We don't, we accept that encryption is part of the modern world and learn to live with it. Because there's nothing else you can do about it.
See encryption is just math, and you can't really outlaw or limit how math is used.
If we have bad actors who want to encrypt their communication, they absolutely can with or without this bill.
Even if Whatsapp/Telegram/Whatever has to provide the US government with a backdoor to decrypt all messages, anyone can make their own communication platform and simply not give the government a back door. Implementing secure encryption isn't difficult and it's very easy to research how to accomplish it.
Grab a few devs and they can create a simple encrypted messaging app in a few days.
You don't even need to distribute it through official channels. Android allows you to sideload apps from anywhere and you can jailbreak iPhones to install apps from anywhere. So our bad actors can create secure encrypted communication platforms and distribute them without anyone ever knowing about it.
How will this bill prevent that? How will it prevent a few random developers from whipping up their own apps? How will it make it impossible for anyone, anywhere at any time to implement encryption into any app or platform?
Just like law enforcement has always done, it uses the tools at its disposal. There are many mechanisms that require elevation and precedence already like a subpoena. Further more pgp is already in the wild, this bill will just force liability over towards the platforms and make them open up.
A fundamental requirement of a free society is encrypted communication, always has been. Im amazed given how the police state has grown since 9/11 that there are 'poor police' arguments et all. Government always grows in scope. The secret fica courts that were intended for terrorism only ended up being 50% domestic drug cases.
> anyone can make their own communication platform
and then the users of that platform would simply stand out in ISP logs making it actually easier to spot them. If this platform was a dedicated tool developed by/for a bad actor, then everyone working with/for that actor would be easily found.
Given that, it seems that steganography (combined with encryption) could be a solution with a "battle" between steganographic methods and algorithms to detect them
>and then the users of that platform would simply stand out in ISP logs making it actually easier to spot them.
Yeah no.
Encrypted data would still be flowing all over the place, if our bad actors use VPN's to hide their traffic then it would become impossible for ISP's to see what they're doing or using.
In addition, even if you can pinpoint who's using encrypted communications, unless you can prove they're actually engaged in some criminal practice, it won't do you much good. With EARN-IT the responsibility is on the encryption providers, so those two random devs who made the app. You can't tell what the users were talking about since communication is encrypted, you can't really prosecute any of the users for anything besides maybe using those apps if it becomes completely illegal or you can prove that the app is only used by criminals and no one else.
Now you can potentially go after the devs, assuming of course you can figure out who made the app, and assuming these people are in a place where US laws apply. The global nature of the Internet makes things very difficult. If a Swedish team develops and encrypted communication app and distributes it on their website, are they still required to comply with US laws? If they prevent US citizens from downloading the app with geoblocking but people get around it with VPN's, are they still required to comply with US laws?
>if our bad actors use VPN's to hide their traffic then it would become impossible for ISP's to see what they're doing or using
you just transfered a problem from ISP level to VPN operator level. While you could argue that using multiple VPNs from different countries could make this somewhat harder, the problem still exists. Especially if you consider metrics other than IP, for example specific packet sizes or timing patterns (for example, instead of users connecting to given IP, the adversary would look for users sending 640 byte packets every 300 seconds).
While the arguments that encryption of messages makes it impossible to know the contents of messages (and thus using the contents as evidence), however the ability to uncover the members/employees/cooperators of bad actor would make it easier to investigate them and/or use other means of targeted surveilance to obtain evidence. Also this would make it easier to infiltrate bad actor, since one of the uncovered users could be then coerced into cooperation.
(All above assumes that the app/platform is used only by members of "bad actor" and noone outside that organization is using the app. It is completely different if there are other users, perhaps even bad-actor users being a minority.)
With the developers outside jurisdiction, the problem is that while they of course might or might not be required to comply with the law, but they can still be coerced/manipulated/otherwise encouraged into providing a "patch" (backdoor) into the application.
I believe that much better solution would be to simply use any popular platform as a transport layer, with independent end-to-end encryption. Possibly with some steganography as well. The simplest example would be users exchanging memes/cat pictures - this will not stand out in any ISP/VPN traffic analysis. It will also not stand out (that much) in content analysis by any entity that can decrypt/access plain-content. The images being exchanged could then contain embedded (and end-to-end encrypted) content.
While this is still far from perfect - you could imagine detection of repetitive images being sent, content/timing patterns or actual analysis of attachments for steganography but all those still require significantly more resources to work on massive scale.
Alternative would be to use custom platform but having as many "external" (in a sense of not working with/for bad actor) users as possible
I mean a bad actor can easily use stolen/free wireless with a randomized mac on a machine that’s used for nothing else and not access any “usual” services while doing it.
This is more about ordinary people maintaining privacy in their normal daily activities, in ways that aren’t too inconvenient to use 24/7.
If a bad actor has the knowhow to build a custom platform they sure have the ability to access the internet in a way where they can’t be found by IP.
Governments still like to push anti-privacy laws because they help catch non-technical criminals who don’t put in a serious effort to hide. This is why they hate “built in” privacy protections in consumer software and demand ways around it, because they help protect even technically illiterate criminals.
What I'm trying to say is, the important question is how much do we want to erase privacy for 99% of people who use normal consumer software in order to help police catch the ~1% or whatever the percent of criminals is that also use normal consumer software, and just happen to also be criminals. The 0.01% of people that are criminals and have the resources and knowhow to actively try to avoid detection by building their own systems are not going to be caught in trivial ways (like tracking their IP to their apartment, vpn or no vpn, or tracking them through correlation from using their personal social media account from the same connection they perform illegal activity from) anyway so they don't matter.
But if the app is in the gray area (e.g. in addition to bad actors, it's also used by a niche set of privacy enthusiasts) it enables plauisble deniability.
Yeah, so? Most acts of "money laundering" consist of nothing more or less than the basic principles of privacy applied to financial transactions. The fact that the government has somehow managed to normalize intrusive mass surveillance in the domain of finances does not justify extending the surveillance to other areas.
A sufficiently authoritarian regime can outlaw pretty much anything they want, if they're willing to be heavy-handed about the enforcement and make a mockery of the justice system in the process—both of which can be observed in the anti-money-laundering regulations. Enforcement won't be 100% effective, of course, and the collateral damage would be enormous. It won't have nearly as much effect on the actual "bad guys" as it will on ordinary civilians. However, nothing prevents them from passing bad laws banning encryption. Which is exactly why such disastrous policies need to be strongly opposed.
So Apple will boot an app that gives users the ability to send adult content to other users....?
That is completely ridiculous and if that is the reason Telegram is policing adult content then Telegram is ran by idiots. You can use any IM app to share adult content, there are plenty of groups on Whatsapp sharing porn, there are plenty of groups in iMessage sharing porn, there are porn accounts on Instagram and twitter, hell the entire reason snapchat even exists is so that you can send self destructing nudes to people.
The idea that an app will be banned due to content shared with people using the app, and not uploaded and/or hosted on some public website accessible to anyone (CP on tumblr) sounds completely ridiculous to me.
I disapprove of Apple’s puritanical approach to sex, and agree that this is ridiculous given that the logic applies equally well to literally all apps with groups or arbitrary URL web access, but it does appear to be the sincere justification for this situation.
A thought: I hear that most of the complaints about “adult” TV channels crossing the line from “broadcastable” to “violating obscenity laws” are made by their competitors. Perhaps a similar thing happens here? That at least one of Telegram’s competitors constantly look for reasons to get them blocked from the App Store?
There are other apps that use universal e2e encryption and have not been banned by Apple. Also if someone idi want to use Telegram for seedy purposes, they still can by enabling full security, so it’s pretty clear this excuse is flat out bogus. Otherwise all the same arguments would apply to the other apps.
> So Apple will boot an app that gives users the ability to send adult content to other users....?
Yes they will, if they're on channels (which are considered public).
Not only are Whatsapp groups and Snapchat chats are considered private, those companies have much more clout (and lawyers) than Telegram. Facebook threatening to remove Instagram/Facebook/Whatsapp from iOS would hurt Apple more than Facebook.
Side note: Even lists with no adult content, but referring to adult activities get banned. The creator of an app listing Burning Man events had to remove all references to adult workshops or get the banhammer. Apple's walled garden, Apple's rules (sigh).
- A ton of cam models have private snapchat accounts where they share porn of themselves
- Reddit is basically a cornucopia of porn
- I can subscribe to a porn email list
- Share nudes to a group of friends on Facebook or even SMS
- I can join a hundred Discord channel to satisfy every single weird ass fetish I have,
- I can outright buy porn from Amazon and have it home delivered in 30 minutes.
And that's just from the top of my head. I'm sure you can find a metric ton of other apps that provide their users with easy access to sexual content. None of those apps will be banned for it since that is not the primary purpose of any of these apps. It's simply something that you're able to do with the tools provided. This is like banning all knives just because someone got stabbed.
If your plan is to ban apps that provide access to pornographic content, then you're gonna have to do a lot of banning.
I would also argue that a public blogsite where tagging and discovering new content is one of the key selling points of the platform, is very different from a Telegram channel where you need to specifically know the channel name to even join. As long as Telegram puts forth their best effort to eliminate illegal content from channels, they should be fine.
It might be OK for one app to allow such content and it might be not OK for Telegram. Because Telegram earlier had issues with Apple [1] and if they violate Apple's rules again it would become a convenient excuse to remove Telegram from App Store.
You are trying to find a reasoning in Apple's decisions, but isn't it easier to assume that not all apps are equally welcome in a private app store?
You're right that those countries don't have a government mandated minimum wage. That doesn't mean there is no minimum wage in practice though.
Scandinavian countries have massive powerful trade unions that work to negotiate standards and wages for everyone. Even if you're not actively part of a union, your employer will almost certainly use Collective Labor Agreement negotiated by the trade union. This CLA guarantees certain things like vacation time, minimum wages, break times, etc.
Now you could not use a CLA drafted by a union and instead try to fuck people over with your own contracts. That's not very likely to work though since these countries tend to have strong social welfare systems coupled with free healthcare. So if people quite due to shitty pay and/or hours, they can still make do with social benefits. Also people here in Finland at least, know that for most jobs you absolutely want a CLA drafted by one of the unions because that CLA protects you.
Most companies use the CLA's as a base and allow employees to negotiate better contracts if they want to. E.g you can ask for less hours and more pay, the CLA generally only guarantees minimums. Now an employer can always try to renegotiate the agreement with the union for their workers, but you better be damn sure you treat your workers right since if the unions decide that you're not, they will fuck you up.
These unions are massive and hold a ton of power. In Finland over 70% belong to a union and it is not uncommon for them to strike if the employers are trying to fuck them up. The best example of this is the recent chaos with the Finnish Postal Service.
To give you an idea on what happened, the postal service tried to renegotiate the CLA they used, which would have resulted in worse pay and hours for the workers. Union was taking none of it and went to strike. The postal service tried to get around this using questionable means which broke International Labour Organizations rules. This led to a ton of sympathy strikes which eventually ground the nation to a standstill.
Public transportation froze, flights were cancelled, trains didn't run, all goods transported by postal cars were boycotted by unions this led to stores not being stocked up as they should have for example, ferries and cruise ships under Finnish flag froze. Among numerous other things. The unions eventually won after inconveniencing thousands of people and costing corporations tens of millions of euros.
The workers didn't get shafted and their rights were protected even without a government mandated minimum wage.
Even with unions this probably wouldn’t happen in America. People just don’t organize, strike, or care about their civic duties or expressing their opinion. I don’t know what happened to us. Maybe we’re all just lazy now?
I suspect that US laws have made unions mostly toothless. I know this has happened to teachers unions. It's illegal for teachers unions in TN to strike(I don't know about other states). What power does a union have if they can't strike? Also Unions have been demonized in the US media and now public perception of unions is extremely low. Which is sad because they're one of the few tools workers have to bargain for their own rights.
Well, it's only public service unions that can't strike (it depends on state/federal/etc. so there are a lot of things here that I can't accurately comment on) and even so I'm not sure that I find myself agreeing with collective bargaining for public employees either. It's a topic for discussion, for sure.
But the point I wanted to make was that I think even if we had stronger unions, Americans like myself have become lazy and afraid of being inconvenienced. We had Occupy Wall-Street, but I'm just not sure. I just don't envision my fellow Americans striking, together, for things. We're barely united on anything as it is right now.
Just some general thoughts/comments. I'd love to hear other perspectives on this.
Now you could not use a CLA drafted by a union and instead try to fuck people over with your own contracts.
That would be illegal in Switzerland (not really a business hating commie hell hole). When a collective agreement exists for specific areas it applies to all companies in that area.
That's not to say that dodgy firms don't try to get around it, but if they're caught it it gets expensive and troublesome. And checks (alas, I don't know if sufficiently) are conducted.
It's not so clear as it's not entirely objective to determine what companies exist in a certain area.
The national mail in Finland is tasked to do letter service, which no other postal company is doing. Letter service is also the most human intensive job there is.
The argument here is that if you want to produce an app for iOS you have to provide it through the App Store and thus succumb to the 30% fee. The same applies if you're using Apples payment processing, which you actually have to use if you want to offer any in-app purchases on iOS. In addition Apple is the sole authority on what is and is not allowed on their storefront. If they deem your app is not acceptable, you have no alternative ways to distribute it to users. They can also kick you out if they think it's necessary, again leaving you with no alternatives.
Google does the same thing with Play Store. If you sell an app in Play Store, Google takes 30%. If you use Goolges payment processing, Google takes 30%. They can kick you out, not permit you in the store, etc. The difference is that a developer isn't forced to use the play Store or Googles payment processing.
You can distribute your APK in any way you want to and users can install any APK from any location they want to. You can absolutely sell your Android games on your own website and just provide an APK to a paying user and now you don't have to pay 30% out of every purchase. If you want to provide in-app purchases the user can provide their CC information and you're free to process the payment in any way you want to, again, circumventing Goolges cut.
This is the primary reason you can't get Fortnite from the play store, instead you have to download an install an APK. Epic also uses their own payment processing systems, so they don't need to pay anything to Google for IAPs. They can't do that on their iOS apps, meaning they're losing on some hefty profits simply because no alternative exists.
So it's not that Apple is jacking up the profits, rather you could say that you need to pay a hefty tax to provide your app to iOS users.
>This is the primary reason you can't get Fortnite from the play store, instead you have to download an install an APK. Epic also uses their own payment processing systems, so they don't need to pay anything to Google for IAPs.
One important point on this is that the Play Store does allow some apps distributed within it to do billing themselves [0], but not games, which is why Fortnite is distributed outside the Play store.
There are some other rules, but if you're building a cross-platform app, you should know that many Play Store distributed apps can do billing themselves on the grounds that they have "digital content that may be consumed outside of the app itself".
Spotify and Netflix do their own billing on Android, as opposed to iOS, where the Netflix app has a button to call a phone number that plays a voice recording telling you to go to netflix.com (web links to sign-up pages aren't allowed).
I really don't understand why there are so few QHD screens on laptops. It's always either a 1080p or 4k, while a good QHD screen would still give higher resolution while not completely murdering my battery.
Yeah, I've got a 4K Thinkpad, and the screen is gorgeous, but it's way overkill. QHD would have been good enough, but it was 4K or 1080p, and I do want a bit more than that.
So while obviously edits are a huge issue with body image. It's very important to understand that when you look at almost any IG picture, whether it is altered or not, you're most likely looking at the best possible aspects of the person that they specifically chose to show.
You're only seeing the best parts of someone while comparing them to your worst parts. And when every single picture is specifically crafted to only show the best parts, you'll get a very unrealistic idea on what the person actually really looks like.
One day I was sitting on the bus. There was someone in front of me crafting an Instagram post, then somebody else in front of them just chilling listening to music not paying attention to anyone or anything. I watched while the person in front of me took a few different selfies from a couple angles, added some filters then sit there crafting a tale about dude in front who was doing absolutely nothing, don't even think he noticed anyone else at all on the bus, and how he'd said something to her and her selfie was the reaction. It took a bit of time too. She thought about it, edited it and changed it a bunch. It was some effort. All just crafted to get reaction.
It was entirely fabricated, not a single thing was true about the post. Then I watched while she eagerly refreshed checked ever 15 seconds for likes and sympathetic comments.
It was kind of funny to watch, but sad at the same time. I can't understand such a strong need for validation that you'd do such a thing.
I think that's a sign of Nokia doing the right things.
Nokia made a metric fuckton of different kinds of phones. Some of them, like your example, were just really goddamn weird and didn't really work out. But the key thing is that they weren't just sitting on their asses making a better Nokia 3310 every year.
When Nokia found a winning formula they absolutely used it and created devices based on that formula. However they were never afraid to try new weird shit. Doing new things and trying to break the mold of a traditional handset was exactly what allowed them to find new features and things to add to phones.
Their real problem was that they were too slow to adopt the changes brought forth by the iPhone, and were too confident in their dominance over the mobile market so they never saw the possibility of someone overtaking them.
Nokia had big screen touch-centric smartphone model prototypes long before Apple even dreamed doing phones. It was not like the idea was not there.
It was classical engineer vs. designer/marketer viewpont.
It's slower to write in touch-screen. From objective engineering perspective it's backwards in ergonomy. But most people who are not power users like Obama and his blacberry addiction. They just want to point and drag and big screen is better for pointing.
Steve Jobs saw the trade-off. Uses are willing to write slower and do more errors in exchange of bigger screen. Nokia engineers were doing ssh connections with Nokia Communicator and iPhone UI sucked small planets for anyone writing a lot. Touch-screens are still slower for writing.
Well according to some folclore it wasn't that straight forward.
It also took a long time and a lot of tries from internal teams to Jobs acknowledge they were onto something. Jobs had the same concerns you mentioned, and some more (accordingly).
And one of the deal breakers for the iPhone to be launched was the Keyboard, where they were predicting which was the most probable letter to be typed and increased the area of the letter without displaying it.
Don't take me wrong, Jobs ended up being the one pushing forward with ridiculous deadlines, high ambitious goals, and, when he was on the train, the vision.
Pre-iPhone Nokias all had resistive touchscreens. Not a pleasant experience for pointing and dragging. Before 2007 no one was insane enough to put glass on a phone.
This. It's not the glass specifically (you can still buy cheap androids with polycarbonate screens), but the capacitative touchscreen, which is more expensive and requires a much fancier controller to read. But without it, either you have to use a stylus, which despite Samsung's belief hardly anyone wants, or press fairly hard. And you can't do multi-touch at all.
Capacitative touchscreen + "real" web browser (not WAP!) was the key capability of the iPhone. The fact that it subsumed the already successful iPod was a big benefit too.
> which despite Samsung's belief hardly anyone wants
Which is why nobody is buying ipad pros or surface pros and Wacom is bankrupt /s.
Having a pen in addition to capacitive touch is great. Having only a pen was not. Though the resistive screens in the Nokia N900 or the Nintendo DS for example were not bad.
First usable application of capacitive digitiser on the smartphone was done by HTC. Even before Touch, they tried to make WinMo operable without a stylus.
A big part of Iphone 1 UI was a direct copy of HTC designs.
> It's slower to write in touch-screen. From objective engineering perspective it's backwards in ergonomy.
I've seen this idea a lot on Hacker News and similarly-minded sites ever since the iPhone came out. It's a myth--touchscreen keyboards with good software are faster than physical ones. The Guinness world record for phone typing speed has gone to touchscreen keyboard users for years, and it doesn't even allow autocorrect or predictive text [1]. The average typing speed on touchscreens is only 14wpm less than on full computer keyboards, and some people get up to 85wpm [2]. Software buttons are larger than physical ones and they change activation area based on the predicted next character, among other advantages. Even if screen space weren't an issue, touchscreen keyboards would still be better.
> It's slower to write in touch-screen. From objective engineering perspective it's backwards in ergonomy. But most people who are not power users like Obama and his blacberry addiction. They just want to point and drag and big screen is better for pointing.
You could see it the other way around: for regular users who mostly just wanted to message, which was their core audience since the 3310, the keyboard was best. For power users who wanted to take advantage of the new features that were being ported from the PDAs used by professionals, like Wifi and HTML browsers, it was clearly that the lack of a decent pointing device was a major hindrance.
Actually here in Finland a lot of schools are moving towards laptops/tablets/etc. Kids as young as 9-10 are expected to use those devices. Books and materials are provided through online portals and downloaded locally on the machines. A lot of homework is done and returned online. Along with exams, essays and all kinds of other nonsense.
As you get older most exams are done on Linux distro called DigabiOS (https://github.com/digabi/digabi-os) the same distro is also used for the matriculation exams. You boot this off of a USB drive and hope it works well with your own machine.
So I can absolutely see people spending most of their school day on a computer staring at a screen.
>"How many PhD's does it take to do <generic task>?" So now instead of one untrained person doing the dishes, you have 5 PhD students hovering around a robot as it spends 8 hours poorly cleaning one.
Yeah, and then it spends 8 hours cleaning another, and soon it'll be spending 5 hours cleaning two, 2 hours cleaning a dozen, and it'll keep going down, and those 5 PhD's will keep improving the robot, more and more. And it doesn't even need to be faster than us, because that one robot can keep washing dishes 24/7, with no rest and no pay.
And eventually it'll catch up to us in speed and precision, and it'll keep getting better and surpass us.
And then, once you have a single good robot. You can simply replicate it, again and again, mass producing thousands of them and they will all keep working 24/7 with no rest and no pay.
Yeah, we're not there yet for most jobs, but we're getting there. It's gonna take a while but it will without a doubt happen
It will then no longer be referred to as a "robot" or "AI", will look nothing at all like how it started (probably just a big box), and people will call it "the dishwasher" as they wonder why AI and Robots are always 10 years away.
> It's gonna take a while but it will without a doubt happen
Vehemently disagree. The assumption that technology will continue to improve to be useful for everything is inherently flawed. We don't know what the hard limits are yet, but nobody understood the limitations of the Carnot cycle for energy efficiencies once upon a time (the ICE will get better and better until no efficiency is lost) or limitations of transmission lines (until transmission line theory was established that dictates 50% is the best theoretical outcome, people thought you could approach 100%). We'll discover some algorithms will never be O(n) but the best theoretical solution is O(n^2).
I don't know where the barriers are or what they are, but it's naïve to assume not only that we will solve everything, but even that it's theoretically possible that we can solve everything.
The obvious generic barrier right now for robotics is AI, but that's a complex subject and could mean many different things to many different people.
If you want to unpublish a package after 72 hours have passed, contact npm Support. For more information about why we don’t allow users to unpublish packages after 72 hours, see our unpublish policy.
Not sure how npm works in detail, doesn't it pull directly from devs' repositories? In that case can't the devs just publish an update that breaks everything?
npm allows for installation of specific versions. So even if a dev publishes a new version that breaks you can select a previous version known to work. A good dev shouldn’t be updating willy-nilly to the latest version just because it’s the latest. They ought to spec a particular version and update after testing.
We don't, we accept that encryption is part of the modern world and learn to live with it. Because there's nothing else you can do about it.
See encryption is just math, and you can't really outlaw or limit how math is used.
If we have bad actors who want to encrypt their communication, they absolutely can with or without this bill.
Even if Whatsapp/Telegram/Whatever has to provide the US government with a backdoor to decrypt all messages, anyone can make their own communication platform and simply not give the government a back door. Implementing secure encryption isn't difficult and it's very easy to research how to accomplish it.
Grab a few devs and they can create a simple encrypted messaging app in a few days.
You don't even need to distribute it through official channels. Android allows you to sideload apps from anywhere and you can jailbreak iPhones to install apps from anywhere. So our bad actors can create secure encrypted communication platforms and distribute them without anyone ever knowing about it.
How will this bill prevent that? How will it prevent a few random developers from whipping up their own apps? How will it make it impossible for anyone, anywhere at any time to implement encryption into any app or platform?