2
points
pona-a
Joined 932 karma
- Do you understand what transit encryption is? The point of TLS is the ISP can't inspect the traffic.
They can of course refuse to carry all encrypted traffic, but 1) stenography exists, so have fun writing DPI filters to detect suspicious noise in the note velocities of MIDI data; 2) turns out the free market didn't adopt HTTPS just to hide drug dealers -- I don't know if you heard, but there's this itty bitty thing called e-commerce, and unless you want people's credit card numbers flying in cleartext left right and center, it is better the padlook stays on.
Now what they can do is mandate their own root CA be installed on all the devices in the country, a tactic actually adopted by real regimes like Russia and Kazakhstan. Unfortunately, so far all they could do is beg and plead over SMS and refuse connections to the online government portal without the CA, while Mozilla and even Google blacklisted their certs.
If certificate transparency becomes universal, now the browser won't even connect until the feds politely check their little spy op into an immutable ledger. So the only remaining point of failure is the browser itself, but by that point it might as well send a clear copy on its own.
- Do you know what is the SOTA rule-based MT? I used to be deep into symbolics but couldn't find much in the way of contemporary rule based NLP.
- Nothing about this needed to be a browser. It exists because getting the web dependent on Google products wasn't enough — ads, single sign-on, video hosting, AMP, search. They want to supplant it entirely, transforming the user experience from interaction with many Google-dependent entities into a monogamous relationship with a single entity: Google.
This is the culmination of the fragile "partnership" arc between the open web and Big Tech: fattened up with fast-tracked non-standard technologies and subsidized services, bastardized with ads, strip-mined by AI, and discarded in favor of this everything app, promising you an imitation of nearly every stolen work, with a minimal reduction in resolution and quality.
And when the web becomes superfluous even as a vehicle for extraction, what will happen next? ISPs serving only Google's IP range, with maybe Amazon and Microsoft included in the plan? Cheap consumer devices remotely attested to reject all non-Google software — Chrome and Google Play (even with developer attestation) deprecated as loopholes to arbitrary code execution. You will enjoy your Paramount-licensed AI-generated movies by Google, learn with an interactive GooglePedia that now only makes up facts 30% of the time, and "code" with Google Gemini, without access to even the shell inside its container — for your safety.
It doesn't even have to be significantly profitable. This plan could quarter Google's global revenue and they'll still see it through. They want to alienate you from computing, from art, from other people, because then you'll be a more submissive consumer. The end goal is the elimination of human culture as a threat to the oligopoly.
- How much of it is cryptography? The only notable cryptographic locks are just the TPM-backed Widevine and the infamous Play Integrity, both rarely required due to how many older devices that would lock out.
There's no crypto, as far as I know, in all the binary blobs in the kernel, yet we still can't re-implement enough of them to even have a true Linux phone without reusing the manufacturer's kernel.
- Bash has a built-in RANDOM.
Or to kill running running PIDs each timewhile true; do kill -9 $RANDOM sleep 5 donewhile true; do rnd=$(ps -e -o pid= | shuf -n 1) kill -9 $rnd sleep 5 done - OTR still has static identities, with DH used to ratchet the ephemeral keys. The comparison would be more like Signal ditching Safety Numbers and Registration Lock for hourly SMS verification of new independent keys with no successor signing.
There's a fundamental divide in what certificates mean: modern CAs view WebPKI as a fancy vantage point check--cryptographic session tickets that attest to the the actual root of trust, usually DNS. Short-lived certs (down to 10 minutes in Sigstore, 6 days trialed by LetsEncrypt) make perfect sense to them.
But DNS challenges are perfectly forgeable by whoever controls the DNS. This reduces authentication to "the CA says so" for 99% of users not running a private CA alongside the public one.
Transparency logs become impenetrable to human review, and even if you do monitor your log (most don't), you need a credible out-of-band identity to raise the alarm if compromised. The entire system becomes a heavier Convergence/DANE-like vantage point check, assuming log operators actually reverify the DNS challenges (I don't think one-time LetsEncrypt challenges are deterministic).
I think certificates should represent long-term cryptographic identity, unforgeable by your CA and registrar after issuance. The CA could issue a one-time attestation that my private root cert belongs to my domain, and when it changes, alert to the change of ownership.
- The point of cryptographic identity is, unless the primitives were fundamentally flawed, there be no way to recover it without the key material. Otherwise it's just another means of access control, like say a passkey or an ssh key, which are convenient but we usually allow some recovery options with.
Yes, it takes hard discipline--which may lapse no matter the level of experience--to setup offsite recovery with true cryptographic secrets, but it is possible. You can say backup a KeePass file to BackBlaze, protected by a 7-word passphrase. Now all you need for recovery is access to BackBlaze (so same as a centralized service) and your memory of the passphrase, with no one but you having access.
I don't know what the stakes are for most social media accounts or websites. But wouldn't it bring some peace of mind if say Graphene's registrar couldn't just press one button to serve malware on grapheneos.org, which you won't detect until you compare the hashes with say Twitter?
- It was a more general remark about decentralized identity. I can't say if the average social media user wants or needs this kind of control over their identity, but I'd much rather have say my DNS tied to a cryptographic credential stored I manage than be delegated to a third party, able to say return a tampered OPENPGP entry to a specific IP without me ever knowing.
- So just keep a passphrase encrypted backup offsite? Just because the tech doesn't do this contingency planning for you doesn't mean it's impossible.
- I'm on Migadu. They are quite cheap, offer a student discount, support multiple domains, offer a very neat snappy UI, and have an extremely responsive support.
- 5 points
- You've prompted it to play simulated democracy. Overwhelmingly the kind of person role-playing as a state on the internet will be a civically-minded liberal. So the language model trained to mimic webtext recalled this pattern.
If you've instead structured the conversation first around complaints, bringing up whatever set of issues you're dissatisfied with, you could probably nudge it towards any off-center position, tapping into the region of latent space corresponding to political discussions instead of political simulation.
- How is it different to box64? I couldn't really find much online comparing these two except a brench by box64 themselves.
- Only two of these were actual malicious commits. Two others were malware inserted into the repositories (if Twitter could be thought of as a meta-repo), which is bad but not on the same scale.
- Our national transit agency is apparently a customer.
The departure tables are borked, showing incorrect data, the route map stopped updating, the website and route planner are down, and the API returns garbage. Despite everything, the management will be pleased to know the ads kept on running offline.
Why would you put a WAP between devices you control and your own infra, God knows.
- > Calling it a rhetorical exercise is… well sure.
It was a rhetorical exercise - I mirrored your exact wording to make that clear.
> Disingenuousness is a high bar for the argument you formulated...
I misunderstood your objection. I thought you were dismissing my argument as insufficiently sincere - that because I was constructing a hypothetical rather than drawing from lived experience, it lacked weight. But I see now you were raising a different concern, and you are arguing in good faith.
> Further, you assumed that I had no standing to ask people to go deeper into the field. Yet, once I make the mistake of saying that I know what that feels like - yet am making the request I am (to look into this field) you double down.
I do not, as that'd be a contradiction. I'm saying we must choose: either we ground our arguments in principle and reason, or we enter an escalating contest of naming a greater atrocity, flip-flopping between mutually exclusive positions every time one side succeeds in evoking greater horror.
> Further, you assumed that I had no standing...
I'm not questioning anyone's standing. I'm arguing that personal experience - yours, mine, anyone's - lies outside the scope of this legal principle. Blackstone's ratio doesn't specify what the ten guilty persons did, nor does it require you to witness the depravity of their crimes before accepting it. That omission is deliberate and load-bearing.
> I don’t know how to put it man - better people than me need to pay attention to where the gears of technology and speech engage with the fleshy parts of our information machinery.
I share your concern, but reach the opposite conclusion.
Absolute power corrupts absolutely. I have lived through the corruption of a state and the slow erosion of liberties that came with it. Now I'm watching the same pattern repeat in the nations we thought incorruptible.
If we accept mass surveillance for child abuse today, what gets added tomorrow? Sodomy? Gender degeneracy? Feminism? Child-free propaganda? Insults to religious feelings? These weren't pulled from a hat - they're lifted from the criminal code of a country bordering mine.
You may think you'll be the one writing that list, but why would the government need your permission when the elections are finally rigged, dissent is impossible, and the economy is decoupled from most of your labor?
Beyond the visible machinery of our society stand concrete pillars, holding up against the gravity of power. Without them, the entire structure would collapse. These pillars take centuries to construct - they require the surgical blade of crisis to make the incision, tonnes of compressed bone to wrench the opening, and rare wisdom to incorporate durably the great design. When you demolish them to alleviate contemporary fears, you will never have the chance to rebuild them. When one pillar falls, others follow, until inevitably the people find themselves crushed once more beneath the iron boot, each time with less breathing room than the last.
> Hell - something like sharing threat intel across major tech firms, is a challenge even today.
We have not exhausted our means to police crime without surveilling everyone's private communications. Traditional detective work, international cooperation, infiltration, informants - these tools still work. Had the billions invested in building a surveillance state been appropriated instead to these proven methods, organized CSAM rings would be decimated by now, not thriving in the jurisdictions we refuse to pressure diplomatically.
- This was merely a rhetorical exercise, holding a mirror to the initial argument. If you found it disingenuous, I hope you can see the thesis: "Wade into this arena and see for yourself" works equally well to justify opposite positions depending on which victims we center. This is a foundational legal principle going back to Beccaria and Voltaire.
You've experienced being falsely targeted and the harm it causes. How is an algorithm sending a false report to police different from a dox? Does your personal safety get overruled by theoretical public safety? Do you expect algorithmic accusations to be questioned more carefully than human ones, or institutional action to be gentler than the vigilantism you experienced?
- Why does the emotional intensity of the crime justify accepting massive collateral damage to innocent people? It's an appeal to trauma. Why can't we turn the tables on this?
Have you been woken up at 3 AM by police battering down your door? Had your home torn apart, computers seized, children screaming? Waited months for an apology that never comes while your name sits in search results next to 'investigation'?
I urge anyone who thinks aggressive enforcement is worth the cost to wade into this arena themselves and see what they find.
Personally, I keep an arm's length from these stories, simply because I know my tolerances. But if even a tiny bit of you is driven to understand and hold opinions based on defensible positions, do your legwork.
You seem to be under an impression an ISP's "Intercept Access Point" is somehow different from any downstream MitM. An ISP is certainly has more area than a coffee shop network, but the threat model stays mostly the same. Both I and Comcast can run tcpdump or mess with your packets to the extent cryptography permits.
There are only some realistic ways you could intercept a TLS connection, and that would be
1) For you to use TOFU, and the ISP to tamper with the initial key exchange. To stay undetected, you would have to ensure every vantage point after provides your compromised keys, expanding to potentially every cellular provider, home/business connections, and data-centers, potentially even outside your jurisdiction. This would be easiest if you could meddle near the backbone, until you realize the cost of deeply inspecting every packet, detecting the protocol, and transparently re-encrypting _all_ the internet. As soon as you verify out-of-band, even over a VoIP call, or the target crosses into a network you didn't compromise, your cover is blown. And you've only got shot at intercepting the key exchange, so you can't afford to be picky about who to target.
2) In practice, most traffic uses Certificate Authority roots from the browser's default set. As I've said before you can either plead with the citizens to install your intercept CA, or you can find one trusted by browsers without cross-jurisdictional threshold signatures and try to apply rubber hose cryptoanalysis until the rights certs get signed. A transparency log will mandate you publish your MitM cert onto an immutable global ledger, letting everyone know something fishy is going on. Your attack has succeeded, but at the cost of blowing your cover.
What an ISP, as well as me as a network admin, do see is the domain and IP, timing, and packet size. That does allow me to deduce a lot about you--large packets sent to whatsapp.com are probably images, many small ones may be a call. But that's about it unless you can get the keys.