/red light of law instead of whether there are oncoming cars: a green doesn't mean it's safe to cross and a red doesn't mean you can't cross if only there are no cars.<p>Don't forget the selfish jerks who simply ask for whatever class of traffic that isn't them to be punitively regulated to their benefit.<p>(both literally and transferrable to other issues as a metaphor)
I am guessing they thought "My kids are depending on me to pay our mortgage and buy food"
Yet they stopped thinking as soon as their wallet got involved and never considered that their kids also need freedom and the ability to use technology that works for them and not against them. Selfishness and greed are the problem. The kids are just a convenient but shallow way to deflect from that.
Or more likely these days, "I need to stay employed so I can legally stay in this country."
They're ultimately employees. Their employers hire them to write the code that the employers want. If they don't write the code, employers just fire them and move on to hire some other people to write code. As much as how ethically questionable it is, it's still very rare that people would give up their jobs to defend their viewpoint.
That was nicely put.<p>I think you can learn about it most by reading clever, capable people from big tech corporations. Their framing often involves tradeoffs against a slow but inevitable societal pressure that is helped by compromising on freedom.<p>So I don't believe they are ignorant of all your points; it's rather that they don't see a realistic way how tech, corporations, and perhaps even ordinary people can go forward (being better, or richer, or more sophisticated or whatever) without making that compromise. It's as if they saw the forking paths of the future, and none will end up without technical restraints, regardless of whether they do it or whether things just get worse and someone else then does them.
There's a selection effect. Some people thought these were bad and didn't implement them. Other people thought they weren't bad and implemented them. We use implementations from the latter group of people. Obviously.<p>Same thing is happening with age verification. We had the chance to just ask if the user is over 18 when setting the computer up, but we didn't do that so they're using a solution from a mass surveillance company instead.
Oh, the people who work on secure boot, attestation, DRM, and other such features know very well, but don't care. This is because the claimed benefits for them, such as less hackers, less malware, less bot traffic, outweigh any possible downsides for the society.
I think it's even worse than that. Our industry has a strong track record of only looking at potential upsides (and pretending they're certain) and not even seeing that there may be serious downsides.<p>It's a kind of blindness. The kind that is, in my opinion, is one of the major reasons why we ended up building a world that's more than a bit dystopian.
I often also wonders if ideological zealots ever thinks of this passage while pushing their agenda for control:<p><pre><code> ...and it was allowed to give breath to the image of the beast, so that the image of the beast could even speak and cause those who would not worship the image of the beast to be killed.
Also it causes all, both small and great, both rich and poor, both free and slave, to be marked on the right hand or the forehead,
so that no one can buy or sell who does not have the mark, that is, the name of the beast or the number of its name.</code></pre>
Those who would think of such a passage (or any biblical passage) and those who push for a total-control agenda are disjoint sets.<p>Communism and fascism were both fueled by atheism (either explicit or functional), not a Judeo-Christian worldview.<p>"Ohne Gott und Sonnenschein bringen wir die Ernte ein." (Without God and without sun, we will get the harvest done.) - the slogan of East Germany in 1975 when people were hungry and it kept raining during harvest.
Christian fascism exists. In the US it's how fascism came to the country. Christofascism doesn't seem to have any problem with the absence of atheism.
The existence and polularity of Christian socialist movements in Europe contradicts this thesis strongly.
I don’t think 1st century Rome had much in the way of digital surveillance.<p>Or even surveillance, for that matter.<p>Plenty of hubris, mind.
Rome had the "frumentarii", which was essentially a proto intelligence agency to do spywork for emperors.
The implementation might change, but the pattern of absolute control is old as time.
> Did they think, as they worked to transfer final say from users to corporations, by technical means, that politicians couldn't transfer that control to themselves by political means?<p>Makes me think of the most sobering line I ever saw in a museum (Berlin): The biggest atrocities were committed by people with a spreadsheet and a performance goal.
<i>Did they think that the trillion-dollar companies would become some sort of Che Guevara style insurgents...</i><p>Arguably this plan is mostly working for Apple.
I remember piping up about all those things. But the excuses were everywhere.<p>- Oh but you can turn it off so it's no issue (secure boot). Well yeah but more and more stuff just won't run then (eg iOS apps on Mac). It will become the norm to stay inside the fuzzy walled garden just like it already is on phones. And if you stray you will just be blocked from any app that does something useful.<p>- But companies need to be sure you are who you say you are (attestation). Yes but they will abuse that power if they can profit from it.
> Did they think<p>Pretty sure they didn't do a lot of thinking.
The phrase 'banality of evil' comes to mind.
> Did they think, as they worked to transfer final say from users to corporations, by technical means...<p>Your argument is flawed here. The truth is that measures such as secure boot <i>do have</i> real security benefits. They can be misused, like any technology can be, but that is not an inherent feature of the tech, but rather how it is implemented. And as the developers of such measures are not a monolith, it is unfair to paint them as merely trying to exert control. I'm not going to argue that some involved parties were trying to exert control. But lots of others were trying to implement a genuine security benefit for the users, and they don't deserve to be reprimanded as if they were some kind of apologists for authoritarianism.
I guess they think "someone is going to do it anyway, so it might as well be me so I can be the one who gets paid for it". But yeah, I'm sure there is also a good chunk of tech workers who are indeed useful idiots who think they are the last link in the chain.
Twitter people expressly started their company with the idea of crowd-friendly semi-anonymous msgs on demand.<p>The game of GO delivers an idea where a very large construct can be built then in one move the entire thing flips to a different purpose... seems relevant somehow..
What defines a bad tech vs a good tech? Similar arguments can be made for most research including nuclear fusion, AI, vaccines, space, polymers, combustion engines, electric motors, semiconductors...
> What defines a bad tech vs a good tech?<p>Good tech empowers individuals and subverts authorities, corporations, oligarchs and governments. Bad tech subverts individuals and empowers authorities, corporations, oligarchs and governments.
Why do people vote for large, strong governments that are able to take the power you suggest Tech is enabling them to take?
It's starting to feel like ethno-nationalism is the answer.<p>See: the PRC. Support for surveillance is allegedly high. Anecdotally, talking to PRC citizens in circumstances where they don't need to worry about said surveillance (e.g., when they're vacationing in Japan and I want to pester someone and practice my mandarin), they generally like it. Makes them feel safe.<p>The CPC has sold them on a vision of them as members of the state-race "Chinese" (which is not really an ethnicity any more than "American" is) and the surveillance as a thing that keeps them and their "Chinese" lifestyle safe from non-Chinese. Uighurs have to be extra surveilled until they're also Chinese, which, many are now according to the CPC.<p>So PRC citizens feel safe and cozy among in the country for "their people," not realizing this whole ethnonationalist concept is at best 100 years old, maybe even younger. During the Qing dynasty, there's a whole hell of a lot of people that think of themselves as "Chinese" that <i>definitely</i> weren't by the dynastic government.<p>I smell similar happening in Russia, the USA, and Israel, with State support. It looks like right wing groups are trying to pull it off in the UK and Germany as well.
>Anecdotally, talking to PRC citizens in circumstances where they don't need to worry about said surveillance (e.g., when they're vacationing in Japan and I want to pester someone and practice my mandarin)<p>I'm not sure you are aware that China has monitoring operations for its citizens <i>outside</i> China.
Meanwhile Signal Corporation keeps trying to connect to updates2.signal.org even when the app is not being used. "Automatic updates", remote code execution by default with no option to disable<p>Silicon Valley has its own ideas of what "privacy" and "surveillance" mean<p>To those folks, it does not mean privacy from Silicon Valley companies<p>The Signal app will keep on trying to connect to the mothership<p>Because to the people who work on Silicon Valley software, that is not a privacy violation<p>The battle is over _control_ over software not privacy or surveillance. The later is not possible without the former<p>Silicon Valley does not want the user to have control any more than they want the government to have control
> Did they think, as they worked to transfer final say from users to corporations, by technical means, that politicians <i>couldn't</i> transfer that control to themselves by political means?<p>Corporations are already hostile enough that it doesn't really matter:<p><i>The report says that between 30 and 40 Rockstar employees working in multiple offices in the UK and Canada were fired on October 30, all of them part of a private trade union chat group on Discord.</i> - <a href="https://www.pcgamer.com/gaming-industry/rockstar-accused-of-the-most-ruthless-act-of-union-busting-in-the-history-of-the-uk-games-industry-after-firing-dozens-of-employees-who-were-allegedly-attempting-to-form-a-union/" rel="nofollow">https://www.pcgamer.com/gaming-industry/rockstar-accused-of-...</a><p><i>Leaked Amazon Whole Foods Docs: Workforce Diversity Helps Prevent Unions</i> - <a href="https://www.informationliberation.com/?id=61403" rel="nofollow">https://www.informationliberation.com/?id=61403</a> (summarizing <a href="https://www.businessinsider.com/whole-foods-tracks-unionization-risk-with-heat-map-2020-1" rel="nofollow">https://www.businessinsider.com/whole-foods-tracks-unionizat...</a>)<p><i>Microsoft Are Fixated on “Hate Speech” With Lopsided XBOX Live Enforcement Strike System</i> - <a href="https://www.techopse.com/microsoft-are-fixated-on-hate-speech-with-lopsided-xbox-live-enforcement-strike-system/" rel="nofollow">https://www.techopse.com/microsoft-are-fixated-on-hate-speec...</a>
People forget how we got here. Whatever your philosophical stance, history has shown beyond a shadow of a doubt that giving most people complete control over their device has been an unmitigiated disaster.<p>Scams, stealing credentials, stealing money, botnets, viruses, losses of data, ransomware, etc etc etc.<p>What is better for most people is a locked down device like an iPad where each app has to be approved and they're incredibly sandboxed. 20 years ago we had people installing malware because a strange email promised them smiley face emojis.<p>When we transitioned from the single-user ODS-based Windows model (ie Win98/SE were the last of that line) to a multi-user restricted privilege model based on NT 3.0/3.5/4.0 (first as WinXP) it was meant to be better but privilege escalation was still too easy because of what users had become accustomed to doing and of what was needed to install software you downloaded.<p>Things like an App Store (on Mac and eventually on Windows) are actually a good thing. Signed apps are a good thing. Having to go out of your way to install unsigned apps is a good thing.<p>I really abhor "technical libertarians" because they never address these issues. It's all principle-based while ignoring reality, human nature and whether or not unfettered access gives users something they even need.<p>Also, other people pay the price. Where do you think these DDoS attacks come from? Compromised Windows PCs (primarily).
> Whatever your philosophical stance, history has shown beyond a shadow of a doubt that giving most people complete control over their device has been an unmitigiated disaster.<p>I'd argue that giving governments and corporations control over our devices has also been an unmitigiated disaster. You could say the same thing about any kind of freedom though couldn't you? Freedom is so dangerous after all. Look at all the problems it's caused. Giving up all of our freedoms would surely make the world better right?
People often misuse freedom. The answer to that is not to take freedom away, but to educate people on how to use their freedom, and only restrict those who have proven to be unable to handle it. Let's say your argument, that clueless users getting infected are an externality upon everyone else and thus they need to be locked down for everyone's good, is accurate (though I don't think it is). In that case, why should the majority of intelligent people be made to suffer because a minority can't handle the freedom? No, in that case the correct thing to do is to have a mechanism by which we identify people who are hurting others, and restrict them. Nobody would countenance the idea that because some people are irresponsible drivers, cars must therefore be unavailable and everyone pushed into using public transit. But that is the exact same logic people try to use to crack down on freedom of use for computers, even though they are nowhere near as dangerous as a car.<p>> I really abhor "technical libertarians"...<p>Well, I abhor those who try to take freedom away from people. So the feeling is mutual I guess.
Online is terrible for kids. Online is terrible for adults! Too many people don't have the agency or social skills to manage themselves. Conspiracy theories, anarchists and libertarians, misinformation and disinformation, weirdos and beardos and creeps of all description. People end up believing all kinds of things that just aren't real.<p>It'll be best for society if things are a little more regulated, a little safer. And I'm happy to help where I can. Listening to the terminally online about it would be counterproductive.
[flagged]
So, in this order:<p>1. You need a camera on your computer to allow a third party to verify your age before viewing adult content<p>2. It applies to social media too<p>3. It applies to your operating system too<p>4. Unless you age verify, the law demands your computer must be powerful enough to run an AI, or be internet-equipped and send your private photos to a third party, to detect and prohibit nudity. It must be capable of running in real-time, presumably, to work on Facetime calls and such.<p>Next step, certainly to outlaw most operating systems and older devices. Excellent news for Google, Apple, and Microsoft, bad for Linux and alternative operating systems. Remember when schools handed out Raspberry Pis?<p>Edit: And they are asking for this to be implemented for free in three months, because nobody knows how software engineering works. Great job
>Next step, certainly to outlaw most operating systems and older devices.<p>They won't have to.<p>Instead, they'll just make some new <i>essentially mandatory tech which older devices cannot run</i> – update or stop existing, societally.<p>----<p>Phones and email already seem this way (i.e. "required") – from my perspective as an internet user whom <i>doesn't</i> use phone/email, personally. Nobody believes me when answering "no phone, no email" – free-est man alive - their loss is disbelief.
I am very curious how you make it in current society without a phone or email. It does sound incredibly freeing, but I'm definitely having trouble comprehending how it works.
"everybody wins"
Does the law really require third party? Because having on-device functions configurable by parents doesn’t seem terrible at all.
That's not what the UK is demanding. They want client side scanning malware that breaks DRM, circumvents encryption and VPNs, and bypasses other security features in order to scan everything visible on your screen.
I'm happy the UK government finally decided to outlaw DRM.
Given the PM's association with a certain good friend of Epstein's, it's hard not to wonder if child <i>protection</i> is really the point.
It absolutely doesn't. However, the argument doesn't work when it's about connecting the "is the user a kid" bit to the existing and constantly running object recognition (phone cameras already run skin detection all the time to set white balance), so people invent "third parties" and "report people to authorities".
This isn’t just your photos. This is all content displayed on the device, all content captured by the camera - everything. Full take. GCHQ must be wetting themselves.
With just enough fascistic pressure maybe Usenet can be great again. Just have to figure out how to filter known good content from the spam which I think can be solved with OpenPGP identities. Otherwise Tor and download managers for the patient people. Static generated galleries of pictures and videos spread across thousands of small sites. Some downsides of pushing people into dark corners is that all regulation goes out the window along with some tax revenue. Loss of tax revenue may be one way to get their attention.
Signal should come out swinging. Here's a pitch.<p>The Government is going to put a snitch on every phone, tape every bedroom, and listen in every evening on every home. Every doctor's visit. Every therapy session. Every pub. Every street. Every store.<p>When the snitches phone home, what you type to your lover may get the cops sent to your home.<p>Artificial stasi in every desktop, laptop, tablet, camera, and phone. Around every corner. In every living room. No one will be exempt from their gaze.<p>Are you ready for your vacuum cleaner to phone home?
Signal the messaging app/platform? A funny thing is that Signal barely works (with VPN ofc) here in China. Sending media/images is impossible. Sometimes it’s blacked out weeks on end. Everything else seems to work fine ish (again with VPN ofc).
Signal outright lies in their privacy policy. It opens with "Signal is designed to never collect or store any sensitive information." but they collect and permanently store sensitive information in the cloud (user's name, photo, number, and contacts) and in some cases they even store the contents of messages. They've steadfastly refused to update the policy even as they introduced those features deceiving users about their risks. Signal can't really be trusted at this point.
AKA The Witness in Nick Harkaway's novel Gnomon.
Shrug. If they don't, they will lose the customers who do care about privacy and they won't lose the ones that don't .. right away. However, it will near guarantee further fragmentation and circling a new solution that will be recommended to normies by their techy friends or current batch of cool kids. We have been here before. The only way to win the game is not to play. Especially with government, the moment you start playing, you lose.
The ratchet ratcheting: client side scanning, then remote attestation to ensure client side scanning works, digital identity verification, etc etc.
Surveillance replaces ostensible individual fringe threats with a clear dangerous pervasive and (for practical purposes) irreversible threat that monotonically aggregates increasing centralized leverage over every aspect our lives, direct and indirect.<p>Knowledge is power. Forced revelation of our inner lives puts each of us in a position of vulnerability.<p>Even when "not abused", the very real latent threat actively takes away freedoms of thought and action.<p>It is extreme abuse.<p>It undermines any sense that the state works for the people, when it operationally embodies a maximalized one-way threat over all citizens.<p>AI collation exponentially compounds the threat, the passive and active damage.<p>One of the wisest ethical/safety concepts ever: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated."<p>Democracy that sets up the levers of total autocracy is the greatest possible perversion and threat to democracy. Democracy only works as long as it recognizes government is the greatest threat to freedom. And that strict limitations on its power over citizens is the only defense.
I didn’t mind Starmer but this is finally giving me the leg up onto the anti-Starmer bandwagon.<p>What a dreadful legacy to leave - a sad attempt to get the biggest possible bang for the smallest possible buck. Also, 3 months? Perhaps that is as long as he expects to be pm.
Kudos to signal for coming out on side with this, and quickly. I only hope that this stance is quickly picked up as a counterpoint to the ever-so-strong narrative that more hastily concocted sledge-hammer legislation is the best step forward.<p>This step forward is instead of building understanding of, and solutions for, the erosion of communities, trust and empathy for others. I feel these things might (MIGHT!) be overlooked symptoms of poor investment, policies and governance for healthy society. Crikey, perhaps I shouldn't try and call that into account, it sounds like I might be cynical about politics. Oh dear...
Governments have been pushing surveillance since the earliest days of the consumer Internet.<p>The earliest example I can remember is the Clipper Chip. That was dead three years after it was proposed.<p>This current idiocy - proposed by a PM who promoted a <i>very</i> good friend of the most notorious paedophile in recent history to ambassador, against the recommendations of the civil service - is similarly doomed. Three months to implement huge changes to every OS on the planet? Like that's even remotely likely.
Signal refuses to answer: Why won't they release/open source all of their backend infra automation scripts/tools/etc...<p>There's no reasonable reason why a 501(c)(3) won't put this out there to make sure there's redundancy so we could built an alternate network if they're compromised by some gag order.
Signal just can't be trusted at this point. They're probably compromised. My theory is that that's why the very first line of their privacy is a lie saying that it's designed to never collect or store sensitive data when they keep a list of your contacts forever in the cloud (and in some cases now even message contents).
Probably because its leadership seems to have been taken over by more politically and less technically inclined people (for better and/or worse) who don't understand why it matters.<p>The trade is we get (hopefully) people very dedicated to keeping the org developing the stuff alive and well-funded, and gaining mainstream acceptance/attention.
> Surveillance Is Not Safety<p>Maybe not, but as long as the average person thinks it is, it may as well be.
Does the average person think this? Perception of what other people think doesn't always line up with what they actually think.
>Does the average person think this?<p>The average person hold all kinds of conflicting views.<p>The average middle class parent will surveil the shit out of their children, for example.<p>Hence the title of the article is not completely correct. The outcome of surveillance is the intent of the entity surveilling. In the case of the parent, this is likely the safety of their offspring. In the case of a state entity, it's likely the safety of the people in power of the state. This second type of safety is very dangerous and does not include your safety.
I think you are onto something with intent here. By now, we effectively know that various power centers are getting away with things that normal people do not. If true, the concern is not that we are getting away with things, but that we might be thinking that maybe current arrangement is no longer suitable. In other words, they are literally preparing for a worst case scenario. And to me, this seems silly now. As in, I buy the fear of a peasant uprising and being on the wrong side of the scythe, but I sincerely doubt peasants will actually do anything.
The average person doesn't think that far ahead. They just hear "a cause I like can be furthered by implementing 1984" and so they support it.<p>Check out any comment section on transportation policy, environmental policy, professional licensing for trades other than software. Look at how HN, people who should know how this sausage is made, schemes about how policy and technology can be used by government to enforce it's will and preferences upon other people in ways they cannot avoid or resist. It's not a case of divide and conquer, it's a case of completely lacking principals. Nobody believes in privacy, civil rights or that the application of government (violence) should be expensive and difficult and politically fraught when it's an application that they like. Nobody is thinking far enough ahead to wonder how those systems will be used when the whims and dispositions of government and society shift.<p>Just this morning I was reading a comment where some jerk was scheming about how the government should (the implication being that now that AI makes it easy to automate) scrape property listings and fine people for not pulling permits when there's a diff from the prior listings and that the whole thing can be automated and anyone innocent can just have the government tour their home to prove it.
There is something to be said about true believers, who will go out of their way to not 'live and let live'. I remember getting extra antsy when one such individual was flying drones over private properties looking for signs for what they believe is an issue.<p>Tech.. it truly is a tool and something of a true reveal of character. It immediately shows what you do with power.
The average person does not think anything much. They receive the meme, they transmit the meme. No processing occurs.
I doubt the average person gives it much thought at all.<p>This certainly isn't a result of democratic overreach by a concerned group of citizens. No demographic is demanding this.<p>It's one of those "create the infrastructure for stasi 2.0" the epstein elite tries to periodically ram down our throats ironically using "think of the children" to manufacture consent.<p>The last time they did this they contracted saatchi and saatchi to run an a disturbing campaign: <a href="https://londondaily.com/revealed-uk-gov-t-plans-publicity-blitz-to-undermine-privacy-of-your-chats" rel="nofollow">https://londondaily.com/revealed-uk-gov-t-plans-publicity-bl...</a>
<a href="https://xkcd.com/610/" rel="nofollow">https://xkcd.com/610/</a>
It's a great meme, though. Use it more.
If only the average person had tools and access to all such information.
isn't more as long as the average billionair thinks it is.<p>It's not like it's the average person pushing it.
The average person doesn't have any knowledge on this system.
How long until we find out the politicians have written in an exemption for themselves and the security apparatus? I hope my pessimism is unwarranted in this case, but it certainly isn't unfounded.
The UK gov is just getting worse and worse at law making
Its been getting pretty bad for a long while now. On the topic of UK privacy, there's an interesting requirement that if you are a "data controller" processing "personal" data for "non-exempt" purposes, you need to register with the ICO to go on the register. Even can apply to individuals.<p>Sounds great until you realize anyone that does that effectively gets their residential address publicly doxxed and archived by archive.org (unless they can use a separate company address or spend money on a po box). And to make it worse, unless you have an obvious named company it's basically useless for looking up data controllers.
The UK should just be banned from modern technology until their government has evolved socially enough to respect privacy. Companies need to pull out and stay out, because that's the only way the UK government will learn a lesson.
I'm sure when this law goes through they won't stop and will shortly be lining up some even crazier surviellance tech.<p>I'm thinking something that automatically scans your computer for porn or other things, like ripped film mp4s and sends it to the goverment to be analysed.<p>Or perhaps little gps trackers that children are mandated to wear at all times.
and civil service is blindly following orders.
You don't give a stranger the keys to your house but we run their code every day.
This is wrong regardless of there being surveillance present.
We all know where it went wrong and can't say we did not know.
What the UK is trying to do here is evil and authoritarian. Its the sort of thing people brushed off as conspiracy theories not long ago. It is completely and utterly unacceptable.
100%. The public tend to get very angry when police kill innocent people. So the govt want to squash any uprising which is exactly what they've been doing by taking down any video that allows people against the status quo to coalesce and coordinate. They want people to very energetic about voting for one of a few awful options which amount to /dev/null.
I recently talked to a brit who expressed their fear of... knives. It blew my mind. The UK has one of the lowest murder rates in the world, 5 times less than the US, but they're so incredibly afraid.<p>They are just plain embracing a culture of paranoia, cowardice and extreme surveillance. I wouldn't care because I don't live there except the dystopian tech and business models they're developing ends up crossing the seas.
Surveillance is not education, and it is education that will reap long term improvement.<p>Education is hard but effective whilst surveillance is easy and ineffective. Guess which option politicians take?
They know. That's not why they are doing it.
Yes, but this is preaching to the choir.<p>The counter must be as visceral is the claim. They make an emotional pitch:your children are in danger, surveillance is the solution. The counter must show the dangers in visceral, emotionally relevant way. This surveillance is actually a risk to parents and children as well - that by the accusation of an opaque, unaccountable system, you will be labelled a pedophile, and your kids taken away. That when sharing a picture of your own child with your own mother, you will have to worry about what the electronic bureaucracy will label your picture as.<p>Abstractions like privacy,and categorical claims, aren't going to reverse this. A properly pitched campaign could do. Sure, complain that politicians and the public are dumb. That may make you feel better but it won't change this an iota. Talking to people in the terms they care about might.
>>> That when sharing a picture of your own child with your own mother, you will have to worry about what the electronic bureaucracy will label your picture as.<p>I 100% agree on the need to counter emotional fire with emotional fire. And this is the right way to combat this sort of overreach<p>However, I do think that “the choir” need to rethink what is and is not privacy - a huge amount of the benefits of having our every waking moment monitored by the virtual world (which is going to happen) can be lost if we don’t allow epidemiology to follow our digital selves.<p>Detecting one’s word use is slipping might signal a trip to the doctors or a thousand other digital tells that will help us improve our lives. If we have to fight against ads and digital searches for terrorism, at least let’s get the benefits too.
That's all very well, but we just plain don't have a legal, economic, or technical system which will allow separation of the good uses from the bad uses. Once data is in someone else's possession, there's f-all way to prevent it being used to do whatever the possessor wants. Even if there is a legal agreement, it's easily abrogated, or overridden by insolvency law, or by a company having a "we can update our terms" clause. Some of this I can imagine how to address - insolvency law could be changed, for example - but in the absence of a fully robust system, promises of "we will only use your data for good" are not credible. Those who actually want to use data for good should be on the side of robust assurance of that, not just plead that they can be trusted and that no accountability is needed.
It’s hard to enforce a law so we should not have the law seems a poor argument.<p>Let’s say we define personal data about, generated by or inferred from the actions of a natural person as owned by the society as a whole. And misuse is liable to 5% of annual turnover. It’s more or less GDPR. That seems viable - and I am sure an army of class action lawyers will be happy to help out<p>(Ok I need to work on a better proposal but I think this is more doable than you are allowing for)
Don't forget all the pedos working for government to watch all the reported images.
Signal is on the right side here. I think it's time for us techies to fight back by developing the future. I'm trying to do my part - <a href="https://mediaden.ca" rel="nofollow">https://mediaden.ca</a><p>Also looking to get involved with the meshtastic project.
This is a country that has arrested people for social media posts. It’s also a crime in the UK to offend someone.<p>Orwell identified the genetic defect in the British genome 80 years ago.
Same people screaming 1984 have five authenticator apps installed on their fingerprinted tracking device and 2fa with their phone number, and have no idea what 'sensors off' does.<p>Palpable irony present when a chat provider whom requires personally identifiable information to use their service complains about privacy...
> Same people screaming 1984 have five authenticator apps installed<p>"Yet you participate in society. Curious!"<p><a href="https://thenib.com/mister-gotcha/" rel="nofollow">https://thenib.com/mister-gotcha/</a>
Follow-up/P.S.: There's a Doctorow piece [0] which I think is relevant here. It's about how individual refusal (e.g. to quit your job at an employer when they require an authenticator-app) is an inferior substitute for "real" politics on both a practical and emotional level.<p>> It's obvious why we might prefer to substitute voting or shopping for politics: they're activities you do alone. You don't have to find anyone else to do them with you. [...] Individual consumption choices don't change the world, but if you've been convinced that the only way to change the world is by voting with your wallet then when the world stays terrible, you can only conclude that your friends and neighbors have ruined by things by voting (shopping) wrong. [... and] every political disappointment in your life is down to your friends' personal defects.<p>[0] <a href="https://pluralistic.net/2026/05/21/purity-culture/" rel="nofollow">https://pluralistic.net/2026/05/21/purity-culture/</a>
Two-factor is one thing. They're mandating client-side scanning in every operating system. This was previously rejected for obvious privacy reasons.<p>There are already phones with an anti-nudity feature as a parental control option, but the key there is that it's optional. The major pivot with age verification is that all devices treat all users as a child until they identify themselves with a third party. This allows a rhetorical paradox that the controls are only for children, when they apply to adults too by default.
What's wrong with two-factor authentication? TOTP work without any network connection and only requires synchronized clocks to work. You could even do TOTP with pend and paper if you wanted (and were fast enough), no computer needed at all.
Personally, I only have authenticator apps because my job requires them. I don't see any contradiction in being opposed to things you're forced into.
I am ready to receive Apple's or Microsoft's AI buttplug with government spying software installed.
At least we all know who western politicians are controlled by now and why they are really doing this.
Praise
Not even Saudi Arabia does the kinda draconian bullshit the UK is doing nowadays. This is what happens when your government is occupied by foreign agent traitors.
This is really disingenuous coming from Signal who pioneered secure compute architecture for a number of useful features [1][2]. On-device checks are no more "surveillance" than Signal's private contact discovery is, and the same slippery slope argument applies there.<p>It's also technically incoherent: the exact same kind of "surveillance" is already applied by every single phone, because that's how the Photos app (or whatever it's called on Android) searches for cat pictures based on the text "cat". I can't recall any Signal statements about cat recognition technology leading to "reporting people to government authorities".<p>The "cover-ups" link right in the beginning is a real mask-off moment though. This is not a measured statement informed by the reality of modern Britain. It's an American view informed by the twitter cesspool and divisive rhetoric of the far right. It's a real shame to see Signal falling so low.<p>[1]: <a href="https://signal.org/blog/private-contact-discovery/" rel="nofollow">https://signal.org/blog/private-contact-discovery/</a><p>[2]: <a href="https://signal.org/blog/secure-value-recovery/" rel="nofollow">https://signal.org/blog/secure-value-recovery/</a>
Won't somebody think of the children appears to be the world's most effective method of bringing in restrictive and privacy destroying laws, yet they just don't work.
We'll see. I can't be the only voter fed up with how Labour are handling this.<p>I find they way that Peter Kyle and Jess Philips have dismissed privacy concerns about online surveillance particularly condescending.<p>Come the next general election they are going to be paid back for this.<p>(Oh, and I appreciate Signal speaking up and have just donated to them again for doing so).
The idea is that people who have politics like yours can be “visited” by the police and asked to “voluntarily” come down to the station for an interview about “hateful rhetoric” on social media. Doesn’t matter how you vote if actual political opposition is outlawed, which is where the UK is heading rapidly aided by digital surveillance.
Well yes, the great cabal of people bringing in these immense rafts of surveillance are the very people who commit, or who certainly hang out with the people who commit the most heinous acts. See the Epstein files.<p>Notice the same people will also talk during the daytime about morals and equality, while then conducting genocide in the evening.
Have they never heard of "the boy who cried wolf"?<p>First of all, age verification is not mass surveillance, it is possible to verify your age without disclosing who you are to the site you're visiting, and without disclosing what site you visited to the government. There are even age verification services (and I do despise them fully, this should be a government provided service!) that use only facial features to determine your age (you can call it surveillance, but not "mass").<p>See, the thing is, no matter how good your intent is, no matter how noble your cause, if you use lies and half-truths to further your argument or resist change, it only serves to undermine it all. For example "They do not deserve surveillance," is so disingenuous, if a site is required to verify age, the only children whose age might be verified are those who might have been exposed to that harmful content otherwise anyways, they're not being selected for surveillance, no one is trying to spy on children (or could possibly benefit from doing so using this method, since it is so unreliable), but they're framing it as it is so.<p>This isn't like "DRM" or "the nsa is spying on everyone", and there is a big difference between Signal (how are they involved in all this? is this just opportunistic politicking?) being required to verify peer-to-peer messaging from a porn site or or a live-cam site for sex workers requiring both parties to be age verified (where children do get trafficked!!).<p>Don't get me wrong, I don't like the idea, i really hate it but the prevailing positions in areas of the internet like here is so irrational and unreasonable.<p>You can't flash your private parts at children, you can't take children to a strip club, they're required by law to check IDs (even night clubs are!!). if that same interaction happens on the internet, suddenly no age verification is needed?<p>Is it because this problem has been left unaddressed for so long that so many are just too used to "the old way of doing things" despite the ever increasing human suffering caused by lack of regulations and laws like this?<p>I hope legislators grow a pair and stand up to these tech-crusaders who will burn down the world so long as they feel their corner is safe and secure.<p>Shame on everyone who refuses to have a nuanced discussion on this and instead takes an all-or-nothing position against any sort of legislature that would reduce (not eliminate) the harm being done. To mean, such people are no different than catholics, teachers, administrators, and anyone else in a position to do something about harm against children but turned the other way because their little world would be too shaken otherwise. Hiding behind "mah privacy!!" doesn't absolve you of the responsibility to at least attempt to be nuanced about it, at least propose an actual solution instead of just "I don't what the solution is, but not this" or "parents are at fault, I don't care" or something lazy like that. I wish I didn't know that when it comes to their own interests, wannabe technocrats like these are ingenious in developing tech like homomorphic encryption, differential privacy and zero-knowledge-proofs; this isn't about anyone's privacy or mass surveillance, it's about preservation of the status quo, apathy and faulty slippery-slope fallacy thinking.
> it is possible to verify your age without disclosing who you are to the site you're visiting, and without disclosing what site you visited to the government.<p>I can't believe people are really okay with a system where you have to show your real face to access websites. Cameras on phones went from a novelty to a government mandate so you can be observed.<p>There are various other potential methods to verify one's age, all of which are forbidden by OFCOM. Account age, zero-knowledge proofs, key signing, some kind of OAuth thing, physical tokens that require proof of age to buy, etc. The only permitted ones require your to link your real-life identity. This is a huge boon to the intelligence services and law enforcement.<p>Even among the few permitted verification methods, there are obstacles. Each site usually provides only one verification method at one verification provider. You may have to trust a company you never heard of before. Sometimes the photo fails (maybe their system thinks you don't look old enough) and they ask for ID too, or the photo fails and you are locked out of verification. Some services only allow credit card verification (e.g. Steam), so if you have poor credit you aren't able to even view the store page despite being of age.<p>What I say is, we don't need any of this. For thirty or so years we had client-side optional Parental Controls, and it worked fine. Many adult sites voluntarily use a <meta name="rating"> tag to ensure sites are correctly identified. The ability of adults to access adult content was not impeded. Parental Controls work better than verification because 1) many sites will not deploy age verification, and 2) it's trivial to overcome photo-based ID by holding your device up to a picture of an adult on a television set.
> There are various other potential methods to verify one's age, all of which are forbidden by OFCOM. Account age, zero-knowledge proofs, key signing, some kind of OAuth thing, physical tokens that require proof of age to buy, etc. The only permitted ones require your to link your real-life identity.<p>This is just not true. See 4.17 here, for example [1]<p>[1] <a href="https://www.ofcom.org.uk/siteassets/resources/documents/consultations/category-1-10-weeks/statement-age-assurance-and-childrens-access/guidance-on-highly-effective-age-assurance-and-other-part-5-duties.pdf?v=388810" rel="nofollow">https://www.ofcom.org.uk/siteassets/resources/documents/cons...</a>
> The only permitted ones require your to link your real-life identity. This is a huge boon to the intelligence services and law enforcement.<p>Then let's talk about THAT!! why is that not the discussion instead of "nah, we'll find a solution some other day, for now, let's not solve anything"??<p>> Even among the few permitted verification methods,<p>These laws are still being debated, what's permitted has not been decided, why is Signal not advocating for a privacy friendly alternative. Why are our options lose all privacy to the most horrible people ever who will do us harm versus let the children suffer!<p>> You may have to trust a company you never heard of before.<p>Why do I have to? Why can't the government itself issue something as simple as a timestamp CA certificate signature for a secret that expires every few weeks, requiring facial/ID verification directly with the government to generate a new secret? the site only needs to verify that the signature is correct. a signed token you show random sites. and this is the most naive idea i brought up for discussion without things like zkp even considered. Lawmakers aren't being told by the likes of Signal "there is a better way to do this, let's discuss" they're being told "ignore what all the scientists, research, law enforcement, social workers are telling you so we can watch porn in secret".<p>> For thirty or so years we had client-side optional Parental Controls, and it worked fine.<p>It absolutley did not work fine! the toll of human suffering is inexcusably abominable! I shudder in confusion between whose head i should rip off or why this damn planet hasn't been burned down to ashes already at the very thought of all that has been perpetrated using this technology. The internet multiplied and empowered many things, chief amongst them is human cruelty and apathy.<p>> For thirty or so years we had client-side optional Parental Controls, and it worked fine....<p>Save your breath, even amongst those who genuinely wish to do well, they have employees and user generated content they can't keep up with. There is no excuse for this. Forget about the tiny span in human history that is the past 30 years. How many people died of industrial accident at the begining of the industrial revolution, how many people died because of car accidents before all the car safety and traffic laws were in place. Take that and multiply that by like a billion and that might come close to painting a fair picture of the internet. Just because you don't see it, doesn't mean it doesn't happen. The internet isn't special, it's just a tool, a technology that connects people. Except billions are connected, and now they can abuse and harm each other across national borders , timezones and continents and maximize their profit from it.<p>HN and tech-world in general is like any other industry that caused massive suffering until it was regulated. I keep making the same simple comparison of a stripper IRL vs live cam porn over the internet, and no one in this thread even wants to attack that simple example that I picked because it isn't overly sensationalized and universally accepted that laws should force strip clubs to check IDs in any country on the planet. I didn't bring up pedos, human trafficking, revenge porn and so much more in between. and that's just the sexual dramatic stuff, not the seemingly harmless stuff that is easier to brush away and dismiss.<p>People can see your face and make decisions when they interact with you IRL, they can't over the internet. The problem is huge and the fact that the internet has been young and unregulated does not excuse looking the other way.<p>I can't believe I'm defending politicians' (however ill intended) agendas against HN/tech-world. but here we are. If things progress this route, I would even cheer as everyone (self included) loses any semblance of privacy or democracy because the alternative was these masses keeping looking the other way at human suffering instead of finding sensible middle grounds, especially when the tech is there. This is insane to me! things crypto-bros (both kind!) have been trying to make main stream like zkp and homomorphic encryption and so much more can actually solve a critical fault of the internet, and the choice is to just let people suffer instead of risking a potential slipper slope.
There's no such thing as private or anonymous age verification. It doesn't exist.
zero knowledge proofs exist, don't they? also it matters "private from whom, and what". You can make what sites you visit private from the government, and your identity a secret from the site, but the inverse isn't true, the government would know the identity, and the site would obviously know someone visited it.<p>The problem with this whole thing is the expectation of privacy online for interactions where their IRL equivalents don't have such an expectation. Even if there was no harm being done to anyone, it isn't a rational argument if you subscribe to the ideal of equal treatment under the law.
Being anti-surveillance is the same thing as being pro-crime unless you provide an alternative solution to reduce crime.
The "alternative solution to reduce crime" is called the 2nd Amendment.<p>Many criminals don't seem to care if they're being watched. They do still have an instinct of self-preservation, however.
Being pro-surveillance is the same thing as being pro-authoritarian unless you provide an alternate solution to prevent abuse of power.
Surveillance which violates the privacy or other rights of lawful citizens is <i>worse</i> than crime, I argue. The criminal fears the police, but the government obeys nobody.<p>Security cameras in public areas, I don't have a problem. Government mandated scanning software running on my PC, yeah, I have a problem. It amounts to a warrantless search.
It's no more "warrantless search" than object recognition in your photo app. Signal deliberately misrepresents the policy, which is about connecting (already existing, local) object recognition to (already existing, local) established adulthood of the user.
No, it's much worse than you suggest. Quoting the government:<p>> The government therefore wants Apple and Google to block nudity across the whole device by default, so they can only be deactivated via age assurance.<p>All smartphones and tablets will be required to detect and block adult content on the device. You can avoid it by showing photo ID, but it's bizarre that the default state should be to assume the user is not an adult until proven otherwise.<p>Article 1 of the ECHR guarantees that "every natural or legal person is entitled to the peaceful enjoyment of his possessions". "Until they show government ID" isn't in there!<p>Perhaps I'm jumping the gun to assume this will be used as a precedent to require on-device scanning for illegal content, and further extended from smartphones to desktop PCs. However, I'm not optimistic.
How is it worse than I suggested? There's no "surveillance", for all intents and purposes it's just a hole in functionality requiring age verification to be filled. Article 1 doesn't guarantee that as a kid I can use my possessions to acquire a bottle of vodka.<p>You don't need to show a government ID, I never did. Also, I trust Apple-mediated age verification with a single bit output to any vendor much more than a random B2B SaaS.<p>More generally, the backstop on abusing system is always political. It can't be just a passive immutable barrier with any variation seen as a slippery slope (see the US government just buying commercial intel on citizens). Our political system just saw two ~new national parties spring up in additional to already established three (plus national parties) and MPs revolting at a mild inconveniences to their constituents. We're alright.
Beyond the fact that this isn't true, it's even less credible coming from a new, anonymous account. If privacy is really so dangerous and has no value, you should have no issue making comments like these under a publicly identifiable account.
This assumes surveillance prevents crime, or even that crime is worth preventing if surveillance is the cost.<p>In terms of everyday threats to my life, billionaires are a bigger one than criminals.
People are less likely to commit crimes if they know the state has the tools to identify and prosecute them. Surveillance provides that capability, and reducing it makes solving and deterring crime much harder.<p>The cost is manageable as long as it's used for the right reasons and that the data is kept secure. The benefits of deterring violence outweigh those risks.<p>Billionaires may be a bigger threat but criminals are a threat nonetheless.
[dead]