They shouldn't have advertised 'free forever' on the website. OMG. In that area, people don't even think about the next day.
One of the things I learned is that you should never offer even one tiny ounce of added value which the average user is not capable of perceiving.
Literally the entire idea of profit rests on arbitraging between perception and reality. You don't want to pay for surplus value that is beyond your customer's perceptive capabilities.
I thought I'd found my place when I got into open source distributed pub/sub over WebSockets. I worked in this area for over 10 years but you won't find my project in the first 100 results on Google for those niche 7 keywords.
Surprising considering that almost none of these terms even existed 20 years ago.
I would argue that there is very little correlation between a programmer's perceived skill level and their actual skill level.
I know some programmers who used to be considered rock stars because they created a lot of popular libraries and modules at an opportune moment in history but years layer it turns out that their
code was full of security vulnerabilities.
Also some programmers are highly optimized for certain things to the point that they're terrible at everything else - I know programmers who are really great when it comes to writing performant code, but they are unwilling to make compromises to make that code more readable.
I wonder what would happen if Let's Encrypt started charging for their service AFTER HTTPS became compulsory. Seems like a great (but evil) business strategy. All these CAs could just start increasing their prices and we'd all be forced to pay.
If you understand human behavior, then you know that this WILL happen eventually.
This might even make sense as "a great (but evil) business strategy" except Let's Encrypt isn't a business, it's provided by a charity, ISRG, the Internet Security Research Group, set up for exactly this purpose by people from Mozilla (a charity) and the EFF (another charity)
I suspect that the people behind ISRG weren't as paranoid as the Free Software Foundation about being corrupted by some hypothetical evildoers (the FSF has a whole mechanism to try to ensure that if you somehow take over the Foundation you can't use its resources to counter its original purpose) but you're going to need a bit more than a vague idea that people are capable of evil as an explanation for why good things are actually not good.
I don't know who has what legal remedies when a nonprofit acts inappropriately, but another observation is that most of Let's Encrypt's technology is developed in public.
If you needed to set up another ACME-compatible CA on the same model (which could then be a drop-in replacement compatible with the existing client base), it would be a lot less expensive (although it would require datacenter build-out, hiring an operations team, and a variety of PKI-specific stuff like key ceremonies, HSMs, cross-signing, CPS, and audits).
I would think that there are enough competing vendors, and they are sufficiently interchangeable, that one vendor having low prices will drag the whole market down. That is, I believe that CAs are actually a nearly efficient market.
I think that the argument that you can't trust ISPs is weak.. With HTTPS, you still need to trust certificate authorities.
It is somewhat suspicious that Google suddenly decided to create their own Certificate Authority in 2017.
Forcing every website to use HTTPS just reduces the pool of entities who are able to track and manipulate us and it gives a false sense of security.
There is no doubt that this change is designed to take power away from some entities and to put it in the hands of a few key players which Google trusts.
Also, the video created by the author is highly deceptive; the author makes it look like he has hacked the website itself; in reality, he has only intercepted the traffic to his own machine so in reality he has only modified his own view of the website; he hasn't actually hacked anything.
I'm sure that the author is being intentionally deceptive; he knows exactly who the target audience for that video is and he knows exactly what it looks like.
Certificate authorities that participate in Certificate Transparency are forced to publish all certificates they issue, so site owners can tell if a fraudulent certificate for their own domain is ever generated. I think browsers are pushing for all CAs to adopt Certificate Transparency. This greatly reduces the power of malicious CAs.
The web was supposed to be open and free; it was supposed to democratize the exchange of information. We have lost control of it by allowing corporations to subvert that idea.
Frightening stupid people by exaggerating threats that they don't fully understand is what corporations do to sell their products and services.
Using a browser underwritten by a large corporation is a very bad idea. When it pops up a message saying that a static website is insecure, it's time to get another browser.
I was reading about non-disparage clauses and I find it disturbing that these clauses are allowed to override a law as fundamental as free speech. It's disturbing that the US needs to make new laws just to reaffirm the validity of some of its oldest, most fundamental laws.
Doesn't that in itself reduce the credibility of all laws? Maybe the real problem is that the justice system is not doing its job properly.
free speech in terms of the 1st amendment is about _government_ restrictions on free speech, the law is mostly totally silent on private agreements or arrangements.
This is a fundamental distinction that is missed entirely in way too many online conversations.
I think that there are lots of people who could do a better job than Elon Musk but they will never have the opportunity to prove it.
The vast majority of people would know that calling the Thai cave diver/rescuer a 'pedo-guy' was a bad decision.
Also, announcing that some funding was secured when it actually wasn't - That was a bad decision as well.
To suggest that Elon Musk is irreplaceable is ridiculous.
People used to say that Steve Jobs was irreplaceable but look at the Apple stock price now.
Tesla/SpaceX now are more like Apple before the first time it fired Jobs. In that case, he was most definitely not replaceable (he had to come back). So that’s maybe not the best analogy at this time.
However in his Stanford Commencement Address Jobs said “I didn't see it then, but it turned out that getting fired from Apple was the best thing that could have ever happened to me”
One positive thing about being born in a third-world country is that if you can manage to train yourself to become a good software developer (which I admit is probably much harder to achieve than in a first-world country), you can find remote work for a foreign (first-world) company and then you can live like a rich person in your own country (buy houses, etc...); this seems relatively attainable if you put your mind to it.
When you're from a first-world country, becoming rich is essentially unattainable; you wish you could move to a third-world country to live a better quality of life, but that's not really an option; often, the law of these countries forbid foreigners from owning property; also, you don't know the language or culture so you might end up getting ripped off when doing large transactions.
I think it's fine. If you did nothing wrong then you have nothing to lose by unlocking your phone. So if you don't unlock your phone, it's an admission of guilt.
People are way too paranoid. Nobody cares about what you do with your phone.
Sometimes I feel like the upper classes of society (especially hypocrites who have money and a reputation to protect) are projecting their fears on all other classes. Then like fools, the honest proletariat adopts all these ridiculous fears as their own.
I upvoted this comment not because I agree with this viewpoint, but specifically because I don't, and I want this to be seen by more people.
Whether this is an attempt at trolling or not, I am not sure, but I believe many people, especially those somewhat removed from marginalized populations, also hold this viewpoint.
I advise those that hold this viewpoint to see the excellent video, "Don't Talk to Cops". This should not be seen as an indictment of the many good people that work in law enforcement, but rather one of a system that incentivizes convictions over actual guilt or innocence.
At any moment in time, it we are breaking so many laws because of how the laws are written. It's illegal to speed. Who has never done that? A cop can pull you over. If the cop is having a bad day, and asks you to do something you don't want to, and you argue, now you're resisting arrest, which is another crime. And then for how many people has the next step been imprisonment and/or death due to an altercation that all started from a thing nearly everyone does almost every day?
The government does not need more powers to find more people guilty of crimes that shouldn't even be illegal. There are already too many people in jail and too many people dead due to a justice system that, sadly, skews far away from actual justice.
> If you did nothing wrong then you have nothing to lose by unlocking your phone
What's right and wrong changes every few decades. Not too long ago a guy was jailed and pushed to suicide because he was gay. In UK.
There are countries today, where you can be put in a concentration camp for being gay (Chechnya Republic in Russia).
There are people that had to escape USA because they warned people of government institutions abusing the law (see Snowden for 1 example).
There are people killed in Mexico for protesting against drug cartels and corruption in government protecting them.
Liberal and paceful France sent spies to put a bomb and explode ecologists' ship that was protesting against nuclear tests in international waters. Later New Zaeland caught the spies, and France blackmailed them to release the spies threathening war.
It's pretty common for nice democratic governments to do EVIL things. It's even more common for non-democratic, or non-liberal governments to do that. Most of the time you're fine, because government ignores most people. But the law is concerned with protection of the few that wouldn't be fine.
> So if you don't unlock your phone, it's an admission of guilt.
Even medieval inquisition had higher standards than that. They tortured people, but at least they required them to admit the crime. You don't even want that. Congratulations.
>People are way too paranoid. Nobody cares about what you do with your phone.
Perhaps others' lives are too uneventful. In these here parts of Western Europe we had 3 dictatorships active within the last 50 years (up to ~1980 -- Spain, Portugal, Greece), including torture and everything. Easter Europe had worse up to 1989. All could come back quite easily.
And even in other parts of Western Europe there was mass surveillance of political opposition, lots of cases against activists, hundreds of thousands of people against the political establishment (e.g. in Italy), mafia, etc.
If the world needs to be more transparent, then I think it should start with the Australian politicians. Give us access to their phones and computers, give us CCTV in their offices. Then we can be sure that no crimes are being committed, that no corruption takes place. They are, after all, working for us.
If you have the data from breaches listed on https://haveibeenpwned.com/ you can already get access to some of his passwords (not tested of course). It seems like the "nothing to hide"-philosophy has also been applied to the password complexity.
I'd strongly recommend to use secure passwords and maybe a password manager. Further, I'd recommend using different aliases and email addresses for different websites, or at least keeping email addresses private where possible.
"Arguing that you don't care about the right to privacy because you have nothing to hie is no different than saying you don't care about free speech because you have nothing to say." -E. Snowden
And actually, most people have nothing to say. See China, for an example. Most people want peace, security and to create a home in which to raise children. They care, but not very strongly, for the rights of minorities the environment and other things you might need freedom of speech to advocate. Freedom of speech and civil liberties are luxuries that can be sacrificed, as we see each time a new dictatorship is cheered forward by the masses. Most people are not idealistic, and have higher priorities than freedom.
If we want to preserve these rights we can't just appeal to their utility for the individual.
Free speech in a country that goes authoritarian is very harmful for your career. People in power have connections, they can make it hard for you to make a living without even breaking the law, just asking the right people for a favor. Anonymity is one of the things that make people more likely to say what's need to be said.
Without protection of privacy - very few people will exercise their free speech when things get hard.
Maybe these types of people would not have power if everyone knew who they really where.
That said I understand people who are afraid that loss of privacy would be asymmetric but I don't think that would happen. Celebrities and public figures will always have less privacy than everyone else.
> I understand people who are afraid that loss of privacy would be asymmetric but I don't think that would happen
If Trump wants to know your tax returns - he will. You don't know his, no matter how much you want to.
And anyway, Trump insist he could murder someone and give himself a pardon. You can't. So, even if the information flow is symetric - the consequences aren't.
Sure, but his point was that you don't give up rights to the government simply because you have no use for them. Other people do. If you don't defend them, they get eroded and society regresses. History shows us this.
It's still about the basic human dignity, you loose it once you don't have free speech or the right to privacy. Would you feel dignified if you were forced to go around with a huge hole in your pants without the ability to "cover your ass"?
> Right to privacy affects my ability to cover my own ass.
Actually this isn't the most important reason for privacy.
Privacy and other basic rights do very little for me as an random law-abiding dude. I don't break laws, so don't have any reason to cover my ass. I don't have much to say, so not being allowed to express my opinion doesn't seem like that big of a deal. Even in the doomsday scenario where evil totalitarian dictator takes over the country and mass-surveils everyone and otherwise stomps on our rights, it probably won't be that big a deal to lowly me.
The most important reason for protecting individual privacy is to protect the future of society and civilization itself. The average dude in Nazi Germany and Pol Pot era Cambodia probably barely noticed his loss of individual rights as far as daily life was concerned. Mass surveillance enables mass control, and the worst atrocities in history have all happened in environments where individual rights - including privacy - were disregarded. It's bigger than just me. It's about protecting society itself and giving my children a decent world to live in.
Refusing to unlock your phone isn't an admission of guilt. It's just being smart when you know your legal system regularly engages in parallel construction and fishing expeditions.
So if you don't unlock your phone, it's an admission of guilt.
I understand the evidence indicates that some people do choose not to unlock their phones on demand by police, even when they are innocent. You can interpret that as an admission of guilt if you like; this puts you in the same moral boat as police who write up a confession for someone and then fake their signature, because they just know the guy is guilty.
You can say what you think all you like, but the evidence is against you.
I do think that our current social system rewards the wrong things and drives human evolution in the wrong direction.
Traits like lying, cheating and hypocrisy are rewarded evolutionarily because they help people to accumulate more resources and produce more offspring; this works at both the genetic and environmental level.
The good news is that predators cannot exist without the prey to sustain them so there should always be more prey than predators.
The solution to the problem is decentralization of wealth; otherwise power becomes too concentrated in the hands of predators and it decreases their reliance on prey.
One of the things I learned is that you should never offer even one tiny ounce of added value which the average user is not capable of perceiving.
Literally the entire idea of profit rests on arbitraging between perception and reality. You don't want to pay for surplus value that is beyond your customer's perceptive capabilities.