And of course "just avoid these services" is going to be difficult or near impossible. Convincing your friends, families, acquaintances to ditch zoom is hard enough. But what do you do when you get a zoom link for a job interview? Tell them you object to using zoom and basically cost yourself the job? Or do you only use it when you really have to? In which case, how many interactions do they need from you to collect all the data they need?
It seems like no one else is bothered by the fact that more and more we are being forced to interact with third party companies - companies with which the consumer has no direct relationship - as a precondition for doing things in daily life.
To eat at a restaurant you give a phone number and suddenly have an account with Resy. Renting an apartment means signing up for a service to access the move-in documents and then another to unlock the door.
These services rarely benefit the consumer. I’m not sure why it bothers me so much. Maybe it’s the erosion of agency. Maybe it’s the over-complicating of what should be a simple activity. But it’s becoming more frequent.
It's up there with being forced to install random extensions to view any website. You trust the endpoint, not arbitrary middlemen they decide to bring into the transaction.
You don't need to look far to find a reason to abhor this. If you have a need to verify your identity on Twitter, you're handing your personal information to an Israeli firm (AU10TIX) beyond all accountability and reach of western justice systems.
It's already happening with AI interview tools.
Some of them have god-awful privacy policies that, depending on the interpretation, allow them to retain and use your likeness and voice for training their models or even marketing purposes.
The move is to review those polices, and decline.
It's actively hostile.
It should be treated as such.
The pain of declining on the privacy or personal rights grounds is intentional on their part. They do not respond to inquiries. And in my experience, companies that just use those tools decline to answer inquiries about it.
Except that the "quality" of their tanks was not exactly top notch, worse they used a lot of resources.
At that point it was just a desperate gamble: "if we can make an invincible tank, then it won't matter how few we have", we both know it did not pay off, not even close.
This is part of why I now tend to go for the cheapest. I do a bit of research of course, but most goods have been commodified (and corners cut). Nowadays the only guarantee you have when paying more is that you have less money in your wallet.
From my recollection, the plan was to grant French citizenship to every British citizen and vice versa, in effect "forcing" the governments to defend their citizens to the end. This was very ambitious, hence why it probably did not happen.
But if it had happen, I have a hard time seeing how it could be undone, stripping people of their citizenship, even if they have a second one is no trivial matter.
Isn't that exactly how the iPhone won though? As another commenter said, once the cool gadget becomes a must have for executives, IT will be told to find a way to make it work.
The general public also get sold on the rosy idea that copyright (and patents to a certain extent), protect the little guy, that thanks to this mechanism their work will not be stolen by opportunistic freeloaders. It also resonates with the "one day I will strike rich" mentality.
What they usually "forget" to tell you is that your IP is absolutely worthless if you don't have the resources to defend it in court, which in turns actually advantages freeloaders who either have relatively low costs to sue (patent trolls are basically an example of this) or enough money that they don't feel the pain if they lose.
The current system basically incentivizes suing over IP NOT creating it.
There is also the angle of: even if there is an appropriate amount of controllers in the tower at a given time, how they do it can also hint at the issue. Being an ATC is a taxing job, mandatory overtime and 60 hours work weeks screams understaffing to me.
It is possible for ATC to be understaffed as a profession, LGA to be understaffed as an airport, individual controllers to be overworked, and for it to be 100% reasonable to have a single controller at LGA in the middle of the night.
The problem once again comes when you decide to hyper optimize for profit. Ada and William will rely on word of mouth, maybe a few posters to drum up attention to their raffle.
Meanwhile large gambling orgs will run ad spots non stop with celebrities enticing you to join their app with free bonus bets and once you're in they will send you daily notifications to nudge you to place "just one more bet".
Easy to see how one would be relatively harmless while the other could cause widespread addiction.
Or maybe stop allowing people to pay for their own legal defense? Public defenders for everyone and then we will indeed all be equals before the law.
Billionaires being able to outspend the prosecution by such a wide margin that they can turn the legal battle into a war of attrition that they are likely to win is a complete travesty of justice. But I am not holding my breath on that one, too many people benefiting from the current system.
The message can't be intercepted in transit, since we are talking about spyware, I assume they get it from the device, hard to defend against that if they have access to your process' memory space.
Even if you had to input your private key every time you wanted to read or send a message, having malware in your phone voids practically any form of encryption, because it has to be decrypted eventually to be used.
not at all. there is no encryption that can save you when one of the legitimate participants is somehow compromised. doesn't even need to be a sophisticated device compromise, literal shoulder surfing does that too.
You're correct in the literal sense that they did say those words, but the entire comment clearly demonstrated a lack of surprise that reveals the opening words to be intended ironically.
Thank you for that link. Your original comment implied that Signal's threat model should have included an attacker-controlled end. The only way to do that is to make decryption impossible by anyone, including the intended recipient. A labyrinthine way to do that would be to substitute the symmetric-encryption algorithm with a hash algorithm, which of course destroys the plaintext, but does accomplish the goal of obfuscating it in transit, at rest, and forever.
This entire thread should be annihilated, but since you mentioned being pedantic...
You're correct that a pure encryption algorithm doesn't use hashing. But real-world encryption systems will include an HMAC to detect whether messages were altered in transit. HMACs do use hash functions.
reply