This may be an unpopular opinion, but I want a government-issued digital ID with zero-knowledge proof for things like age verification. I worry about kids online, as well as my own safety and privacy.
I also want a government issued email, integrated with an OAuth provider, that allows me to quickly access banking, commerce, and government services. If I lose access for some reason, I should be able to go to the post office, show my ID, and reset my credentials.
There are obviously risks, but the government already has full access to my finances, health data (I’m Canadian), census records, and other personal information, and already issues all my identity documents. We have privacy laws and safeguards on all those things, so I really don’t understand the concerns apart from the risk of poor implementations.
> We have privacy laws and safeguards on all those things
Which have failed horrendously.
If you really just wanted to protect kids then make kid safe devices that automatically identify themselves as such when accessing websites/apps/etc, and then make them required for anyone underage.
Tying your whole digital identity and access into a single government controlled entity is just way too juicy of a target to not get abused.
I was recently surprised to learn that the mainstream adult websites actively send a header identifying themselves as such and have been doing so for something like the past 20 years. The services that we would reasonably want to impose age checks on are already actively facilitating their own filtering.
I'm Canadian, so I can't speak for other countries, but I have worked on the security of some of our centralized health networks and with the Office of the Privacy Commissioner of Canada. I'm not aware of anything that could be considered a horrendous failure of these systems or institutions. A digital ID could actually make them more secure.
I also think giving kids devices that identifies them automatically as children is dangerous.
This argument mischaracterizes the notwithstanding clause. Invoking s.33 is highly visible and carries political consequences. It shields a law only from being struck down on certain Charter grounds and must still comply with all other federal and provincial legislation (like PIPEDA).
It’s not perfect, but it does provide some flexibility to accommodate provincial differences. And the concerns people raise about the notwithstanding clause can just as easily occur in countries without it. Personally, I’d be much more concerned if we had FISA courts.
The point is that your legislatures can override most of your Charter if they feel like it. Now sure, they have to explicitly say that they're doing that, which is a slight improvement on the state of affairs in, say, UK. But if you ever get someone like Trump in Canada (and if that sounds far-fetched to you, well, it sounded far-fetched to most Americans 10 years ago...), he'd be able to move so much faster.
> I want a government-issued digital ID with zero-knowledge proof for things like age verification
I absolutely do not want this, on the basis that making ID checks too easy will result in them being ubiquitous which sets the stage for human rights abuses down the road. I don't want the government to have easy ways to interfere in someone's day to day life beyond the absolute bare minimum.
> government issued email, integrated with an OAuth provider
I feel the same way, with the caveat that the protocol be encrypted and substantially resemble Matrix. This implies that resetting your credentials won't grant access to past messages.
My Idea is you go to a post office with your id and they give you an anonymous verification token (proven through open source) you can use to create a person verified email at home. limit on how many per year. protected top level domain like .edu and .mil are currently that only certified humans can use, so your email can be anonymous but also a proof of identity
I guess anonymous and verified identity are two separate things. It might be useful for the government to provide either one of those.
Regarding tying proof of residency (or whatever) to possession of an anonymized account, the elephant in the room is that people would sell the accounts. I'm also not clear what it's supposed to accomplish.
This requirement is in section 8.3.9 of the PCI DSS[0], and only applies to single-factor authentication implementations, two-factor auth removes this requirement.
I'm a big fan of "should not include profanity, words of a vulgar nature". It's not unthinkable my password manager comes up with a chain of letters that at one point will include "fuck".
This comment reminded me of a talk I saw[1] about Apple's password generation algorithm. Apparently (and unsurprisingly), they have a list of offensive terms the system is designed to avoid. I expect this is common-enough practice in most popular password managers, but probably not all.
Now I'm trying to remember where I read the story about somebody who was in a programming class and was writing some program that took user input, and figured that it should be smart enough not to repeat curse words. So they started writing down all the curse words it should know not to say, and that was about the extent of what they had done when the teacher came around to see how everything was going.
Word list based passphrases mostly avoid this, by not including those words. Which still doesn't mean you won't get something offensive, of course, it'll just be a string of four words instead of four letters.
It kinda is good personal policy IMO for passwords you have to type to be positive affirmations. I used 'Fuckthis1!' for a moment; funny enough it was not the most moralizing thing to type all the time! OTOH, 'H@ppyH@ppyJoyJoy!!' was always a small mood lift.
I use tmux and neovim along with the copilot plugin[0]. I prefer it over the VSCode copilot integration, to me it feels less obtrusive and out of the way, which is what I want. You're also not dealing with API costs since it uses the regular Copilot subscription.
I live in Ottawa. We were failed by all levels of government, our police services, and our intelligence services.
The convoy drove across the country, broadcasting their intentions on social media. Yet, everyone acted shocked when they did exactly what they said they were going to do.
I hesitate to call them protesters because I don't think they had a permit or a cohesive message beside F* Trudeau, but they were completely disrespectful to other citizens, and I could never defend their actions. However, irrespective of how unpopular their actions were, the courts have deemed the federal government's response unreasonable and unconstitutional, and I agree with that assessment.
The government could have dealt with this earlier and more directly, but whatever passes for "leadership" these days in Canada has proven itself completely inept.
Personally, I would like to see an inquiry into foreign interference in our elections, but I guess that’s not considered a pressing issue anymore.
> I hesitate to call them protesters because I don't think they had a permit
The notion that the common people need permission to protest is exactly why we are slowly, but surely arriving at oligarchies. The French are right. You don't need permission to show the ruling class who's king.
Perhaps bad phrasing, it is an emotional issue having lived through it.
I like to think that I don't live in a country ruled by a King but rather in a community of citizens who have collectively agreed on a way of doing things. This includes the right to express dissent against other citizens to whom we have delegated certain decision-making responsibilities. A permit isn't about seeking permission; it's about ensuring an orderly process so that things don't devolve into chaos and bouncy castles.
At the time, I think we were also in stage 2 lockdown(which should have been enough to stop it), so the people bearing the brunt of these actions, whatever you want to label it as, were not the ones making those decisions. Our elected officials don't live inside Parliament Hill.
> I like to think that I don't live in a country ruled by a King but rather in a community of citizens who have collectively agreed on a way of doing things
That is what a protest is. The collective agrees, not their rulers.
> A permit isn't about seeking permission; it's about ensuring an orderly process so that things don't devolve into chaos and bouncy castles.
I don't agree here, and even if that were so, there's a stark difference between the original intention and the ultimate use of permission as a tool.
I don't agree with your last point. In a democracy, we have elections at a cadence. If you disagree with protest permits, you are welcome to stand up in the next election, or vote for a representative who will.
We can elections yearly or monthly but man .. how unproductive that would be. The lowered cost of tech may indeed improve participatory democracy.
I see the system working in all of this btw. I support Trudeau but am okay if the liberals get voted out.
In Canada, we have the inherent right to assemble as granted by the Canadian Charter of Rights and Freedoms; therefore, I don’t need permission, which is discretionary.
Permits in this context represent authorization that establishes procedures for exercising this right on property administered by government, which ensure things like public safety without infringing on any rights or freedoms of the protestors or other citizens.
>In Canada, we have the inherent right to assemble as granted by the Canadian Charter of Rights and Freedoms;
Playing devil's advocate here: what if it wasn't mentioned in the Charter of Rights and Freedoms? What if the CRF didn't exist to start with?
(my point being that when things are very bad, certain things need to be done regardless of what a formal law states, you cannot let tyranny call the shots)
The monarch of Canada is the King of Canada. It's a completely separate role from the King of the UK even though it's the same person. Canada isn't ruled by the British King.
You don't need a permit to protest in Ottawa, on foot, unamplified in a location where you do not block others. You do need a permit to block the streets with your protest. Those are readily and regularly granted -- if the city didn't grant them the courts will force them to. Once you get that permit, you'll get a police escort to block the street for you.
I took part in one political protest in my life. The leaders spent most of their efforts screaming at us “stay out of the road and don’t block the sidewalk!”
We were encouraged to bring our kids, and criticized by the opposition for doing so. Our kids had a great time and learned the value political participation.
The protest was 100% successful at it achieving its one, narrow aim.
>I hesitate to call them protesters because I don't think they had a permit or a cohesive message beside F* Trudeau
I would assert that so-called "votes of no-confidence" in politicians are legitimate protest, even if they do not criticize any specific policy or behavior. It would be a strange world to live in where protests could or would be shut down and everyone would taunt the protesters with "but you didn't have a cohesive message except Stalin is bad".
There is a giant chasm between "F* Trudeau" and "Stalin is bad".
Some people would like you to believe it's close, and they would be wrong. Stalin murdered/tortured people en masse. Trudeau oversaw a government (democratically elected mine you) through a once in a century pandemic.
The convoy of protesters made a point, was allow to make it for sufficient period of time, and was told to go away when a majority of Canadians didn't agree with their stance.
When faced with reality of their unpopular nature and their inability to build a momentum or consensus. They dug in.
At some point, enough is enough. The Pandemic ended, public heath was restore, and none of what the protesters did mattered. None of the protesters continue to be persecuted by the Government of Canada, Ontario, or the City.
>There is a giant chasm between "F* Trudeau" and "Stalin is bad".
There might well be a giant chasm between Trudeau and Stalin, that's a matter of proper objective measurement which I don't think is easy and certainly has never been done. There is no chasm whatsoever between "fuck Trudeau" and "Stalin is bad". Not even much semantically. In choosing one politician/bureaucrat/whatever over another, I do not agree that anyone ever need justify their choices. Someone saying "I've stopped supporting this politician" whether don't politely or rudely, is valid. Protesting need not have any more message than this.
If protesting did require something more sophisticated than the assertion that one no longer supports them, then the weaseliest politicians and other charlatans could abuse that requirement (in fact, they already try to do so, and apologists make that easier for them to attempt it).
>and was told to go away when a majority of Canadians didn't agree with their stance.
It's unclear that a majority disagreed. It's unclear to me that there remains a majority at all in Canada.
>When faced with reality of their unpopular nature and their inability to build a momentum or consensus. They dug in.
Again, I'm not sure that's reality. If they could be deluded into thinking there were more of them than there were, what makes you immune to the reverse?
>and none of what the protesters did mattered.
We at least agree that it didn't matter in the ways that they hoped. But it mattered otherwise, when we saw the Canadian government use unjustifiable tactics to punish them even before they had been convicted of any crimes.
>None of the protesters continue to be persecuted
Well gee. When you put it like that, that "none *continue* to be persecuted" the complaints do sound kind of silly.
I did something similar but I took it entirely the other way, I built a full CRUD application with no javascript.
The app is fully SSR and integrates with a fairly complex inline data enrichment and analysis system. I used Tailwind alongside regular CSS for the layouts and some visual enhancements. Eventually, I gave in and added a bit of JavaScript to submit a form when a dropdown is selected—usability is important to me. Other than that, everything works as needed.
I grew up in Ottawa, where QNX originates. My high school must have had someone with family connections to the company, because we could have built a significant Beowulf cluster with all the Icons.
These systems had numerous problems, one of which was the school board's severe lack of resources to manage them. The teachers were limited in what they were allowed or able to do, so if a lab went down, it typically took about a week to get someone to fix it. As students, we used this to our advantage. I have fond memories of causing all sorts of issues on these systems as a kid. Another perk was that my school wasn’t air-conditioned, except for the computer labs, so during the hot months it's where you wanted to be.
My only issue with kitty and tmux is that I always have to copy over my terminfo files manually or else I get a 'xterm-kitty': unknown terminal type error.
If you as a user want third-party firmware usually you can jailbreak and install it yourself (especially if the original firmware has zero security). If we allow a vendor to choose to make "the community" responsible for their firmware, almost every vendor will choose that as quickly as possible (e.g. one year).
This assumes that vendors have IP rights to open source the firmware, which seems unlikely. Presumably there are third party commercial components they don't have rights to publish.
A rule like this essentially forbids closed source software. (Which, hey, might be a good thing... but then just mandate that directly and outlaw closed source software licensing.)
I was working with MISP[0], an open-source threat intelligence sharing platform, and came across a really interesting dataset from the Australian Strategic Policy Institute on China's technology research institutions[1]. I liked the data so much I built a quick cross-filter visualization on top of it to help explore it[2].
The data offers a fairly comprehensive and interesting perspective on China's research priorities and organization, I can't speak to the effectiveness of the programs themselves, but it does make me concerned that we are falling far behind in many areas, including cyber security.
1) While being a fantastic resource to get a first impression of what's out there, the Defense Universities Tracker has not been updated since about 2019. So it is starting to be outdated and anyone using it should be well aware of it. It seems that an update is in an early stage.
2) In order to assess the actual risks, the sources that are provided at each institution's page are crucial. These are ommitted in your version. Please consider linking back to each institutions page under https://unitracker.aspi.org.au/
The question: What is the value added of your page over the official page https://unitracker.aspi.org.au/ ? I only see the map. Am I missing something?
I’ve updated my link to include the site and wish I had searched more thoroughly as it would have saved me hours; This visualization was more of a personal thing after I stumbled upon it while working within MISP and the raw data(so that's what I initially attributed it to), and just wanted to see it visualized outside of MISP, it's really good analysis.
I've also added the references to the individual institution at the unitracker site as well.
To answer your question, the visualization is just a simple cross-filter. I guess the differences are the categorized and topic-based breakdowns/filtering, filtering by description and it includes a map. I did consider adding a network graph, but my focus isn't really visualization.
> we are falling far behind in many areas, including cyber security
In terms of quantity and quality of talent, I don't think the western world would fall behind China, especially with their strict control of information. Most people there will have difficulty independently learning about cybersecurity.
The difference is that most talent is captured by the private sector with higher compensation or bounties.
Meanwhile, China can very easily compel anyone they need into the government so the % utilization on outward attacks is probably higher.
> Most people there will have difficulty independently learning about cybersecurity.
Speaking from my own limited anecdata, but since the 90s in order to use the internet in China you basically had to be somewhat proficient in "cybersecurity" just because of all the required hoops to jump through. There were definitely a lot of script kiddies, but the Chinese exploit scene (amateur and professional) has always been bustling. And just personally speaking, the most truly awe-inspiring and resourceful hackers I've ever known have been Russian, or Chinese. Like actual 10x engineers who think that walls put in place for other people don't exist for them.
Or they convict you for money laundry because you developed a crypto phone they can't crack and don't have any legal means to destroy you. ( Dutch example, and yes - the guy payed taxes everything, they made him hang because of a single client of a client his client his client being involved with shady things. )
State-Spite, Repression and such is rising globally. The rule of law is gone.
Any state actor who puts in the effort can get pretty good, and some countries make a very specific effort in this area. North Korea is one. Imagine the brightest people in your state (say, population 26 million) were all nudged into one very specific talent funnel, with the goal of stealing money for the government.
China is different. Not quite as focused in terms of sheer government directive, but just think of the Chinese people you do know and extrapolate out the level of effort and talent. Being overconfident seems like a mistake.
> China can very easily compel anyone they need into the government
I have worked with people in Chinese tech companies and in Chinese tech ministries, and I don't think this statement is true, any more than in the US. In the US, there are talented techies who work for FAANG, startups, Palantir, NSA, etc etc. Similarly in China.
Compel is a euphemism for a "friendly" visit to your wife & children or elderly parents. The western equivalent is to lawyer someone to death. Don't be naive.
Every ordinary Chinese needs to self-learn some cybersecurity to do daily things, like to watch YouTube, or to send messages to others without worrying being censored
There's a big difference between using tools intended for general population and being skilled enough in offensive security to make a difference. It may incentivise some people to learn further, but I don't think the effect would be that large. It's kind of like everyone at Uni knowing about P2P a few years ago - but they knew nothing about protocol design.
Why would ordinary Chinese people fear the party? The party has been overseeing the greatest expansion of wealth in human history combined with a massive internal propaganda effort which I would assume is pitching them as the good guys and downplays all the brutal stuff they've done
If anything I'd expect ordinary people to be far too trusting that the authorities are reasonable and friendly. They must have real problems with earnest, motivated and well meaning people wandering off the approved parts of the internet into censored topics and getting confused by whatever happens next.
You're forgetting all the corruption and hypocrisy in China. Do you think the individuals that make up the authorities act in a "reasonable and friendly" towards regular people who interact with them? The contradictions seen by anyone who's paying attention undermine the trust you posit and some fraction of the propaganda messages.
It kinda feels like you understand China as a thought experiment and not a real place.
Fear getting disappeared/jailed for doing something forbidden. You're right that they may not see it as "fear of the party" from inside. More like "why would I do something illegal". But in a system like that those things are actually equivalent.
check AI, green energy, EV, mobile computing, cloud computing, quantum stuff, robots etc. it is pretty much China vs US now when it comes to quality.
how many people would seriously believe that EU or Japan can possibly compete with China on its own in terms of quality for those above mentioned sectors.
just looking at those low quality & high pollution Japanese & European cars.
Is the last line said ironically? Japanese brands long have and continue to absolutely dominate long term reliability ratings for vehicles, and the first mass market hybrid and full EV vehicles came from Japan.
If you’re talking about innovation and mass EV manufacturing, sure the US and China are leading, but the European Volkswagen and BMW Groups are still competitive. Japan is admittedly a laggard in the EV market, but largely because EVs are still a luxury good and Japanese brands are primarily mainstream.
> Japanese brands long have and continue to absolutely dominate long term reliability ratings for vehicles
such hard earned experience is no longer relevant in the era of EV.
> but the European Volkswagen and BMW Groups are still competitive
none of them is even capably of designing self driven cars on their own. same for the AI based infotainment systems fitted on EVs. they are just Canon in 2024/2025.
> EVs are still a luxury good
I wouldn't call it luxury. It is the cheapest option to own a car in Shanghai, BYD Seagull is being offered for $9k USD.
> Japanese brands are primarily mainstream
they have already lost the battle. if EV makers can't build their own self driving systems and those AI based infotainment systems, then they are in the wrong business. Batteries is another story that can not be ignored, Japan and the EU do not have any meaningful control on that.
I don't see any chance how European or Japanese car makers can survive in mid term.
Interesting also is the type of names that appear in so many western academic journals. What I mean to say is that even in Western journals "Alice" and "Bob" is quite rare
> especially with their strict control of information.
You have gross misunderstanding of how this strict control works. It isn't like novels or North Korea where some govt agency is creating/curating the info.
> especially with their strict control of information. Most people there will have difficulty independently learning about cybersecurity.
I'm puzzled by this assertion. I know quite a few self-taught infosec folks who grew up there. China is not North Korea. The government, by and large, doesn't monitor what you're doing day-to-day, unless you're a political activist or some other "undesirable". The Great Firewall doesn't stop you from accessing infosec content; and in any case, the use of VPNs is prevalent among techies.
To be fair, the parent's claim that China is "ahead" in infosec also feels like fearmongering. The one thing that's true for China is that their government has far fewer qualms about hacking Western infrastructure to get dirt on dissidents, steal IP, and so on. But that's a matter of ethics and law, not tech.
> The one thing that's true for China is that their government has far fewer qualms about hacking Western infrastructure to get dirt on dissidents, steal IP, and so on. But that's a matter of ethics and law, not tech.
As opposed to the DoD, which strictly fights for freedom, liberty, and democracy?
> As opposed to the DoD, which strictly fights for freedom, liberty, and democracy?
Yes, the whataboutism is unwarranted here. The US government is no angel, but is far more constrained in this regard. The bar to become "the enemy of the state" is much higher - for example, your comment won't get you in trouble here. The US government also wouldn't, say, hack Spotify and snoop on their business plans to prop up a competing US startup - something that is commonplace with the Chinese intelligence apparatus.
> The bar to become "the enemy of the state" is much higher - for example, your comment won't get you in trouble here.
I think you're drastically overestimating the effect of being sarcastic about jingoistic rhetoric on the chinese internet. I imagine China, much like the DoD, is quite proud of their ability to penetrate systems and cause havoc.
> The US government also wouldn't, say, hack Spotify and snoop on their business plans to prop up a competing US startup - something that is commonplace with the Chinese intelligence apparatus.
I can't imagine there's much worth taking from Spotify. Meanwhile, if you think the US won't steal technology from China when there's something worth stealing, you're a massive fool.
> To be fair, the parent's claim that China is "ahead" in infosec also feels like fearmongering. The one thing that's true for China is that their government has far fewer qualms about hacking Western infrastructure to get dirt on dissidents, steal IP, and so on. But that's a matter of ethics and law, not tech.
I've heard China also has many more personnel working in this space.
> Ive also heard that China has many more people living in it than the US. Ive also heard that Chinese higher education system is state funded
So? It kinds sounds like you're making an excuse, but excuses don't do anything to address the capability difference caused by the larger number of personnel.
The US used to be by far the largest country in the developed world. It could be argued that sheer numbers allowed it to succeed and dominate throughout the previous century. Today the US is no longer the largest country in the developed world, not by a long shot
What's your point? Your comment doesn't really address anything relevant regarding the US's goals and positioning to achieve them.
For instance, if the US wants to to secure its networks and be able to respond effectively to hacking threats from its geopolitical rivals, it may have to invest proportionally more of its human resources in infosec to remain competitive. I see no good reason why it can't do that.
Also, noting that one reason China may be ahead in infosec is because it may have many more people working in that area was to rebut claims that "China is ahead in infosec" was "fearmongering."
In short, China having a larger population may be one reason why they're ahead, but that why is not very relevant to decisions about what to do about it.
Im just offering you an explanation about evolution of powers in the world, and human resources is a huge factor. Already in his last mandate Trump was constantly talking about the power of US military, much like Russia does about its nukes. These sort of things are done out of weakness, not strength
That doesn’t sound like China at all. Having worked in Beijing for 9 years, they pay techies fairly well, not USA FAANG well, but better than Japan, much of Europe, Korea, even Singapore. So there is a lot of private sector movement in these areas, not just government. Information is easily obtained, piracy rates are still very high so it’s not like anything is really locked down behind a paywall. There are plenty of hackers who are in it with a passion, not just for the money, much like you’d find in the states or anywhere in the developed world.
If you consider the exchange rate, of course, salaries in China would be much lower.
If considering purchasing power and cost of living, Chinese salaries would have a relatively high level of competitiveness.
Better than tier1(China), where most of the research happens - the salaries in China are easily beating Japan and significant portion of the EU "centers" on top of having significantly lower cost of living on most of the relevant dimensions.
As I said in another thread, you can live cheaply in Japan if you're about 20 minutes by train from Tokyo.
In that thread, someone said that rent is expensive in Beijing and Shanghai. It looks similar.
Anyway, in China I heard that if you go to hospital in a different household registration, you have to pay the full medical costs. It sounds the cost of living in China is expensive.
when you can't afford those tests in the west or facing a stupidly long waiting period, don't be sad, just jump onto an airplane to get yourself checked & treated in Shanghai. You'd still save heap of money saved after such extra travel costs.
Not in tech. There is a weird de-emphasis of programmers in countries that aren’t the USA or mainland china. So a programmer from Japan with some experience/skills can move to Beijing (yes, there were many Japanese expat SWEs when I was there) for a better salary.
I don't think it's that much of an outrageous claim, plenty of our fellow countrymen works at local regional branches and English wings of China-owned companies these days. It doesn't take much stretch from there to imagine some of them moving to near their HQ.
It's annoying that sometimes people thinks there has to be basic mutual intelligibility between Chinese and Japanese languages against the reality that there's none, but this is not about that at all. Chill.
Microsoft paid more in Beijing than Tokyo while I was there, it turns out even experienced programmers in Tokyo don’t make $200k/year. Especially if you have a PhD or research in a hot field, you can get a pretty good job in richer Chinese cities. But an apartment is probably more expensive to rent in Beijing, and definitely in Shanghai, than it is in much of Tokyo, so there are trade offs.
It's true that rents in Tokyo are expensive, but Kawasaki or Adachi, where the commute takes about 20 minutes, are cheap.
I don't know about the salary, but I checked X or blog and it seems that some are work in the US headquarters, but none in Beijing.
Anyway, when are you there? It looks you are talking in 2010.
I think this is just baseless prejudice. In my experience, having lived in the West and in the East, I found that on average, at least in the urban population, people in the communist and ex-communist space seem to be far more computer literate while computer experts seem to mentally get around "magic and fluff" much easier. Also the authorities are far less concerned about "incorrect" ideologies creeping through (especially through academia) than you probably immagine.
I came across that group (ASPI) before and wasn’t too impressed.
Their name suggests they are a public agency—in fact, though sponsored by the AUS defence ministry, they are non-governmental and funded in part by weapons manufacturers and foreign governments.
Their project [0] describes numerous civilian universities as “very high risk,” unnecessarily raising fears that ordinary Chinese students and researchers are dangerous.
Especially since students uni choices are heavily determined by gaokao scores, I don’t think placing labels on people based on their undergrad uni as if they handpicked them for whatever defense connections they may have makes any sense.
This is what the US is doing with Proclamation 10043 under both Trump I and Biden. Steven Miller, who will be returning to a similar role in Trump II, recently suggested banning all Chinese citizens from student visas in the US, demonstrating this irresponsible rhetorics effect.
Moreover, Australia is basically a vassal state of the US for intelligence matters—-see the debate about whether the CIA ousted the only prime minister to question the NSA’s Pine Gap facility on Australian soil. [1]
China mostly works as a meritocracy. The US has done that mostly int the past but the current leadership is essentially adding witchdoctors and criminals to the government departments that will be overseeing security and infrastructure and we will likely face some dire situations and terroristic infrastructure catastrophes over that for the next 4 years or so as the CCP and Russian hackers do whatever they want with our systems because the fox is now in the hen house.
I also want a government issued email, integrated with an OAuth provider, that allows me to quickly access banking, commerce, and government services. If I lose access for some reason, I should be able to go to the post office, show my ID, and reset my credentials.
There are obviously risks, but the government already has full access to my finances, health data (I’m Canadian), census records, and other personal information, and already issues all my identity documents. We have privacy laws and safeguards on all those things, so I really don’t understand the concerns apart from the risk of poor implementations.