vkou
Born on April 15, 2013•17564 Karma
(Weird how they all forgot who was in charge in 2020, who fired up the printing presses and who handed out money like it was on fire...)
I sincerely hope they are enjoying the economic consequences of this year's Iranian adventures. They deserve to savor every penny of their >$150 tank fill-up.
"Action for action's sake should be undertaken. Without any critical reasoning or reflection."
It's exactly how an unsocialized, undisciplined child or animal behaves, and it is not acceptable in civilized society.
---
[1] Its twin sibling is 'Disagreement is Treason'.
If the data center existed in a vaccum, with no inputs or outputs, this argument would hold some weight.
Instead, they stress limited water supplies, cause power shortages, increase GHG emissions (which we, the public ultimately have to pay for, either through mitigation or dealing with the damage after the fact).
Oh, and also they may well have negative externalities to employment. They definitely have negative externalities to communication, the internet has been flooded with AIshit.
Thanks to a combination of attacks from the executive, attacks from the oligarchs (Buy a paper and fire everyone who says things you don't like), or the simple fact that sane-washing MAGA insanity sells papers, the 'independent' press is everything but.
It is non-stop carrying water for the most insane lunacy, and is trying to convince us that it is fine and normal and desirable.
IMHO what we're actually seeing is a huge fragmentation of the 4th estate. There is now a viewpoint on the Internet for everything, no matter how insane. That's part of what people don't like about it. This fragmentation of media has allowed airtime for MAGA views that would've been considered far outside the Overton Window just a decade ago, but that was the point of the Internet. And it's not really to the exclusion of other views, it's just that you have to go looking for the other views.
But also, this idea that somehow now that one guy who believes San Francisco doesn't exist is "media" whereas in 1990 he's not is insane. That's a choice you've made to re-define "random crazy people" as media, the Internet didn't do that. If anything changed magically in 1995 it's how you defined what does or doesn't count as media.
Any strong, independent media ecosystem would not be so consistently sane-washing the firehose of crazy that we're being hit with every week, or kowtowing with such regularity.
Yes, you can find some obscure blog that will broadcast literally any cherrypicked viewpoint. That's not the majority of the media consumed in this country. Even when the owners of the networks differ, the message they broadcast is incredibly homogeneous.
And software isn't?
The usability of iPhones and iPads is a great example of how he was right. They're very easy to use and no functionality was hidden in a right click menu: it had to be visible somewhere.
Right click was still always available as a shortcut for advanced users.
When the context menu was introduced, it was initially designed as a shortcut to actions that were already available elsewhere in the UI.
Just because the feature is available somewhere else in the UI doesn't mean that the shortcut for it must be a two-handed one.
But I remember noticing years ago a large room of tech professionals and 100% of the Windows users had mice plugged into their laptops, and zero percent of Mac users did. It was a failure of the Windows ecosystem that people needed those imho.
It's not 'no support', it was an insane default. For all the talk of 'easy to use', there's a reason context menus exist. You can't just cram every context-specific interaction into an omnibar or a leftclick. Non-trivial software is complicated. Adding that friction to its use does nobody any favours.
Yes, in the decades since... Trackpads have gotten a lot better, but at the time Jobs was pushing for that nonsense, they simply weren't good enough. (And didn't exist at all for non-laptop computers.)
Note that in non-trivial or professional software it's typical to have a hand on the keyboard, because not even a second mouse button is enough. Hold 'q' while dragging to adjust exposure in capture one, etc. Or they have dedicated input hardware like mixing consoles. Or they plug in a speciality mouse.
We can start with whomever showed up to that inauguration, and expand from there. If they could afford that bribe, they can certainly afford to pay for repairing the damage their golden boy has caused.
But just cutting taxes for the rich is not that model.
Hopefully sanity prevails and we retroactively declare those tax cuts as loans, now due with interest. Yeah, not how contracts are supposed to work. So what.
You go to a store. You show the clerk your id and give him a quarter. The clerk pulls a scratch-off ticket from the front of a ticket tape. The ticket contains a token identifier.
It's anonymous. The clerk or his POS system knows your name and age, but doesn't know your number. The vendor providing the tape doesn't know your number or your name. The system accepting the token knows your number, but doesn't know your name. The token is only valid for a day after use, so loss and transfer isn't much of an issue.
It's the exact same process by which you buy lottery tickets in a world where they don't need to verify your identity when you redeem them. The lottery has no idea who bought a particular ticket, only that a ticket was bought. The clerk knows you bought a ticket, but doesn't know which ticket.
Obviously, Eavesdropping Eve looking over your shoulder knows both your name and your ticket number, but that's not a practical attack.
Where does this 3rd party identity token provider come from?
For government-issued identity tokens, there are not separate parties. It's just the government, and they can choose to link whatever they want in their internal system if they decide it's in the interests of national security.
You're also forgetting that lottery tickets are tracked. This is how they can announce which store sold the winning ticket before anyone steps forward with it. It would be trivial to match a buyer to the ticket if they wanted to inspect the records. In the case of a government identity token service, there isn't even a separation of parties providing the records. They do it all and can have all the data.
Some oracle whose job it is to print tokens and hand out rolls to the stores (and to the websystems). They would know which store got which roll, and which website authenticated it, but not who each ticket from that roll went to.
With a big enough roll, this is essentially anonymous.
Yes, lotteries know which store got the winning ticket, but they have no idea which of the patrons in the store got it. Not unless they ask Eve to get her telescopic lens and notepad out.
You're saying the real solution is that we bring in a private, 3rd-party company to start checking our IDs to access websites now?
I am not actually advocating for it. I'm just saying how it's possible to solve it given those constraints.
If A is buying the ticket and immediately transfers it to B, you could end up defeating the aspect-validation element of this system. That mechanism would be strongly analogous to a straw purchase for alcohol or firearms:
<https://en.wikipedia.org/wiki/Straw_purchase>
The likelihood of a large black market for underage Internet access developing is probably low, but informal small-scale attacks would likely be possible, and perhaps attractive to those who could negotiate the transaction on others' behalf.
That said, the underlying mechanism you describe is a good one, and the objections raised so far here largely specious.
Eventually this becomes common knowledge and "something must be done". Facebook (the corpo sponsoring these age verification laws to absolve their own liability) and their ilk decide that the token system no longer meaningfully proves age. They switch to demanding full government ID in cleartext, as there is still no comprehensive privacy law that would prevent such a thing.
Every single approach that puts the onus on the company to verify age falls apart this way, possibly including a de facto mandate for remote attestation (ie say good bye to libre operating systems and browsers that aren't MSIE, Safari, or Chrome). The only workable systems are ones in which the onus remains on parents giving their kids networked computing devices to enable parental controls and/or otherwise monitor their kids' usage, with those parental controls based on information flowing strictly from the website to the user agent (eg a content tag that asserts "this page is suitable for kids").
(and I say this as a parent who is staring down having to deal with this problem in a short year or two)
I’ve sold lottery tickets, and you have to be legal age to both buy and redeem them, so I’m not sure that this analogy or hypothetical solution is comparable to lottery tickets, nor is it likely to be the panacea you think it is.
I don’t think that the nascent online age verification schemes are good for society in general, either, but that’s not really the point you were making in your comment, so I don’t assume that you believe they’re good or bad, but simply advocating for a more privacy-preserving implementation. Which is kind of the whole point of the argument against bad implementations, but those who mandate and implement the systems likely view uniquely identifying people as a boon, whereas you and I probably don’t, which is why I am not hopeful that your ticket system will be used, because it will be higher friction for more people than uploading scans of their IDs and/or their face.
The ticket system, if implemented, would be used by so few people that the folks who do could likely be re-identified by Bluetooth tracking beacons and facial recognition in the same stores which they bought the ID tickets you suggest, and so I think the number of people who would escape tracking by any such means to be so few as to be a rounding error.
Those folks who do pursue this privacy hobby/fetish are statistically likely to ultimately mess up on their opsec eventually on a long enough timeline, so it’s hard to even imagine a scenario in which it matters either way what individual privacy activists do or don’t do from the point of view of the panopticon designers or implementers. Those not identified to a desired confidence interval by the mass surveillance system will just be retargeted for more sophisticated surveillance measures.
Despite how we rage, we’re still just rats in a cage.
More and more, the privacy debate feels like a quixotic struggle against giants, when everyone already knows that those giants are actually windmills; the majority of society now lives on reclaimed lands which rely on those windmills’ continued existence, and so no one cares about privacy in the way that you or I might care, because they are incapable of perceiving windmills as giants, nor do they have the intellectual or philosophical or political beliefs which would allow them to even entertain such perceptions even for the purposes of discussion. The privacy debate is beyond their ken.
What prevents a commercial "AI" security camera analysis firm from doing a decent job of linking footage of a store's customers to a likely subset of tokens, based on the knowledge of which tokens are sent to which store and how many tokens have been pulled off of the roll so far? Remember that you can design the token roll packaging so the easiest thing for a clerk to do is to pull off the rolls in the order in which they were shipped. Or -hell- you can design the token dispenser so that it phones home to the oracle that sent the roll to the store with the range of tokens in the roll when the roll is loaded into the dispenser (for "security purposes").
> It's the exact same process by which you buy lottery tickets in a world where they don't need to verify your identity when you redeem them.
I've seen many people buy lotto tickets. I've never seen anyone asked for ID. Perhaps the merchant is supposed to check for ID, but they don't. Relatedly:
> The clerk pulls a scratch-off ticket from the front of a ticket tape. The ticket contains a token identifier.
What prevents rolls of those tickets from falling off of a truck and either being handed out for free or at a substantial markup, no questions asked? [0]
In the real world, the system you propose absolutely will not function to the standards required by the people agitating for these systems. You can't "protect the children" if "children" can easily get their hands on anonymous access-granting tokens.
[0] The fact that this doesn't happen with lotto tickets often enough to be newsworthy is not a compelling counterexample. Stores make a decent amount of money selling those, and wouldn't want to get cut off from that revenue source by regularly "losing" shipments of tickets. What you propose doesn't make stores any money, so either you have to spend a bunch of money to induce them to carry the tokens [1], or you have to have harsh penalties for "losing" shipments of tokens. If you risk harsh penalties for choosing to sell the tokens, why even bother? Stores put up with the risk of selling booze because it's quite profitable... selling 5c or 0c tokens absolutely is not.
[1] Where does that money come from? From you and me, of course!
Lottery tickets don’t “fall off of trucks” or get “lost in the mail” because they aren’t valid for redemption until they’re activated at the POS terminal of a licensed store, and the lottery company knows which store receives each ticket roll, because they are shipped to known locations with tracking numbers and delivery verification and/or delivered in person by lottery employees. Even the rolls of blank lottery ticket receipt paper have different serial numbers every few inches, and it’s forbidden by policy to swap receipt paper between stores. All of these things are audited both regularly and randomly by state lottery officials.
Oh yeah, true. A few minutes after I posted the comment, it occurred to me that lotto tickets always get scanned at the register, which is the obvious way to track their distribution and make it annoying to use a whole bunch of winning ones that fell off of a truck. Thanks for the first-hand industry info.
If it's effective, all that tracking and auditing can't be cheap. The lotto gets to pay for it with ticket sales... I don't expect folks would tolerate paying for that [0] for this "I'm an adult" token-distribution system.
[0] ...whether that payment is paid by the token purchaser or by the taxpayers, generally...
Now that you mention the auditing etc, a lottery system would probably be an easy way to get people to literally buy into an online ID scheme, not because it would necessarily be privacy-preserving, which would depend on implementation details, but because a not insignificant number of folks seem to like the chance to win money. Considering many states already have lottery systems, the ID code tickets could probably be provided alongside lottery tickets for free or nearly free, and employees already have the training to check/scan IDs. If there was an incentive such as the possibility to get discounts, win prizes, or tie-in purchases of some kind, I think it could work.
Many stores that sell lottery tickets also sell gift cards, so that technology could also be used instead or in addition to ID tokens at the point of sale. There are a lot of sponsorship opportunities available for cross-promotion.
“Please drink a verification can” was probably more prescient than was at first apparent. Mike Judge saw this whole thing coming from a mile away.
> In the real world, the system you propose absolutely will not function to the standards required by the people agitating for these systems. You can't "protect the children" if "children" can easily get their hands on anonymous access-granting tokens.
What stops children from paying someone to buy beer and cigs for them? What's the difference between age-controlled liquor and an age-controlled token falling off the back of a truck?
You can introduce as many soft-verification systems as you want to tweak this. The roll of numbers doesn't become active unless installed in a dispenser that phones home when it is installed, for example. The empty bobbins containing the roll have to be returned to the oracle, and need to register installation in a dispenser. The dispenser can even count each dispensed ticket. The only requirement is that the sale and the process of paying for the sale isn't linked to the ticket. If you maintain that, the system is anonymous. If you break it, it's not.
I preempted this line of questioning. I'll quote the section for you:
What you propose doesn't make stores any money, so either you have to spend a bunch of money to induce them to carry the tokens [1], or you have to have harsh penalties for "losing" shipments of tokens. If you risk harsh penalties for choosing to sell the tokens, why even bother? Stores put up with the risk of selling booze because it's *quite* profitable... selling 5c or 0c tokens absolutely is not.
[1] Where does that money come from? From you and me, of course!
> The only requirement is that the sale and the process of paying for the sale isn't linked to the ticket.
Unless you make it turbo-illegal to link those pieces of information (even weakly), then those two pieces of information will be linked lickety-split. As aspenmaver mentions, lotto tickets are activated at time of sale by phoning home to -I assume- the issuer of the ticket, providing a ready-made mechanism to correlate which tickets are sold to which person. When the people who are crying to protect the under-eighteen from the "evils" of computing notice that under-eighteens are -shock! outrage!- still exposed to that "evil" despite this token-distribution scheme, they will demand any such laws be weakened or eliminated.
[0] ...or fail to strictly follow all of the regs when giving one to a "Token Commission" officer doing an undercover buy, as absolutely happens with alcohol sales...
A simple law against linking those two pieces of information would be sufficient. Sure, someone like the NSA wouldn't give two shits about what's legal, but they also wouldn't have the means to clandestinely get the necessary hardware installed in every one of the million stores that exist in the country.
Given that the store makes zero money on the sales and faces Liquor Board-imposed penalties if they sell to an under-eighteen, I guarantee that the token-dispensing machines are going to be functional roughly as often as the frozen dessert machines at chain fast-food places.
Anyway. It looks like in order for your scheme to function, everyone (including lawmakers) has to play nice and both abide by the current rules and agree to never add any privacy-eroding ones for the rest of forever. Given that that's a precondition, here's a much simpler system that has been widely field-tested and has zero privacy concerns above what you get from simply using The Modern Web:
--------------- ---------------
| I'm over 18 | | I'm not |
| ENTER | | LEAVE |
--------------- ---------------You can't learn two difficult things at once well. When you have to put significant amounts of mental energy into parsing the semantics of each sentence, it utterly ruins any enjoyment you might have from the work itself - and makes it much harder to clean any meaning or subtext from it.