> Apple did not respond to a request for comment. “We have never built a back door or master key to any of our products, and we never will,” Apple said in February.
This must be some "technically correct" weasel words bullcrap, as without at least equivalent access there is no chance Apple would be operating in China.
Basically, there is no backdoor. The front door is wide open, the government just needs to ask. Or not even that -- just take whatever they need themselves.
All the in-transit encryption in the world won't matter if they've pwned the decrypted client device.
Every company from your device's manufacturer, OS vendor, telecom carrier, app distributors and 3rd party software providers can be compelled to help make that happen.
If you want a deeper dive into the security engineering of iCloud Keychain, the second half of this Blackhat talk by Apple's head of Security Engineering & Architecture (SEAR) is really great:
Does all of that matter if an attacker has access to your device and can take screenshots of your conversations, or read those conversations out of memory in their unencrypted state?
No it doesn't — that's a totally different threat model.
Advanced Data Protection is mostly concerned with protecting data from attackers on the server and in transit.
If you're interested in protections when an attacker has physical access to your device, you should read the "Encryption and Data Protection" section of Apple's Platform Security Guide.
>all the encryption in the world does not matter if either end of the conversation is confiscated or pwned by adversaries.
Yes of course, but it's not so simple to bypass the hardware-enforced protections that exist both device side and server side. As far as I can tell, it seems effort was made to design/architect everything in such a way such that the protections can't be retroactively circumvented even under legal compulsion.
Disclosure: I previously worked for Apple, but not on the design/implementation of any of this stuff and this is all my own opinions, not those of Apple.
Is it a big deal though? Context matters. Everyone knows you don't do business in China without bending a knee to the government in all things. If you don't you are shut down completely if you're lucky, imprisoned if not. Of course CCP has access to every device in China approaching very close to 100%
> This must be some "technically correct" weasel words bullcrap
Is that even necessary? A gag order means they can't reveal backdoors, and their entire stack is so locked down that discovering them is hard and unlikely.
Gag order cannot force them to lie. A lie like that can be illegal even.
If there's a gag order, then companies say "we have a gag order". Like Google and Twitter did back in the day when asked. And then immediately started releasing Transparency Report to show how many of the gag orders they receive, so gov't couldn't say "we don't request anything".
I don't think this is true. There was the whole fiasco around the EULA canary that a company had that, if it was removed, was supposed to indicate that the company had received a gag order. I don't believe it had been actually tested in court. I believe it had to do with the FISA court system. I can't find a link but there are definitely cases of gray area where courts have required entities to lie.
https://en.m.wikipedia.org/wiki/Warrant_canary
AKA "fuckin...england fucking chill, don't blow this. You're FVEY mate, why you go scaring everyone when you know I got this. Just relax, you really think TAO don't got this? The Equation Group? We got this, in there like swimwear."
I mean they just disabled advanced data protection which allowed normal law enforcement requests to access the data since they are not e2e encrypted if you don't use advanced data protection. I really don't think they needed to implement a new backdoor. They would just need implement a procedure that would fast track UK requests.
I don't get why the UK always does this. it's like GSM encryption all over again. Is it a particularly snoop-ey culture stemming from GCHQ or something?
UK citizens don't have a constitutional right to free speech, which tends to bleed over in unhealthy ways to the government prioritizing its own interests over citizens'.
> The UK official added, this “limits what we’re able to do in the future, particularly in relation to AI regulation.” The Labour government has delayed plans for AI legislation until after May next year.
I suspect the steel man version of the argument is that AI is capable of producing images indistinguishable from child and revenge porn, so it must be regulated, and that means they need a way to reach into your zeros and ones to check. Maybe they want to know you're not asking it how to terrorize people, too.
They’re closely related for some use cases, like client-side content screening. If they can’t have a backdoor then maybe they’ll push for a local LLM to spy on the user’s activity and phone home when it sees something bad.
I assumed they’d only have asked for it if they’d already OKed it with the US, and that it was probably part of a plan to give US access too via 5-eyes sharing.
I think if we'd had a "normal" administration, this probably would have been pushed by the US government. The US services have been gunning for this for decades. But we have an administration that seems extremely disjointed in what it wants to do and why it wants to do it. I'm kind of curious about the internal conversations that must be happening on the other side of 5-eyes nations services as they're trying to accomplish their ends with such an unpredictable ally.
For better or for worse, JD Vance is extremely online, and no one in his cryptocurrency-hoarding right-libertarian tweetsphere thinks government backdoors are a good idea.
I don't think there is much disjoint if you see Trump as a fairly clean break with the cold-war era GOP. The thing is that no one in the US remembers the cold war with pride. The left thinks the cold war was US imperialism. The right kind of agrees, and has moved on to other issues anyways. And Europe nudges, saying: "Hey, you're America. You love fighting cold wars! Remember?"
Too many Europeans are Chomsky-brained and believe that US foreign policy is controlled by the CIA. The reality is that US grand strategy is incoherent and has been for decades. The US doesn't have any actual strategic imperatives at the moment, and it's being pulled in too many different directions. I believe George Friedman argues that this is a recurring pattern in US history, where US foreign policy alternates between listlessness, and maniac focus on some objective (most recently in the wake of 9/11).
For me it's not so much a conspiracy as the natural flow as a society becomes more fascist (as most Western government are leaning) and more "police state". It's inevitable, they want to be able to spy on every aspect of our lives and keep it recorded indefinitely as technology and public sentiment will allow. Cops want to make their jobs as easy as possible, politicians want to be able to get as much dirt on everyone as they can.
That’s just run of the mill authoritarianism, calling it fascism glosses over how it has proponents in every political persuasion.
Authoritarianism has become very popular online these days for some reason. Giving in to fear and wanting total control are always going to be traits that pop up again and then humans have to relearn from history about why freedoms are important.
Yes, although fascism is probably a proper word to use here -- it comes from Roman "fasces", symbolizes power to punish king's subjects (i.e. it's not about other states and kings, but about internal affairs).
I really sort of expected that by the time I reached my age that we'd have more policy makers that understood tech a little better. I feel like in the last say 25 or more years ... the needle hasn't moved.
This article is explicitly about how J.D. Vance (age 40) & others at the White House are forcefully advocating for preserving E2E encryption. Arguably not for the right reasons, but still.
I'm not sure what you mean by "more" but what you are asking for is in fact happening.
The U.S. also attempted to force Apple to add a back door just a decade ago.
> Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that "the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create." The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications?
You need to think about what they don’t say with these matters.
He said Apple does not have and won’t create a backdoor. That was well crafted and means exactly what he said, any implicit meaning is an artifact of your brain.
I might postulate that while Rhubarb LTD absolutely doesn't hold and will never create a backdoor, Celery Inc does. Ignore the fact that Celery is staffed by some of Rhubarb's senior engineers working part time. Ignore the fact Celery are contracted to do security assessments so have access to all the source code, radio firmware and schematics...
I absolutely don't actually know anything about Apple, but I've seen some of the ways even small companies legally split themselves up to avoid tax or various forms of liability. Multiple phone numbers to the same phone, multiple domains and email providers to the same laptop. Multiple denials that you've ever heard of the other company let alone happen to share the same office space...
There's a massive difference between a truthful statement and an honest one; anyone that works with code should understand that.
Apple has since confirmed in a statement provided to Ars that the US federal government "prohibited" the company "from sharing any information," but now that Wyden has outed the feds, Apple has updated its transparency reporting and will "detail these kinds of requests" in a separate section on push notifications in its next report.
Apple's hidden at least one warrantless backdoor in their systems for the purpose of federal surveillance. I have no reason to believe the exploitation stops there.
Apple and Google had no choice but to comply with the National Security Letters demanding access to user's push notification data.
They also can't refuse to comply with warrants demanding any such unencrypted data that is stored on their servers.
That's not the same thing as adding a back door to allow access to encrypted user data that is stored on the user's device.
It's also different than storing encrypted user data on your server, when you have purposefully designed a system where you don't have access to the user's encryption key.
Encrypted user data backup is the feature that Apple disabled access to in the UK rather than comply with the order to insert a back door in the OS.
To clarify: When you get an NSL, not only is it impossible to refuse and stay in business, it is also impossible to talk about it. That's the scary bit.
Certainly. At least with a normal warrant you can publicly speak out and notify the user(s) involved.
I would also point out that it was Senator Wyden who initially informed the public of how much the government was already spying on their unencrypted communications.
You'd better hope you're right. Nobody is auditing Apple who can hold them accountable. The lack of transparency is how we ended up on this slippery slope in the first place.
Good security models typically don't hinge on being lucky.
If you think law enforcement doesn’t have access to your iPhone, you’re sorely mistaken. I’m not at liberty to explain but there are companies that can extract your smartphone contacts, messages, cell phone call logs, voicemails, apps, and emails. Law enforcement has been using them for a while now.
I don't think anyone's surprised by that. Our emails have literally been used to target ads at us since like 2006. Cell phone carriers are happy to mine voicemail, call logs, SMS, etc. in the hopes of finding a revenue stream that doesn't involve them having to do irritating work like running fiber to cell phone towers.
This leaves contact mining as the odd one out, but given how many apps want to see your contacts, you know that those are being sold by at least one of those apps.
None of this stuff has ever been end-to-end encrypted, so there can't be any way people expect it to be private.
That's not a revenue stream at any cell phone carrier I've seen. They do what they are legally obliged to do, and while they do get paid for it, it's a fraction of the actual cost of providing the data. The state tends to drive the hell of a bargain. The service providers, such as Facebook, Google and Apple though, that's entirely different.
Emails and GSM calls yes, obviously. But e.g. Signal communications? You need a Pegasus-tier exploit for that, which means that unless you're high profile enough you should be safe.
Pretty sure no NDA ever says it's forbidden to discuss the subject of the agreement, but cute little internet innuendos whispered from behind a coy little fan are ok.
Extraordinary claims require extraordinary evidence. If you really have access to secret information of that significance and you really are under an NDA that prohibits you from talking about it then why are you casually posting innuendo about it on HN?
To point out that your data isn't safe from law enforcement. Quite the contrary. I think everyone should be aware of the state we are in. And while I can't go into detail about how I know, I want others to be aware that anything on their devices is fair game. Now a day's with or without a warrant. Three letter agencies are operating with impunity. Using this very tech.
Again - extraordinary claims require extraordinary evidence.
It's no secret that there are groups actively looking for new exploits and that sometimes vulnerabilities are discovered that become zero days. It's a good bet that police and security services take an active interest in those vulnerabilities when they are found.
But that's very different to claiming the police can easily unlock any device any time they want to and there is a range of private companies around who provide that service to them.
I'm going to assume they are referring to any cloud backups of said devices. Since they are stored on servers managed by not you and are unencrypted, able to be accessed for "national security reasons".
There is nothing extraordinary about a claim that multiple commercial organisations routinely and reliably defeat the security of modern devices on behalf of law enforcement - something that would clearly undermine numerous public claims about the security and privacy of those devices made by their manufacturer? You and I have very different ideas of what is extraordinary!
Multiple vendors advertise and sell devices and software to crack iPhones, they have for years. In the US, any decent size city or county sheriff has access to one. State level forensics labs probably have several types.
The manufacturer provides the means to bypass many of the cheaper tools, but few people use them.
There are more exotic tools that can bypass security controls. These are more niche and not generally available to law enforcement. There may be some crossover when counter-intelligence interfaces with law enforcement. (Ie. FBI, DEA, RCMP, ICE, etc)
It's not extraordinary at all. Ron Wyden, a US Senator subject to special briefings, basically repeated the same thing when asked about federal backdoors:
"As with all of the other information these companies store for or about their users, because Apple and Google deliver push notification data, they can be secretly compelled by governments to hand over this information," Wyden wrote.
Push notifications for e2e messaging apps carry e2e encrypted payload, which can’t be decrypted unless Apple reads the private keys from those apps sandboxes…
That document appears to be over 4 years old, predating the availability of Apple's Advanced Data Protection system that claims to provide proper E2EE on most iCloud back-ups. The latter was controversially the subject of a specific legal attack by the British government using the Investigatory Powers Act resulting in Apple withdrawing the feature entirely from the UK market rather than compromise the security of their system - according to public reports anyway. Before ADP much of the data stored in iCloud backups was not fully end-to-end encrypted and Apple itself did not claim otherwise.
There are a lot of things that are publicly known but if he's signed an NDA he can't point at them or acknowledge their authenticity. Anyway Pegasus isn't even the correct ballpark lol.
Just about every confidentiality clause or NDA I've ever signed had a provision specifically excluding information independently in the public domain from its scope. I find it strange to the point of lacking credibility that someone working in a security-related field would have an NDA that required them to pretend to ignore even public domain information yet permitted them to post the kind of innuendo seen in this discussion.
Why should I disclose public domain knowledge when it’s public? The whole point was to point out there’s ways that aren’t public being used.
Believe it or not, I actually care about privacy. Innuendo is not my intent, no maliciousness here, only stating there are programs that have access to your data. Telegram/Signal/Encrypted or not. They don’t need access to your device. Only access to the Internet.
The whole point was to point out there’s ways that aren’t public being used.
For which you have provided not a shred of evidence here beyond the same type of innuendo you've been posting all along - even while implying that some of this is public knowledge that you could therefore cite to establish at least some credibility.
Your claims in combination appear to require that the technical foundation on which almost all serious security on Apple devices is built must be fundamentally flawed and yet somehow this hasn't leaked. That's like saying someone found an efficient solution to the discrete logarithm problem and it's in widespread use among the intelligence community but no-one outside has realised. It's theoretically possible but the chance of something so big staying secret for very long is tiny.
As I said before - extraordinary claims require extraordinary evidence. Thank you for the discussion but there seems little reason to continue it unless you're able to provide some.
I mean Cellebrite has been a public name for a long time now, and LEO pays for that and similar devices which basically launder zero days and physical exploits to get your stuff.
The position of the US executive on encryption can easily shift depending on who holds the presidency and certain cabinet positions. I'm not sure the Trump administration actually has a coherent position on the subject.
> I'm not sure the Trump administration actually has a coherent position
That seems to be the most salient property of his presidency. His position on any issue is whatever he just said, with no regard to what it might have been yesterday.
For anyone that wants a good (and fair) example of this, check out his positions on the debt ceiling going back to 2012 (and then on every time it's come up since). When he isn't in power raising the debt ceiling is Unamerican, a political ploy and bad. When he is in power, it should be scrapped entirely and should be above politics. He was remarkably frank about it in an interview a year or two ago when he was running for president when he was pressed by the interviewer about the flip-flop, he smiled and said approximately "I wasn't running for president back then"
> When he isn't in power raising the debt ceiling is Unamerican, a political ploy and bad. When he is in power, it should be scrapped entirely and should be above politics.
It's too bad that when he is in power he does not actually make the latter happen, because it should be scrapped entirely.
The only other country with a debt limit set in an absolute amount rather than as a percentage of GDP is Denmark, and they sensibly have set theirs far above their actual debt so it becomes just a legal formality rather than a policy tool.
The problem with it in the US is that the debt ceiling limits government borrowing to pay for debts that have already been incurred. It doesn't control the amount of spending or the deficit--that is controlled by the budget that Congress and the President approve.
If we can't just scrap it completely, then at least the budget process should be changed so every budget bill must be accompanied by a raise of the debt ceiling by enough to cover whatever extra debt that budget will be adding.
Having observed this for a lifetime, and simultaneously watching the democrats be unable to call out the switch is so incredibly disheartening. It's like watching a cat playing with a mouse before it kills it.
> In a combative speech at the Munich Security Conference in February, Vance argued that free speech and democracy were threatened by European elites.
> Trump has also been critical of the UK stance on encryption. The US president has likened the UK’s order to Apple to “something... that you hear about with China,” saying in February that he had told Starmer: “You can’t do this.”
> US Director of National Intelligence Tulsi Gabbard has also suggested the order would be an “egregious violation” of Americans’ privacy that risked breaching the two countries’ data agreement.
UK has a hx of pushing this - OP probably referring to efforts by the brits to put backdoors in comm standards like GSM and others back in the 80's and 90's
It's possible that their advocacy is well thought out but not based on the stated reasons. Say, Apple is actually under the control of the NSA and there are hidden back doors in the form of exploitable weaknesses as per Crypto AG. Then preventing the introduction of public backdoors would preserve the value of the current setup where Apple is widely considered trustworthy with respect to their customers.
Hey, even the worst person in the world is owed their right to privacy. Determining if someone is doing evil with their right necessarily undermines privacy for everyone.
I'm sure the police can catch child abusers the old fashioned way: by infiltrating cp networks and posing as kids online. This snooper's charter is in fact overreach and an invitation to build something like the Stasi.
If devoted half the resources to catching child abusers as we do to stop people from getting high after work, we'd have a whole hell of a lot fewer abused children. But, priorities!
> If devoted half the resources to catching child abusers as we do to stop people from getting high after work, we'd have a whole hell of a lot fewer abused children.
There are two problems here:
(1) We devote more resources to catching child abusers. There are all kinds of legal "if you see something, say something" requirements that make every doctor, nurse, and schoolteacher in the country part of the effort to do this.
(2) I see no particular reason to believe that additional resources would lead to a noticeable increase in detections. There are many, many circumstances where you're free to devote double the resources to something, but you'll see at best a trivial improvement in results.
> We devote more resources to catching child abusers.
You make this statement but provide no evidence. Because there's laws on the books, we "devote more resource" than, say the entire DEA, which unlike these laws has a gargantuan budget? That's nonsense.
> I see no particular reason to believe that additional resources would lead to a noticeable increase in detections.
Look harder? Read up on the topic? String operations work. More would work more often and catch more abusers.
Let alone the resources we could be pouring into children's mental health services (instead of kicking families off health insurance like the current administration has accomplished).
He's proven himself to be more of an asshat than I'd hoped (see the Zelenskyy meeting), but he did come up in Silicon Valley venture capital. There's a lot about this administration that causes concern, but I'm glad to see him on the right side of encryption.
because Vance and his colleagues are breaking federal law for the retention of government records and as long as they don’t invite anymore journalists into the group chat they will get away with it
They're arguing with foreign countries. Meanwhile the federal government continuously working consolidate all data available under groups like DODGE or ICE or Palantir. Arguing to preserve a tech in a given situation but with other goals ... not sure the first part matters at that point.
Perhaps he likes the idea of E2E, but just for himself and his friends. I duno, but whatever it is, it's not about the important things after the fact.
While Palantir is a private company and shouldn’t have access to government data, why shouldn’t in theory all government data be accessible to the government?
DOGE is clearly operating illegally for other reasons - not distributions funds that were appropriated by Congress for instance. But data sharing isn’t the root issue. It’s spineless Republicans in Congress and a sycophantic Supreme Court.
And it’s possible to say both that if you are here illegally you should be deported and that it’s currently being driven by animus, cruelty and it should be easier to obtain legal residency especially in areas where we do need more workers and implement another program like Reagan did in the 80s
Different data requires different access controls, and government agencies that collect / deal with a given piece of data on a regular basis are equipped to enforce those access controls.
You don't want your local dog catcher to be able to look at your medicare records just because "he's the government, and medicare records are government data".
I feel like you answered much of your own questions.
Beyond that many of the departments that this data is being extracted from have rules about who can access (no not everyone in the IRS has free reign) and what they can do with it. For good reason, IRS's job is to focus on what the law says they should do, not say punish political enemies and so on.
But transfer it to DODGE, ICE, Palantir, there are no laws at all regarding what they can do with that data.
> While Palantir is a private company and shouldn’t have access to government data, why shouldn’t in theory all government data be accessible to the government?
Shouldn't everybody have access to government data, with a few exceptions?
I think this is a very dangerous deception. They understand.
When politicians say "we need a special key for police to stop child abuse" it's not that they don't know this means "a backdoor with no technological way to limit its use". On the contrary, they know it very well and it's exactly what they want to achieve under the guise of children protection. It's the public at large that don't understand it -- or so they hope.
Sadly, UK Parliament is made up of political careerists and art students, which is probably similar to most Western democracies. There's a saying 'those who can do, those who can't teach', it probably needs a final 'and those that can't teach, go into politics'.
Every time ukgov tries to make some sort of tech policy, it's embarassingly wrong, or naive, or both.
This comes from a country that effectively gave away ARM.
I'm a principal software engineer with a degree in history. You don't need a science degree to understand most of these issues sufficiently to legislate them. But you need humility and a willingness to learn. That, sadly, is lacking in too many governments and civil services.
Also, the people pushing for these measure (e.g., the U.K's equivalent of the NSA, GCHQ and most national-level police departments) understand these issues perfectly well.
Also, the people pushing for these measure (e.g., the U.K's equivalent of the NSA, GCHQ and most national-level police departments) understand these issues perfectly well.
Surely some of them understand the technical details. That doesn't necessarily mean they understand or respect the wider implications of a policy. This is why it's important to have a government that sets policy - taking into account all of the competing influences and potential consequences - and politically neutral technicians who then implement government policy.
No-one would dispute that if the government could examine every communication everyone ever sends then it could catch more very bad people and prevent more harm to innocent people. The problem is all the other stuff that also happens if you give a government that kind of power over its own people.
The leader of the opposition studied computer engineering (before going on to law). Sadly she used the knowledge gained to hack the website of the deputy leader of Labour Party.
I don't think it is a matter of really understanding the tech. It has to do more about how you envision the society regarding privacy and individual rights. It is indeed a political point of view on how much you want to control everything.
I don't think it's that nefarious. I mean, for some of them it might be, but for MOST of them they see a "law & order" issue that will resonate with stupid people ("cops can't get access to terrorist data / child molester info / human trafficking communications!"), and they just run with it without regard to downstream effects.
It has always been politics, not technology. Politicians and bureaucratic always want more power, and they rarely relinquish power they gained temporarily.
It has nothing to do with their technical knowledge. It has everything to do with human nature.
If you want to push back, the law is not on your side.
We've had a serious problem with policy-making in this country for a loooooong time, stretching right back to when RIPA was drafted, nearly three decades ago.
I think the ironic thing is that although everyone uses powerful technology on a practically constant basis, it is sooooo much more complicated that less and less people have even a clue. How many adults would know how to change their oil today versus back in the 70s? Changing spark plugs used to be a 30 minute task but now you have to take apart half the engine just to even gain access. Even though of us who make our living in tech are not immune. How would we verify that there isn't spyware or similar in the firmware or hardware on the computer we use daily?
Sure he can. In an ideal world (from the US gov't's perspective), all communications everywhere would be encrypted, and only they'd have the workarounds to access the data anyway.
I'm not being sarcastic. For real, what major government wouldn't want that in their favor?
They care about maybe a maximum of five having that access, and I'm sure they realize that #1 on that list (PRC) won't need much time to become a peer on any given technology.
They're just against EU asserting any kind of control over American companies.
Reminder that he's funded by Thiel and friends with Curtis Yarvin, which goals include the end of democracy and the federal state and replace the system with tech CEO kings over feudal states.
I feel like the federal government continuously consolidating all data available under groups like DODGE or ICE or Palantir is about as anti privacy as it gets.
Policy makers change frequently and often radically. Federal lawmakers less so, but lawmakers are a small subset of policymakers, and not the ones who create international pressure; those are political appointees in the executive branch, and they change frequently.
I mean, yes many policymakers still struggle with the nuances of modern tech, but claiming that "the needle hasn't moved" in 25 years is an exaggeration. In the late 90s/early 2000s, encryption debates featured lawmakers who barely understood email. Since then, there are committees focused specifically on tech policy, even some lawmakers with backgrounds in CS or cybersecurity... and far more nuanced public debates about encryption, surveillance, and privacy.
I recently listened to some clips from a hearing with questions about zero-knowledge proofs, algorithmic transparency, etc...this was pretty unthinkable two decades ago. Some agencies and legislative bodies also now have technical staffers and some advisory boards with technologists. So, yeah it it slow and sometimes frustrating, but it's not static.
The people in office now were already old by the time the Internet and especially Mobile took off.
But it’s not like many young adults today who grew up with mobile phones understand computers either. At 51 growing up with computers in the 80s, I find myself explaining what I think should be simple computer concepts to both my parents generation and my adult children.
My 80 year old mom is not a stereotypical old person who doesn’t know how to use a computer. She is a retired math teacher and has actively been using computers since we had an Apple //e in the house running AppleWorks in the mid 80s.
When she was tutoring teenagers mostly as volunteer work after she retired, she had to teach them how to use Office/Gsuite.
There was a very idealistic move in education to believe that younger students would be "digital natives" and self taught on typing, computer programs, etc. So we deemphasized classes on this, and now kids grow up on consumption oriented devices and can't type again. So it goes in circles I guess
Optimistic is probably the kindest, yeah. I don't think it was strictly a bad argument - it was easy to think of the classes as outdated and taught by a generation who knew less than the students. It just turned out to be a very short state of affairs. Hard to expect schools to have predicted the iPhone, right?
I don't see why you think they don't understand the tech.
This is going to be heresy here, but honestly I think it's a reasonable position. Not one I would take, but reasonable.
For the first time in human history there can be large scale communication it is mathematically impossible for governments to have any access to. If you believe that governments are doing the job of protecting their citizens (and many do), it's entirely reasonable for them to want this type of access.
They have it with the postal service, and analogue phones and the world didn't collapse, and many criminals got caught.
But also for the first time in human history, it's possible to do large-scale surveillance without large-scale human effort. The power of the network goes both ways.
Phone wiretapping (until recently I suppose) and mail inspection required a human to take some action to listen in; you couldn't just monitor everyone's communications. Now you can.
I agree, there are many complex issues involved here. But I get annoyed at tech people (not saying you!) that it is self-evident that any kind of law enforcement methods of access is obviously wrong.
> I get annoyed at tech people (not saying you!) that it is self-evident that any kind of law enforcement methods of access is obviously wrong.
I don't think anybody is saying that the motivations are bad. We all want safety, right?
The closest thing I hear is, they feel that the cons often outweigh the pros. I think this correlates with their trust in authorities, given the countless abuses we see authorities perpetrating when granted power.
There's a reason "think of the children!" is literally a joke mocking safety-based pretexts for reductions in rights.
> before we started getting people who know tech
reply
The politicians might not know tech, but the NSA, GHCQ, etc. that push for these anti-encryption laws most definitely do know technology, and is the main lobby against encryption.
It goes beyond just getting politicians that understand tech. We need politicians willing to rein in the intelligence apparatus put in safeguards, and checks and balances on their power.
I thought this too, but I think we misunderstood the extent to which various calls for censoring and regulating the internet where driven by a lack of understanding of the technology...
The scary thing about the UK regulators is that they seem to understand the stupidity of what they're doing, but believe it's worth it. You see this attitude everywhere in the UK – in our hate speech laws, our blasphemy laws, mass surveillance – the argument isn't that these things don't limit freedom and personal privacy. They'll agree that they do, their argument is that you shouldn't care.
With this encryption backdoor most wouldn't deny that it could be compromised, they just didn't think you should worry about it because they thought the benefits were worth it.
I think people on the internet in the 90s and early 00s were just weird people to be honest. We're very libertarian for whatever reason, and we wrongly assumed people our age were all as pro-freedom as us.
They understand the tech and so their advisers. You are assuming they want to do some do gooding in some sorts of naive and clumsy matter. No. They want control and they know perfectly well the implications.
Your subtle idea that the comprehension and understanding is the shortcoming of political apparatus is overlooks the million issues as basic healthcare not being addressed. The problem is not understanding, I can assure you of that.
In the distant past technical skill and knowledge was increasing as more and more people used personal computers. Then Steve Jobs invented the smartphone. This caused the world to get dumber and dumber.
>Then Steve Jobs invented the smartphone. This caused the world to get dumber and dumber.
Preposterous. Did the invention of the calculator make people dumber? A smartphone is another tool. Not Steve Jobs's fault people use it for TikTok or gooning instead of studying programming, math, medicine or whatever. Stupid people are gonna be stupid with or without smartphones.
Plus, we already had smartphones before Jobs, they were Pal OS, Windows Mobile or Symbian based.
It’s a difference in kind I think. Creation of any type of work - art, writing, programming, modeling, deep research, etc is much more accessible on a PC than on a smartphone. Not only because of the input devices available, but also the restrictions of the platform and OS.
Maybe it wasn’t intentional, but the form factor of the modern smartphone discourages creation.
When I was a young child me and all my friends would “use the PC together” just to open MSPaint and create shitty drawings. I don’t see anything similar today.
Sitting around in a room taking photos and videos is a lot less creative than drawing. It's possible to do strongly creative photo/video things with a phone but it's not most of the use.
If you make a list of creative activities that can be done on a computer or phone, a big majority are notably harder to do on a phone.
Things got so out of control because the UK doesn't have heavily muscled tech emporiums that can spend time in bed with their politicians. US does. But it's a sad world the one where citizens are so helpless against their governments and the corporations.
> But it's a sad world the one where citizens are so helpless against their governments and the corporations.
Helpless indeed - but, government still requires the consent of the governed. It's just that we are all very comfortable, with a lot to lose and easily distracted, so that consent to be governed is too easily given nowadays.
If we do anything together as a society it should be making sure to preserve E2E Encryption as it's one of the most important tools to organize a resistance should we wish to revoke our consent to be governed.
Say what you will about JD Vance but he has passionately confronted the European elites on their surveillance overreach and clearly it's had an impact.
We may not like everything about the current American administration, but credit where due.
I’m struggling to square Vance and the administration’s position here with the fact that the US IC uses GCHQ to collect on US persons since they’re not allowed to do so directly. Why wouldn’t they want it to be easier for NSA to spy on Americans?
They probably already have a backdoor, and making one known and easy to access by UK provides an opening for other adversaries to spy on American iPhones.
"Last month, Meta-owned WhatsApp said it would join Apple’s legal challenge, in a rare collaboration between the Silicon Valley rivals".
Apple makes home computers, mobile devices, AV equipment and productivity/multimedia software.
Meta makes social media platforms, and vr headsets. What exactly makes them "rivals"? WhatsApp vs iMessage? They're two big companies in the same sector, sure, but do they really compete against each other in a major way?
What this type of news shows is that you really can't trust any government or company with your data. So don't give them any data -- only store data on your own hardware and set up your own servers if you really need a "cloud" for your data.
I wonder how this clash is going to turn up. I would hate this development. This proposal is worthy of the Chinese Communist Party, and I am aghast just how many member states are fine with the concept of a preemptive surveillance state and breaking privacy left and right.
Of course, that is what we get for giving Ursula von der Leyen a second term (why??) She already has a reputation from her career in German politics, having earned the nickname Zensursula (censoring Ursula).
I’m by no means a Trump fan. But I thought it was negligent how the Biden administration didn’t fight for American tech companies internationally and how the prior administration was actively hostile to them.
This is my fundamental problem with Elizabeth Warren et. al..
They act like the choices are omni-powerful US tech companies, or a plethora of small companies building utopia. They say "we need to hamstring our most successful companies to make space in the market for smaller players."
The problem is that it isn't making space for smaller players; it's making space for countries with worse perspectives on human rights to try to catch up/fill the void. The world isn't a better place if we replace Google and Meta with ByteDance and Yandex. It's not even that those are bad companies (from what I hear, they're pretty similar internally to their US counterparts); it's that they are under the jurisdiction of administrations that are hostile to human rights.
Did this approach ever actually work out in the history of humanity? Like, we're fine with massive corporations spying on us because otherwise the Chinese/Russian/Aliens might? In the name of protecting freedom, we're violating it ourselves and we brag about it?
> The problem is that it isn't making space for smaller players; it's making space for countries with worse perspectives on human rights to try to catch up/fill the void. The world isn't a better place if we replace Google and Meta with ByteDance and Yandex.
I mean, the foreign companies taking that space can be solved with sanctions, or digital services taxes, etc.
What would you propose? Maybe Google, Apple, Meta, etc. are the lesser of the big evils but we definitely have a monopoly problem in the US, and there is very little space for competition, which only continues to harm consumers.
Trump will do a lot more harm to US tech companies than Biden. A lot of us here in Europe are moving away from US tech, and as we are building more of our own it's very unlikely we will come back.
Right now there aren't too many EU alternatives yet which is why you don't really notice yet. But the damaged trust in the US as a 'partner' will outlive Trump for decades. As they say "trust arrives on foot and leaves on horseback".
The US was never a trusted partner, Europeans just didn’t have a choice. No one company was able to spend the amount of money required to compete with American technology, so nobody did.
Don’t anthropomorphize the lawnmower, the “friendship” is nothing more than economic interdependency. French aircraft carriers are not using Windows because they trust the US government, their diagnostic software just doesn’t work on anything else.
Again no Trump fan. But I’m glad that Trump policies have made at least the EU not to be so dependent on the US military itself and US military contractors. There is no private company monopoly including BigTech that I can’t extricate myself away from quite easily.
It’s much harder to extricate yourself from the US influence on the world stage.
Not that I’m not seriously looking at a Plan B outside of the US after I retire. We are already planning to spend a few months a year between Costa Rica snd Panama City next year - warm, safe countries in US time zones.
Just seems very unrealistic wishful thinking that Europe would suddenly become good at these kinds of software after spending the last few decades being bad at it.
It's a lot easier now because there's a huge demand all of a sudden for local services.
Previously it was hard to compete with the US because the lack of regulation there and investors in the EU having more expectations rather than just throwing money at the wall and hoping it sticks.
But with the exploitative business models like Google's consumer tracking and now with Trump and his trade wars the US is no longer viewed as a friend or a country to look up to. I think it will only increase the EU's push for more privacy and ethical business models.
There's a big grassroots movement like "BuyFromEU" to cut US products and services out of our lives. I think that trade balance is only going to get worse. And really it was actually not bad at all, the problem is that Trump was only counting products not services when looking at the trade balance. I guess because his voters are primarily blue collar workers.
After the local EU services/products all have Brussels Mandated encryption back-doors and permit free decrypting of your private data, I will bet there will be a surge back to non-EU services.
Yes, this is a big worry indeed, though not really something the US doesn't have (but they are more secretive about it). Snowden made that very clear. We just have more government transparency here.
You think that the EU, which is also pushing for a backdoor just like the UK, is somehow actually against tracking and data collection? You gotta pick one or the other.
This is not the same thing. They trust themselves to track and monitor us, but not commercial parties.
I of course trust neither, but I do have to say they are doing good stuff limiting bad actors like Google and Microsoft. I just wish they would do more (e.g. ban third party cookies and tracking outright rather than forcing us to choose every time).
The EU is not going to build its own Google, Facebook, Apple, Microsoft, AWS etc.
Anytime the lack of “influential European tech companies” come up, the best anyone can do is money losing/barely profitable Spotify.
And the data doesn’t back your idea up that Europe is moving away from any of those companies. The EU is moving its dependence away from the US military industrial complex admittedly.
I guess not no, but we don't need those, really. We definitely don't want carbon copies of those companies because they are causing a lot of what's wrong with this world. What we need is more ethical companies that understand the EU market. No paying with our data, no manipulative algorithms. We've been pushing for that for years but Trump has been the turning point, now people are really on board with the idea that leaving US services is better.
It will take time to build local alternatives but I'm sure they will come. We have time. You can see that companies like Microsoft are really shaken up when they're starting appeasement projects like those vows to actually protect our data (though those promises are weak because they remain bound to US law)
And this goes hand in hand with the defense initiatives. IT is important though to society to be considered a critical asset.
I agree that no one needs Facebook and if it disappeared off of the face of the earth, nothing of value would be lost.
And even a simplified version of AWS shouldn’t be impossible to build that’s “good enough” [1] or another search engine that’s good enough (Google) and Google search sucks these days anyway.
But Europe is not going to be able to replicate the ecosystem of Android like China did and definitely not Apple on the high end or MS for operating systems.
[1] before anyone replies that I don’t understand the complexity of AWS, I have been working with AWS technologies exclusively for over 7 years including a former 3+ year stint at AWS.
> I agree that no one needs Facebook and if it disappeared off of the face of the earth, nothing of value would be lost.
Well yes and no. Facebook, no. The concept of facebook as it was when it was first released was an interesting one to me. Staying in touch with your friends, I've lived in several countries so I have friends all over the world. This is nice. However they perverted it when they dropped the old timeline and moved to the algorithmic feed. It became useless to me then.
I do see a benefit to facebook-like services though, just ethical ones.
But what I do like about facebook, or rather meta now, is the investment they have done in VR. It's still full of data collection I'm sure, but to me VR is a very interesting tech and it really needed that to get off the ground. Right now it's not really moving along because "AI" stole all the hype limelight but it will come again, just like AI has had some false starts itself.
What I am wondering is if the complexity of AWS is required for 99 percentile. There are a lot of niche services and duplicated ones on AWS and a targeted replacement for the most popular ones would be enough for most.
You only require AWS if you build something to run on AWS. That's the thing. You can easily run it on something else, just build it for that specifically. Now, AWS-style services have become somewhat of an industry standard (e.g. S3 offered by countless operators). But still, I think offering AWS style services is a weakness because you can never become better than the original.
And cloud is only really cost-effective when it comes to startups that have not much cash flow but expect/hope to explode rapidly by going viral. Cloud gives them that kind of infinite scaling and the ability to pay as they go (the uptick in clients will pay for the increased hosting when they do make it).
In Europe this kind of business model is very rare though. We don't just spin stuff up like a weather balloon and hope it floats.
Netflix as the canonical example would beg to differ as would Apple who hosts plenty of its services between AWS, GCP and I believe Azure. I only know first hand about AWS since Apple talked about it during ReInvent.
There are plenty of large private corporations and governments who host on AWS. Maybe they didn’t do it naively?
Netflix mainly runs from caching boxes at ISPs though. Most of their content comes from there. AWS is way too expensive to serve all that content from.
I see a lot of dumb implementations. At work we're picking up all our physical servers and moving them to AWS compute boxes that run 24/7. Purely statically, just because our idiot CIO wants to be a "cloud-driven company" so he can spout the buzzwords. We're spending a lot more money to get the same only on someone else's computers and get none of the actual benefits that cloud can offer.
Yes. But Netflix is by far AWS’s largest customer. The distribution happens on caching boxes. But there is a lot of processing that happens on AWS. You can look at any of the numerous reinvent videos or even Netflix’s own blog.
Just because your company has a brain dead lift and shift implementation (don’t do that), doesn’t mean every company does.
As a former employee of AWS ProServe (Amazon’s internal cloud consulting department - full time direct hire employee) and now and outside consultant, I’ve seen and been involved in a lot of large scale implementations.
I have no love lost for AWS the company (https://news.ycombinator.com/item?id=44607821) , but let’s not pretend it’s a bunch of startups and naive enterprise corporations that don’t know tech.
I’m not trying to wear “I worked at AWS” on my chest like a 22 year old posting on Blind. But my experience working at AWS ProServe before working at 3rd partner consulting company I’ve seen a lot of different implementations even though my focus was on cloud native applications.
Subsidy in this context was meant to convey that all the bandwidth and infrastructure that allows for global communication for billions of people is paid for by the advertising Meta sells, money that obviously disappears if Meta disappears.
That doesn't mean we won't have money to pay for it though. All that advertiser money comes from the consumer too. Companies pay it to sell things, and to make a profit they factor it into the price. We're paying for it, we just don't pay Meta directly.
If meta would disappear we would either buy less and have more money to pay for communication (and doing more towards saving the planet as well!). We'd probably choose things to buy more on actual need and quality rather than marketing BS.
The UK is the same country that arrests 12,000 people a year for posting online.
> Now every force in the country has a team sifting through people’s posts trying to determine what crosses an undefined threshold. “It is a complete nightmare,” one officer admits
[citation needed], your Economist article [0] quotes 30 a day (which would be <11k a year) but muddies the water pretty significantly:
> Under these laws, British police arrest more than 30 people a day for online posts, double the rate in 2017. Some are serious offenders, such as stalkers.
How many of those 30 were for "online posts" (and of which nature - Lucy Connolly is a favourite example cited by the likes of Vance, but she was arrested for trying to stir up racial tension when there were already race riots going on)? Who can tell, because the article didn't seem to bother asking.
> How many of those 30 were for "online posts" (and of which nature - Lucy Connolly is a favourite example cited by the likes of Vance, but she was arrested for trying to stir up racial tension when there were already race riots going on)? Who can tell, because the article didn't seem to bother asking.
I googled Lucy Connolly out of curiosity. It indeed appears that she got 31 month of jail for a single tweet? You don't think this counts as "arrested for online posts"?
> You don't think this counts as "arrested for online posts"?
You've definitely missed some context. For example, and fairly significantly:
> Connolly previously admitted intending to stir up racial hatred.
If you plead guilty to a charge, there's not much defense left.
The offence she admitted to doesn't even take account of whether it's committed online - it's law that was passed in 1986. An aggravating factor that led to the sentence she got was that she had in fact posted multiple times in the same sort of way.
So the context: she posted similar things online multiple times, she pleaded guilty, and the law in question can apply to offline activity as well -- all right, but all this still literally translates into "arrested for online posts".
She didn't throw rocks, she didn't set things on fire, she didn't stab anyone -- it was her speech that got her a multi-year jail term.
This alone makes free speech proponents upset, regardless of whether there were riots ongoing or not, or whether they agree or disagree with her political position.
I wasn't saying the context I gave was an exhaustive list, I was suggesting that having Googled her name and maybe skimmed a couple of news articles, you might need to do some more reading before forming too much of an opinion.
> She didn't throw rocks, she didn't set things on fire, she didn't stab anyone -- it was her speech that got her a multi-year jail term.
Your contention seems to be that incitement shouldn't be an offence?
That's at odds with legal systems all over the world, including the US, where Brandenburg v Ohio [0] holds that if inflammatory speech is "directed to inciting or producing imminent lawless action and is likely to incite or produce such action" that is an exception to the First Amendment and can be prosecuted, which seems to be at odds with "regardless of whether there were riots ongoing or not".
The original point of my first post in this thread was that lumping together arrests for stalking, incitement to violence and other forms of harassment to produce a big scary number makes the argument seem utterly dishonest. The fact that so many "free speech proponents" fixate on one example when, if the stated number is true, there should be thousands of examples every year is a good demonstration of that.
- Posted that three federal judges "deserve to die" with their photos and addresses
- Result: Conviction overturned as protected political hyperbole
Connolly's "set fire to all the hotels" would likely be viewed as angry hyperbole in the United States, not meeting Brandenburg's strict standard.
The distinction: The US prosecutes actual incitement (directing a mob to attack a building RIGHT NOW). The UK prosecutes offensive speech that merely might inspire someone, somewhere, someday. Your Brandenburg citation actually proves this difference rather than refutes it.
You want thousands of examples? Check Twitter during any US political crisis - they're not prosecuted precisely because Brandenburg protects them.
Point taken, but incitement is still an offence in other countries. That the US has specific, and particularly permissive, laws around what constitutes speech is neither here nor there.
> You want thousands of examples?
Of people people prosecuted for innocuous speech in the UK, the original claim in this thread. Brandenburg doesn't apply there.
I misunderstood what you were trying to imply but still think your premise is mistaken. My reply is merely directed at anyone implying the US's free speech-laws are somehow comparable to the authoritarian anti-free-speech laws the UK has.
Edit: If I remove the reference to Brandenburg, I'm not sure my point substantially changes:
Incitement is an offence in the UK and also in other countries. You can argue whether that should be the case or not but that's completely orthogonal.
Gathering a whole lot of offenses which happened to include online activity to produce a big number of people who you can claim were prosecuted for something that you can claim is as innocuous as "online posts" is dishonest.
You're playing a shell game with definitions to justify authoritarian speech laws.
> lumping together arrests for stalking, incitement to violence and other forms of harassment to produce a big scary number
But that's exactly the problem - the UK defines "incitement" and "harassment" so broadly that ordinary political speech becomes criminal:
UK "Harassment" includes:
- Misgendering someone online
- Posting offensive jokes
- Retweeting protest footage
- Criticizing immigration policy "grossly"
UK "Incitement" includes:
- Lucy Connolly's Facebook post (31 months)
- Jordan Parlour's "every man and their dog should smash [hotel] up" (20 months)
- Tyler Kay's "set fire to all the hotels" retweet (38 months)
NONE of these would meet Brandenburg's standard in the US. They lack:
- Directed at specific individuals
- Imminent timeframe
- Likelihood of producing immediate action
> if the stated number is true, there should be thousands of examples every year
There ARE thousands. In 2023:
- 3,537 arrested for online speech
- 1,991 convicted under Section 127 Communications Act
- Hundreds more under Public Order Act
You don't hear about most because "UK citizen arrested for offensive tweet" stopped being newsworthy years ago.
You're using the word "incitement" to equate UK thought policing with legitimate US restrictions on speech that creates immediate danger. That's like defending China's censorship because "every country bans fraud."
The definitions matter. The UK criminalizes hurt feelings. The US criminalizes immediate threats to public safety.
How many of those were examples of "hurt feelings" and not "put a whole lot of foreigners at risk of their lives" or any of the other classes of "online posts"? We don't know because in their rush to say "the UK's arresting 30 people a day for posting things online", the Economist didn't bother breaking that down.
> NONE of these would meet Brandenburg's standard in the US.
None of them happened in the US so that's irrelevant. My misunderstanding of the precedent around incitement isn't central to my point.
Muddying the "simple argument" would be lumping stalkers in with people inciting violence against foreigners and posting nasty comments about the Prime Minister, to make some kind of point about the police. That would be ridiculous.
It's slightly more nuanced. Attacking people for protected characteristics such as race, religion, disability, gender, sexuality, is also an offence.
You can be a cunt all you want, just make sure you're being nasty about them as a person not their religion or race or whatever group you might feel they belong to
All cases I've seen have been cut and dry in this regard. Racist or homophobic usually.
Indeed, I didn't mean to imply those three were the only categories of things within "online posts"! Rather, that it's disingenous to lump all of that under one umbrella and suggest great swathes of people are being arrested for a tweet.
I am sorry to disappoint you, but posting nasty comments is a crime in the UK under the 2003 Communications Act, which means it has been a crime for decades.
Section 127(1) makes it an offence to:
"Send by means of a public electronic communications network a message that is a -
(a) grossly offensive,
(b) indecent, obscene, or menacing, or
(c) false, known to be false, for causing annoyance, inconvenience, or needless anxiety."
Section 127(2) adds that: "A person is also guilty of an offence if they cause a message or other matter to be sent that is similarly offensive or menancing.
Except, in some countries, it is a crime. Why do you think it's not one? Are you familiar with UK law?
In Germany there are even stricter laws. Insulting someone is a crime, even if the things you say are factually true.
And then you have repressive dictatorships, like the UAE, USA and China, where you can't disagree with the government on anything. It's definitely a crime there, to say the president looks like Winnie the Pooh.
12k a year?!? That is a staggering number. I wonder what the stats were in East Germany (though they may have had harsher punishments.. that can be ratcheted up later though once the system is in place)
It's mostly far-right shit-stirring because it's a much broader set of crimes than you are being led to believe. It's basically every possible crime "by communication":
"A spokeswoman for Leicestershire police said crimes under Section 127 and Section 1 include “any form of communication” such as phone calls, letters, emails and hoax calls to emergency services."
I expect it's mostly domestic abuse cases because what was once screamed through a closed door is now messaged online.
When a family member starts threatening others, an arrest is probably the necessary intervention to prevent actual violence. It's a similar story in cases like e.g. community racial tensions and gang violence. Once the threats are happening online, real violence is imminent and action warranted.
Per gpt:
Estimates vary, but roughly 250,000–300,000 people were imprisoned for political reasons over the GDR’s 41-year existence—an average of ~6,000–7,000 annually.
Just wow. I wonder if we will study this in history textbooks about downfall of UK
It depends what you count as political reasons. Plausible bullshit could be generated to support the idea that arrest for any particular crime is political, or just as easily, to oppose that idea.
I draw the bar for "political arrest" at somewhere like "arrested for opposing the incumbent in an election". I don't think "arrested for saying it's time to gas the muslims" - which is the sort of thing happening in the UK and getting counted in these numbers - should be called "political arrest". That's just called committing a crime. That would only become a "political arrest" if gassing the muslims was a politically acceptable viewpoint, equal in value to not gassing them.
(i think OP might be speedrunning a "what opinions, mfer?" goose meme thing. i bet the reason is "for posting right-wing nationalistic garbage likely to incite hatred", or similar)
If you're going to post about something so contentious, then bring receipts. We've all got things we vaguely remember that confirm our prejudices. But posting them without fact-checking oneself is crossing a line on topics like this.
Is it surprising that 12,000 out of 60,000,000 post illegal things like calls for violence (burn migrants to death, etc) per year?
Reminder that incitement is a crime in the USA too and there's nothing in the constitution that says it's okay just because it's on twitter not irl.
So far every story ive seen about arrest has been pretty cut and dry, they were blatantly hitler level racist, homophobic, or calling for others to attack people for their protected characteristics (eg race or sex).
A spokeswoman for Leicestershire police said crimes under Section 127 and Section 1 include “any form of communication” such as phone calls, letters, emails and hoax calls to emergency services.
“They may also be serious domestic abuse-related crimes. Our staff must assess all of the information to determine if the threshold to record a crime has been met.
“Where a malicious communications offence is believed to have taken place, appropriate action will be taken. Our staff must consider whether the communication may be an expression which would be considered to be freedom of speech. While it may be unacceptable to be rude or offensive it is not unlawful — unless the communication is ‘grossly offensive’.
In Europe we don't value free speech as high as the US.
There is "forbidden speech" (around lying about Holocaust related topics and insulting people online) and I think it's a good thing in total. You spew out the worst of the worst on the internet you should be able to be held accountable
US has plenty of arrests for terroristic threats and similar. Many of these are online now. 12k arrests per year related to online posts doesn't sound all that high.
Making terrorist threats are different than insulting some's religion, complaining about illegal immigrant crimes or shitting on politicians online. It's disingenuous to argue they're in the same ballpark that EU and US speech is similarly policed because it's not.
Not terrorist threats - terroristic threats. This includes anything that someone might think is threatening. Do you have examples of non-threatening language resulting in arrest in the UK?
I would bet the US arrests a similar number for online posts. A common one that comes up over here is a kid posting a picture at a shooting range, without any threat, and the police questioning/arresting the kid and/or parents. Same thing for kids talking about a video game and stuff.
Geographically, yes. But they've made it clear they don't want anything to do with us. Also, the 3-year period after brexit with all the whining about their 'deal' (knowing that what they wanted was legally impossible) was so annoying I'm kinda done with them. Too much drama for too long.
So I've stopped buying UK products and services (eg raspberry pi) and don't consider traveling there anymore. Just like I'm doing now with the US although the latter is more difficult to do.
I think from the point of view of the US and elsewhere, the UK is in Europe and is European. They are aware they are not in the EU, but that doesn't matter as it's inappropriate to make EU synonymous with Europe. (The distinction is much like North America vs USA; if you said the former you definitely don't mean _just_ the latter).
Very much a matter of defining 'themselves'. Our data in their hands. How do we know these people aren't the same incompetents who emailed a spreadsheet containing the personal information of nearly 19,000 Afghan asylum applicants (who had risked their lives to help the Brits) to someone outside the Ministry of Defense.
The government says the individual thought they were sending a list of about 150 names, not the whole set.
> A spreadsheet containing the personal information of about 18,700 Afghans and their relatives – a total of about 33,000 people – was accidentally forwarded to the wrong recipients by email in February 2022, Healey told lawmakers in the House of Commons.
This is why authorization matters. Don't send the spreadsheet; send a link to it, because e-mail doesn't implement authorization. Then you can revoke access at any time, and even prevent accidents by setting up access rules and monitoring at the org level.
The specified policy aside, it’s kind of sad to see - the UK after Brexit just doesn’t carry the same weight. It would’ve been a different story if the UK as part of the EU were moving forward with a piece of legislation.
The attack on privacy does kind of make sense when your remember that it is a freaking monarchy with all the inhabitants being subjects.
Probably well deserved to them if it was not contagious in Europe at the moment.
That being said, the crazy thing about this law and the other ones similar is this:
Under the terms of the legislation, recipients of such a notice are unable to discuss the matter publicly, even with customers affected by the order, unless granted permission by the Home Secretary
They always justify everything saying that real world "procedures" should apply to the digital world. But, in most occidental countries, no one is allowed to search your home without you to be aware of it and present if you are capable to do so. Still, strangely, for digital data, the norm is that your data can be raped in your back, without you being aware about it or even in the capacity to challenge that.
I really find that stunning that it is so widely accepted.
The former german Stasi would probably have been proud of all the parlementaries in US, UK and Europe that allowed such things.
> The attack on privacy does kind of make sense when your remember that it is a freaking monarchy with all the inhabitants being subjects.
That has absolutely nothing to do with it. This was an act of parliament spearheaded by the house of commons which is entirely democratically elected. The UK has no one but themselves to blame for this.
This must be some "technically correct" weasel words bullcrap, as without at least equivalent access there is no chance Apple would be operating in China.
[1] https://www.reuters.com/article/technology/apple-moves-to-st...
Every company from your device's manufacturer, OS vendor, telecom carrier, app distributors and 3rd party software providers can be compelled to help make that happen.
And then there's always Cellebrite and friends.
It is end-to-end encryption, where each device's key generation is handled by your phone's Secure Enclave.
This article is a decent starting point in terms of what Advanced Data Protection is:
https://support.apple.com/en-us/102651
If you want a deeper dive into the security engineering of iCloud Keychain, the second half of this Blackhat talk by Apple's head of Security Engineering & Architecture (SEAR) is really great:
Synchronizing secrets: https://youtu.be/BLGFriOKz6U?si=cY94TYo28bRj4G7y&t=1357
Advanced Data Protection is mostly concerned with protecting data from attackers on the server and in transit.
If you're interested in protections when an attacker has physical access to your device, you should read the "Encryption and Data Protection" section of Apple's Platform Security Guide.
Web: https://support.apple.com/guide/security/welcome/web
PDF: https://help.apple.com/pdf/security/en_US/apple-platform-sec...
Yes of course, but it's not so simple to bypass the hardware-enforced protections that exist both device side and server side. As far as I can tell, it seems effort was made to design/architect everything in such a way such that the protections can't be retroactively circumvented even under legal compulsion.
Disclosure: I previously worked for Apple, but not on the design/implementation of any of this stuff and this is all my own opinions, not those of Apple.
Apple (and many other organizations) contracts work out for liability reasons, this is not the first instance of it.
Also note the language - specifically a “back door” or “master key”. If you call it something else, literally anything else, the statement holds up.
Is that even necessary? A gag order means they can't reveal backdoors, and their entire stack is so locked down that discovering them is hard and unlikely.
If there's a gag order, then companies say "we have a gag order". Like Google and Twitter did back in the day when asked. And then immediately started releasing Transparency Report to show how many of the gag orders they receive, so gov't couldn't say "we don't request anything".
https://transparencyreport.google.com/user-data/overview
They do.
The UK has an uncodified constitution, and this includes the Human Rights Act, which guarantees freedom of expression to UK citizens.
You shouldn't over-estimate the popularity of your favorite comic book authors.
Your search also answered the question, in the fourth result or so.
"moore authoritarianism fiction author" worked though.
What did they mean by this
They've been looking to use AI for consumer surveillance; AI user monitoring essentially.
"We can't have a backdoor so we can't use AI to monitor the user"
Hence, the confluence of AI and encryption.
Turns out it was not 4D chess after all…
I don't think there is much disjoint if you see Trump as a fairly clean break with the cold-war era GOP. The thing is that no one in the US remembers the cold war with pride. The left thinks the cold war was US imperialism. The right kind of agrees, and has moved on to other issues anyways. And Europe nudges, saying: "Hey, you're America. You love fighting cold wars! Remember?"
Too many Europeans are Chomsky-brained and believe that US foreign policy is controlled by the CIA. The reality is that US grand strategy is incoherent and has been for decades. The US doesn't have any actual strategic imperatives at the moment, and it's being pulled in too many different directions. I believe George Friedman argues that this is a recurring pattern in US history, where US foreign policy alternates between listlessness, and maniac focus on some objective (most recently in the wake of 9/11).
It never is. I'm guilty of thinking there's a secret master plan sometimes and there never is.
https://en.wikipedia.org/wiki/Occam%27s_razor
Authoritarianism has become very popular online these days for some reason. Giving in to fear and wanting total control are always going to be traits that pop up again and then humans have to relearn from history about why freedoms are important.
The response was essentially: "Why? You are nothing". Britbongs stay losing.
I'm not sure what you mean by "more" but what you are asking for is in fact happening.
The position of the US executive on encryption is well summarized by the Lavabit case.
> Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that "the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create." The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications?
https://www.newyorker.com/news/amy-davidson/a-dangerous-all-...
He said Apple does not have and won’t create a backdoor. That was well crafted and means exactly what he said, any implicit meaning is an artifact of your brain.
I absolutely don't actually know anything about Apple, but I've seen some of the ways even small companies legally split themselves up to avoid tax or various forms of liability. Multiple phone numbers to the same phone, multiple domains and email providers to the same laptop. Multiple denials that you've ever heard of the other company let alone happen to share the same office space...
There's a massive difference between a truthful statement and an honest one; anyone that works with code should understand that.
They also can't refuse to comply with warrants demanding any such unencrypted data that is stored on their servers.
That's not the same thing as adding a back door to allow access to encrypted user data that is stored on the user's device.
It's also different than storing encrypted user data on your server, when you have purposefully designed a system where you don't have access to the user's encryption key.
Encrypted user data backup is the feature that Apple disabled access to in the UK rather than comply with the order to insert a back door in the OS.
I would also point out that it was Senator Wyden who initially informed the public of how much the government was already spying on their unencrypted communications.
His record on civil liberties is excellent.
Good security models typically don't hinge on being lucky.
Should we disbelieve them when they say they don't do so?
This leaves contact mining as the odd one out, but given how many apps want to see your contacts, you know that those are being sold by at least one of those apps.
None of this stuff has ever been end-to-end encrypted, so there can't be any way people expect it to be private.
I have to imagine that the other companies are doing this as well.
Like for example, when they got caught selling location data they were required to protect. [0]
[0] https://www.theregister.com/2024/04/29/fcc_telecom_fines/
It's the reason that Apple and Google recently started rebooting devices that haven't been unlocked in a while.
https://en.wikipedia.org/wiki/Pegasus_(spyware)
It's no secret that there are groups actively looking for new exploits and that sometimes vulnerabilities are discovered that become zero days. It's a good bet that police and security services take an active interest in those vulnerabilities when they are found.
But that's very different to claiming the police can easily unlock any device any time they want to and there is a range of private companies around who provide that service to them.
The manufacturer provides the means to bypass many of the cheaper tools, but few people use them.
There are more exotic tools that can bypass security controls. These are more niche and not generally available to law enforcement. There may be some crossover when counter-intelligence interfaces with law enforcement. (Ie. FBI, DEA, RCMP, ICE, etc)
Yes they do. Now name one that works consistently against a fully patched modern iPhone.
Then there are all the ways, both white and varying shades of gray, of installing software in the end devices. That's your primary threat right there.
Edit: And Magnet, and the internal capabilities of an acronymical agency or three...
Believe it or not, I actually care about privacy. Innuendo is not my intent, no maliciousness here, only stating there are programs that have access to your data. Telegram/Signal/Encrypted or not. They don’t need access to your device. Only access to the Internet.
For which you have provided not a shred of evidence here beyond the same type of innuendo you've been posting all along - even while implying that some of this is public knowledge that you could therefore cite to establish at least some credibility.
Your claims in combination appear to require that the technical foundation on which almost all serious security on Apple devices is built must be fundamentally flawed and yet somehow this hasn't leaked. That's like saying someone found an efficient solution to the discrete logarithm problem and it's in widespread use among the intelligence community but no-one outside has realised. It's theoretically possible but the chance of something so big staying secret for very long is tiny.
As I said before - extraordinary claims require extraordinary evidence. Thank you for the discussion but there seems little reason to continue it unless you're able to provide some.
It’s not extraordinary if you’re in this space. This is but one of many such initiatives. A few have already been in the works for years.
That seems to be the most salient property of his presidency. His position on any issue is whatever he just said, with no regard to what it might have been yesterday.
It's too bad that when he is in power he does not actually make the latter happen, because it should be scrapped entirely.
The only other country with a debt limit set in an absolute amount rather than as a percentage of GDP is Denmark, and they sensibly have set theirs far above their actual debt so it becomes just a legal formality rather than a policy tool.
The problem with it in the US is that the debt ceiling limits government borrowing to pay for debts that have already been incurred. It doesn't control the amount of spending or the deficit--that is controlled by the budget that Congress and the President approve.
If we can't just scrap it completely, then at least the budget process should be changed so every budget bill must be accompanied by a raise of the debt ceiling by enough to cover whatever extra debt that budget will be adding.
I think we're up to the killing part now.
> Trump has also been critical of the UK stance on encryption. The US president has likened the UK’s order to Apple to “something... that you hear about with China,” saying in February that he had told Starmer: “You can’t do this.”
> US Director of National Intelligence Tulsi Gabbard has also suggested the order would be an “egregious violation” of Americans’ privacy that risked breaching the two countries’ data agreement.
I think that’s exactly why I want encryption.
There are two problems here:
(1) We devote more resources to catching child abusers. There are all kinds of legal "if you see something, say something" requirements that make every doctor, nurse, and schoolteacher in the country part of the effort to do this.
(2) I see no particular reason to believe that additional resources would lead to a noticeable increase in detections. There are many, many circumstances where you're free to devote double the resources to something, but you'll see at best a trivial improvement in results.
You make this statement but provide no evidence. Because there's laws on the books, we "devote more resource" than, say the entire DEA, which unlike these laws has a gargantuan budget? That's nonsense.
> I see no particular reason to believe that additional resources would lead to a noticeable increase in detections.
Look harder? Read up on the topic? String operations work. More would work more often and catch more abusers.
Let alone the resources we could be pouring into children's mental health services (instead of kicking families off health insurance like the current administration has accomplished).
The Epstein list proves we do more to protect child abusers.
Perhaps he likes the idea of E2E, but just for himself and his friends. I duno, but whatever it is, it's not about the important things after the fact.
DOGE is clearly operating illegally for other reasons - not distributions funds that were appropriated by Congress for instance. But data sharing isn’t the root issue. It’s spineless Republicans in Congress and a sycophantic Supreme Court.
And it’s possible to say both that if you are here illegally you should be deported and that it’s currently being driven by animus, cruelty and it should be easier to obtain legal residency especially in areas where we do need more workers and implement another program like Reagan did in the 80s
You don't want your local dog catcher to be able to look at your medicare records just because "he's the government, and medicare records are government data".
Beyond that many of the departments that this data is being extracted from have rules about who can access (no not everyone in the IRS has free reign) and what they can do with it. For good reason, IRS's job is to focus on what the law says they should do, not say punish political enemies and so on.
But transfer it to DODGE, ICE, Palantir, there are no laws at all regarding what they can do with that data.
In some countries, tax data is available to everyone. Norway, Finland and Sweden in particular. There may be others
Shouldn't everybody have access to government data, with a few exceptions?
When politicians say "we need a special key for police to stop child abuse" it's not that they don't know this means "a backdoor with no technological way to limit its use". On the contrary, they know it very well and it's exactly what they want to achieve under the guise of children protection. It's the public at large that don't understand it -- or so they hope.
Every time ukgov tries to make some sort of tech policy, it's embarassingly wrong, or naive, or both.
This comes from a country that effectively gave away ARM.
https://studee.com/media/mps-and-their-degrees-media
The most popular subjects for MPs who won seats in the Dec 2019 election
Also, the people pushing for these measure (e.g., the U.K's equivalent of the NSA, GCHQ and most national-level police departments) understand these issues perfectly well.
Surely some of them understand the technical details. That doesn't necessarily mean they understand or respect the wider implications of a policy. This is why it's important to have a government that sets policy - taking into account all of the competing influences and potential consequences - and politically neutral technicians who then implement government policy.
No-one would dispute that if the government could examine every communication everyone ever sends then it could catch more very bad people and prevent more harm to innocent people. The problem is all the other stuff that also happens if you give a government that kind of power over its own people.
If by "hack" you mean she guessed the password, then yes.
Rupert Murdoch is 94.
"Das Internet ist für uns alle Neuland" Angela Merkel (2013) during a press conference with Obama.
"The internet is uncharted territory for us"
It has nothing to do with their technical knowledge. It has everything to do with human nature.
If you want to push back, the law is not on your side.
With a few notable exceptions, the level of knowledge, expertise and understanding amongst government advisers and policy makers is abysmally low. c.f. https://jackgavigan.com/2015/11/23/how-well-advised-was-the-...
I'm not being sarcastic. For real, what major government wouldn't want that in their favor?
Unless they're even more hubristic than we imagined.
They care about maybe a maximum of five having that access, and I'm sure they realize that #1 on that list (PRC) won't need much time to become a peer on any given technology.
That is the opposite of privacy.
Reminder that he's funded by Thiel and friends with Curtis Yarvin, which goals include the end of democracy and the federal state and replace the system with tech CEO kings over feudal states.
I recently listened to some clips from a hearing with questions about zero-knowledge proofs, algorithmic transparency, etc...this was pretty unthinkable two decades ago. Some agencies and legislative bodies also now have technical staffers and some advisory boards with technologists. So, yeah it it slow and sometimes frustrating, but it's not static.
But it’s not like many young adults today who grew up with mobile phones understand computers either. At 51 growing up with computers in the 80s, I find myself explaining what I think should be simple computer concepts to both my parents generation and my adult children.
My 80 year old mom is not a stereotypical old person who doesn’t know how to use a computer. She is a retired math teacher and has actively been using computers since we had an Apple //e in the house running AppleWorks in the mid 80s.
When she was tutoring teenagers mostly as volunteer work after she retired, she had to teach them how to use Office/Gsuite.
This is going to be heresy here, but honestly I think it's a reasonable position. Not one I would take, but reasonable.
For the first time in human history there can be large scale communication it is mathematically impossible for governments to have any access to. If you believe that governments are doing the job of protecting their citizens (and many do), it's entirely reasonable for them to want this type of access.
They have it with the postal service, and analogue phones and the world didn't collapse, and many criminals got caught.
Phone wiretapping (until recently I suppose) and mail inspection required a human to take some action to listen in; you couldn't just monitor everyone's communications. Now you can.
I don't think anybody is saying that the motivations are bad. We all want safety, right?
The closest thing I hear is, they feel that the cons often outweigh the pros. I think this correlates with their trust in authorities, given the countless abuses we see authorities perpetrating when granted power.
There's a reason "think of the children!" is literally a joke mocking safety-based pretexts for reductions in rights.
The politicians might not know tech, but the NSA, GHCQ, etc. that push for these anti-encryption laws most definitely do know technology, and is the main lobby against encryption.
It goes beyond just getting politicians that understand tech. We need politicians willing to rein in the intelligence apparatus put in safeguards, and checks and balances on their power.
The scary thing about the UK regulators is that they seem to understand the stupidity of what they're doing, but believe it's worth it. You see this attitude everywhere in the UK – in our hate speech laws, our blasphemy laws, mass surveillance – the argument isn't that these things don't limit freedom and personal privacy. They'll agree that they do, their argument is that you shouldn't care.
With this encryption backdoor most wouldn't deny that it could be compromised, they just didn't think you should worry about it because they thought the benefits were worth it.
I think people on the internet in the 90s and early 00s were just weird people to be honest. We're very libertarian for whatever reason, and we wrongly assumed people our age were all as pro-freedom as us.
Preposterous. Did the invention of the calculator make people dumber? A smartphone is another tool. Not Steve Jobs's fault people use it for TikTok or gooning instead of studying programming, math, medicine or whatever. Stupid people are gonna be stupid with or without smartphones.
Plus, we already had smartphones before Jobs, they were Pal OS, Windows Mobile or Symbian based.
Maybe it wasn’t intentional, but the form factor of the modern smartphone discourages creation.
When I was a young child me and all my friends would “use the PC together” just to open MSPaint and create shitty drawings. I don’t see anything similar today.
Ever take photos or videos with your phone? Is that not creation?
>When I was a young child me and all my friends would “use the PC together”
Same, but this is more "old man yells at clouds". Children today have their own way of creation, now using AI.
If you make a list of creative activities that can be done on a computer or phone, a big majority are notably harder to do on a phone.
Helpless indeed - but, government still requires the consent of the governed. It's just that we are all very comfortable, with a lot to lose and easily distracted, so that consent to be governed is too easily given nowadays.
If we do anything together as a society it should be making sure to preserve E2E Encryption as it's one of the most important tools to organize a resistance should we wish to revoke our consent to be governed.
We may not like everything about the current American administration, but credit where due.
Apple makes home computers, mobile devices, AV equipment and productivity/multimedia software.
Meta makes social media platforms, and vr headsets. What exactly makes them "rivals"? WhatsApp vs iMessage? They're two big companies in the same sector, sure, but do they really compete against each other in a major way?
https://www.techradar.com/pro/security/the-european-commissi...
I wonder how this clash is going to turn up. I would hate this development. This proposal is worthy of the Chinese Communist Party, and I am aghast just how many member states are fine with the concept of a preemptive surveillance state and breaking privacy left and right.
Of course, that is what we get for giving Ursula von der Leyen a second term (why??) She already has a reputation from her career in German politics, having earned the nickname Zensursula (censoring Ursula).
To answer your question: because the Conservatives just couldn't be arsed to put up an alternative.
IIRC current Kanzler, Friedrich Merz, is not at all her friend and will complicate things for her on purpose. So we will see.
now sod off, as they might say
Then people wonder why tech embraced Trump.
They act like the choices are omni-powerful US tech companies, or a plethora of small companies building utopia. They say "we need to hamstring our most successful companies to make space in the market for smaller players."
The problem is that it isn't making space for smaller players; it's making space for countries with worse perspectives on human rights to try to catch up/fill the void. The world isn't a better place if we replace Google and Meta with ByteDance and Yandex. It's not even that those are bad companies (from what I hear, they're pretty similar internally to their US counterparts); it's that they are under the jurisdiction of administrations that are hostile to human rights.
I mean, the foreign companies taking that space can be solved with sanctions, or digital services taxes, etc.
What would you propose? Maybe Google, Apple, Meta, etc. are the lesser of the big evils but we definitely have a monopoly problem in the US, and there is very little space for competition, which only continues to harm consumers.
Right now there aren't too many EU alternatives yet which is why you don't really notice yet. But the damaged trust in the US as a 'partner' will outlive Trump for decades. As they say "trust arrives on foot and leaves on horseback".
Don’t anthropomorphize the lawnmower, the “friendship” is nothing more than economic interdependency. French aircraft carriers are not using Windows because they trust the US government, their diagnostic software just doesn’t work on anything else.
It’s much harder to extricate yourself from the US influence on the world stage.
Not that I’m not seriously looking at a Plan B outside of the US after I retire. We are already planning to spend a few months a year between Costa Rica snd Panama City next year - warm, safe countries in US time zones.
Previously it was hard to compete with the US because the lack of regulation there and investors in the EU having more expectations rather than just throwing money at the wall and hoping it sticks.
But with the exploitative business models like Google's consumer tracking and now with Trump and his trade wars the US is no longer viewed as a friend or a country to look up to. I think it will only increase the EU's push for more privacy and ethical business models.
There's a big grassroots movement like "BuyFromEU" to cut US products and services out of our lives. I think that trade balance is only going to get worse. And really it was actually not bad at all, the problem is that Trump was only counting products not services when looking at the trade balance. I guess because his voters are primarily blue collar workers.
https://www.bankinfosecurity.com/eu-pushes-for-backdoors-in-...
I of course trust neither, but I do have to say they are doing good stuff limiting bad actors like Google and Microsoft. I just wish they would do more (e.g. ban third party cookies and tracking outright rather than forcing us to choose every time).
Anytime the lack of “influential European tech companies” come up, the best anyone can do is money losing/barely profitable Spotify.
And the data doesn’t back your idea up that Europe is moving away from any of those companies. The EU is moving its dependence away from the US military industrial complex admittedly.
It will take time to build local alternatives but I'm sure they will come. We have time. You can see that companies like Microsoft are really shaken up when they're starting appeasement projects like those vows to actually protect our data (though those promises are weak because they remain bound to US law)
And this goes hand in hand with the defense initiatives. IT is important though to society to be considered a critical asset.
And even a simplified version of AWS shouldn’t be impossible to build that’s “good enough” [1] or another search engine that’s good enough (Google) and Google search sucks these days anyway.
But Europe is not going to be able to replicate the ecosystem of Android like China did and definitely not Apple on the high end or MS for operating systems.
[1] before anyone replies that I don’t understand the complexity of AWS, I have been working with AWS technologies exclusively for over 7 years including a former 3+ year stint at AWS.
Well yes and no. Facebook, no. The concept of facebook as it was when it was first released was an interesting one to me. Staying in touch with your friends, I've lived in several countries so I have friends all over the world. This is nice. However they perverted it when they dropped the old timeline and moved to the algorithmic feed. It became useless to me then.
I do see a benefit to facebook-like services though, just ethical ones.
But what I do like about facebook, or rather meta now, is the investment they have done in VR. It's still full of data collection I'm sure, but to me VR is a very interesting tech and it really needed that to get off the ground. Right now it's not really moving along because "AI" stole all the hype limelight but it will come again, just like AI has had some false starts itself.
And cloud is only really cost-effective when it comes to startups that have not much cash flow but expect/hope to explode rapidly by going viral. Cloud gives them that kind of infinite scaling and the ability to pay as they go (the uptick in clients will pay for the increased hosting when they do make it).
In Europe this kind of business model is very rare though. We don't just spin stuff up like a weather balloon and hope it floats.
There are plenty of large private corporations and governments who host on AWS. Maybe they didn’t do it naively?
I see a lot of dumb implementations. At work we're picking up all our physical servers and moving them to AWS compute boxes that run 24/7. Purely statically, just because our idiot CIO wants to be a "cloud-driven company" so he can spout the buzzwords. We're spending a lot more money to get the same only on someone else's computers and get none of the actual benefits that cloud can offer.
Just because your company has a brain dead lift and shift implementation (don’t do that), doesn’t mean every company does.
As a former employee of AWS ProServe (Amazon’s internal cloud consulting department - full time direct hire employee) and now and outside consultant, I’ve seen and been involved in a lot of large scale implementations.
I have no love lost for AWS the company (https://news.ycombinator.com/item?id=44607821) , but let’s not pretend it’s a bunch of startups and naive enterprise corporations that don’t know tech.
https://www.joelonsoftware.com/2001/03/23/strategy-letter-iv...
Everyone needs a different 90%.
I’m not trying to wear “I worked at AWS” on my chest like a 22 year old posting on Blind. But my experience working at AWS ProServe before working at 3rd partner consulting company I’ve seen a lot of different implementations even though my focus was on cloud native applications.
These are all of AWS’s named specialties.
https://aws.amazon.com/professional-services/
Large companies aren’t going to go to a smaller provider. Yes I know about “hybrid cloud”. But modt companies don’t want to go that.
Even if 98% of it is unnecessary garbage, the functionality for that last 2% has provided a ton of utility to billions of people.
If meta would disappear we would either buy less and have more money to pay for communication (and doing more towards saving the planet as well!). We'd probably choose things to buy more on actual need and quality rather than marketing BS.
The UK is the same country that arrests 12,000 people a year for posting online.
> Now every force in the country has a team sifting through people’s posts trying to determine what crosses an undefined threshold. “It is a complete nightmare,” one officer admits
Britain’s police are restricting speech in worrying ways https://www.economist.com/britain/2025/05/15/britains-police... From The Economist
> Under these laws, British police arrest more than 30 people a day for online posts, double the rate in 2017. Some are serious offenders, such as stalkers.
How many of those 30 were for "online posts" (and of which nature - Lucy Connolly is a favourite example cited by the likes of Vance, but she was arrested for trying to stir up racial tension when there were already race riots going on)? Who can tell, because the article didn't seem to bother asking.
0: For anyone curious, https://archive.ph/vaCkJ#selection-1287.0-1298.0
I googled Lucy Connolly out of curiosity. It indeed appears that she got 31 month of jail for a single tweet? You don't think this counts as "arrested for online posts"?
You've definitely missed some context. For example, and fairly significantly:
> Connolly previously admitted intending to stir up racial hatred.
If you plead guilty to a charge, there's not much defense left.
The offence she admitted to doesn't even take account of whether it's committed online - it's law that was passed in 1986. An aggravating factor that led to the sentence she got was that she had in fact posted multiple times in the same sort of way.
Details of her appealing the sentence as excessive, rejected by the appeals court https://www.judiciary.uk/wp-content/uploads/2025/05/Lucy-Con...
She didn't throw rocks, she didn't set things on fire, she didn't stab anyone -- it was her speech that got her a multi-year jail term.
This alone makes free speech proponents upset, regardless of whether there were riots ongoing or not, or whether they agree or disagree with her political position.
> She didn't throw rocks, she didn't set things on fire, she didn't stab anyone -- it was her speech that got her a multi-year jail term.
Your contention seems to be that incitement shouldn't be an offence?
That's at odds with legal systems all over the world, including the US, where Brandenburg v Ohio [0] holds that if inflammatory speech is "directed to inciting or producing imminent lawless action and is likely to incite or produce such action" that is an exception to the First Amendment and can be prosecuted, which seems to be at odds with "regardless of whether there were riots ongoing or not".
The original point of my first post in this thread was that lumping together arrests for stalking, incitement to violence and other forms of harassment to produce a big scary number makes the argument seem utterly dishonest. The fact that so many "free speech proponents" fixate on one example when, if the stated number is true, there should be thousands of examples every year is a good demonstration of that.
0: https://en.wikipedia.org/wiki/Brandenburg_v._Ohio
Not true. The US has a much higher bar for prosecuting speech than the UK.
Brandenburg v. Ohio (1969) - 395 U.S. 444
- https://www.courtlistener.com/opinion/107965/brandenburg-v-o...
- Speech must be "directed to inciting or producing imminent lawless action"
- AND "likely to incite or produce such action"
- General statements like "burn them all" typically fail both prongs
The "imminent" requirement is key. Connolly's Facebook post lacked:
- Specific targets or locations
- Timeframe for action
- Direct instructions to specific individuals
- Any indication people were prepared to act on her words immediately
Here are cases with far more explicit threats that were protected:
United States v. Bagdasarian (2009)
- https://www.courtlistener.com/opinion/221261/united-states-v...
- Citation: 652 F.3d 1113 (9th Cir. 2011)
- Posted that Obama "will have a 50 cal in the head" with racial slurs
- Result: Conviction reversed as crude political statement, not true threat
United States v. Turner (2013)
- https://www.courtlistener.com/opinion/904120/united-states-v...
- Citation: 720 F.3d 411 (2d Cir. 2013)
- Posted that three federal judges "deserve to die" with their photos and addresses
- Result: Conviction overturned as protected political hyperbole
Connolly's "set fire to all the hotels" would likely be viewed as angry hyperbole in the United States, not meeting Brandenburg's strict standard.
The distinction: The US prosecutes actual incitement (directing a mob to attack a building RIGHT NOW). The UK prosecutes offensive speech that merely might inspire someone, somewhere, someday. Your Brandenburg citation actually proves this difference rather than refutes it.
You want thousands of examples? Check Twitter during any US political crisis - they're not prosecuted precisely because Brandenburg protects them.
> You want thousands of examples?
Of people people prosecuted for innocuous speech in the UK, the original claim in this thread. Brandenburg doesn't apply there.
Edit: If I remove the reference to Brandenburg, I'm not sure my point substantially changes:
Incitement is an offence in the UK and also in other countries. You can argue whether that should be the case or not but that's completely orthogonal.
Gathering a whole lot of offenses which happened to include online activity to produce a big number of people who you can claim were prosecuted for something that you can claim is as innocuous as "online posts" is dishonest.
> lumping together arrests for stalking, incitement to violence and other forms of harassment to produce a big scary number
But that's exactly the problem - the UK defines "incitement" and "harassment" so broadly that ordinary political speech becomes criminal:
UK "Harassment" includes:
- Misgendering someone online
- Posting offensive jokes
- Retweeting protest footage
- Criticizing immigration policy "grossly"
UK "Incitement" includes:
- Lucy Connolly's Facebook post (31 months)
- Jordan Parlour's "every man and their dog should smash [hotel] up" (20 months)
- Tyler Kay's "set fire to all the hotels" retweet (38 months)
NONE of these would meet Brandenburg's standard in the US. They lack:
- Directed at specific individuals
- Imminent timeframe
- Likelihood of producing immediate action
> if the stated number is true, there should be thousands of examples every year
There ARE thousands. In 2023:
- 3,537 arrested for online speech
- 1,991 convicted under Section 127 Communications Act
- Hundreds more under Public Order Act
You don't hear about most because "UK citizen arrested for offensive tweet" stopped being newsworthy years ago.
You're using the word "incitement" to equate UK thought policing with legitimate US restrictions on speech that creates immediate danger. That's like defending China's censorship because "every country bans fraud."
The definitions matter. The UK criminalizes hurt feelings. The US criminalizes immediate threats to public safety.
And here you're getting in on the dishonesty.
How many of those were examples of "hurt feelings" and not "put a whole lot of foreigners at risk of their lives" or any of the other classes of "online posts"? We don't know because in their rush to say "the UK's arresting 30 people a day for posting things online", the Economist didn't bother breaking that down.
> NONE of these would meet Brandenburg's standard in the US.
None of them happened in the US so that's irrelevant. My misunderstanding of the precedent around incitement isn't central to my point.
Are we really going to have to have the "shouting fire in a crowded theatre" conversation?
I think there is some nuance to the conversation about this woman - but you are avoiding it with incredible agility.
Inciting Violence: Already a Crime
Posting nasty comments: Not a crime.
Glad I could clear things up for you.
You can be a cunt all you want, just make sure you're being nasty about them as a person not their religion or race or whatever group you might feel they belong to
All cases I've seen have been cut and dry in this regard. Racist or homophobic usually.
The medium she used to incite violence was a comment on a website. But she still incited violence, and was charged accordingly.
In Germany there are even stricter laws. Insulting someone is a crime, even if the things you say are factually true.
And then you have repressive dictatorships, like the UAE, USA and China, where you can't disagree with the government on anything. It's definitely a crime there, to say the president looks like Winnie the Pooh.
https://news.ycombinator.com/item?id=44641764
"A spokeswoman for Leicestershire police said crimes under Section 127 and Section 1 include “any form of communication” such as phone calls, letters, emails and hoax calls to emergency services."
I expect it's mostly domestic abuse cases because what was once screamed through a closed door is now messaged online.
When a family member starts threatening others, an arrest is probably the necessary intervention to prevent actual violence. It's a similar story in cases like e.g. community racial tensions and gang violence. Once the threats are happening online, real violence is imminent and action warranted.
Just wow. I wonder if we will study this in history textbooks about downfall of UK
I would be more likely to include some sections about the current US administration though.
(I still don't think the UK should jail people for being hateful online, though.)
I draw the bar for "political arrest" at somewhere like "arrested for opposing the incumbent in an election". I don't think "arrested for saying it's time to gas the muslims" - which is the sort of thing happening in the UK and getting counted in these numbers - should be called "political arrest". That's just called committing a crime. That would only become a "political arrest" if gassing the muslims was a politically acceptable viewpoint, equal in value to not gassing them.
(i think OP might be speedrunning a "what opinions, mfer?" goose meme thing. i bet the reason is "for posting right-wing nationalistic garbage likely to incite hatred", or similar)
If you're going to post about something so contentious, then bring receipts. We've all got things we vaguely remember that confirm our prejudices. But posting them without fact-checking oneself is crossing a line on topics like this.
Reminder that incitement is a crime in the USA too and there's nothing in the constitution that says it's okay just because it's on twitter not irl.
So far every story ive seen about arrest has been pretty cut and dry, they were blatantly hitler level racist, homophobic, or calling for others to attack people for their protected characteristics (eg race or sex).
So... I dunno, neither option is good.
that's normal
I though it could not be true, but actually it is...WTF?
https://www.europarl.europa.eu/doceo/document/E-10-2025-0022...
https://archive.ph/xBtFI#selection-3249.145-3249.167
A spokeswoman for Leicestershire police said crimes under Section 127 and Section 1 include “any form of communication” such as phone calls, letters, emails and hoax calls to emergency services. “They may also be serious domestic abuse-related crimes. Our staff must assess all of the information to determine if the threshold to record a crime has been met. “Where a malicious communications offence is believed to have taken place, appropriate action will be taken. Our staff must consider whether the communication may be an expression which would be considered to be freedom of speech. While it may be unacceptable to be rude or offensive it is not unlawful — unless the communication is ‘grossly offensive’.
There is "forbidden speech" (around lying about Holocaust related topics and insulting people online) and I think it's a good thing in total. You spew out the worst of the worst on the internet you should be able to be held accountable
UK law in this regard is far from perfect but this thread is mainly uninformed knee-jerking.
Edit: why disagree?
edit: Don't shoot the messenger.
So I've stopped buying UK products and services (eg raspberry pi) and don't consider traveling there anymore. Just like I'm doing now with the US although the latter is more difficult to do.
Regardless, the EU is also pushing for the same stuff.
The government says the individual thought they were sending a list of about 150 names, not the whole set.
Meanwhile the Taliban have been taking revenge: https://pressway.org.uk/news/300408-hunt_for_tranclators_tal...
This is why authorization matters. Don't send the spreadsheet; send a link to it, because e-mail doesn't implement authorization. Then you can revoke access at any time, and even prevent accidents by setting up access rules and monitoring at the org level.
https://www.aljazeera.com/news/2025/7/17/how-were-identities...
This is extremely ironic (“Americans’ privacy” basically does not exist), but I won't look a gift horse in the mouth.
Probably well deserved to them if it was not contagious in Europe at the moment.
That being said, the crazy thing about this law and the other ones similar is this:
They always justify everything saying that real world "procedures" should apply to the digital world. But, in most occidental countries, no one is allowed to search your home without you to be aware of it and present if you are capable to do so. Still, strangely, for digital data, the norm is that your data can be raped in your back, without you being aware about it or even in the capacity to challenge that.I really find that stunning that it is so widely accepted. The former german Stasi would probably have been proud of all the parlementaries in US, UK and Europe that allowed such things.
That has absolutely nothing to do with it. This was an act of parliament spearheaded by the house of commons which is entirely democratically elected. The UK has no one but themselves to blame for this.