In one case, however, there was a capital crime near a restaurant (or similar venue) and police and prosecutor used this information illegally to track down witnesses. They were sued after the fact and lost, but got nothing more than a slap on the wrist.
Once information is available, it will be used for purposes other than the intended one, even by the "good guys".
- Elimination – physically remove the hazard
- Substitution – replace the hazard
- Engineering controls – isolate people from the hazard
- Administrative controls – change the way people work
- PPE – protect the worker with equipment
Only with hazardous data, or things like moral hazards rather than physical hazards.
Might want to save it locally though.
The real hazard is the infohazard of knowing how to deal with hazards. Hopefully some genius will eliminate it and increase efficiency.
https://en.wikipedia.org/wiki/Hierarchy_of_hazard_controls
https://en.wikipedia.org/wiki/Data_minimization
https://www.ccohs.ca/oshanswers/hsprograms/hazard/hierarchy_...
https://epic.org/data-minimization-is-the-key-to-a-meaningfu...
I won't shovel the rest in here, but this is a good start.
Yet, I received "Pending E-ZPass payment" scam for a year.
I have no further comments.
>Yet, I received "Pending E-ZPass payment" scam for a year.
I think you're overestimating how precise scammers' targeting are. They're playing a numbers game, so they're going to spam every who might have used ezpass, not carefully curate their spam list by buying real time location data from data brokers. I received phishing texts for banks that I don't have accounts for, so next time I get a phishing text for a bank that I do use, I'm not going to think my bank got breached.
I travel a lot due to work. Generally the destinations are the same, but a new country is added now and then. When I go there and come back, I also start to get spam in that country's language.
I currently have English, Spanish, Dutch and Italian spam regularly in my mailboxes. They all started after I visited respected countries, and continue since I still visit them semi-regularly.
That E-ZPass spam started right after I returned from US, continued for a year, ceased and didn't return.
Spammers have better targeting tools than we know.
It's far more likely your email addresses are getting leaked by airlines/hotels (or basically anyone you gave your email to during your travel) than random apps selling your location to data brokers, data brokers being competent enough link those locations back to your email, but somehow too incompetent to know that being in France for a month doesn't mean you're interested in buying French car insurance. The latter isn't impossible, but occam's razor says we should favor the more straightforward explanation.
And no, I don't get car insurance scam. I get generally faster ones, like "you have a package" types...
The rabbit hole is a bit deeper to summarize with a #8, Solingen made Occam's razor.
The best I can think was your location data was sold by a company behind one of the apps on your phone.
Some of my phone apps might have betrayed to me, too, but I have no idea what I had installed at that time.
Ironic they went along with this considering how chest-pumping Germans are about their government being all about protecting their citizens' "privacy".
>They were sued after the fact and lost, but got nothing more than a slap on the wrist.
Government workers don't care about doing a good job since if they break the rules they won't get fired and the fines are not paid from their pockets but from the taxpayers pockets anyway so there's no incentive to be competent at your job.
Some people are meticulous about their jobs. Some are not. Both types are present in any large organization.
It's quite a different attitude than the USA. The USA is almost unique in being individualist to what some might consider an extremist degree, to the point where if the government intends to violate someone's fundamental rights, they may do so only under very limited circumstances and must document everything and prove that those circumstances had been met. In most of the democratic world, individual rights are just one factor that needs to be balanced against public safety, public order, etc. and the government has much wider latitude to violate even constitutionally protected rights on its own say-so.
This is how you get German prosecutors on 60 Minutes, grinning and laughing as they describe the shock people undergo as they are arrested and their computers confiscated and searched over literal mean tweets. For the Germans, it's normal -- necesssary, even, to have a functional society. To Americans it's abhorrent.
The government mandated contact tracing, but not how it was to be implemented. There was a publicly developed open-source app for contact tracing that was perfectly privacy preserving.
Unfortunately, many restaurants instead used a commercial solution that was none of these things. What it did have was support from a mildly famous German musician and great lobbying. Most people didn't care, they just wanted to go to the restaurant.
You can do this, just like you can do e.g. video surveillance, in a secure and privacy-respecting way. There is just no political will.
> track down witnesses
Am I too naive that I think that's a worthy use of that information?
That said, in my state the cops recruited and flipped a criminal lawyer who then back doored her high profile clients and gave confidential and privileged information to them them in order to build cases.
We might like one government administration and highly expect them to respect the privacy. But what about the next administration? We've just seen Trump say he will withhold funding for universities with "illegal protests". I'd fully expect his administration to abuse this tracking, in the name of law and order.
Who determines if a wiretap is worthy? Or a search and seizure? Or a simple arrest?
We have an answer for this, it's called Law and an independent judiciary.
https://www.abc.net.au/news/2021-06-15/safewa-app-sparks-urg...
https://www.smh.com.au/politics/federal/breach-of-trust-poli...
Queensland Police gained access to the Check In Qld app in June through a search warrant after the theft of a police-issued firearm, which led to an officer being stood down.
Western Australian Police has used its data twice without a warrant, which led to the state then banning police from accessing the data, while Victoria Police has tried but been rebuffed on at least three occasions.
In 2007, his life membership of the Western Australian Police Union was withdrawn after his parliamentary attack on police involved with the Andrew Mallard case, where he named a former undercover policeman who had a role in Mallard's unjust conviction.
He planned to melt down his life membership badge, have it made into a tiepin with the words Veritas Vincit— "Truth Conquers", the motto of the school he attended—and present it to Mallard.
And I refuse to believe that the politicians behind that travesty don't know that.
Also, if you already go to prison for not handing over your decryption keys when asked, the one purpose left for a backdoor can only be criminal abuse.
- 2024 internal email by FBI Deputy Director Paul Abbate
(https://gizmodo.com/leaked-fbi-email-warrantless-wiretaps-se...)
It removed the habeas corpus for 15 years.
If you're genuinely innocent, the 2 years is horrid. If you're actually guilty, it's a cheap way to serve your time.
It's a weird and perverse law that shouldn't exist, but it's likely in time the government will need to move the needle one way or the other, as habitual criminals are getting used to doing the maths.
If the punishment for rape is harsher than the punishment for murder than anyone committing it may as well remove the evidence by using a blender.
People (even criminals) are not perfectly economic thinkers. That's probably a good thing. I have this terrible thought of a quant rapist: juggling their risk that the victim stays quiet or otherwise acts (police or revenge). Deciding on the Kelly Criterion for losing 20 years in prison.
I'd watch a movie about a killer using statistics properly. It is annoying when muderers are cast as being idiots. I imagine the protagonist runs a hedge fund and gets bored of getting away with white collar crime.
I don't know of a paper on that specific question, but for example, Gary Becker got his Nobel prize because he applied economics to a wide range of human behavior including crime and punishment. Here is a famous paper of his on crime:
1. Pragmatism - Justice can be effectively framed around practical outcomes and societal safety, it requires no moral framework.
2. Remorse and Emotional Response - Feelings of remorse can be understood as conditioned responses shaped by environmental influences rather than as reflections of moral responsibility; remorse does not necessitate moral weight as they can arise from societal conditioning and past experiences.
3. CBT - Cognitive Behavioral Approaches demonstrate that behavioral and emotional changes can occur without delving into moral implications, and requires no moral reflection.
4. Behavioral Accountability - Individuals can be held accountable for their actions based solely on their observable behavior and its consequences, without the need for moral judgments. The focus is on modifying harmful behaviors through interventions and reinforcements rather than assigning moral blame.
So, this framework provides a rational and effective approach to understanding and managing human behavior, focusing on the pragmatic aspects of justice, rehabilitation, and accountability, it does not require an already shaky and subjective moral judgment or moral accountability, and as thus, need not be morally justified.
If you want me to elaborate (with examples, too), I am willing to as my time allows.
Whether there's justice or not in a rapist serving their sentence and going free (given that, one assumes, the sentencing guidelines were decided by dispassionate thinkers trying to reason about society as a whole)... It goes out the window if a family lives in so much fear they decide to "fix" the issue by taking the law into their own hands.
Then the society has to decide whether to jail the family, and so on.
Hammurabi's code seems harsh by modern standards, but at the time it was positively progressive. It was attempting to replace a retaliatory tradition so bloody it could wipe out entire bloodlines. He was trying to impose an upper limit on consequence to allow a society of semi-strangers to reach some meta-stability.
At the start of the movie Heat, one of the hot head robbers kills one of the guards. De Niro, the leader of the robbers, immediately kills the other guard and says something along the lines of 'it's capital murder either way so may as well not leave any witnesses'. Ultimately, it's Di Nero being non-rational and driven by emotion that leads to the final scene in the movie.
This imperfection feeds into the argument for not punishing rape as harshly as murder: the rapist is likely to misjudge the chances of the murder being discovered and traced back to them, when doing the risk math to decide how to proceed. If their imperfect thinking leads them to overestimate their chance of pulling off the perfect murder (or the perfect coverup after one) then that pushes the chance of equal punishment leading to more murders higher.
"Doing risk math" oversells it for crimes of opportunity, where decisions about how to keep the action quiet after it has happened is going to be very emotion/panic (rather than facts/stats) driven, but for premeditated attacks I suspect things will flip the other way.
why is that a good thing?
Perfect economic thinkers are good, because they'd be predictable and can be reasoned with. Providing economic incentives to such means you can direct behaviour in an easy and efficient way.
Irrational thinkers cannot be reasoned with via economic rationality. Therefore, either you have to stack the incentives so high that the cost becomes overbearing, or you use some other means of control that's less nice.
Utility is a flawed way to capture ethics.
Ethics is an agreement between people in society, which cannot be captured via economic rationalism alone, but economic rationalism can take into account current ethics, as well as other actors' propensity for more or less ethics.
on edit: got confused as to who was whom in the nesting.
on second edit: I also don't know if there is anywhere that has execution for rape, it was a hypothetical as I read it.
Liberal Europeans and Americans like to say that no civilized country executes criminals, but in fact several developed democratic countries in Asia do, and to say they aren't civilized seems absurd. Executing criminals seems to work well for them. Very curious.
If you're saying the first bit, you're saying that it's a disqualifier from the second.
Not to mention at least in the US the death penalty is more expensive than a lifelong prison sentence, so it's simply not a good idea.
It's an interesting story, but the historical record of how English law changed is, I think, a bit more interesting. Kids in London would steal. They'd go on trial. A jury of Londoners would see what looked like a twelve-year-old in the docket and just flat-out refuse to find them guilty because they couldn't sleep with themselves thinking they'd sent some kid to the gallows. This pattern became such an issue that merchants petitioned the King to pull back the penalties because as the system was implemented, it was going to stop protecting their property from thievery.
I have nothing to hide, but I’m still not giving you access to my photo library.
In the US, the secret FISA court hasn't turned down a single warrant. Either the government is only coming to them with completely justified cases or they're just a rubber stamp. Either way, there's no oversight so we have no way of knowing.
RIPA notices do indeed assume you’re in possession of the keys of anything encrypted and you must disclose when asked nicely.
You just need an airtight provable way of showing you have a way to destroy that key when you push a button and do that before the notice arrive. I suspect that’s after they seize your stuff.
[0] https://www.independent.co.ug/activist-convicted-uk-terror-o...
Surely you're joking!
No way that really happened or it was an empty apology like.
> I'm sorry you made yourself suspicious
Second time some busybody reported to the police that I was carrying a knife. This was a Santoku knife that I'd literally bought and was still in the plastic packaging but you could see it through the plastic bag I was carrying it in. We had a bit of a laugh about it and they apologised for wasting my time. They did however arrest me so that they could do a formal search and had right to as they had reasonable suspicion I was carrying it as a weapon. I'm not bothered they were very reasonable and so was I.
In the US both of those would have been handled with an Investigatory detention - same as being pulled over for a traffic stop. Not even remotely an arrest.
> They did however arrest me so that they could do a formal search and had right to as they had reasonable suspicion I was carrying it as a weapon.
What "reasonable suspicion"? They could see the "weapon" that had been reported and at that point it should have been "have a nice day" and then them trundling themselves over to whoever called it in and charged them with making a false report.
I swear, UK police seem generally nicer than US cops but infinitely dumber and the shit you brittons put up with in terms of having your rights violated is astounding.
I'm not from the UK, but it seems likely that this is just a question of semantics. Many US traffic stops are far more stressful—and handled in a way that is far less conciliatory—than the "arrest" that OP describes. It doesn't sound like they were taken to a police station or even necessarily handcuffed, more just formally detained.
As for US detentions: It doesn't especially matter if they're not technically "arrests" in US parlance, you're still being stopped by the police and you still can't go anywhere until they let you because there's a too-high probability that they'll find an excuse to make your life miserable if you don't cooperate.
The police have to conduct stops in a certain manner, because of the law that gives them the power to stop people: They are legally required to tell the person they're being detained for the purposes of a search, the purpose of the search, the grounds for the search, and the legal power used.
Getting a load of jargon thrown at you about "detained" and "offensive weapon" and "Police and Criminal Evidence Act" sound a bit officious, but once they've stopped you they've got to give you the officious jargon, it's required by law.
Also, while it's rare that the police will have occasion to stop and search a middle class, middle age white guy like myself, when the situation does come up, it's reasonable for them to do it thoroughly and by the book. They should treat a report of me carrying a knife the same as they'd treat a report of a black teenager in a bad neighbourhood carrying a knife.
Buying a knife and carrying it home is 100% legal, so there's nothing to "get away with" here.
Carrying a Santoku knife in public is only illegal if it's being carried without a "good reason" and carrying a newly purchased knife home is certainly a good reason.
The police have the power to stop and search people when they have "reasonable grounds" to suspect they're carrying a weapon; if the knife is clearly visible that's certainly reasonable grounds. So the search was not illegal.
A stop-and-search means being "detained" in the sense that you are not free to leave until the search is completed, but it's not an "arrest" that would appear on your arrest record. Perhaps there was a miscommunication about the distinction between being 'detained' and being 'arrested' ?
https://professional-troublemaker.com/2018/04/10/u-k-knife-c...
The article you linked does not support the claim that the UK police not liking someone's face is sufficient for them to be allowed to stop and search someone.
In fact, this goes directly against the PACE guidelines as described at https://www.college.police.uk/app/stop-and-search/fair
> A person’s physical appearance [...] cannot be used as the reason for stopping and searching them [...] unless there is information or intelligence giving a specific description of a person suspected of carrying an item for which there is a power to search.
Guidelines have never stopped authoritarian hell holes. They can just make shit up.
Shooting. They would probably have shot him.
Watch this if you're curious how that looks like:
> they're sitting there with these like blank A4 Bits of Paper writing down everything I'm telling them like you know bits of interest and it's exactly the same thing the Russians did when they interrogated me [...] to be honest interactions with the Russians have been pretty much the same as inter with the British government
I didn't do my research before going to the UK for the first time two months ago and just went with my gut feeling, that is, deleting files from my phone that I don't want to end up in a government system through Cellebrite's "accelerated justice" or whatnot. Never done this for any other country before (I cross borders on a weekly basis). Seeing this video and the Ugandan article from the sibling comment, that was definitely the right move
Facetious comment aside the only time I’ve had problems with border security anywhere is getting a large carpet back home from Azerbaijan. This was very interesting and required them to examine every square centimetre of it. China, US, UK, Europe all really boring. Russia was incompetent. They didn’t even check anything at all (2012)
I just use devices with ephemeral storage for crossing borders to save myself from having to do any research on any particular country’s device privacy practices.
Are they arresting you?
Because they have to let you in.
What if you say you forgot? I actually had times (after not having used my phone for a month or two) that I (& my muscles) forgot my PIN (not for the SIM card) and I had to do a factory reset.
An Immigration Officer may search you until they are satisfied you are a citizen. As long as you have a passport (or emergency travel document) listing you a citizen, this should be straightforward and they're unlikely to have grounds for any further search. At that point, you have been let into the country.
Customs Officers are much more likely to have grounds for a search — if they believe you are bringing prohibited material on the electronic device into the country (and "reasonable grounds" is low, as it typically is for customs — "you're acting kinda sus" is a reasonable ground), they can search your device. It is an offence to refuse a search, so while you've been admitted to the UK, you could be arrested for that offence.
This is all broadly comparable to most other countries immigration and customs laws; the UK is not an outlier here.
The problems with the UK are primarily things that apply to everyone, not just at the border — for example the Terrorism Act 2000 and Regulation of Investigatory Powers Act 2000. But again, in the border case — that's basically all going to be _after_ you are admitted to the UK.
Guess, I better delete that big file of random numbers from my computer.
That's the UK.
The iPhone's backup utility doesn't seem to support anything other than iCloud, so you'd probably have to individually set up some kind of automated scheduling that (no idea how) for your main apps.
Not sure if you'd be able to backup system stuff though. :(
On Windows, you create an encrypted local backup of your iOS device using iTunes.
It backs up everything. OS, Apps, and data.
I’m not claiming you’re wrong, but I think the backup includes the list of apps and versions and excludes data that can be easily downloaded from AppStore.
Trust, then verify. No ability to verify? No trust.
I am very sympathetic to the idea that more components should be open source, and Apple's systems should be much more open (particularly backup.) But at the end of the day if Apple is compromised there is no open source solution that can save you. They design the silicon.
If apple cared about providing encryption to the masses, ADP would be enabled by default and you'd have to opt out of it.
As-is, all your messages, photos, and so on are backed up unencrypted to apple's servers where they can read them at will. End-to-end encryption is opt-in, and I doubt most "the masses" even know a setting for that exists.
Apple is also a company that needs to cater to its customers. If they enabled ADP by default and customer locks themselves out and goes to Apple, they want to be able to help. ADP is intended for people who understand what it is but nit savvy enough to run their own system.
Providing encryption to the masses would in fact be telling people who lost their phone, or forgot their password "no, all your photos are gone forever, tough luck. Also, you have to make a new apple account and re-purchase all your apps".
Internal metrics for support teams are almost entirely customer satisfaction focused, which built a culture of getting a result for the customer at all costs, which was very exploitable by social engineering.
It doesnt surprise me that they dont want to let customers encrypt and lose all their baby photos by default.
They also switched a few years back to provide signed firmwares rather than encrypted firmwares to ease independent verification, and have the Apple Security Research Device program to do runtime exploration with certain security walls turned off. (Supposedly creating these devices requires a partial factory retooling)
Apple also only has per-device global builds, rather than regional builds which might obscure requested features. My understanding is that they take transparency measures to make sure it can be detected if a firmware was released out-of-stream, and anonymity measures to prevent targeting a specific device with a custom firmware.
The Secure Enclave also requires the device passcode as part of an approval process for installing new device/enclave firmware; the underlying OS and security enclave are not meant to have the capability of being transparently updated/modified.
However there is "Deterrence through Accountability. We can attempt to legally prosecute the attackers" [1].
That is what is happening here. The attackers are being prosecuted.
[1] https://www.cs.cornell.edu/courses/cs5430/2017sp/l/03-princi...
Australia introduced the concept of these laws with the Access and Assistance bill. The politicians were adamant it was necessary, however there were so many potential users of the system (Politicians, police, spy agencies) it never made a lot of sense.
Fast forward a few years and ASIO gave a press conference where they admitted to only having used the powers under the bill twice. Which makes me concerned about who the bill was for and what it has been used for. Unlike the British version, any public information release leads to instant jail time, and it was unclear whether this extended to briefing legal counsel.
I feel like, if the 5 eyes wanted to breach iCloud they would use Australia rather than Britain where it can be publicly contested like this.
And yes, we shouldn't put trust in corporations in the first place.
Otherwise before "Trust but verify" became popular, "Put no faith in words" was apparently the go to for Russian leaders. Not as catchy indeed.
Do you think this kinds thing comes from someone in Marketing, Legal, a C-Suite, or is this kind of thing a thing by community at Apple? If it is the last, it would be brilliant to read that protocol/process/flow.
Much stronger.
- It was created by an Act of Parliament
- It is a government department
- It can not overturn primary legislation
- Parliament could dissolve the court if it so wished
Yup, in the two cases that come to mind, the Supreme Court kicked the issue back to Parliament: Miller I[1] said that, given the extreme constitutional consequences of no deal, the Government couldn't unilaterally trigger Article 50, such a decision could only come from Parliament. This was more just a procedural issue. An Act[2] was passed a couple months after the judgment, and Article 50 was triggered a couple days later. Whereas, Miller II[3] was about the Government proroguing Parliament in order to silence it. The Supreme Court was having none of that, so it annulled the prorogation. In both cases, the Supreme Court was protecting Parliament.
- [1] <https://en.wikipedia.org/wiki/R_(Miller)_v_Secretary_of_Stat...>
- [2] <https://en.wikipedia.org/wiki/European_Union_(Notification_o...>
- [3] <https://en.wikipedia.org/wiki/R_(Miller)_v_The_Prime_Ministe...>
> But I guess without a strong constitution
They're nominated by the president, but approved by the Senate. There have been cases throughout history where a nominated judge doesn't get through the approval process. Of course when the president and the Senate are aligned and in agreement this approval process is largely a rubber stamp.
Can't he override everything with pardons and executive orders anyway?
Not at all. Despite what it sometimes looks like, the president's executive order powers are quite limited. But again, if congress isn't willing to challenge the order and the Supreme Court isn't willing to rule on it, these limits are more theoretical.
Can't the US constitution be, uh, amended?
It can, but it is a slow and difficult process, requiring 2/3 support of both the house and the senate, plus support from 3/4 of the States. There have apparently been over 10000 attempts to amend the constitution since the founding, of which 27 have passed. Furthermore the president has no power to suggest or approve constitutional amendments.
Basically a president that doesn't have the support of Congress and the Supreme Court has surprisingly little power.
Which - fun fact - is possible to do with states that together amount to less than 25% of the overall country population. In fact, given that it's really the legislature that needs to vote for ratification, and given FPTP being typical on state level as well + the usual gerrymandering etc that this enables, it's actually possible to amend the US Constitution arbitrarily with something like 10% of the voters (acting in concert to vote in the state legislatures that would then do the amending), if they have just the right geographic distribution.
Our supreme court is different to the US supreme court for example
Face it, if the constitution is "whatever the prevailing political elite class says it is", then you don't have a constitution.
The Brits have nothing.
> The Brits have nothing.
There are words in the British constitution as well. Acts of Parliament that define how the Parliament and the courts function are constitutional laws, such as the Parliament Acts of 1911 & 1949 and the Constitutional Reform Act 2005. If we are going by words, there are a lot more words in these multiple constitutional documents than in the constitutional documents of many countries that only have one such document.
Neither the monarch, nor individual Members of Parliament, are above all limits under UK law.
> It is scary to think what Parliament can do with a simple majority.
1. Members of Parliament (MPs) represent roughly 70k people. And while that's still a significant number, it's small enough for them to know and be known by their constituents. It's more difficult to vote against your constituents when you know them.
2. The House of Lords (HoL) can revise and delay, but not block, which means we are functionally immune from cross-chamber games of chicken that result in US-style government shutdowns, or European-style budget bills as confidence motions. We did come pretty close to this with Brexit in 2019, but this was all within the House of Commons given that the ruling party did not command a majority.
3. Parliamentarians usually respect the inertia of institution. As in, the idea that it's right to continue things as they've always been done, unless there's a compelling reason. It's why we're still a Monarchy, why there's still bishops and hereditaries in the House of Lords, etc. Basically, there's a culture of incrementalism. Because if you don't have the inertia, you appear to lack legitimacy, it's just a gimmick.
4. And on the heels of that, I think Parliamentarians have an occupational understanding of the adage "With great power comes great responsibility."
5. The Civil Service, while ostensibly neutral, tends to resign when asked to do anything believed to be damaging to the country.
All of this put together (and probably more than I haven't thought of) means that MPs understand that they could do great damage, and so they restrain themselves.
Contrast this with other countries with difficult systems where politicians stir up the passions of their constituents by naming their systemic limitations, "I would love to do X, but I can't because Y prevents me." A somewhat related example would be abortion in the US, where after Roe v Wade was decided, many states became soapboxes for anti-abortion rhetoric. It's a safe rhetorical position: you can say what you like and then blame the federal government for not being able to do it. But then Roe v Wade was overturned and many of these politicians and states have changed their tune, because the power is now in their hands, they are now answerable to their constituents on this matter. Not that it matters given how much gerrymandering there is, but still, the effect was noticeable.
Mostly self preservation I guess. It's not unheard of for a party to get wiped out.
I feel the Queen made moves behind the scenes to keep the government in check too. As much as she could. Not sure about Charles
I'm sure they're looking at Trump and realising they can get away with anything if they want to.
Ministers used to resign in disgrace over far less severe things than we've seen the past 2 decades. Now you can just easily distract the public with scandal after scandal or issue after issue. Then they can re-enter politics
A notable example being section 23 of the Anti-terrorism, Crime and Security Act 2001.
The global landscape has changed significantly since (last week) this case began
Would like to see other companies who were affected by similar situations also take this to court
Or that everyone has to constantly manage a non-default set of tools, and deal with all the interoperability issues of all the mish-mashes of choices others make?
Or, ...?
Personally, I cannot see a safe online world that doesn't have hard privacy.
Why not give people easy ways to report "very bad behavior" online, to authorities that build up a reputation of responding responsibly. Including bounties for the most egregious stuff.
Then every recipient of anything rotten becomes a honeypot for the criminals.
Breaking everyone's privacy is going to attract every nefarious and security conscious actor in the world to the buffet. Every state actor, "good" or "bad" is going to want to have access to everything that can theoretically be accessed. Worst possible kind of honeypot.
At that point, I feel like we've opened pandora's box. If every single app had to be able to decrypt/encrypt with your personal key, we just know someone will roll their own and fuck it up for everyone else.
In NT you can have modules that sit between various operations on the file system. It’s how AV works without having to hook into every single application that reads and writes from storage.
There’s no technical reason why this kind of approach couldn’t be applied by Apple for encryption. But it would require relinquishing some control over their platform, so it would never happen.
The UK "laws" are extremely evil when it comes to violating basic rights, they can essentially force companies to shut up, "gagging orders", etc...
A quick search tells me google does end-to-end encryption since at least 2021 [1].
https://www.androidcentral.com/how-googles-backup-encryption...
They will comply with the law and make a lot of noise and not a lot else.
On top of that, a big chunk of the follow the sun on call engineering (SRE) are here that look after global infra and most of the European support operation are in Northern Ireland.
It's not like corporate doesn't know all the tricks already. The only reason they need is whether the UK market is worth the hassle. That's all.
Of course, you may mean these staff are only required to service the UK market...but it sounds like you mean they are valuable to Apple, at which point I am unsure as to why they would not be retained/shifted as appropriate.
Also my apologies, I assumed revenue here. Also thank you, I had not considered staffing, but it makes sense.
You don’t actually need as much money to survive in the UK as the US for example. So there isn’t the motivator to retain high level salaries other than luxury.
It would be “no thanks” and take a 30% cut to go and work somewhere else.
Ah yup, that 100% makes sense and I don't know why I didnt consider it. I should no more than anyone the value of more "key staff" as it were, and the impact a shock to those kind of staff can have.
> You don’t actually need as much money to survive in the UK as the US for example. So there isn’t the motivator to retain high level salaries other than luxury.
I did not know this, I am over in AU and don't know that much about the UK to be honest. I've only heard things in passing about London really and even then all ive heard is "VERY EXPENSIVE, RENT BAD" so thats super interesting.
> It would be “no thanks” and take a 30% cut to go and work somewhere else.
Yes, good for them too. I have taken (including recently) such pay cuts because I have strong opinions of where I will work, or who I will work with.
Thanks for coming back to answer my questions, I found it super informative. I didnt intend to sound aggressive in my first response so i'm glad you did!
Whether it's good for a US corpo to interfere with the stable 1984 progression of the UK is another issue. If I were in a decision making position at Apple I wouldn't want to bother with this either. Just take the easy marketing W and move on. Maybe prepare a plan for market exit just in case they're not satisfied with disabling encryption and demand a global backdoor.
> Systems like iMessage are still fully end-to-end encrypted even in China.
Actually taking them to court and objecting seems more productive to me.
"objecting" alone does nothing. Objecting + lawsuits or objecting + withdrawing might accomplish something.
I'd agree that lawsuits are a good idea but they are also entirely dependent on the courts (of the same country that already wants to violate people's rights) to do the right thing. If the lawsuit works and the government forces the government to back off it's a good thing, but if not a company keeps the power to take their technology and leave. They can choose to do that regardless of what the laws or courts of another country thinks.
Walking away might be seen as a company "giving up" on the corrupt country that wants to violate people's rights, but it's certainly not a company giving up on their principles. A nation full of people angry that they won't be able to get highly sought after products and services can change policy too.
One of the problems of digital surveillance is that is doesn't feel intrusive, indeed it can be fully hidden from the users. With a message like this displayed every time you unlock your phone, plenty of people would start asking questions.
They're not allowed to actually tell you about the UKGOV order. That's the point of it being a secret order.
"This feature is no longer available in the UK.
For further information, contact:
Mr Xxxxx Yyyyyy
UK Home Office
02070 xxx xxx
xxxxx.yyyy@homeoffice.gsi.gov.uk"
This is silly. The average consumer will just avoid Apple products.
Apple pulls data protection tool after UK government security row (bbc.com) - 1769 points , 1105 comments https://news.ycombinator.com/item?id=43128253
How would the UK government reasonably sanction Apple?
End of the day people love their devices more than their rulers and it’s a tangible way to action citizens who would normally sleep though this into having their privacy protected.
Right now, there is still a strong support in the UK for the gouvernement crusade against encryption and overall ending of privacy.
Because "why should I care, i have nothing to hide". It takes time and tragedy for populationd to educate themselves on matter, maybe in a few years or a decade the trend will invert.
Until then, there isn't much apple can do. They haven't the law with them, they haven't the population with them, they got the money but they aren't going to spend it on educating people.
Taking UK gouvernement to court is just the best they can do right now, a big pr stunt, like a giant ad to say to the rest of the world 'we care about your privacy, buy iphone'.
HN would be calling for world war.