Thanks, Thad. I knew about filters, but I did not recognize the name Bayesian. Now I know. And I, also, take some of the precautions you mentioned, like separate email addresses for darn near everything, so it is easier to ditch one if it becomes contaminated. It makes it a bit of a nuisance to sign up for anything, since I have to create new username, new password, new email address, new . . . . But you have raised another question: With the filters, blacklists, and return address look-ups, how are the spammers still polluting some of your accounts to the point of un-usability? I mean, I remember getting tons of junk like you mentioned, re Vi@gr@, etc etc, but that was many years ago, and I just don't see that stuff anymore, on any of my email addresses (thank goodness). Are some of your accounts with providers that just don't do a good job of filtering?
Re: What does it say about the state of the United States
It says that our system has gone down the toilet, and that the cult of the presidency has taken over completely. It also says that our "educational system" does not teach people how to think, but rather how to be good government stooges.
I remember when spam email was a huge problem. Sometimes people would get 100's of XXX email solicitations a day. There is still spam, but much less, and now just about all the spam I get (which is not much) has a link to "unsubscribe." The links generally work. I am sure there are those here who know more about this than I, but I believe the difference may have been a federal law (the CAN-SPAM Act of 2003, maybe?) against most types of spam, and a few well-publicized criminal and civil cases. I wonder if a similar law against "violating privacy as a business plan" would have any effect? Of course, since the government enjoys the benefits of so much information about everyone being so readily available, we have <0 chance of getting such a law.
"Interoperability" sounds a whole lot like Mike's mantra of "protocols, not platforms," just using different terms to express the same basic concept. I just keep wondering what those of who also believe this is a better path can do to help make it a reality.
The Tech Policy Greenhouse is an excellent metaphor for this project. And Mike is a highly qualified gardener, with an exceptionally green thumb. I look forward to watching the project flourish. With any luck, from this embryonic seed, a mighty policy oak will grow. Or possibly a crop of healthy ideas to nourish future policy-makers. But to plow this metaphor further into the ground, I have to wonder what part the sponsors will play. Will they be rocks in otherwise fertile soil? Will they constitute an over-abundance of fertilizer, and burn the projects roots? In any case, I look forward to future visits to the Greenhouse.
Inch by inch
Row by row
Mike, I hope your garden grows!
Examples of the two factions fighting each other (or not) to achieve the same authoritarian goals are ubiquitous. Sometimes it is simply a situation where "If my faction wants it, it is good, but if your faction wants it, it is bad" even though "it" may be exactly the same thing.
There are 435 Reps, 100 Senators, and the President (536 total) plus countless cabinet members, advisors etc, etc, yet most everything is really decided by a small group of just 3 - 8 (or so) people. The rest just do as they are told. Is it any wonder most people think their votes don't matter?
Please, everyone, use Tor whenever possible. It is not difficult and not as slow as it used to be. And if you need to access a web site that prohibits Tor connections, use a VPN. Riseup Networks (free) and ProtonMail (free tier) both have VPNs that can likely be trusted. I am sure there are more. And while GPG / PGP is still a bit geeky and a nuisance to set up, it provides encrypted email. Once set up it is a breeze to use. The hardest part is getting the people you wish to email to use it, also. Ditto for Signal phone messaging. We all need to make anonymity and privacy the default to the greatest extent possible, and that requires us making an effort (even though we shouldn't have to).
Since virtually all surveillance device (aka phone) software and hardware is proprietary, it is nearly impossible to tell just what a factory reset really does. Even the best professional security researchers have difficulty with this stuff. If you cannot prove it is not spying on you (and you can't) it is best to assume that it is spying on you.
If our government had a history of openness, honesty, integrity and respect for the privacy of it's citizens, then people might accept the idea of contact tracers, or contact tracing in general. Unfortunately, this is not the case. Our government has a nearly unblemished record of obfuscation, dishonesty, corruption, and lack of respect for any of it's citizens rights. So, naturally, people are quite resistant to the idea of contact tracers, or giving information to restaurants. It is unfortunate that our government has such a track record of untrustworthiness, but it can blame no one but itself. Now, in this pandemic, this unfortunate history is coming back to haunt us all. Contact tracing could be very useful in limiting the spread of the SARSCOV-2 virus, if the government could be trusted to do it right, but it can't. And, thanks to the misbegotten "third party doctrine" we cannot trust anyone else to do contact tracing either, because any information provided to even an honest third party is available to a dishonest and corrupt government. If some government "cootie cop" asks me anything, I will tell them right where they can get off (and in no uncertain terms).
QI is for legitimate "Oops!" situations. Also, you don't want people who get arrested with appropriate reasonable suspicion, but who are later found to be not guilty, to be able to sue the police for false arrest, screaming "I was proved innocent, therefore you falsely arrested me!" I know, I know, not guilty ≠ innocent, but that is what they would scream.
IANAL, but it seems to me that QI is also supposed to only apply things that happen during lawful performance of police duties, and the things we are talking about (ie shooting random creatures/people, destroying their homes, and stealing their possessions) do not qualify as legitimate "Oops!" situations, nor are they in any way part of lawful performance of duties.
The problem is that courts everywhere have been doing legal backflips to make QI cover absolutely anything and everything. And then there is the absurdity of "There is no exact precedent clearly establishing that this cop's bad behavior is, in fact, bad, and this court will explicitly not set such a precedent, therefore this decision is essentially an affirmation that said bad behavior is perfectly acceptable now and in the future." These are the things that need to stop.
Unfortunately I think that the grossly excessive application of qualified immunity will not be taken seriously by the Supremes until one of their grandchildren (or great-grandchildren?) is injured, killed, or otherwise violated by an out-of-control cop using excessive force, or some similarly close-to-home tragedy occurs. Sometimes it takes some up-close and personal experience with these kinds of horrors for the proper perspective and appropriate outrage to manifest. Of course, the odds of this ever happening are about as close to zero as you can get. Which means we will almost certainly be stuck with the abomination of QI forever.
Internet voting can be made secure and verifiable, but not anonymous, using GPG / PGP techniques. The not anonymous part means that an individual vote is directly connected to the identity of the voter who cast that vote. This is antithetical to our secret ballot system. Since this is a deal-breaker, the fact that it is difficult to implement is irrelevant.
So far, there has not been any system developed where Internet voting can be secure, verifiable, and anonymous. It is probably not even possible to develop such a system. As usual, Randall Munroe got it right.
“Quadruple the number of...”
“Add 100 new agents...”
“Fund 65 new...”
“Double funding...”
“Double funding...”
“Increase funding...”
“Establish an Office...”
“Require the Office...”
“Require the Office...”
I am not sure that adding more people, money, offices, and requirements will have much effect. This approach has never been effective in the past. Maybe it would be simpler and more effective to just jail the existing people who are in the existing offices with the existing money for not doing their jobs according to the existing requirements? I realize that there may not be provisions in current law to do this, but maybe that needs to change.
Bar Associations have been known to be very intolerant of even slight technical transgressions, such as being late to inform them of a change of address. But it seems they rarely even notice abominations such as these. If prosecutorial misconduct actually got prosecutors disbarred, then an actual licensed prosecutor would be a rare bird, indeed.
. . . a country that engages in torture, operates secret prisons, criminalizes criticism of the government, and officially blesses mistreatment of anyone who isn't a Muslim male.
Whew! For a moment there I thought you were talking about the US government.
I found the "descriptive phrases" quite refreshing. Some people, like journalists, diplomats, lawyers, politicians etc are often under great pressure to use only blandspeak. Tim Bray is none of those. I respect a Distinguished Engineer who speaks his mind in terms everyone can understand! Please, more of this!
I wish I had suggestions for a good solution, but I don't. The baseline problem is the fact that we find ourselves in the position of needing a police oversight organization in the first place. Honest, ethical, law-abiding cops would render the whole concept moot. And it may be a better use of resources to try to solve the base problem than to find effective band-aids. Many in this space have pointed out a number of steps that could be taken to help solve the evil cop problem. Of course, the difficulty or impossibility of actually taking those steps, or getting the powers that be to take those steps, is what led us to the current discussion.
In one way or another, the various attempts at creating some sort of police oversight organization have all been designed or implemented in such a way as to render the oversight organization completely useless.
Frequently these boards are stacked in favor of the police, often with requirements that there be police representatives on the board, and that all members be approved in some way by the existing power structure. Both of these kinds of requirements are completely contrary to the entire concept of the boards: that they provide outside, objective oversight of the police.
Giving these boards the power to compel testimony is a rarely taken step in the right direction, but their general lack of real legal power can render them completely toothless. And a lack of any defined consequences for defying the boards’ powers, whatever they may be, can render any powers they may have a moot issue. These boards should have complete, timely access to all police documents and records (including personnel records, reports, videos, and anything else), they should be able to hire outside investigators, subpoena witnesses, etc. If these powers sound similar to what a grand jury would have, it is because they should be.
And, clearly these oversight boards should have the budget and facilities to implement their powers.
Unfortunately, most of these boards do not have the appropriate makeup, powers, or budget to accomplish their stated goals. This makes them nothing more than sham paper tigers, created to give the illusion of oversight and accountability, but actually providing no such thing.
On the post: 'Big Tech' Blinders Let Other Privacy Violators Off The Hook
Re: Re:
Thanks, Thad. I knew about filters, but I did not recognize the name Bayesian. Now I know. And I, also, take some of the precautions you mentioned, like separate email addresses for darn near everything, so it is easier to ditch one if it becomes contaminated. It makes it a bit of a nuisance to sign up for anything, since I have to create new username, new password, new email address, new . . . . But you have raised another question: With the filters, blacklists, and return address look-ups, how are the spammers still polluting some of your accounts to the point of un-usability? I mean, I remember getting tons of junk like you mentioned, re Vi@gr@, etc etc, but that was many years ago, and I just don't see that stuff anymore, on any of my email addresses (thank goodness). Are some of your accounts with providers that just don't do a good job of filtering?
On the post: Trump's Final Executive Order On Social Media Deliberately Removed Reference To Importance Of Newspapers To Democracy
Re: What does it say about the state of the United States
It says that our system has gone down the toilet, and that the cult of the presidency has taken over completely. It also says that our "educational system" does not teach people how to think, but rather how to be good government stooges.
On the post: 'Big Tech' Blinders Let Other Privacy Violators Off The Hook
I remember when spam email was a huge problem. Sometimes people would get 100's of XXX email solicitations a day. There is still spam, but much less, and now just about all the spam I get (which is not much) has a link to "unsubscribe." The links generally work. I am sure there are those here who know more about this than I, but I believe the difference may have been a federal law (the CAN-SPAM Act of 2003, maybe?) against most types of spam, and a few well-publicized criminal and civil cases. I wonder if a similar law against "violating privacy as a business plan" would have any effect? Of course, since the government enjoys the benefits of so much information about everyone being so readily available, we have <0 chance of getting such a law.
On the post: Fighting The Free Speech Digital Divide Requires Interoperability and Privacy Protection
"Interoperability" sounds a whole lot like Mike's mantra of "protocols, not platforms," just using different terms to express the same basic concept. I just keep wondering what those of who also believe this is a better path can do to help make it a reality.
On the post: Introducing The Tech Policy Greenhouse: Let's Have Thoughtful Conversations About The Biggest Tech Policy Challenges
Greenhouses let in sunlight
The Tech Policy Greenhouse is an excellent metaphor for this project. And Mike is a highly qualified gardener, with an exceptionally green thumb. I look forward to watching the project flourish. With any luck, from this embryonic seed, a mighty policy oak will grow. Or possibly a crop of healthy ideas to nourish future policy-makers. But to plow this metaphor further into the ground, I have to wonder what part the sponsors will play. Will they be rocks in otherwise fertile soil? Will they constitute an over-abundance of fertilizer, and burn the projects roots? In any case, I look forward to future visits to the Greenhouse.
Inch by inch
Row by row
Mike, I hope your garden grows!
On the post: A Mess In The House: Dirty Pool As Rep. Schiff Inserts Loophole To Help The FBI Spy On You
Re: Dog & Pony Show - Pure & Simple - Campaigning for 2 years?
I still view it as a Punch and Judy show.
Examples of the two factions fighting each other (or not) to achieve the same authoritarian goals are ubiquitous. Sometimes it is simply a situation where "If my faction wants it, it is good, but if your faction wants it, it is bad" even though "it" may be exactly the same thing.
On the post: House Democrats Have The Power To Protect Our Web Surfing From Warrantless FBI Searching; Instead, They're Pointing Fingers
520+ sheep
There are 435 Reps, 100 Senators, and the President (536 total) plus countless cabinet members, advisors etc, etc, yet most everything is really decided by a small group of just 3 - 8 (or so) people. The rest just do as they are told. Is it any wonder most people think their votes don't matter?
On the post: As Congress Looks To Give FBI Broad Powers To Sniff Through Your Browsing History Sans Warrant, Wyden Asks ODNI How Often It's Used
We must do our part
Please, everyone, use Tor whenever possible. It is not difficult and not as slow as it used to be. And if you need to access a web site that prohibits Tor connections, use a VPN. Riseup Networks (free) and ProtonMail (free tier) both have VPNs that can likely be trusted. I am sure there are more. And while GPG / PGP is still a bit geeky and a nuisance to set up, it provides encrypted email. Once set up it is a breeze to use. The hardest part is getting the people you wish to email to use it, also. Ditto for Signal phone messaging. We all need to make anonymity and privacy the default to the greatest extent possible, and that requires us making an effort (even though we shouldn't have to).
On the post: Documents Show NSO Group Is Pitching Its Malware To US Local Law Enforcement Agencies
Factory reset?
Since virtually all surveillance device (aka phone) software and hardware is proprietary, it is nearly impossible to tell just what a factory reset really does. Even the best professional security researchers have difficulty with this stuff. If you cannot prove it is not spying on you (and you can't) it is best to assume that it is spying on you.
On the post: As Some Are Requiring People To Give Up Their Info To Dine, Stories Of Creeps Abusing That Info Come Out
Restaurant -> Third Party Doctrine -> Government
If our government had a history of openness, honesty, integrity and respect for the privacy of it's citizens, then people might accept the idea of contact tracers, or contact tracing in general. Unfortunately, this is not the case. Our government has a nearly unblemished record of obfuscation, dishonesty, corruption, and lack of respect for any of it's citizens rights. So, naturally, people are quite resistant to the idea of contact tracers, or giving information to restaurants. It is unfortunate that our government has such a track record of untrustworthiness, but it can blame no one but itself. Now, in this pandemic, this unfortunate history is coming back to haunt us all. Contact tracing could be very useful in limiting the spread of the SARSCOV-2 virus, if the government could be trusted to do it right, but it can't. And, thanks to the misbegotten "third party doctrine" we cannot trust anyone else to do contact tracing either, because any information provided to even an honest third party is available to a dishonest and corrupt government. If some government "cootie cop" asks me anything, I will tell them right where they can get off (and in no uncertain terms).
On the post: Reuters Report Shows How The Supreme Court Has Turned Qualified Immunity Lawsuits Into A Rigged Game
Re:
Exactly right.
QI is for legitimate "Oops!" situations. Also, you don't want people who get arrested with appropriate reasonable suspicion, but who are later found to be not guilty, to be able to sue the police for false arrest, screaming "I was proved innocent, therefore you falsely arrested me!" I know, I know, not guilty ≠ innocent, but that is what they would scream.
IANAL, but it seems to me that QI is also supposed to only apply things that happen during lawful performance of police duties, and the things we are talking about (ie shooting random creatures/people, destroying their homes, and stealing their possessions) do not qualify as legitimate "Oops!" situations, nor are they in any way part of lawful performance of duties.
The problem is that courts everywhere have been doing legal backflips to make QI cover absolutely anything and everything. And then there is the absurdity of "There is no exact precedent clearly establishing that this cop's bad behavior is, in fact, bad, and this court will explicitly not set such a precedent, therefore this decision is essentially an affirmation that said bad behavior is perfectly acceptable now and in the future." These are the things that need to stop.
On the post: Reuters Report Shows How The Supreme Court Has Turned Qualified Immunity Lawsuits Into A Rigged Game
Qualified Immunity and the Supreme Court
Unfortunately I think that the grossly excessive application of qualified immunity will not be taken seriously by the Supremes until one of their grandchildren (or great-grandchildren?) is injured, killed, or otherwise violated by an out-of-control cop using excessive force, or some similarly close-to-home tragedy occurs. Sometimes it takes some up-close and personal experience with these kinds of horrors for the proper perspective and appropriate outrage to manifest. Of course, the odds of this ever happening are about as close to zero as you can get. Which means we will almost certainly be stuck with the abomination of QI forever.
On the post: Unpublished Guidelines Show The DHS Is Steering States Away From Insecure Internet Voting Options
Internet Voting
Internet voting can be made secure and verifiable, but not anonymous, using GPG / PGP techniques. The not anonymous part means that an individual vote is directly connected to the identity of the voter who cast that vote. This is antithetical to our secret ballot system. Since this is a deal-breaker, the fact that it is difficult to implement is irrelevant.
So far, there has not been any system developed where Internet voting can be secure, verifiable, and anonymous. It is probably not even possible to develop such a system. As usual, Randall Munroe got it right.
On the post: Senator Wyden And Others Introduce Bill Calling The DOJ's Bluff Regarding Its Attempt To Destroy Section 230 & Encryption
New Approach?
I am not sure that adding more people, money, offices, and requirements will have much effect. This approach has never been effective in the past. Maybe it would be simpler and more effective to just jail the existing people who are in the existing offices with the existing money for not doing their jobs according to the existing requirements? I realize that there may not be provisions in current law to do this, but maybe that needs to change.
On the post: Appeals Court Says Prosecutors Who Issued Fake Subpoenas To Crime Victims Aren't Shielded By Absolute Immunity
Re: Disbarment
Bar Associations have been known to be very intolerant of even slight technical transgressions, such as being late to inform them of a change of address. But it seems they rarely even notice abominations such as these. If prosecutorial misconduct actually got prosecutors disbarred, then an actual licensed prosecutor would be a rare bird, indeed.
On the post: Israeli Malware Merchant's Employee Used Powerful Spyware To Snoop On A Potential Love Interest
Whew! For a moment there I thought you were talking about the US government.
On the post: Tim Bray, Early Internet Guru, And Amazon VP Quits Over The 'Chickenshit' Company's Targeting Of Employees Speaking Out About COVID-19
I found the "descriptive phrases" quite refreshing. Some people, like journalists, diplomats, lawyers, politicians etc are often under great pressure to use only blandspeak. Tim Bray is none of those. I respect a Distinguished Engineer who speaks his mind in terms everyone can understand! Please, more of this!
On the post: Federal Court Says Baltimore PD's High-Powered Aerial Surveillance Program Doesn't Violate The Constitution
Incrementalism
Let's see, just how hot can we get this water before the 4th Amendment Frog dies?
On the post: Oversight Board Calls Out Austin PD For Revamping Policies To Minimize Citizen Complaints
Re: Re: Re: Police Oversight Boards Are a Joke
I wish I had suggestions for a good solution, but I don't. The baseline problem is the fact that we find ourselves in the position of needing a police oversight organization in the first place. Honest, ethical, law-abiding cops would render the whole concept moot. And it may be a better use of resources to try to solve the base problem than to find effective band-aids. Many in this space have pointed out a number of steps that could be taken to help solve the evil cop problem. Of course, the difficulty or impossibility of actually taking those steps, or getting the powers that be to take those steps, is what led us to the current discussion.
On the post: Oversight Board Calls Out Austin PD For Revamping Policies To Minimize Citizen Complaints
Police Oversight Boards Are a Joke
In one way or another, the various attempts at creating some sort of police oversight organization have all been designed or implemented in such a way as to render the oversight organization completely useless.
Frequently these boards are stacked in favor of the police, often with requirements that there be police representatives on the board, and that all members be approved in some way by the existing power structure. Both of these kinds of requirements are completely contrary to the entire concept of the boards: that they provide outside, objective oversight of the police.
Giving these boards the power to compel testimony is a rarely taken step in the right direction, but their general lack of real legal power can render them completely toothless. And a lack of any defined consequences for defying the boards’ powers, whatever they may be, can render any powers they may have a moot issue. These boards should have complete, timely access to all police documents and records (including personnel records, reports, videos, and anything else), they should be able to hire outside investigators, subpoena witnesses, etc. If these powers sound similar to what a grand jury would have, it is because they should be.
And, clearly these oversight boards should have the budget and facilities to implement their powers.
Unfortunately, most of these boards do not have the appropriate makeup, powers, or budget to accomplish their stated goals. This makes them nothing more than sham paper tigers, created to give the illusion of oversight and accountability, but actually providing no such thing.
Next >>