[HN Gopher] Governments spying on Apple, Google users through pu...
___________________________________________________________________
Governments spying on Apple, Google users through push
notifications
Author : ahiknsr
Score : 606 points
Date : 2023-12-06 12:49 UTC (10 hours ago)
(HTM) web link (www.reuters.com)
(TXT) w3m dump (www.reuters.com)
| gafage wrote:
| Both Apple and Google have root access in the devices. They do
| not necessarily need to do this.
| ben_w wrote:
| From _the companies_ not needing this, it does not follow that
| _various governments_ don 't need this.
|
| My first thought is that this is looking like an especially fun
| (for the rest of us) popcorn session where someone in one
| government is _shocked_ to discover that _other governments_
| pull the same stunts that they think should be reserved for
| "our people"... but then I looked up Senator Ron Wyden's
| Wikipedia page and he seems to be genuinely opposed to such
| shenanigans from everyone including the US.
|
| So, good for him.
| stuckinhell wrote:
| Push notifications allow more people to spy on you.
|
| At the core most technologies have been deeply rooted by
| intelligence agencies.
| xattt wrote:
| Do push notifications still get sent and just ignored if they are
| disabled on the device?
| disposition2 wrote:
| I'm no expert but in my experience developing mobile
| applications & push notifications, I've only registered a
| device for notifications (and subsequently sent notifications)
| if the user opted in. Based on my own experience, I would say
| if you didn't enable notifications for a particular service or
| app, they don't get sent.
| r1ch wrote:
| The app developer will still send them to Apple / Google
| though so the data will still be available to snoop on.
| wharvle wrote:
| Dunno how it is now but it used to be that Apple would tell
| you which push tokens (recipients) were rejected (app
| uninstalled, push disabled for your app, or you stored a
| bad token to begin with) and you were supposed to stop
| sending to them, with the implication that Apple would get
| upset with you if you kept sending to rejecting tokens for
| too long.
| tadfisher wrote:
| This depends on how the app implements notifications, and which
| mechanism is used to disable them. I know FCM/Android, not
| APNS/iOS, so here's a breakdown:
|
| 1. The app registers a push token with their backend. This can
| happen without granting notification permissions, and without
| notifying the user. So the backend is free to start sending
| push messages immediately after registration, which is
| typically done on the first app launch.
|
| 2. The controls available in Android's per-app notification
| settings have nothing to do with push messaging. These allow
| the user to limit or change how the app _displays_
| notifications, regardless of the reason the app is displaying
| them. Some apps have additional options to disable push
| messages, but that preference must be communicated to the app
| 's backend to prevent the backend from sending pushes in the
| first place. Some apps may consider Android's notification
| settings to determine this preference, but it's extra work to
| do so.
|
| The concepts of "push messaging" and "notifications" are often
| used interchangeably, but at least on Android these are
| separate systems that are tied together with client code. The
| push messages may also contain notification data, and the
| official FCM client will display these automatically, so this
| confusion is understandable.
| matthewdgreen wrote:
| Some issues could be prevented if push messages added end-to-end
| encryption by default, something that shouldn't be particularly
| hard to use if it was built into the dev tooling. Instead,
| developer recommendations like this one [0] suggest that you
| should put content into your push messages and _optionally_ use a
| separate library to encrypt them. Clearly developers aren't doing
| this, hence the opportunity for surveillance.
|
| [0] https://android-
| developers.googleblog.com/2018/09/notifying-...
| bryancoxwell wrote:
| If it's metadata they're after (according to the article) would
| it really matter if the push notifications themselves were
| encrypted? As long as you're using Apple/Google's servers to
| manage push notifications it seems like there would be some
| metadata that could be useful for surveillance purposes,
| encrypted or not.
| matthewdgreen wrote:
| Getting rid of all metadata is fundamentally hard, unless
| providers are willing to deploy PIR or anonymity networks.
| But I think it's a mistake to assume metadata means "just the
| timing of a message": these push messages may include a lot
| of detailed content that is being described in this article
| as metadata, and all of that stuff can and should be
| encrypted.
|
| Additionally, with a little bit of work (well, really quite a
| lot) the push messages can be made to hide the source. This
| would make it harder to distinguish a Gmail or DoorDash
| notification from a WhatsApp notification.
| fidotron wrote:
| Encryption wouldn't help as the whole point would be to look
| for coincident timings. I.e. after activity from one user to a
| known service you see a push occur going to another user. If
| this pattern repeats you can build confidence they are in
| contact.
| nprateem wrote:
| It would very much help if you wanted to stop the government
| hoovering up the content of chat messages sent as push
| notifications
| fidotron wrote:
| Encrypted messengers aren't sending unencrypted push
| payloads, at least not deliberately.
|
| A lot of apps don't even put much in the push messages
| themselves at all, they are mainly an indicator to phone
| home for more information.
|
| Consequently no gov has been getting meaningful info from
| the content of this stuff for many years - it will all be
| what you can infer from observed patterns, which is a lot.
| nprateem wrote:
| I'm not sure I'd trust dating apps and weaker chat apps
| not to just be sending the contents of messages to a TLS
| push notification endpoint that Apple/Google could do
| whatever with before forwarding on to devices.
| garblegarble wrote:
| The timing would still give you away - with a privileged
| network position you can tell that a user sent a message to an
| messaging service, and that some set of users got notifications
| from that messaging service moments later. Observe that enough
| times and you'll have good confidence in the members of a
| group.
|
| If you're trying to hide from that type of attack you need to
| send a fixed rate stream of messages (most of which are dummy
| messages, except the occasional message containing genuine
| content -- like number stations). Furthermore, every point in
| the chain also needs to avoid revealing which messages are
| genuine (by fetching the encrypted message from the server when
| it receives a genuine notification, you're giving data away).
|
| The operator of the app could send messages at fixed intervals
| to make it more difficult to correlate the messages (more
| samples required to have confidence in the recipient). If they
| send dummy notifications they'd probably fall foul of
| Apple/Google's constraints around invisible-to-the-user
| notifications (I know Apple prohibits them, I assume Google
| does as well)
|
| I can't see that frustrating this type of attack would be
| interesting to Apple/Google: it would push up power & radio
| bandwidth requirements for everybody pretty significantly.
| GoblinSlayer wrote:
| If notification is malformed or erroneous it should be
| invisible, shouldn't it?
| garblegarble wrote:
| I think (reading between the lines on their docs) that
| you'll get throttled/dropped if you abuse the system by
| sending a regular push notification but do not notify the
| user. Apple doesn't like app developers using invisible
| notifications because it risks wasting device battery
| without the users being aware that their device is
| constantly being awakened by your app.
|
| However, I was actually wrong more generally because Apple
| _does_ have push notification type for this, Background
| Updates[1] are permitted to run invisibly. They say not to
| try sending more than 2-3 per hour, and that "the system
| may throttle the delivery of background notifications if
| the total number becomes excessive" - which sounds like
| you're permitted some unspecified small number between app
| launches.
|
| These notifications seem to only be able to send a single
| boolean flag, so it doesn't seem like an awfully viable way
| of implementing a fixed rate message system (especially
| because you'd also want to be sending messages out on that
| same fixed rate to frustrate analysis)
|
| 1: https://developer.apple.com/documentation/usernotificati
| ons/...
| AshamedCaptain wrote:
| In fact, at least on Android, the contents of most push
| notifications are not the actual messages to be displayed to
| the user, but just empty notifications letting the app know
| it must poll for something on the server or some other
| activity which may result in a notification.
|
| It's all about the timing (and meta-data like which app), not
| about the contents.
| danaris wrote:
| What you're talking about is achieving _perfect_ privacy
| /security.
|
| Even just E2EE on the notifications themselves would be an
| _improvement_ over the current situation. It would make
| certain categories of data unavailable to eavesdroppers. The
| fact that it would not protect against 100% of all types of
| data /metadata exfiltration is not sufficient reason to
| oppose implementing it.
| Klonoar wrote:
| Isn't this somewhat defeated if the service is large enough?
|
| E.g: if I get a signal notification and the notification has
| no data except "event happened, call server for updates" -
| and then you fetch updates as a batch - doesn't the sheer
| number of people making that same generic batch update call
| somewhat mask it?
|
| I'm curious where Apple prohibits dummy notifications, by the
| way - I used them for a financial app I worked on a few years
| back and never got dinged for it.
| hudell wrote:
| Some apps actually do that. I know at least Rocket.Chat has an
| option to handle push that way. I'd like to believe other
| similar chat apps used by groups and communities have it too.
|
| But as others have pointed out, just having the timestamp and
| target of the notifications already tells a lot.
| jeffbee wrote:
| I don't see why. The system operator knows to whom the message
| is being sent. They get a court order, ordering them to track
| messages sent to enumerated entities and they have to comply.
| 2OEH8eoCRo0 wrote:
| > In a statement, Apple said that Wyden's letter gave them the
| opening they needed to share more details with the public about
| how governments monitored push notifications.
|
| > "In this case, the federal government prohibited us from
| sharing any information," the company said in a statement. "Now
| that this method has become public we are updating our
| transparency reporting to detail these kinds of requests."
|
| If Apple knew about this why wouldn't they limit their exposure
| to this user data?
| catchnear4321 wrote:
| > ...a source familiar with the matter confirmed that both
| foreign and U.S. government agencies have been asking Apple and
| Google for metadata related to push notifications to, for
| example, help tie anonymous users of messaging apps to specific
| Apple or Google accounts.
| px43 wrote:
| Hey other states, can you elect a few more Ron Wydens? He's been
| doing a ton of the heavy lifting lately. Every time we hear about
| the intelligence community egregiously violating civil liberties,
| it's always Wyden.
| Eumenes wrote:
| Yeah he's awesome. /s
|
| In May 2017, Wyden co-sponsored the Israel Anti-Boycott Act,
| Senate Bill 720, which made it a federal crime, punishable by a
| maximum sentence of 20 years imprisonment,[88] for Americans to
| encourage or participate in boycotts against Israel and Israeli
| settlements in the occupied Palestinian territories if
| protesting actions by the Israeli government. The bill would
| make it legal for U.S. states to refuse to do business with
| contractors that engage in boycotts against Israel.[89]
| https://en.wikipedia.org/wiki/Ron_Wyden#Israel
| terabytest wrote:
| I can't tell if you're being sarcastic. How is that
| acceptable and democratic?
| Eumenes wrote:
| I am being sarcastic ;) the guy is supposed to be a freedom
| fighter for privacy/security but is trying to ban boycotts,
| the most basic form of protest, and integral to US
| democracy.
| rudasn wrote:
| Well, apparently, that's how a good politician works.
| Just like a good software engineer would have not one,
| but two backups, at different locations.
|
| It's similar to what economists say about not pulling all
| your eggs in the same basket.
| Nthringas wrote:
| close enough
|
| I must add that "good politics" are all about compromise.
|
| In my somewhat grim perspective the best outcome of good
| politics means none of the constitutents are happy and
| none are desperately angry.
|
| politics are all about the completely bland and boring
| averaging
|
| but I come from a land of historically terrible, awful
| politicians and leaders
| adr1an wrote:
| He's only banning the 'bad' boycotts. Right? /s
| ysavir wrote:
| Your previous comment came off very genuine. If clarity
| of statement is important, it might be worth ensuring
| your actual intent is made unambiguously clear somewhere
| in message, if that message is otherwise ironic or
| sarcastic.
| kamikazeturtles wrote:
| It already in exists in the form of Anti-BDS laws. 35
| states already have them
| pcrh wrote:
| >Anti-BDS laws
|
| These would seem to contravene the First Amendment.
| wahnfrieden wrote:
| And? The US doesn't work the way you think it does. It
| operates illegally and protects its powers over people.
| As a factual observation. What then
| ethbr1 wrote:
| If you require all your allies to be perfect people...
|
| ... you won't be left with many allies.
| scarface_74 wrote:
| I mean wanting to put people in jail for using their first
| amendment rights is kind of big deal.
| dylan604 wrote:
| and yet a leading candidate for the highest office is
| promoting exactly this, and has a large percentage of the
| population in full support.
| scarface_74 wrote:
| As long as you are putting "them" in jail, it doesn't
| matter
| thehappypm wrote:
| You can literally use this to excuse any behavior
| karaterobot wrote:
| True, but you can also refuse to excuse any behavior, nor
| give even an inch, and then look around after a while and
| realize you've won the wrong contest. You won the never
| giving an inch and remaining morally unblemished contest,
| and lost the making allies and getting anything done
| contest.
| I_Am_Nous wrote:
| True, which is why it must be balanced with realistic
| judgements about the people you support and knowing what
| issues are truly important compared to what the current
| buzz is telling us is important.
| JustLurking2022 wrote:
| That sounds like an attempt to ban political expression that
| is certainly protected by the First Amendment.
| calvinmorrison wrote:
| Well established ban, since you cannot discriminate anymore
| or voluntarily associate anymore as a business
| peyton wrote:
| It's already pretty much the law. You can submit your
| complaints to the Office of Anti-Boycott Compliance [1].
|
| Foreign governments can't force government contractors to
| comply with boycotts. This bill AFAIK simply closes the
| loophole of Palestine not technically being a foreign
| government.
|
| [1]: https://www.bis.doc.gov/index.php/enforcement/oac
| eli wrote:
| That's not the same thing. This isn't about foreign
| government demands, it's about US states being legally
| able to discriminate against contractors who participate
| in BDS. (Edit: in fact it's about contractors who refuse
| to sign a pledge that they won't ever participate in BDS)
| rchaud wrote:
| Wyden knows such a bill wouldn't pass specifically because
| of its unconstitutionality. This was about picking up media
| coverage by throwing red meat at voters.
|
| Congress has been in a state of deadlock for too long to
| pass any actual laws, so this type of performative theater
| ahead of midterm elections is what passes for
| statesmanship.
| eli wrote:
| That's awfully generous. He _co-sponsored_ a bad law that
| he didn 't actually want to see passed?
| rchaud wrote:
| He may definitely want to see it passed. But elected
| officials should not be engaging in pushing bills that
| won't pass their first legal challenge.
| eli wrote:
| Similar bills have already passed legal challenges
| https://www.lawfaremedia.org/article/eighth-circuit-
| upholds-...
|
| I think it's a bad law and he's making a big mistake. I'm
| still a fan though.
| rchaud wrote:
| Thanks for the link. Scary to see that the state is re-
| drafting these laws specifically to find loopholes in the
| constitutional definitions of freedom of speech. Check
| out this other loophole:
|
| > The act does not apply to contracts worth less than
| $1,000, or to companies that offer to provide the goods
| or services for at least 20 percent less than the lowest
| price quoted by a business that has complied with the
| certification requirement.
|
| So, a contractor if free to boycott as long as they cost
| the taxpayer a little bit less.
| stjohnswarts wrote:
| Well it's pretty unlikely such a law would stand up in any
| court even small claim's court
| eli wrote:
| Uh it's already the law in dozens of states. The Arkansas
| law was challenged, but upheld by the appeals court and
| SCOTUS refused to hear the case.
| vkou wrote:
| I'd rather not test this theory, just like I'd rather not
| test the constitutionality of a law that makes accessing
| TikTok a felony.
|
| ... Also, as sibling commenters pointed out, anti-BDS gag
| laws are everywhere in this country, and have yet to be
| struck down.
| eli wrote:
| Pobody's Nerfect
| micromacrofoot wrote:
| This is a far cry from an "oopsie"
| sircastor wrote:
| I'm an Oregonian and my biggest complaint about Ron Wyden is
| that he's usually ahead of me on technical issues. There are
| worse problems to have...
| runjake wrote:
| I believe he sits on intelligence committees and has a
| security clearance so he gets briefed on all kinds of
| outrageous things he can't publicly talk about. But he does
| his best with what he can.
| jd3 wrote:
| Probably thanks to
| https://en.wikipedia.org/wiki/Christopher_Soghoian.
| pmlnr wrote:
| Unifiedpush to save the day! And an XMPP server with
| Conversations can be the basis for it:
| Https://unifiedpush.org/users/distributors/conversations/
| GoblinSlayer wrote:
| AIU deanonymization happens due to pseudonymity. There are 3
| pseudonyms: chat id, push id, phone number. Since all three are
| constant and linked, they can deanonymize the user. You need
| some sort of anonymous or confidential protocol to work around
| it.
| forward1 wrote:
| Stop promoting and trusting Conversations. Is it bad software
| which never did OTR verification properly before yanking it
| unexpectedly and without explanation. To my knowledge it has
| never been independently audited let alone taken seriously
| enough by any infosec professionals to warrant such study.
| AshamedCaptain wrote:
| You do _not_ need push notifications in the first place. Most
| definitely not for messaging programs anyway. The "saves
| battery" arguments are always very fluffy and devices/clients
| who don't do push notifications (or at least don't force you
| to) sometimes even have better battery life than
| devices/clients which do.
| XiS wrote:
| Yet another reason to be a happy GAPPSless LineageOS user
| ravenstine wrote:
| What's GAPless? I've been thinking about trying out LineageOS
| on a refurbished phone, so I'd love to know what I can do to
| make it even better.
| henpa wrote:
| I think it means without "Google Apps" installed (gmail,
| play, maps, etc, etc).
| forward1 wrote:
| You're kidding yourself if you think three letter agencies
| don't have LOS users on a list and have capabilities to spy on
| them on demand with tailored access.
| g-b-r wrote:
| Maybe, but for sure avoiding stock Android and Google apps
| increases privacy a lot.
| forward1 wrote:
| Depends on your definition of privacy. Maybe privacy from
| Google, at the cost of additional scrutiny from domestic
| intelligence services.
| g-b-r wrote:
| There are few cases where that would be worse than using
| a normal all-monitoring android
| Zak wrote:
| It's a huge problem for both privacy and the open source
| ecosystem that Apple and Google mandate use of their own
| notification system for apps to be included in their stores.
| ta988 wrote:
| And now we understand why they do that.
| kyrra wrote:
| It is driven entirely by battery life. Android used to allow
| 3rd party apps to receive push notifications, and it caused
| battery life to be terrible compared to Apple. Forcing a
| single path was done for that reason.
|
| Btw, here's the telegram team complaining about the change:
| https://github.com/Telegram-FOSS-Team/Telegram-
| FOSS/blob/mas...
|
| Facebook abused this a bunch. https://www.theguardian.com/tec
| hnology/2016/feb/01/uninstall...
| g-b-r wrote:
| Allowing other notification systems would hardly have an
| impact (especially when someone could replace GCM entirely
| with them)
|
| And you can simply offer more battery controls, rather than
| general not overridable rules
| AshamedCaptain wrote:
| This complain is nonsense. Android _still_ allows
| background applications, the only limitation they added in
| that release is that such background applications have to
| show a notification that they are running (actually a
| feature if you ask me). You are still allowed to listen on
| a gazillion sockets perfectly fine.
|
| It's more problematic that some Android "skins" tend to
| kill background applications at random
| https://dontkillmyapp.com/, but at least, one cannot
| squarely blame Google for that one...
|
| The "battery life" argument that that they constantly use
| is also a very poor excuse. Even when Conversations (the
| Jabber client) didn't use push notifications at all and
| would just listen on noisy XMPP sockets, it still had about
| the lowesst power consumption of all Android messaging
| programs, lower than Google's own push notifications client
| app (play services).
|
| Certainly I might imagine that if all 1,000 adware apps
| your average Android user installs all needed to be wired
| and listening to a socket in order to receive the latest
| offers (all in the legitimate interest of the user, of
| course) you might literally run out of memory. But even
| then there are many solutions (such as inetd like services)
| that do not require centralizing everything into Google.
| Izkata wrote:
| > Android _still_ allows background applications, the
| only limitation they added in that release is that such
| background applications have to show a notification that
| they are running (actually a feature if you ask me). You
| are still allowed to listen on a gazillion sockets
| perfectly fine.
|
| ...I'm not even clear on what they're complaining about
| (the page github links to seems to have been changed, it
| describes the current state rather than what happened in
| 8), because this was actually a thing as far back as
| Android 2: you had to have one of those notifications up
| to prevent Android from killing your service.
| Zak wrote:
| I suspect it wasn't initially designed to help enable
| _government_ surveillance, but that data must have a
| significant dollar value to those companies.
| acdha wrote:
| There were huge downsides for battery life before, and privacy
| is somewhat orthogonal since you'd be at risk from more
| companies and they'd all be subject to the same legal demands,
| so I think the answer has to be regulatory. In the EU, that
| seems possible but I'm not sure the U.S. government is
| currently functional enough to do anything about this.
| g-b-r wrote:
| Allowing third-party _notification systems_ (such as
| UnifiedPush) would have practically no negative effect on
| battery life
|
| Not to mention that people might prefer to use some more
| battery in exchange for more privacy
| acdha wrote:
| It certainly had an impact when Apple and Google shipped
| platform notifications because each of those systems kept
| the radio active.
|
| It's possible that a better interface could be developed
| but it wouldn't help privacy unless the implementers were
| in different legal jurisdictions: the same government which
| can subpoena or NSL Apple or Google could've asked e.g.
| Urban Airship for the same details. There's also a
| challenge in that each implementation is a chance to make
| mistakes or fail to deliver promised privacy protections,
| and someone in a country which isn't the United States
| might have stronger privacy laws but is also a legitimate
| NSA target. This kind of problem just doesn't have simple
| solutions.
| g-b-r wrote:
| It's a much bigger nuisance and risk to have several
| smaller parties to handle court orders; some of which
| could indeed be in other jurisdictions by the way.
|
| Before the platform notifications every single app kept
| their own connections open; allowing (completely) third
| part notification platforms would have a small or non-
| existent impact
| acdha wrote:
| > It's a much bigger nuisance and risk to have several
| smaller parties to handle court orders; some of which
| could indeed be in other jurisdictions by the way.
|
| I'm not sure this is true: a small company is less likely
| to have the legal resources or confidence to stand up for
| their customers' rights. I'm sure you could find examples
| going either way at either size.
|
| Being in a different country helps but only if the
| company has sufficient security to even notice if the NSA
| decides to take advantage of them being outside of the
| US. I would bet Apple and Google have that level of
| expertise but not everyone else.
| troyvit wrote:
| I use Telegram FOSS. They refuse to use firebase for
| notifications, so I forever have a message in my drawer that
| leads to this link:
|
| https://github.com/Telegram-FOSS-Team/Telegram-FOSS/blob/mas...
|
| I doubt it solves much but I like to think of it as a little
| poke in the eye.
| Ruthalas wrote:
| UnifiedPush[0] seems like a great project in this area, and I
| wish it was implemented in more apps.
|
| [0] https://unifiedpush.org/
| hunglee2 wrote:
| "The source declined to identify the foreign governments involved
| in making the requests but described them as democracies allied
| to the United States"
|
| - why not identify them?
| vermilingua wrote:
| Because the requests likely contain legal cladding to forbid
| disclosing the request, as is the case in Australia. A lot of
| people would be vindicated if it turned out one of the
| "democracies" making these requests was Australia.
| peterkelly wrote:
| Australia was my first guess when I read that sentence. But I
| expect it's not the only one.
| thallium205 wrote:
| It's likely the five eyes allied nations.
| ericmay wrote:
| Yep. Most likely to try and catch Chinese spies or other
| countries like India, Iran, Russia, and others as they
| continue to go after dissidents abroad.
| toyg wrote:
| Or to track US activists and resell the information to
| the US government, in exchange for data on other five-
| eyes citizens or access to other surveillance systems (US
| ones are obviously the best, from a military standpoint).
| ericmay wrote:
| Or (insert country you have a political agenda against)
| to (do thing you disagree with) for the purposes of
| (pushing your own political agenda).
| toyg wrote:
| More like "or (insert country that shouldn't be doing
| something according to its own laws) to (do something
| against its own laws) for the purposes of (someone's
| profit)".
| ericmay wrote:
| Sure and that applies (at least) to the EU (and friends),
| US, UK, China, Russia, Japan, South Korea, Singapore,
| Australia, New Zealand, Saudi Arabia, Israel, Turkey,
| India, etc.
| toyg wrote:
| Yeah but a lot of those are not democracies, nor do much
| business at intel level with the US.
| ericmay wrote:
| Why would it matter if they are democracies or not?
|
| Why would it matter if they "do intel business" with the
| US, EU, UK, etc. ?
| toyg wrote:
| Because that's what the source said they are.
| selimthegrim wrote:
| Pakistan?
| toyg wrote:
| Let me think - could it be the one country with a
| complicated situation where most of the security-services
| apparatus is nominally allied but actually supporting
| forces opposed to the US (talibans etc), with a sclerotic
| political system defaulting to military dictatorship
| every other decade; or the long-standing allied
| democracies (plural) with a well-documented history of
| structural cooperation in matters of espionage and
| surveillance, particularly at the IT level...? Which of
| the two would the US government rather let run
| surveillance on US citizens? Mmmh, I wonder!
|
| /s
| GoblinSlayer wrote:
| Anglosphere.
| toyg wrote:
| We already know, it's the Five Eyes
| yborg wrote:
| Most likely group, since they info share and this is the
| standard end-around on laws prohibiting "domestic"
| surveillance; government has some other country run the
| surveillance on their nationals.
| nvahalik wrote:
| Are the contents of push notifications not encrypted? Or are we
| talking about payloads rather than transport?
| angio wrote:
| They mention metadata in the article. Imagine sending a message
| to a Signal account at time X, then asking Apple a list of all
| users that received a Signal notification at that specific
| time.
| anthonyskipper wrote:
| This ^. approach and modified forms of it can bu used to
| track lots of things, and have be done so for decades by some
| goverment agencies. You can use a method like this even if
| people are using encryption and lot of anonymous tunnels. You
| simply shape the traffic and watch where the shape of that
| traffic stops. Can track people realtime across almost any
| link, including things like Tor, etc.
| withinboredom wrote:
| I had to anonymize some data while still keeping some
| details. You could imagine individual trees that needed to
| be put into groups of similar trees so individual details
| were lost.
|
| Anyway, these "trees" were effectively user behavior across
| all our products. I was shocked that simply knowing *when*
| (to within a second or two) a person did two or more
| things, you could narrow it down to *one single person* out
| of hundreds of millions.
| tantalor wrote:
| That doesn't make sense. I would expect Signal notifications
| to happen completely out-of-band with "normal" push
| notifications (e.g. NYT news alert). Otherwise that
| completely defeats the purpose of the service. Basically
| you're saying Apple/Google are MITM'ing Signal.
| seanw265 wrote:
| I'm not so familiar with Signal, but could you explain why
| you would expect Signal notifications to happen out-of-band
| with normal push notifications?
|
| Assuming Signal sends push notifications of some sort, as
| most messaging services do, that would make them vulnerable
| to the metadata-level attacks described in this thread.
|
| What kind of "out-of-band" are you thinking of that would
| mitigate this issue?
| dz0ny wrote:
| Not using APN I assume, but then you are not allowed(or
| rather won't pass the review) to publish the app in the
| App Store.
| tantalor wrote:
| Why: because otherwise the service, which is supposed to
| be private, is no longer private.
|
| I dunno how it would work, maybe something like a third-
| party push? Why does everything have to be channeled
| through central service? A service like Signal could
| operate its own push channel.
| satchlj wrote:
| Notice how SimpleX (https://simplex.chat/) has no push
| notifications by default because of this issue.
| daveoc64 wrote:
| Apple doesn't support any third-party push platforms, and
| they are restricted on Android to preserve battery life.
| dylan604 wrote:
| no, that's not basically it. MITM to me means being able to
| read the data by placing yourself in the encrypted chain.
| that's not how push notifications work. they don't need to
| know the contents of the message
| satchlj wrote:
| The notification is separate from the message. It
| _absolutely_ is MITM, just for the notifications, which
| are messages themselves with real content ( _you have
| received a message from so-and-so_ ).
| dylan604 wrote:
| I don't know what you think you are proving here. They
| did not view the contents of the message. An MITM
| "attack" would allow them decrypt the content of the
| message. This is just metadata being used. It's no
| different than all of the other metadata uses that the
| TLAs have been using. We've known for a long time (for me
| since Snowden was the first time I ever even considered
| it) that metadata can tell us a whole hell of lot about
| people that is just as much evidence that the actual
| contents of the message are irrelevant. With metadata
| alone, you can build up an entire network of people to
| investigate. You can do that investigation without ever
| decrypting anything. It's no different from the police
| following a suspect to see who they meet, and then
| following that person, and continuing until they find the
| bigBoss. They can then roll up the entire network in one
| fail swoop if they so choose.
| K0nserv wrote:
| This is just how push notifications work on iOS and
| Android. The app requests a push token from the operating
| system, sends that to its backend and stores it against the
| user's identity. To send a push a message is sent from the
| backend to a push service maintained by Apple or Google,
| who then deliver the push to the phone in question. In the
| case of Signal, their backend cannot access the message
| content, so the notification does not contain this, i.e.
| it's not MITM.
|
| On iOS in particular background modes are finicky and you
| cannot generally have an continuously poll notifications in
| the background. Further, if every app did this battery
| drain would be significant.
| Klonoar wrote:
| Unless I'm mistaken - and I might be or it may have changed -
| Signal notifications on iOS just tell the app "hey, something
| happened, call the service and check for updates".
|
| I.e, the push notification itself contains little to nothing
| in terms of data/metadata.
|
| You can also of course decrypt a notification by shipping an
| extension to do so, and maybe Signal does - it's been awhile
| since I poked around it. I'd just be surprised if the Signal
| team didn't analyze the issue to death and find the gaps.
| daveoc64 wrote:
| What you've said is correct, but it doesn't stop the attack
| vector described.
|
| If the question to Apple or Google is "who received a
| notification from Signal at 17:15 UTC?" then even if the
| notification is "hey, something happened, call the service
| and check for updates", you've got your answer.
| dfawcus wrote:
| To defeat it, one would have to regularly send cover
| traffic (i.e. push messages saying "nothing happened"),
| and accept that notification of messages may be delayed
| until that regular period.
|
| i.e. the app sends its push token to its back end,
| together with a "use by" date. The server sends a push by
| that time, even if there is nothing to send. In the case
| of receiving such a "nothing happened" push, the app gets
| a new token, and informs the back end server.
|
| The constraint there is how frequently Apple / Google
| will allow pushes, and how well the respective central
| server can scale to sending all of those dummy
| notifications.
|
| The cost for the mobile being extra data use, and extra
| battery from the forced wake ups. So it may have to be a
| configurable option in the app.
|
| So do Apple / Google allow at least one notification per
| hour?
| Klonoar wrote:
| I would have to imagine that a high enough level of
| traffic/users would obscure this sufficiently.
|
| e.g: If the question to Apple or Google is "who received
| a notification from Signal at 17:15 UTC?", then that
| could very well be a million people.
| acdha wrote:
| Others have mentioned the timing attacks but also payloads are
| not encrypted unless the app developers remember to build that.
| This linked essay discusses both threats:
|
| https://blog.davidlibeau.fr/push-notifications-are-a-privacy...
| TremendousJudge wrote:
| Thank you I was wondering about that. A couple of days ago I
| heard somebody mention that push notifications go through the
| backend and that it was a huge privacy issue, and I just
| couldn't believe that messaging apps that are "encrypted"
| would go through all that work just to then send the
| unencrypted message to Google's servers
| omginternets wrote:
| I noted that Apple says the governments in question are allies of
| the United States. I wonder if this is a case of American
| intelligence outsourcing the surveillance of American citizens to
| foreign intelligence. If that is indeed the case, I'd expect a
| quid pro quo.
| delfinom wrote:
| Five Eyes.
|
| https://en.wikipedia.org/wiki/Five_Eyes
| mdhen wrote:
| Yep sounds like five eyes.
| iamshs wrote:
| "democracies allied to the United States." - includes India
| too.
| smoldesu wrote:
| Maybe so, but it seems clear that the surveillance goes both
| ways:
| https://www.usnews.com/news/world/articles/2023-09-23/us-
| dip...
| iamshs wrote:
| Except that India is not spying on US Government but its
| own Apple/Google users.
| andsoitis wrote:
| > I wonder if this is a case of American intelligence
| outsourcing the surveillance of American citizens to foreign
| intelligence. If that is indeed the case, I'd expect a quid pro
| quo.
|
| Yet it is the US government who revealed it: "In a letter to
| the Department of Justice, Senator Ron Wyden said foreign
| officials were demanding the data from Alphabet's (GOOGL.O)
| Google and Apple (AAPL.O). Although details were sparse, the
| letter lays out yet another path by which governments can track
| smartphones." -
| https://www.reuters.com/technology/cybersecurity/governments...
| Terretta wrote:
| > _Yet it is the US government who revealed it_
|
| Less "the government" and more "a member of government", the
| same member who has revealed and demanded accountability when
| discovering domestic government overreach.
|
| We should choose our congress critters carefully.
| andsoitis wrote:
| Indeed. But government is also a _process_ and in this case
| I think it is fair to say that the process is leading to
| good outcomes (transparency, accountability).
| AlexandrB wrote:
| It doesn't seem like enough. The PATRIOT act has been on
| the books for 20+ years now and we only rarely get a peek
| at what it's being used for. James Clapper (in)famously
| lied to Congress[1] and still got to keep his job, so I'm
| not sure about accountability either.
|
| [1] https://en.wikipedia.org/wiki/James_Clapper#Testimony
| _to_Con...
| calvinmorrison wrote:
| Congress has so little power its becoming a vestigial
| organ. Only there to placate the masses who believe their
| vote makes any impact.
| dylan604 wrote:
| This is some wacko BS. Congress has tons of power which
| can impact your daily lives. If you think it doesn't have
| that power, you're just not well read on the subject. If
| you think modern day politics of us vs them divisiveness
| gives the impression that they cannot do any thing is a
| dangerous interpretation. It's also a bit sophomoric of
| an interpretation as well.
| agloe_dreams wrote:
| Congress very much has too much power. If it was a
| fighting game character, it would be the overpowered
| character people would want banned.
|
| Repeatedly Congress has shown that it's checks and
| balances have more power than others. If Congress picks
| the supreme court and there are multiple ways for a
| massed power to keep it's power then nobody else has any
| real power. The US system is actually rather poorly
| designed in that form.
| sonicanatidae wrote:
| >We should choose our congress critters carefully.
|
| Agreed 100% and sadly, quite rare. I'm not going to start
| naming names, because that would devolve this into a
| political conversation about the parties. That isn't this.
| I suspect most people know who the criminals are. Now to
| see if they care.
| seanmcdirmid wrote:
| It is a testament to our checks and balances, which, while
| far from perfect, are useful in preventing somewhat one
| branch from getting too much power.
| trinsic2 wrote:
| I think people put way to much trust it political
| institutions, at least at the scale of national, which are,
| for the most part, only really used to protect a certain
| classes of people, the people who run it.
|
| The problem with corruption is scale, when you have too
| large of an institution, it's easier to hide intent. I
| don't see how you can police that by voting when so much of
| what goes on is not easily seen.
|
| For every persons that gets voted in to do the right thing,
| there are 4 others who are doing the wrong thing.
| sharma-arjun wrote:
| Wyden is far removed from the part of the government which
| engages in surveillance. He's the same person who was
| questioning James Clapper in Congress about mass surveillance
| before the Snowden leaks [1].
|
| [1] youtube.com/watch?v=QwiUVUJmGjs
| knallfrosch wrote:
| That's how they circumvent the ban on domestic spying. The US
| spies on Australians* and the Australians spy on US citizens,
| then they exchange the data. Easy.
|
| *And/or other Five Eyes members.
| notaustinpowers wrote:
| What sort of metadata or information can be gathered from a push
| notification from an app like iMessage? I know a timestamp is
| there and most likely the sender's phone number.
|
| But is there some sort of sensitive info that these governments
| are trying to glean? Or is it more so they can build info maps
| and communication maps on targets?
| nprateem wrote:
| Chat message content?
| notaustinpowers wrote:
| I know iMessage is E2E encrypted, and I wonder if that
| extends to the content shown within a push notification.
| Maybe the push notification servers receive the content
| encrypted, pushes it to the device, and then decrypted on-
| device?
| keepamovin wrote:
| If you were able to do this, and you also had control of the
| person's ISP/cell network (not unusual for the threat model
| here), then one thing you could do is interfere with their
| communications, "shadowbanning" them from their
| friends/contacts. Say you used a particular app, like LINE, to
| speak to one particular friend who your "benefactors" didn't
| want you speaking with, they could drop connections between
| your device and that app's servers whenever they intercept a
| push notification from Google or Apple targeted to that app on
| your device. Effectively preventing the two parties ever
| communicating.
|
| Depending on specifics, it seems it would be possible to do
| this cleverly, so the app still thinks it's connected, but just
| never receives these messages.
|
| I'm not an expert on this, it just seems a plausible
| possibility. Best effort response to your question! :)
| acdha wrote:
| This would only work if the protocol doesn't have the concept
| of retries, which it does. They'd have to block all
| communications which would be highly noticeable - especially
| since you'd get a flurry of messages any time you opened the
| app or migrated onto a Wi-Fi network.
| keepamovin wrote:
| I suppose it depends on which protocol, and which app,
| we're talking about, but...Interesting. Good analysis!
|
| It's conceivable that connectivity checks flow to other
| servers than delivery traffic, and these are passed-
| through. Although addressing your more general critique of
| the "flurry" (good word! :)), requires noting that
| accomplishing this capability would involve compromising
| the app's servers. Such backdoors are again not outside the
| realm of possibility in the given threat model.
|
| Do you see any possibilities for interference in the push
| interception capability described?
| multiplegeorges wrote:
| Compromise a single phone in a target group, send a message to
| an anonymous chat, and you now know every other member of the
| group.
|
| Apple needs to know your Apple ID to send you an APNS payload.
| Now your anonymous chat profile is tied to your real Apple ID.
| Busted.
| Klonoar wrote:
| This is not necessarily true. You're assuming that all the
| info is in push notifications themselves.
|
| E.g: if I get a push notification that is simply "you have a
| new event, poll the server", and then I poll the server for
| (encrypted) batch updates, where exactly do you see the leak
| that ties an anonymous profile to an Apple ID? Given a large
| enough service, that same generic batch update endpoint would
| be getting hammered and I have to think it would effectively
| be camouflaged to a degree.
|
| Granted, not every app is going to use this design - but if
| or when done properly I don't see that much of an issue here.
|
| (I am open to being wrong, mind you)
| paulirotta wrote:
| Metadata in this case apparently means Apple and Google are
| helping find "this real user connected to that real user at this
| time". So governments may or may not be able to decrypt a push
| message payload, or data delivered because of that payload.
| tadfisher wrote:
| FCM messages are not encrypted end-to-end, that's up to the app
| backend/client to do themselves.
| omginternets wrote:
| An interesting point in Glenn Greenwald's book is that metadata
| is often more informative than the "real" data.
|
| Consider:
|
| 1. A phone call in which Mrs. Smith talks to a receptionist to
| set an appointment with a doctor for 9:30 next Wednesday.
|
| Vs.
|
| 2. Knowing that Mrs. Smith called an abortion clinic.
|
| #2 seems like a bigger violation of privacy. Metadata is the
| real data.
| cultureswitch wrote:
| Exactly. Metadata is how you go from pwning the phone of one
| dissenter to learning about their whole group.
| r3d0c wrote:
| how will actual data not be more informative? you can easily
| infer what the appointment was because the phone call will
| mention the name of the doctor or office and you can look
| that up plus all the details they discuss
|
| you'd still have to look up who the doctor they called is
| from the metadata; it's still info but absolutely not more
| informative than the real data
|
| so this line of thought makes no sense, and glenn greenwald
| should be looked at very skeptically in general, he sounds
| smart but when you look at his logic closer it breaks down
| omginternets wrote:
| >you can easily infer what the appointment was because the
| phone call will mention the name of the doctor or office
| and you can look that up plus all the details they discuss
|
| You're assuming these things are mentioned. "Hi, I'd like
| to book/confirm an appointment with Dr. Jones." doesn't
| leak information about "abortion".
|
| Yes, these things obviously depend on what information is
| transmitted. The point, however, is that metadata more
| reliably transmits sensitive information than does "the
| data".
| r3d0c wrote:
| > You're assuming these things are mentioned. "Hi, I'd
| like to book/confirm an appointment with Dr. Jones."
| doesn't leak information about "abortion".
|
| yes it does.. just look up who dr jones is; is the
| metadata going to say "this lady is getting an abortion"
| ?
| omginternets wrote:
| I think you're nit-picking and failing to address the
| broader point.
|
| 1. The conversation may or may not contain information
| pertaining to an abortion.
|
| 2. The metadata (namely: "it's an abortion clinic")
| inherently contains such information.
|
| The point is that metadata is usually the more
| interesting data.
| withinboredom wrote:
| God forbid if you are just going on a date with someone who
| works at an abortion clinic.
| c0pium wrote:
| Or applying for a job, or surveying local businesses for a
| story, or transposed the numbers, or...
|
| It can simultaneously be true that metadata contains less
| information than real data and that metadata is still
| dangerous. But when one is known for breathless hyperbole,
| should we be surprised when that's what we get?
| omginternets wrote:
| Yeah, false positives are a doozy, and I don't see many
| guardrails in place to prevent the intelligence community
| from acting upon them :/
| flandish wrote:
| > doozy
|
| They're not just a "doozy" they're downright fascist
| authoritarian. Even the positive positives are
| infringements.
| gosub100 wrote:
| This is tangential to a comment I read (probably on HN)
| perhaps a decade ago, when scandals were being reported that
| laptop webcams could (surprise!) be activated remotely and
| people/kids being spied on (I think the article was a school-
| issued laptop disciplining a child from evidence gathered by
| the webcam at the child's home).
|
| Someone pointed out that, while being _watched_ is creepy,
| the real damning information on people actually comes from
| being _listened to_.
| achairapart wrote:
| They already "kill people" based on metadata alone, at least
| since 2014.[0]
|
| [0]: https://www.nybooks.com/online/2014/05/10/we-kill-people-
| bas...
| just_steve_h wrote:
| This is a widely under-appreciated fact!
| world2vec wrote:
| Pardon my ignorance but would block all push notifications stop
| this specific act of surveillance? I usually don't need any
| notifications' content on the screen apart from "you have a new
| message on <app>, go check it". Or is that what's being discussed
| here?
| ksynwa wrote:
| The article says that Google and Apple know about the push
| notifications being shown on the phone and governments can make
| these companies turn over customer data.
|
| I'm not sure if it only covers (for example) the unified
| notification service on Android or whether Apple and Google
| know of notifications that don't make use of that API. It's not
| clear from the article.
| g-b-r wrote:
| I don't know about Apple but on Android it's almost a capital
| sin to strive to use other services, and they work a lot
| worse than GCM (because of all the artificial limitations
| that Google imposed over the years).
| unyttigfjelltol wrote:
| It does seem to be notifications on the phone, but (a) that's
| incredibly surprising and disturbing and (b) it's really
| unclear why or how that would work when a phone is disconnected
| from the network. In any event, Google inserting themselves
| into notifications would be tantamount to reading all my email,
| texts and everything else, so ... why wouldn't this be
| restricted to opt-in? Many questions.
| alexjm wrote:
| A push notification is generally what creates the "you have a
| new message on <app>" red bubble.
| MR4D wrote:
| Ron Ryden has been barking up this tree for a long time:
|
| https://www.wyden.senate.gov/issues/secret-law
|
| https://www.wyden.senate.gov/news/press-releases/wyden-colle...
|
| https://www.wyden.senate.gov/news/press-releases/wyden-intro...
|
| https://www.wyden.senate.gov/priorities/gps-act
|
| https://www.wyden.senate.gov/news/press-releases/wyden-relea...
| InSteady wrote:
| Nine times out of ten, when there's a news piece about a
| senator advocating for privacy and constitutional rights with
| regards to tech, it's senator Wyden. He's on the senate
| intelligence committee and has a decent track record of getting
| shit done with bipartisan support, so he's not just virtue
| signaling for votes either (not to mention that he's basically
| unbeatable in state election with all the support he has in
| Oregon). He's 74 years old, I do hope someone will step up and
| carry the torch when he retires. It's a losing battle but it's
| still important that we have someone who is competent and well
| respected to fight it for us.
| matthewfcarlson wrote:
| I know it's the Oregonian in me and getting to meet him as a
| kid where he spent a decent amount of time with my class, but
| he strikes me as a senator that Oregon can be proud of. I
| might not agree with him on everything, but in my personal
| opinion, he's advocating and pushing for change on what he
| personally believes in. Makes me wish my current senator was
| more like that.
| digging wrote:
| > he's advocating and pushing for change on what he
| personally believes in
|
| That's certainly a step above many of the grifters we have
| in government, but it's also not necessarily a good thing.
| People can truly believe in stuff that's harmful or flat
| out wrong.
| soraminazuki wrote:
| He even inspired Snowden to expose the illegal mass
| surveillance programs. IIRC Snowden reached a breaking point
| when James Clapper, then director of national intelligence,
| lied under oath to Congress when pressed about domestic
| surveillance by senator Wyden.
|
| It's sad we don't hear more about people like this in positions
| of power.
| iwontberude wrote:
| Good thing there is no penalties for lying under oath
| anymore. That pesky rule of law was so long in the tooth.
| soraminazuki wrote:
| There are instead life destroying penalties being handed
| out to whistleblowers. What a world we live in.
| wkat4242 wrote:
| Um try that in a normal court as a citizen and you get your
| ass handed to you. Only the powerful get exceptions.
| BLKNSLVR wrote:
| Viva la France
| hanniabu wrote:
| Google tells me perjury is still very much a thing. Do you
| have a source?
| zer00eyz wrote:
| His position on it has been clear for a while:
|
| 2008: https://en.wikipedia.org/wiki/Foreign_Intelligence_Surv
| eilla...
|
| The votes:
| https://www.govtrack.us/congress/votes/110-2008/s168
|
| But this is a MUCH older issue:
| https://en.wikipedia.org/wiki/Room_641A
|
| And if you don't know about Quest:
| https://en.wikipedia.org/wiki/Joseph_Nacchio
|
| The entire time period of the Bush admin is a microcosm for
| unresolved issues of today: Voting machines, government over
| reach and spying, security, encryption, copyright, bad
| behavior by corporate entities (M$ has a cohort).
| Der_Einzige wrote:
| Gosh I am so happy to have like the best senator in the senate
| next to Bernie Sanders in Oregon.
|
| Oregon is an extremely based state. Y'all crap on PDX but the
| reality is that we have more freedom and less tyranny here than
| in any other state in the nation, and possibly in the world.
| PDX is "bad" because it's one of the only places in the world
| that hated the cops enough to actually muzzle them - and not
| living in fear of the boot is worth needing to deal with
| homeless people.
|
| Want to smoke weed? Check (lowest prices in the world). Want to
| do psychedelics? (functionally legalized) Check. Want to shoot
| guns? (relatively lax gun laws for a blue state) Check. Want to
| not be spied on? As check as Ron Wyden can make it!
| anonymouskimmer wrote:
| > Want to smoke weed?
|
| The tyranny of the masses is still a tyranny. I'd personally
| like to move to a state where all smoking, but at least weed
| smoking, is illegal. I _really_ don 't like second hand
| smoke, especially when it smells and hangs as much as weed
| smoke does.
| drekk wrote:
| It's already not legal to smoke in public for weed and in
| most places for cigarettes. Frankly I don't think outright
| prohibition addresses that any better than the existing
| system. Nor do I see how having bodily autonomy is
| necessarily a tyranny of the masses.
|
| In all seriousness, Utah sounds like your ideal so long as
| you stay outside of Salt Lake City. I'm glad to no longer
| be a resident
| anonymouskimmer wrote:
| > Utah sounds like your ideal
|
| Not enough trees. Nor enough employment in my non-
| remoteable field.
|
| Public smoking is a concern, but the smoke will leak even
| if smoked inside of a home. With edibles and inhalers I
| don't understand why people thought it was a good idea to
| legalize marijuana smoking.
|
| > Nor do I see how having bodily autonomy is necessarily
| a tyranny of the masses.
|
| Generalizing the principle of the swinging your fists
| near someone else's nose saying.
| mandmandam wrote:
| Your sense of smell is subjective, and not a good reason
| for legislation.
|
| You do know that, right? I'm not detecting any humour
| markers...
| anonymouskimmer wrote:
| > Your sense of smell is subjective, and not a good
| reason for legislation.
|
| You do understand that many tort suits, and outright
| laws, are over subjective harms, right? (trash in
| neighbors yards, loud sounds late at night, smells from
| chemical industries, etcetera) That laws such as
| disability protection laws exist?
|
| https://www.chemicalsensitivityfoundation.org/index.html
| mandmandam wrote:
| ... None of your examples are like for like.
|
| Lots of people love the smell of cannabis. No one loves
| "trash in neighbors yards, loud sounds late at night,
| smells from chemical industries".
|
| Arguing in bad faith is lame dude.
| anonymouskimmer wrote:
| > trash in neighbors yards
|
| There are entire messy neighborhoods.
|
| > loud sounds late at night
|
| People sleep at different times of the day.
|
| > smells from chemical industries
|
| People who lack a sense of smell don't care.
|
| Special pleading for marijuana smoking is also lame.
| bigstrat2003 wrote:
| I don't agree with that. If blasting music can be a
| matter for legislation (nuisance laws and the like), then
| so can bothering people around you with the reek of
| smoking weed.
| mandmandam wrote:
| As mentioned, there are already laws around smoking in
| public.
|
| OP is complaining that he might get a whiff coming from
| his neighbors house.
| anonymouskimmer wrote:
| https://www.greenstate.com/explained/where-is-it-legal-
| to-sm...
|
| > In a few states, however, public consumption is
| completely tolerated or allowed in licensed lounges and
| designated areas.
|
| And the laws as is make it easy for people to lie to the
| police about exactly where they were when they were
| smoking the weed.
| bozhark wrote:
| Because that doesn't matter and this is a useless
| argument.
| bozhark wrote:
| This comment is rather obtuse.
|
| You want to live in a state where all smoking is illegal?
|
| Because you don't like the smell of weed smoke?
|
| How interesting.
| arcticfox wrote:
| > Want to smoke weed? Check (lowest prices in the world)
|
| One of the biggest reasons I'm happy I moved away from my
| home in Oregon. The second-hand weed smoke is gross.
| HumblyTossed wrote:
| It should only[0] be meta data, though. The push notification
| should signal the app that there is data to fetch, then the app
| goes and fetches it. The push notification itself should carry
| none of the data.
|
| [0] still bad though and they should stop.
| MaxikCZ wrote:
| I so hate when people put words "only" and "metadata" in the
| same sentence... They know you rang a phone
| sex line at 2:24 am and spoke for 18 minutes. But they don't
| know what you talked about. They know you called
| the suicide prevention hotline from the Golden Gate Bridge. But
| the topic of the call remains a secret. They know
| you got an email from an HIV testing service, then called your
| doctor, then visited an HIV support group website in the same
| hour. But they don't know what was in the email or what you
| talked about on the phone. They know you received
| an email from a digital rights activist group with the subject
| line "Let's Tell Congress: Stop SESTA/FOSTA" and then called
| your elected representative immediately after. But the content
| of those communications remains safe from government intrusion.
| They know you called a gynecologist, spoke for a half hour, and
| then called the local abortion clinic's number later that day.
| HumblyTossed wrote:
| Dude, did you read my point? I said it was still bad.
| fsflover wrote:
| "Still bad" strongly underestimates the problem. Metadata
| often is _more_ important than the data as demonstrated in
| the above examples.
| HumblyTossed wrote:
| But my intention was to point out that actual content
| wasn't being transmitted and that "only" meta data was
| gleaned since some people seem to think that chat
| messages are being scooped up. Other people have rightly
| pointed out that meta data is bad and why and I didn't
| feel the need to reiterate that.
| fsflover wrote:
| It's not the intention that matters but the execution.
| 2OEH8eoCRo0 wrote:
| I disagree. Thieves can't steal my money from my bank
| with metadata.
| fsflover wrote:
| They might, using social engineering and knowing a lot
| about your connections.
| 2OEH8eoCRo0 wrote:
| That's a stretch, you can use social engineering to do
| essentially anything then.
| fsflover wrote:
| Not if you know nothing about your target.
| acdha wrote:
| I don't agree with them plagiarizing the EFF's blog post[0]
| but I think it is a mistake to use "only". Both can be
| damaging and neither is clearly more or less bad since so
| much depends on the circumstances - like if the police have
| compromised one party in a conversation, they already have
| the payload so the real risk would be things like location
| data. We should probably treat both of those as equivalent
| risks until enough specific details about a situation are
| available to say which is riskier.
|
| 0. https://ssd.eff.org/module/communicating-others
| HumblyTossed wrote:
| But my intention was to point out that actual content
| wasn't being transmitted and that "only" meta data was
| gleaned since some people seem to think that chat
| messages are being scooped up. Other people have rightly
| pointed out that meta data is bad and why and I didn't
| feel the need to reiterate that.
| Spivak wrote:
| Push notifications don't signal an active line of
| communication like that though nor do they connect who's
| talking, only the means. In all your examples the equivalent
| would be "They know someone called you."
|
| "They know you got a push from McDonalds at 11am"
|
| "They know you got a Slack message at 2pm"
|
| All metadata is not created equal.
| 2OEH8eoCRo0 wrote:
| It's important but what do we do about it?
|
| You're using the internet afterall which isn't your network-
| it's someone else's! When you send a packet there is a header
| w/ information required for routing. Some call this the
| "outside of the envelope" if using the mail analogy. We can
| pass the buck by using a VPN but this also adds a VPN org
| that we need to trust. On the other hand, it's not your
| network! Why do you think you have a right to absolute
| secrecy and anonymity on someone else's network?
| g-b-r wrote:
| So every person in the world should build his own
| "network"?
| I_Am_Nous wrote:
| No, it's just a case of facing reality. The internet is
| built by other people and we have to trust (or not) that
| they are going to honor the responsibility that entails,
| from security to ethics. The internet is also funded by
| learning as much as possible about users in general so
| using the internet is accepting that you will be tracked.
| Increasing personal security is good, but no silver
| bullet.
| g-b-r wrote:
| If with that you mean that users should be aware of the
| risks ok, if that they should accept them as inevitable
| no.
|
| What's funded by tracking as much as possible is the
| current perverse part of internet, it definitely wasn't
| always like that and doesn't need to be.
|
| I hope that that perspective comes from someone that
| hasn't lived anything before Facebook.
| I_Am_Nous wrote:
| I'm not saying things shouldn't change, just that the
| reality we live in right now is that using the internet
| means you are tracked. Of course we shouldn't just accept
| that and not push back, and of course we should build
| things like the internet we had before social media
| "became the internet".
|
| Being aware of the tracking and risks means people can
| make efforts to reduce the tracking, but it's almost
| becoming impossible to use the internet if you don't
| AGREE to the tracking in many cases, such as websites
| that won't risk GDPR violations and chooses to deny
| access to people blocking cookies entirely.
|
| People who remember the old internet want it back, people
| who grew up with social media don't know what they're
| missing, and there's not much we can do to convince
| people to care about changing the DNA of the internet so
| that it's no longer perversely gobbling up all data.
| hedora wrote:
| This requires legislation, and a court system that
| upholds the law.
|
| In the US, the courts just decided there's no right to
| privacy (despite what the 4th amendment says) as part of
| rolling back Roe v. Wade.
|
| So, the path forward is to vote in legislators that
| respect basic human rights, followed by court packing (or
| just impeaching the judges that have been publicly
| accepting bribes and failing to recuse themselves on
| cases where they have a clear conflict of interest).
|
| Since the above is supported by way more than 50% of the
| US population, the main obstacles are gerrymandering and
| ending the currently common practice of appointing
| blatently corrupt judges to state supreme courts (and
| also restoring recently stripped powers to state
| governors, since they're elected via simple majority).
| I_Am_Nous wrote:
| Exactly, and all of that is hard and slow. We live in the
| now, with the internet tracking our every move by current
| design. Pretending it isn't tracking us doesn't mean it
| actually isn't.
|
| People are generally keeping themselves monitored as they
| use the internet. It's a panopticon with more steps. So
| it's no surprise governments are using the plaintext of
| anything they can find to track people.
|
| And if people don't care about that because they are more
| focused on their pet political issue, it will never
| change, and silently get worse.
| fsflover wrote:
| Related: https://news.ycombinator.com/item?id=38543587
|
| Apple Confirms Governments Using Push Notifications to Surveil
| Users (macrumors.com)
| jeffbee wrote:
| Is anyone surprised? Why would there be pen registers, and tap
| and trace for phone calls and email, but not for other traffic?
| The ability of governments to do secret surveillance of such
| metadata is well established in law and jurisprudence, variously
| in various countries.
|
| It is a Weird Nerd Thing to believe that old laws can't apply to
| new computer thing.
| chatmasta wrote:
| This, to me, is the more disturbing part of the article:
|
| > In this case, the federal government prohibited us from sharing
| any information," the company said in a statement. "Now that this
| method has become public we are updating our transparency
| reporting to detail these kinds of requests.
|
| What is the point of transparency reports if they don't include
| major vectors of government surveillance?
|
| IMO such gag orders shouldn't be legal when applied to dragnet
| surveillance. If you want to gag a company from notifying an
| individual they're being surveilled (with a warrant), then fine.
| But gagging a company from disclosing untargeted or semi-targeted
| surveillance, especially if it involves American citizens, seems
| like it should be unconstitutional on free speech grounds.
| cultureswitch wrote:
| Seems like a pretty open and shut case of unconstitutional
| restriction of speech in the US. Especially when you consider
| the wording of the Apple communication saying that they can
| talk about it openly now that it's public knowledge.
| indymike wrote:
| > Seems like a pretty open and shut case of unconstitutional
| restriction of speech
|
| I wish it didn't cost a lot of money and years of your life
| to beat these over-reaches.
| iAMkenough wrote:
| Given the US has a 4th Amendment-free zone within 100 miles
| of all national borders in the name of national security, I
| expect the same justification and level of oversight here.
|
| https://www.aclu.org/documents/constitution-100-mile-
| border-...
| forward1 wrote:
| This is a common misconception. The 100 mile radius does
| not waive 4th Amendment protection. A reasonable suspicion
| of immigration law violation is still required to detain,
| search and ultimately arrest individuals. To wit: please
| name a single instance of someone having their rights
| abused by this so-called "zone".
| lolinder wrote:
| This article [0] lists several cases of warrantless
| searches, one of which was in Florida. Apparently that
| 100 mile radius isn't just from the Canadian border or
| the Mexican border, it's also 100 miles from _any_ coast,
| which means that 2 /3 of the population _lives_ within
| that radius.
|
| As far as "reasonable suspicion" goes, I'm increasingly
| unwilling to support the right of law enforcement to
| independently, without oversight, determine what is
| "reasonable".
|
| [0] https://www.nationalreview.com/2018/02/border-patrol-
| warrant...
| forward1 wrote:
| Where is the "warrantless search"?
|
| > [CBP officers] demanded proof of citizenship from the
| passengers
|
| > CBP officers boarded a bus in Bangor, Maine
|
| None of those are searches, they are temporary detentions
| with strong legal basis and case law going back to Terry.
| To wit:
|
| > most people have no idea that they can refuse to be
| searched at a roadblock or bus boarding
|
| Ignorance of the law != warrantless searches. Arm
| yourself with knowledge, just as the Founding Fathers
| intended.
| lolinder wrote:
| > strong legal basis and case law going back to Terry
|
| I frankly don't care what's legal or not at this point.
| The surveillance and police state has gotten out of
| control, and needs to be rolled back. If we constantly
| just accept past precedent as dictating our future, our
| rights will be chipped away one by one.
|
| I don't want to live in a society where I can be stopped
| and asked for identification by law enforcement at any
| time. Most Americans don't, that's why we still don't
| have a proper national ID. I consider that to be a
| warrantless search regardless of what the law currently
| says.
|
| > Arm yourself with knowledge, just as the Founding
| Fathers intended.
|
| I find that most people who pretend to speak for "the
| Founding Fathers" are extremely ignorant of the actual
| motivations of these people who lived 200 years ago. I
| won't pretend to speak for them, but I will note that I
| strongly suspect that the smugglers and tax evaders who
| signed the Declaration of Independence would probably not
| be in favor of the ever-growing police state we have
| today.
|
| Regardless, what they wanted is immaterial--they set up
| this country for us, and presumably expected us to lead
| it after their deaths.
| forward1 wrote:
| > I frankly don't care what's legal or not at this point.
|
| Oh, but you should - your freedom may depend on it.
|
| > police state has gotten out of control, and needs to be
| rolled back
|
| Maybe, but this is the world we presently find ourselves
| living in, and we can either choose to become empowered
| with knowledge about it, or throw a hyperbolic tantrum
| and wish for the moon.
|
| > I don't want to live in a society where I can be
| stopped and asked for identification by law enforcement
| at any time.
|
| You don't, at least not in the US. If you took more time
| to care about the laws you decry, you would know there is
| no such requirement, unless you have been suspected of a
| crime by a lawful sworn agent of the state. Which is a
| reasonable compromise in a society.
|
| > smugglers and tax evaders who signed the Declaration of
| Independence ... would probably not be in favor of the
| ever-growing police state we have today
|
| I agree. Those individuals knew well what an unchecked
| government can do, and took many reasonable precautions
| to safeguard against such infringements and tyranny. They
| were of course imperfect in their implementation, but the
| principals they set forth (freedom of speech, defense,
| religion, &c.) formed a radically different society to
| anywhere else on the planet today. Which is why I'm
| always puzzled when people disregard their hard work to
| take some agency's word and propaganda at face value,
| rather than consulting the original tenets which founded
| this great country.
| withinboredom wrote:
| > unless you have been suspected of a crime by a lawful
| sworn agent of the state.
|
| They generally ask. If you refuse, you are now suspected
| of a crime. If you refuse again... well, I hope you like
| the back of a squad car.
|
| Source: went for a walk in my own neighborhood at 3am.
| lolinder wrote:
| > You don't, at least not in the US. If you took more
| time to care about the laws you decry, you would know
| there is no such requirement, unless you have been
| suspected of a crime by a lawful sworn agent of the
| state.
|
| If you took the time to _read_ the article I sent you,
| you would know that CBP asserts that it has the right to
| get onto any bus at any time and demand to see proof of
| citizenship for anyone on board.
|
| You can wave the book at me all day long, but what
| actually matters is how the law is implemented in
| practice, and it's pretty clear that law enforcement
| does, in fact, claim the right to stop anyone at any time
| and ask for ID.
| ddalex wrote:
| Not sure why down voted. Even the quoted article states:
|
| > Border Patrol, nevertheless, cannot pull anyone over
| without "reasonable suspicion" of an immigration
| violation or crime (reasonable suspicion is more than
| just a "hunch"). Similarly, Border Patrol cannot search
| vehicles in the 100-mile zone without a warrant or
| "probable cause" (a reasonable belief, based on the
| circumstances, that an immigration violation or crime has
| likely occurred).
| JohnFen wrote:
| In practice, "reasonable suspicion" means "whenever they
| want."
| forward1 wrote:
| The potential to abuse power is not a reason to disavow
| it.
| Hizonner wrote:
| Yes, yes it is.
| ddalex wrote:
| If you're taking this view, any armed forces can do
| whatever they want and the constitution is just a piece
| of paper.
|
| In practice, the evidence gathered by unlawful searches
| is going to be discarded in a court of law. Other wise
| said, there is no carving in penal law for "100 miles "
| from the border.
| JohnFen wrote:
| > If you're taking this view, any armed forces can do
| whatever they want and the constitution is just a piece
| of paper
|
| I don't understand how you reach this conclusion.
|
| > In practice, the evidence gathered by unlawful searches
| is going to be discarded in a court of law
|
| Yes, of course. What I'm talking about is the threshold
| for when evidence is considered "unlawful".
|
| The "reasonable suspicion" threshold is intentionally an
| extremely low bar. Low enough that it's barely a
| meaningful threshold. In practice, it's incredible easy
| for any officer to make up some articulable suspicion for
| pretty much anything.
| quesera wrote:
| > _evidence gathered by unlawful searches is going to be
| discarded in a court of law_
|
| Maybe. Probably? But this isn't always the critical
| question.
|
| Sometimes, "You May Beat the Rap, But You Can't Beat The
| Ride" _is_ the problem.
| a_wild_dandan wrote:
| https://radiolab.org/podcast/border-trilogy-part-1
|
| Poor school kiddos. :( Anyway, if you prefer text, click
| the transcript. I recommend listening though, if you have
| time!
| forward1 wrote:
| The format of this podcast is insufferable, like
| listening to two befuddled people in a retirement home
| exchange "witty" banter.
|
| I looked it up though. This was 30 years ago. The court
| issued Border Patrol an injunction and protected students
| from discimination. A perfect example of the legal system
| acting justly and prudently, which only supports my
| argument that unbridled searches within 100 miles of the
| border is hyperbole only.
| autoexec wrote:
| Not to get too far off on a tangent here, but I can't
| agree more. This style of podcast where a simple story is
| endlessly drawn out with unnecessary audio being
| inserted, useless details, and constant repetition
| without getting to the point makes getting any
| information at all feel like pulling teeth. I've seen it
| imitated in other podcasts too so the poison is
| spreading.
| bryanrasmussen wrote:
| How exactly do you bring suit on this matter?
|
| Hey we would like to bring suit because the government says
| we can't talk about them doing X. Oh no, that would be
| talking about doing X!!
| alfiedotwtf wrote:
| https://en.m.wikipedia.org/wiki/Third-party_doctrine
| onionisafruit wrote:
| I don't think third-party doctrine applies to the gag
| order, but it is relevant to the surveillance being
| discussed in this post.
| jjtheblunt wrote:
| Free speech: are you saying it is guaranteed for companies?
| calvinmorrison wrote:
| perhaps that democracy is not effective when the state organs
| are unelected bureacrats with guns
| Clubber wrote:
| I'm not sure why you're being downvoted. That's been a common
| charge against our vast unelected bureaucracy, most of whom
| hold qualified immunity. We're trillions of dollars in debt,
| maybe it's time to peel some of it back a little.
| gowld wrote:
| Downvotes are possibly because the unelected bureaucrats
| with guns are overseen by the elected Executive and
| Legislature.
| Clubber wrote:
| Are they though? How about the FDA getting most of its
| funding by the companies they are supposed to regulate?
| It's comforting to just trust that bureaucracies are
| doing what's good for the country, but also naive.
|
| https://aspe.hhs.gov/sites/default/files/documents/e4a791
| 060...
|
| How about the NSA spying on congress?
|
| https://www.theguardian.com/world/2014/jan/04/nsa-spying-
| ber...
|
| How about the ATF making up laws?
|
| https://nclalegal.org/2019/09/atf-admits-it-lacked-
| authority...
|
| The only teeth congress has with these bureaucracies is
| the power of the purse.
| JohnFen wrote:
| > The only teeth congress has with these bureaucracies is
| the power of the purse.
|
| Not true. Congress can make laws defining what those
| agencies are and are not allowed to do.
| Clubber wrote:
| And if the agencies go outside the bounds of those laws
| like some currently do?
| JohnFen wrote:
| Then those who are victimized take it to court. If the
| agency committed an actual crime, then there's a path for
| that to be prosecuted as well.
|
| It's certainly not a perfect system, but it's
| successfully done all the time.
| Clubber wrote:
| >> The only teeth congress has with these bureaucracies
| is the power of the purse.
|
| >Not true. Congress can make laws defining what those
| agencies are and are not allowed to do.
|
| >And if the agencies go outside the bounds of those laws
| like some currently do?
|
| >Then those who are victimized take it to court.
|
| Right, the court isn't congress. My point was the only
| teeth congress has in regards to the bureaucracies is the
| power of the purse.
|
| >successfully done all the time.
|
| It depends on how you define successfully. I mean they
| employ people, is that good enough? Do you think they
| would be more or less effective with a 20% haircut? I
| don't really know, but members congress probably don't
| either. Plus, it's bad politics to cut jobs come election
| time, right? Seems like a perverse incentive for the
| people charged overseeing the bureaucracies.
| patmorgan23 wrote:
| Congress can impeach the appointed officers that allowed
| those violations to happen.
|
| Congress can create new criminal/civil remedies and then
| create an office tasked just with enforcing them.
| frumper wrote:
| Congress created these agencies, they can write laws that
| fundamentally change how they work, what they do, and
| what they focus on. They can even just disband these
| agencies. Congress has all of the power it needs. If they
| don't use it, maybe what you think should happen doesn't
| align with the majority of Congress.
| calvinmorrison wrote:
| You're assuming that the shadow government can't or won't
| institute regime change when it's threatened. The US
| Government killed a president, why wouldn't it blackmail
| congress as well?
| frumper wrote:
| With this belief, does anything really matter?
| calvinmorrison wrote:
| you're right.... The CIA and, by extension, the US
| government as a whole (or any subgroup thereof) have
| never altered the outcome of elections anywhere for
| regime change, and have never instigated color
| revolutions for regime change.
| frumper wrote:
| If your belief is correct in that the Congress and
| President are coerced into doing what the shadow
| government wants, then they would have zero need for a
| revolution or regime change in the United States.
| briffle wrote:
| Would you prefer elected bureacrats with guns? That scares me
| more.
|
| Perhaps we just go with rock solid transparency laws...
| calvinmorrison wrote:
| It's a sad day when HN is defending the Patriot Act.
| electrondood wrote:
| It's more that your parent comment was disingenuous.
| wl wrote:
| At least elected bureaucrats are theoretically accountable
| to the electorate. The gripe comes from things like the
| unelected bureaucrats at the US Department of Justice
| deciding that as part of implementing the Americans with
| Disabilities Act, there are only two limited and inadequate
| questions you can ask of someone with an apparently bogus
| service dog _or else_. That rule didn 't come from the
| people who wrote the law.
| JohnFen wrote:
| Those unelected bureaucrats play by the rules set by
| elected bureaucrats, though.
|
| > That rule didn't come from the people who wrote the
| law.
|
| But lawmakers can write a law to address that.
| kec wrote:
| In practice that shouldn't matter, as the law states that
| any service animal can be turned away so long as the
| business provides accommodation to the human (which is
| the point of the limited questions).
|
| The fact this rarely happens is more due to people not
| actually knowing the law and typically wanting to avoid
| potential conflict.
| gosub100 wrote:
| "people not knowing the law" can be a symptom of
| bureaucracy though. How many pages of law do you think
| exist to open a bagel shop or add a room to your house in
| SFO?
| kec wrote:
| How is that relevant to the example of enabling disabled
| folks to interact with society & some bad actors abusing
| it?
| gosub100 wrote:
| It's a remark about the broader topic of bureaucracy and
| how you can't blame people for not knowing the nooks and
| crevasses of modern liberal legislature. You know, "We
| have to pass the bill so that you can find out what is in
| it."
| mistrial9 wrote:
| history has shown that clumsy bureaucrats with slow erosion
| of rights is still superior to belligerents with guns in a
| mob
| titzer wrote:
| Nine times out of ten, the person saying this will turn
| around and complain about all the "political hacks" running
| things, referring to political appointees with no experience
| or background in the area of government they are tasked to
| run.
|
| The term "unelected bureaucrats" applies to people like...I
| dunno, the director of the NIH and field office managers.
| Heck, even a police captain is an "unelected bureaucrat".
| Sheesh.
| explaininjs wrote:
| The director of the NIH is a prime example of a position
| the people should have direct control over. As is the
| police captain. Are you claiming otherwise? Have we really
| forgotten about 2020 so soon?
| metabagel wrote:
| People are already overwhelmed by having to vote for the
| superintendent of their sanitation district
| explaininjs wrote:
| That's part of the ploy. Give people a million menial
| jobs to elect so they feel exhausted by the process
| instead of demanding to have control over the real power.
|
| See also the California senators, which have at this
| point been unilaterally appointed by Gavin rather than
| elected by the people. If that wasn't bad enough, he
| appointed this latest one based on a personal promise
| made to put a Black woman in the seat, in exchange for
| some union to aid in his personal election campaign.
|
| If anyone cared about civics, separation of power, or
| indeed democracy itself, there'd be rioting in the
| streets.
| sonicanatidae wrote:
| >What is the point of transparency reports if they don't
| include major vectors of government surveillance?
|
| The feels.
| criddell wrote:
| It's more than that, IMHO.
|
| I think companies publishing whatever they can is a good
| thing. We would be worse off if they took the attitude of _if
| we can 't publish everything we might as well publish
| nothing_.
| JohnFen wrote:
| Publishing whatever they can is a good thing.
|
| But this is also a great reminder that there's a bunch of
| things they can't publish -- so "transparency reports" are
| of extremely limited value. Their greatest value is
| encouraging people to have a false sense of security.
| sonicanatidae wrote:
| I'm infinitely more cynical about corporations. For me,
| it's _always_ about what they can do to mitigate any and
| all possible blame, regardless of circumstance, context,
| and the world itself. Always.
| AshamedCaptain wrote:
| > What is the point of transparency reports if they don't
| include major vectors of government surveillance?
|
| How many times did those of us who knew all of this to be a
| farce warned about this?
| titzer wrote:
| > But gagging a company from disclosing untargeted or semi-
| targeted surveillance, especially if it involves American
| citizens, seems like it should be unconstitutional on free
| speech grounds.
|
| I see you have not read the Patriot Act, an Orwellian double-
| speak of a title if there ever was one.
| onlyrealcuzzo wrote:
| Is it really that hard for the government to get a warrant
| for a suspected terrorist?
|
| Is there any data on how often they're surveilling people
| without warrants vs with warrants?
|
| This seems like important info to know.
| gleenn wrote:
| You're missing the point, in this case they don't even need
| the warrant at all. And yes, it is because you would have
| to ask a judge for each and every person surveiled and then
| provide a reason. They wouldn't have any reason for the
| drag net and would be denied.
| wredue wrote:
| Having data on illegal searches would require an insider
| leaking that information. Nobody has any semblance of a
| clue how much illegal data sniffing is happening, and it's
| even more questionable since the USA and five eyes
| continues to degrade basic privacy.
|
| But won't someone think of the children!?
| pc86 wrote:
| The first "paper" I ever wrote was an anti-USA PATRIOT Act
| paper for a scholarship competition in 2003 when I was 17
| where I was awarded $1,000. Literally the only thing I
| remember is what the acronym USA PATRIOT stands for.
|
| Uniting and Strengthening American by Providing Appropriate
| Tools Required to Intercept and Obstruct Terrorism.
|
| It really is one of the best double-speak bill titles ever.
| curation wrote:
| cool!
| user3939382 wrote:
| If I'm not mistaken they're called NSLs and the legality of
| them when challenged are reviewed by a secret court with secret
| laws that have secret interpretations of words. The whole thing
| as far as I can tell is an out of control nightmare and our
| corrupt congress doesn't give a shit.
| chatmasta wrote:
| Actually quite a few members of congress do give a shit.
| Unfortunately they're the same members of congress maligned
| as MAGA extremists or whatever (in some cases that might be
| accurate, but it doesn't mean they're wrong about every
| political position they hold).
|
| If you actually take a second to listen to Matt Gaetz, for
| example, you might be surprised to learn his (rather
| principled) positions are much closer to those of AOC than to
| President Orange, at least in some dimensions. He wants to
| require single-issue bills, and to completely eliminate
| FISA-702. Ironically, it seems like FISA will be reauthorized
| as part of an omnibus spending bill...
| user3939382 wrote:
| I meant Congress as a body doesn't care, which IMHO is
| proven by the fact that decade after decade congress as a
| body does nothing to remedy these problems. Actually the
| 1984 nightmare just gets worse.
|
| Support from members here and there is nice but in reality
| for the 20 years I've been paying attention has resulted in
| nothing.
| ChrisRR wrote:
| This is why I never believe Apple's "We're super serious about
| your privacy!"
|
| That is until a government asks them to do things behind the
| scenes.
| jwnin wrote:
| This is why warrant canaries can be useful in privacy policies,
| at least for smaller/startup companies. The
| apple/google/microsoft/amazon/metas of the world would have had
| to remove the canary long ago, though.
| gosub100 wrote:
| and they're trivial to DDoS
| forward1 wrote:
| No competent startup or small business would take on such a
| legal risk. And anyway, a sure conclusion can already be
| reached on the basis of reasoning about the complete and
| total lack of warrant canaries anywhere.
| eggy wrote:
| Given a lot of journalists and activists use encrypted
| communications to be able to do their job without being unduly or
| unjustly persecuted (yes, the bad guys use them too!), and 12 US
| State Attorney Generals just signed a letter and delivered it to
| the major news agencies (NYT, CNN, Reuters, AP, etc.) that warns
| of any "support to terrorist organizations" and specifically
| points out Hamas, but is not very clear on what "support" or
| "business relationship" means (sending a camera to do a report
| where the press is not allowed due to Israel's complete control
| of the media - echoes of US journalist access during the Iraq
| War), and puts them on notice. Nothing is safe from Big Brother,
| anywhere, any country.
| codys wrote:
| To add a bit more context here, the "12 US State Attorney
| Generals" here are 14 Republican US State Attorneys general.
|
| their letter:
| https://content.govdelivery.com/attachments/IACIO/2023/12/04...
| AndrewKemendo wrote:
| This is yet another example of: If the data can be collected it
| will be used by governments
|
| You can slow this down by making data explicitly built to be
| impossible to read in transit (eg e2e) and then deleting or never
| saving it, but the fact that data flows through multiple stops
| means each transition is an opportunity for third party
| observation
|
| This is deterministic and is built into the structure of data
| production transport and consumption. This is part of the
| infrastructure and cannot be extricated
| forward1 wrote:
| E2E does not solve the problem outlined here: surveillance of
| metadata at a global panopticon scale.
| dhx wrote:
| See [1] for an overview of "state of the art" metadata-
| protecting communications protocols. There has been much
| research into this problem over decades and the effectiveness
| of such protocols very much depends on real world use cases and
| practicalities. For example, protocols may require 100 seconds
| to send a message to ensure adequate mixing, and then may be
| limited to always-transmitting-24/7 endpoints consuming much
| power, and then also requiring participants in the network to
| trust each other not to mount a denial of service attack.
|
| [1] SoK: Metadata-Protecting Communication Systems, Sajin Sasy
| and Ian Goldberg, Cryptology ePrint Archive, Paper 2023/313,
| https://eprint.iacr.org/2023/313.pdf
| stuff4ben wrote:
| Just an evil life pro-tip... if you're doing criminal things,
| leave your phone at home. Or better yet, grab a "buddy's" phone.
| 2OEH8eoCRo0 wrote:
| Here is a better pro-tip- don't do criminal things.
| stuff4ben wrote:
| where's the fun in that??? Live a little, be a little bit
| evil. Like 5% evil
| I_Am_Nous wrote:
| Statistically if _everyone_ is 5% evil, the chances of
| someone being evil to you in the course of the day is
| pretty high. That sounds like the makings for a downward
| spiral and "don't be evil at all" is much safer for
| society.
|
| Obviously there will be people who choose to be mostly evil
| regardless of what everyone else is doing, but society
| trying not to be evil in general is still the best case
| scenario.
| 2OEH8eoCRo0 wrote:
| I take a penny but I never leave one.
| unethical_ban wrote:
| I bet you've committed at least a ticketable offense in the
| past 48 hours, unless you are a true hermit.
|
| Our laws were not designed for a society with perfect
| surveillance.
| lostNFound wrote:
| This is quite the proposition. You think that the average
| person commits a legal offense at least every 2 days?
|
| What examples are you proposing? If you count speeding,
| sure I guess.
| hiatus wrote:
| Do you know how many laws you are subject to right this
| moment? If you don't know the number, how can you be sure
| you haven't broken any?
| 2OEH8eoCRo0 wrote:
| Speed Limit 55
| haroldp wrote:
| https://www.amazon.com/dp/1594035229
| unethical_ban wrote:
| Yes. Every time someone changes lanes without signalling
| 200ft prior. Every time someone goes 56 instead of 55.
| Every time someone operates any kind of vehicle after
| having more than one drink. Any time someone is drunk in
| public (in many states). Probably a huge number of gun
| owners in states with legal cannabis. Any time someone
| walks across a street without a protected "walk" sign.
|
| These are the ones I can brainstorm in 30 seconds.
|
| If the government could enforce every law on the books
| with perfect accuracy and with 100% effectiveness, it
| would be intolerably oppressive.
|
| Laws are written often with the expectation that
| enforcement will not be perfect, that between
| impracticality and officer discretion, that such laws
| will be a net positive without being silly.
|
| We are coming up on a time of government surveillance and
| data analysis technology (AI) that we will not be able to
| escape the panopticon. Laws or enforcement will have to
| adapt.
| matmatmatmat wrote:
| "If you give me six lines written by the hand of the most
| honest of men, I will find something in them which will hang
| him." -- Cardinal Richelieu [1]
|
| [1] https://history.stackexchange.com/questions/23785/what-
| did-r...
| jasonjayr wrote:
| You'll never be a criminal with that level of opsec.
|
| You have to randomly leave your phone at home for criminal and
| non-criminal things. That way, there's a plausible alibi that
| your phone was at home or on you at the time of the crime.
| micromacrofoot wrote:
| leave your phone at your buddy's house
| toasted-subs wrote:
| I feel extremely uncomfortable using any of my devices.
| InCityDreams wrote:
| Only now?
| forward1 wrote:
| Closed source proprietary for-profit platforms previously
| implicated in global surviellance scandals continue spying on
| users. News at 11.
| xyst wrote:
| Would be great to see an example of notification metadata that
| can supposedly link it to real users.
|
| Seems like this is what is being implied:
|
| Given:
|
| - users with notifications enabled
|
| - have X app installed
|
| - targeted user(s) reside in USA
|
| - targeted users(s) following "foo" on X app
|
| When:
|
| - issue FISA warrant for all smartphone users that received
| notifications in regards to "foo" user
|
| Then:
|
| - able to pull all Apple/Google accounts that match this criteria
|
| - able to get real addresses and names
|
| - can crosscheck names with other details to narrow down suspect
|
| Or maybe it's something even worse where notifications somehow
| leak location data
| onionisafruit wrote:
| If they use IP to deliver notifications, then the gov can
| demand they hand over the IP address a notification was
| delivered to. From there, location isn't hard.
| xyst wrote:
| IP geolocation isn't exactly the most precise though. 600M+
| IPs have a default location to some farm in Kansas [1]
|
| [1] https://www.washingtonpost.com/news/morning-
| mix/wp/2016/08/1...
| onionisafruit wrote:
| I should have been more specific. Although they could use
| IP geolocation, they can also get data from the cell
| carrier that delivered the notification to that IP address.
|
| So a gov finds that IP address 7.8.9.0 received one of
| these notifications at 12:34. They then see that 7.8.9.0 is
| one of ATT's addresses. They go to ATT and learn that
| address was used by their customer onionisafruit at 12:34
| and the device was 5ms away from tower A.
| jaywalk wrote:
| Notifications aren't sent to IP addresses, so none of
| this matters.
| DanAtC wrote:
| Of course they are, how else would they be sent?
| beretguy wrote:
| So, don't have Twitter account and/or app installed and you
| should be good?
| kome wrote:
| no it's more like: don't have a smartphone and you are good
| (perhaps).
| beebeepka wrote:
| No, having a dumb phone is not enough. A malicious actor
| can pretend they need to deliver an SMS to you, which may
| result in a network disclosing your location (anywhere in
| the world). Mobile networks probably don't honour
| aggressive probing for just about any peer but it's not
| like nobody can do this at scale. None of this is new.
| autoexec wrote:
| Dumb phones give up your location info just as smart
| phones do, but smart phones collect and leak a lot more
| data on top of your location.
| uoaei wrote:
| Protip: the harder a company pushes you to download their
| app, the more they have to gain from it. 99.999% of the time
| it's because they want access to as much of your data as they
| can sneak out of your device, usually for selling it.
|
| One notable corollary is, the shittier the mobile browser
| webapp implementation is, the more they want to push people
| onto their app. See: Facebook, Twitter, Reddit, etc.
| autoexec wrote:
| Exactly this. Never install a company's app unless you
| absolutely need to. Use websites instead whenever possible.
| If you do need to install an app, uninstall it as soon as
| possible even if you know you'll need it again at some
| point.
| fsflover wrote:
| Also, no Signal.
| bkallus wrote:
| This isn't necessarily true. When you install the Signal
| app on an Android phone that doesn't have Google Play
| Services installed, it receives push notifications using
| its own notification daemon instead of using Google's.
| This, of course, has significant battery life costs.
| jessehattabaugh wrote:
| What about WebPush on Firefox? That uses Mozilla's
| servers right? At least on Android? Could the govt be
| doing the same to Mozilla?
| t0bia_s wrote:
| Not true. Battery double liftime on my LineageOS device
| without gaaps and other gservices that constantly connect
| to gservers.
| xyst wrote:
| no, need to get rid of your smartphone completely.
| beretguy wrote:
| Believe me, I wish I could.
| zogrodea wrote:
| I think your comment comes after reading this line:
|
| > - targeted users(s) following "foo" on X app
|
| It seems "X app" means just any placeholder app (not the new
| Twitter rebrand), although I might be wrong.
| beretguy wrote:
| Correct. That's why I will continue calling it Twitter, to
| avoid confusions like this.
| x86x87 wrote:
| Why bother with this whole process when you can get everything
| + store & index it yourself?
|
| Who knows? Maybe you want to retroactively look at shit peopke
| received and decide on new crimes.
| xyst wrote:
| They already do this, I think;
|
| https://en.m.wikipedia.org/wiki/Utah_Data_Center
|
| But since PRISM was exposed ~10 years ago, they have had to
| resort to using FISA court to scrape data
|
| \s
| wahnfrieden wrote:
| Build parallel networks for sections of society to operate and
| associate outside of what govt has their hands in or with
| technological guarantees of privacy and safety. I understand
| this is a tricky constraint to scale but it's not impossible,
| current iterative solutions are at hand, and people have
| coordinated before around successfully building alternative
| societies in terms of communications, mutual aid, and safety
| provided to public regardless of family; these are a threat to
| gov and business though as they minimize people's reliance on
| those institutions which is a kind of power money alone can
| have less control over (so they lean on violence historically -
| eg battle of blair mountain). I believe technology uniquely
| makes it possible to scale potential solutions because of how
| much it's cheapened unit cost and labor cost thru automation
| and commodity and open src
| staplers wrote:
| Apple's own developer documentation outlines how notifications
| can trigger when crossing a physical boundary.
|
| Apps notifications can trigger if you enter a "protest zone"
| for example then gov will know everyone who was there.
| callalex wrote:
| That location determination is done on-device.
| mistrial9 wrote:
| California with the support of Gavin Newsom is building "no
| go" zones for wildfire response. Sounds OK except - a video
| recording of a local Mayor at a wildfire update press
| conference, asking with deference, when the main highway to
| his town will re-open, and the response from a tense and
| aggressive CHP leader was "maybe that road will be closed for
| six months, maybe next year" with no respect... instantly
| snapped at a Mayor, on camera. How are these zones decided
| upon? "immediate area" is not what was being done in that
| event.
| nonethewiser wrote:
| Just to make it crystal clear, we recently learned that the FBI
| served Twitter a search warrant for Trumps account which gave
| then access to all of his twitter followers.
| https://www.bbc.com/news/world-us-canada-66365643.amp
| saagarjha wrote:
| Isn't an account's follower list basically public, though?
| FooBarBizBazz wrote:
| A paranoid part of me has wondered if some of the text/phone spam
| we all receive is actually used to stimulate cellphones for
| tracking purposes.
|
| If you have deeper access to the OS, then fingerprint unlock or
| FaceID also seem important for positive identification prior to,
| for example, a Predator strike.
| forward1 wrote:
| "We Kill People Based on Metadata"
|
| - Michael Hayden
| knallfrosch wrote:
| I don't think so. I'm German and receive the spam, even though
| I can be tracked using SMS messages that aren't shown on the
| display at all.
|
| https://en.wikipedia.org/wiki/SMS#Silent_SMS
|
| Plus, you can always ask the carriers to which tower(s) a phone
| is connected and simply triangulate from there, without sending
| any (user) data to the phone.
| Kon-Peki wrote:
| It's important to know that the entire worldwide mobile phone
| network _needs_ to have a reasonable estimation of the
| location of each device in order to work.
|
| "Phone call for XYZ", "SMS for XYZ", "Establish TCP
| connection to XYZ". Every single device that hears this has
| to decode the message to the point that it can say "Nope,
| this isn't for me. Ignore". You've got billions of devices
| online at once, doing things that require messages to be sent
| to them. The network has to find a way to broadcast these
| messages to the tiniest geographic area that it possibly can,
| or else the whole thing breaks down. So yes, there are plenty
| of completely normal, standard ways that the network can make
| your phone say "I'm over here" without anything showing up on
| your screen.
|
| (I worked at Motorola in infrastructure tech for many years)
| forward1 wrote:
| Why do they need to confirm an already known fact: FAANG
| platforms are built to spy on users? We've known about this fact
| for at least a decade since the Snowden revelations.
|
| Nothing has materially changed since then, technically,
| politically, legally, or even culturally. Yet people still
| believe for-profit corporations have their best interests in
| mind, thanks to clever marketing and groupthink, clutching to
| "encrypted apps" and empty "we value your privacy" double-speak:
| neither will defend you.
|
| There is no privacy on proprietary closed source platforms - it
| is simply infeasible; it is trying to squeeze blood from a stone.
| I know this truth will likely trigger and upset people with their
| $1,000+ iPhones, MacBooks and other iToys, and this sunk cost
| fallacy is really pathetic to witness in grown adults.
| gowld wrote:
| It's fascinating that about half hese comments appear to be from
| younger people unfamiliar with "USA PATRIOT" Act gag orders,
| FISA, Five Eyes, Least Untruthful Response and related
| controversies that were big in the news 10-20 years ago.
|
| Amusingly and sadly, the law was called PATRIOT as a normal "give
| a bad law a Good name", but over time "patriot" has become
| synonym for "traitor" in common use.
| instagib wrote:
| There's probably some you've missed but yeah, I like the "they
| can't do this because of * " comments.
|
| Reminds me of the Eufy issue where they said everything was
| encrypted except for push notification images.
|
| Hard to pick the most appropriate Orwellian quote. "All
| tyrannies rule through fraud and force, but once the fraud is
| exposed they must rely exclusively on force." ~ George Orwell
| hindsightbias wrote:
| Why would it be unusual for a generation that's been under
| surveillance since they were in the incubator to not hold
| quaint and obsolete views of privacy?
|
| If we held a poll, what percentage of privacy-loving HN parents
| don't have tracking on their kids phone? 5%? 10%?
| marban wrote:
| Dupe https://news.ycombinator.com/item?id=38543587
| alfiedotwtf wrote:
| Another case of https://en.m.wikipedia.org/wiki/Third-
| party_doctrine in motion
| hexage1814 wrote:
| Water is wet.
| Podgajski wrote:
| Now we know why Apple and Google are a duopoly....
|
| You get the illusion of choice but you get the same government
| spying on you in either case.
| forward1 wrote:
| It is ultimately ignorant to think one is not spied upon in
| daily comings and goings, when the entire human economy is
| based on data and the study of it (especially at scale),
| whether by government, private enterprise or sole evil
| individual.
|
| With Apple/Google you get the comfortable padded jail cell with
| 24/7 guards to protect - and monitor you; the digital
| equivalent of having a police officer live with you. You can't
| go outside of the walled garden and you're told this is for
| good reason.
|
| Without them, you're totally on your own; you better be
| prepared and know how to defend yourself. No one will care
| about your security and privacy. But don't for a second think
| you're not still under the all-seeing eye of panopticon
| surveillance, and possibly additional scrutiny therein.
| Trias11 wrote:
| >> Reuters' source would not identify which governments were
| making the data requests but described them as "democracies
| allied to the United States."
|
| It feels so liberating to be spied upon by "democracies allied to
| the United States." vs. others.
|
| LOL.
| InCityDreams wrote:
| Now you know how the rest of us [abroad in the world] feel
| regarding the US.
| AlexandrB wrote:
| Must be interesting to work on the teams responsible for
| compliance at Apple/Google. Would talking to someone about these
| kinds of orders qualify as treason under US law?
| heywoodlh wrote:
| One question I have as someone who tries to maintain (some) data
| sovereignty: is there any way as an end-user to
| circumvent/mitigate this kind of surveillance -- aside from
| abandoning iOS and Android completely?
| sneak wrote:
| On iOS, all notifications must go via the centralized APNS, but
| on non-Google Android (eg Graphene) it is possible to run the
| device with the Google FCM stuff blocked off. Some apps will
| break, but stuff that runs in the background for polling or
| does non-Google notifications will continue to work.
| CharlesW wrote:
| The Reuters article says that the government is getting this
| data from Apple and Google, which means it doesn't matter if
| your phone displays or even receives the notifications, no?
| jeroenhd wrote:
| Google-free Android will allow you (force you) to use
| alternative push servers. That could be your own server (using
| something like Unified Push) or querying your apps' servers
| directly. This comes at the cost of battery life, sometimes
| significantly so, but it does decentralise the notification
| system.
|
| Of course, your data will still be in the hands of app vendors
| unless you choose your apps wisely.
|
| You should also block analytics on the network level (using
| firewall apps or alternative means) because these days
| developers like to send analytics events for every button
| pressed, all associated with your phone's unique identifier. If
| the government can use push notifications for tracking, imagine
| the tracking they can do through Firebase Analytics or one of
| its many data hoarding alternatives.
| forward1 wrote:
| Parent is asking about government surveillance.
|
| You're suggesting a deviation from the norm (99.99% of users)
| by installing a custom operating system (which they will now
| also be on the hook to secure and update regularly) by
| developers with nothing to lose.
|
| This will greatly increase scrutiny on you, or colloquially
| speaking definitely put you on a watch list, the opposite of
| what is allegedly desired. Rather, accept the plain fact
| electronic communications are subject to government
| surveillance and adjust your threat model accordingly. Don't
| try to fight the bear with a flyswatter.
| greentea23 wrote:
| AOSP is not a deviation from the norm. It's the thing
| Google ships, vendors install play services as separate
| apps on top, so there is nothing oddball about your device
| fingerprint just by not installing Google specific services
| like the push handler. Your traffic will look like any
| other android making web requests, but then those requests
| will only be tracked by the servers they target instead of
| the OS itself betraying you and sharing metadata about them
| with various 3rd parties. Running non-vendor ROM alone will
| not get you "on a list".
|
| "Custom" ROMs also get OTA updates, so keeping up to date
| is as easy as it is on a vendor spyware ROM. In fact, you
| will usually get updates from the community well beyond
| when vendors stop support.
| forward1 wrote:
| > NSA: Linux Journal is an "extremist forum" and its
| readers get flagged for extra surveillance
|
| https://www.linuxjournal.com/content/nsa-linux-journal-
| extre...
|
| But they totally can't figure out you use a custom OS
| built to resist surveillance. Go figure!
| greentea23 wrote:
| But that's tracking your web requests to search engine
| servers. The way those requests look is dependent on your
| browser, not which ROM you are running. You can setup
| your user agent to be whatever you'd like at least on
| android or desktop browser.
| PrimeMcFly wrote:
| They won't get put on a list, it will just be assumed they
| don't do anything via a smartphone.
| forward1 wrote:
| Signals Intelligence is not based on mere assumptions.
| PrimeMcFly wrote:
| Fine. They won't get put on a list for exhibiting the
| same behavioral pattern as a significant portion of other
| people in the population.
| Hizonner wrote:
| > You're suggesting a deviation from the norm (99.99% of
| users)
|
| Which still leaves you in a large enough group that it's
| not practical to deploy full-press individualized
| surveillance against all of them. A group which contains a
| fairly large number of people who're doing it just to piss
| off the spies, and an even larger number of people who
| happen to be of no interest to you as a particular spy
| deciding where to apply your resources.
|
| As for _mass_ surveillance of that group, that can happen,
| but there still aren 't such good, cheap choke points to
| use. The cost per bit of actionable information is still
| relatively high even if the group is relatively rich in
| targets.
|
| > by installing a custom operating system (which they will
| now also be on the hook to secure and update regularly)
|
| ... as opposed to the stock operating system, which may
| very well not get updated at all.
|
| I get _constant_ updates for GrapheneOS. And they 're
| automatic.
|
| > by developers with nothing to lose.
|
| What the hell does that mean? They have reputations on the
| line, much more so than the faceless people doing the OS
| work inside the vendors. Some of them depend on this for
| their livelihoods.
| forward1 wrote:
| > Which still leaves you in a large enough group that
| it's not practical to deploy full-press individualized
| surveillance against all of them.
|
| Assuming no advances in technology obscured from public
| view, of course.
|
| > Some of them depend on this for their livelihoods.
|
| You sort of answered your own question there. Consider
| whether foreign nationals writing software in near
| destitute are susceptible to MICE, in relation to Bay
| Area millionaires.
| autoexec wrote:
| > This will greatly increase scrutiny on you, or
| colloquially speaking definitely put you on a watch list
|
| Every last one of us is being constantly surveilled by the
| government. If there is any kind of "list" individuals can
| get on at this point, it's reserved for a very small number
| of people who are ignored or whose data is excluded.
| yohannparis wrote:
| Disable notifications on all applications you do not want to be
| tracked via metadata.
| forward1 wrote:
| Absolutely and confidently incorrect. Local notification
| settings have no bearing on this metadata, which is
| generated, collected and stored with your consent by using
| Apple/Google app stores.
| sowbug wrote:
| Read at least the summary of James Scott's _Seeing Like a
| State_ (https://en.wikipedia.org/wiki/Seeing_Like_a_State) and
| let the concept of legibility percolate for a bit.
|
| Governments view legibility of their constituencies as a
| feature, not a bug. They want to be able to query the
| population like a database in order to manage it better. This
| is exactly like a product manager at a tech company who wants
| to know whether a certain feature is being used, and asks for
| more instrumentation in the next release of the product if
| needed. Over time the product (the population) becomes better
| and better instrumented.
|
| Of course, the other side of the coin of better legibility is
| worse privacy. Their feature is your bug.
|
| Are there ways to circumvent or mitigate what's happening? For
| you, personally, sure. You can turn on all the buried options,
| add VPNs, proxies, additional profiles/accounts, etc. And for a
| while it will work.
|
| But you're defeating legibility by doing that, so you're
| fighting against a very strong opposing force. Over time, the
| bugs that reduce legibility coverage will be fixed. The options
| will go away, VPNs will be banned or at least instrumented well
| enough to nullify their utility, COPPA and porn age-
| verification laws will extend to make multiple or anonymous
| identities impractical, and so on. And the few of us who do
| manage to go online fully anonymously might as well be wearing
| a "CRIMINAL" hat, because the public will have been trained
| that only bad actors want privacy, but not to worry if they
| themselves have nothing to hide.
|
| You can see this already happening with financial transactions.
| Try to conduct a significant low-legibility transaction (in
| other words, buy something big with cash). Your bank will ask
| why you want to withdraw $20,000. Cops might seize the cash,
| legally and without probable cause, while you're driving to the
| seller. And when the seller deposits the cash, the bank might
| file a SAR. This is all working as designed. You're being
| punished for adding friction to legibility.
|
| Even on HN, where you think people would be ahead of the curve,
| the PR campaign against financial privacy and censorship
| resistance is winning. Mention The Digital Currency That Shall
| Not Be Named, and suddenly the Four Horsemen of the Infocalypse
| are in control. Why HNers are pro-VPN but anti-Bitcoin, when
| both stand for privacy and censorship resistance at the price
| of reduced legibility, is beyond me.
|
| The battle to fight is not just protecting your own privacy.
| It's protecting your _right_ to protect your privacy without
| being ipso facto declared a criminal for doing so. Turn on all
| the options, hold Bitcoin, use VPNs, pay with cash, delete
| cookies, etc. But above all, be an ordinary, conscientious,
| law-abiding citizen. Render unto Caesar what is Caesar 's. Be
| average. Be unremarkable. Privacy should be the default. Not
| unsavory, not for those with something to hide. Just the
| default.
| deafpolygon wrote:
| Completely unrelated, but sort of related. With all this
| surveillance and spying going on, what's a normal citizen to do?
|
| For example; Cloud storage? Streaming music? Online note-taking?
|
| Should the more technically-inclined, but average, person start
| looking at taking more and more of these things off-line given
| the state of mass surveillance going on and the crazy push
| towards all things AI?
| asow92 wrote:
| Apps like https://www.joustip.com/ offer e2e encrypted push
| notifications.
| buryat wrote:
| how do they guarantee that everything is protected and they
| don't share data with someone?
| asow92 wrote:
| How would you want that qualified exactly?
| buryat wrote:
| > Does Joust sell my data?
|
| > No, Joust does not sell any user data.
|
| extraordinary claims require extraordinary evidence
| digging wrote:
| This is a question you would ask if you/they had already
| provided some evidence for the claim and it was deemed
| insufficient. Making a bold claim should come with _some_
| ability to justify it ready-to-go.
| loughnane wrote:
| I know Pinephone isn't ready for daily use from all the threads
| here, but I just ordered one to get some stick time with it.
| Getting real tired of having to fight my phone to keep my data
| mine.
|
| I just want the equivalent of debian, but on mobile. I understand
| I'll have to give up a bunch of apps, but honestly I think its
| worth it. As soon as its possible I'd like off this ride.
| fsflover wrote:
| Alternatively, consider Librem 5, which is more stable, since
| its software is developed by a dedicated team.
| Klonoar wrote:
| Librem needs to do something PR-wise to fix the reputation
| they developed regarding massive product/delivery delays.
|
| They exist in the frustrating spot of "I want to like them,
| but I can't trust the purchase based off of everyone I know
| who tried getting burned, so now I'll just look at a
| Pinephone because it's easier".
| fsflover wrote:
| I don't understand how delays of _preorders_ are relevant
| today, when the devices are available within 10 working
| days.
| loughnane wrote:
| I thought about Librem 5 but the price is too high for me to
| casually buy. I'd def like to try it out though, so maybe
| I'll splurge.
| yonatan8070 wrote:
| Does Waydroid work well on mobile Linux GUIs like Phosh and
| Plasma Mobile? If it does it could be real handy to sandbox
| some Android apps you need for work or whatever while still
| using a proper Linux base
| fsflover wrote:
| Generally, it depends on the app. Mostly works fine for me.
| More info: https://source.puri.sm/Librem5/community-
| wiki/-/wikis/Softwa...
| uoaei wrote:
| I'm sure you did your research. I'm writing for other readers
| who are interested.
|
| There are a few alternatives, more can be found but this is a
| selection of the most prominent offerings.
|
| /e/OS: https://e.foundation/e-os/
|
| GrapheneOS: https://grapheneos.org/
|
| LineageOS: https://lineageos.org/
|
| CalyxOS: https://calyxos.org/
|
| PostmarketOS (based on Alpine Linux rather than Android, and
| what's used in Pinephones): https://postmarketos.org/ (for some
| reason the site is currently down)
| loughnane wrote:
| It'd be cool if Signal and other privacy-focused apps added an
| option to delay push notifications. That would obfuscate the
| connection between two accounts.
|
| Its a band-aid, but its something.
| tbihl wrote:
| once upon a time, I had an app that limited network connection
| for the whole phone to 30 minute refreshes. It was a pretty
| cool trick.
| TheRealDunkirk wrote:
| It's crazy to me that so much effort is being expended pretending
| that companies and the government are doing anything in the name
| of privacy, when we have all the proof by Assange and Snowden
| that they're doing realtime surveillance of ALL communications,
| 24x7 -- no matter what any laws say -- and we don't even talk
| about it any more. What's the point of any of this? All we can do
| is assume that our every position, purchase, and electronic
| communication is being tracked and saved, and act accordingly.
| The Constitution no longer matters, and there's no one coming to
| save us.
| Nifty3929 wrote:
| I think where we go wrong is to allow the conversation to
| revolve around what evil corporations are doing with our
| information, rather than what the evil government is doing with
| it. I believe the risk to our freedom is much greater from the
| latter. Of course governments can extract the information from
| corporations that have it, but let's keep the spotlight on the
| government itself, and use THAT as a reason to give corps less
| information about us.
|
| Corporations showing me better-targeted ads is the least of my
| troubles.
| tbrockman wrote:
| "Better-targeted advertisements" is not the most nefarious
| way this information is used. That's just one of the selling
| points to entice advertisers. It's also been used extensively
| to determine content that you will find the most engaging,
| regardless of whether it's to your benefit or not, so that
| ad-driven marketplaces may harvest and sell your attention.
|
| If you have any contemporary examples of the way the
| government has used the same information, in a way that's
| been more widely destructive, I would be curious to know
| more.
| wharvle wrote:
| > Of course governments can extract the information from
| corporations that have it, but let's keep the spotlight on
| the government itself, and use THAT as a reason to give corps
| less information about us.
|
| Yep. Treating the two as distinct makes no sense. Corporate
| dragnet surveillance collecting forever-datasets isn't
| meaningfully different from the government doing the same
| thing, directly. People who fear government power ought to
| support outlawing _corporate_ collection of the same types of
| things they don 't want _government_ collecting.
|
| Granted that's relying on the government to prevent
| corporations from doing things in order to limit... the
| government (and, incidentally and IMO beneficially, also the
| corporations themselves). However, that's the only effective
| mechanism we've got--and the basis of all the other
| mechanisms we have available, ultimately, short of violence
| and strikes and such--and I think it's implausible that, even
| assuming a great deal of bad-faith behavior, such a move
| wouldn't _significantly_ curb this activity.
| mitchitized wrote:
| Wouldn't the exact opposite focus have a better effect? Going
| after the "evil corporations" would mean nobody was
| collecting the data in the first place, which would also take
| away the "evil government" as they have nobody to buy that
| data from.
|
| Right now they just write fat checks to Google, Apple, Amazon
| and the telcos and badda bing, badda boom it's done.
| JoshTriplett wrote:
| A government can (in some cases) force a company to collect
| information they otherwise wouldn't have. The reverse is
| not true. So I do think the bigger danger here is the legal
| framework that not only permits this but keeps it secret,
| rather than the mere fact of information collection.
| digging wrote:
| I suppose if government orgs weren't allowed to buy that
| data, the value might drop. Significantly? Unclear.
| pphysch wrote:
| This is such a strange position for me.
|
| Do we not agree that corporate America and other special
| interest groups essentially control Washington via lobbying
| and corruption?
|
| Do we not agree that a US citizen has (nominally) more
| leverage over their government than over an unaccountable
| private collective?
|
| I mean, we are half a century deep into this Reaganite "your
| government is your enemy" experiment.
| colordrops wrote:
| https://www.princeton.edu/~mgilens/idr.pdf
| eks391 wrote:
| I'm getting a blank page from your link
| colordrops wrote:
| It's a PDF download.
| rangerelf wrote:
| You already mentioned this higher in the thread, no need
| to repeat yourself.
|
| For the record I agree with the grandparent post's
| question: at least, gov is _supposed_ to be controlled by
| the citizenry through elections, corporations are not. I
| can have ("should have") visibility into what the
| government is doing, corporations can hide (and do hide)
| as much real information as they can and there's no way
| for me to get to it.
|
| Whether it's naive of me to think so or not is not what
| is being discussed here.
| riversflow wrote:
| > I believe the risk to our freedom is much greater from the
| latter.
|
| I'll take power being consolidated in a democratically
| elected government over a privately controlled corporation
| any day of the week.
|
| Let's put the spotlight on the stuff that isn't
| democratically controlled, and subject to much more limited
| oversight.
| colordrops wrote:
| The US government isn't really democratically controlled,
| which is obvious to anyone paying attention, and this
| Princeton paper proves it:
|
| https://www.princeton.edu/~mgilens/idr.pdf
| wildrhythms wrote:
| The person you're replying to is making a statement about
| democratically accountable consolidation of power; not
| necessarily today's current (and broken) implementations
| of such things.
| AnthonyMouse wrote:
| No non-broken implementation of such things is known to
| exist. Democracy itself is the tyranny of the majority
| even when majority rule is what is actually happening.
| Concentration of power has to be prevented _because of
| this_ , not in spite of it.
| autoexec wrote:
| You know what does control the government? Corporations.
| Seems like that's where our focus needs to be regardless.
| krunck wrote:
| Corporations use the government to get around regulation.
| Goverment uses corporations to get around the constitution.
| It takes two to tango.
| autoexec wrote:
| > I think where we go wrong is to allow the conversation to
| revolve around what evil corporations are doing with our
| information, rather than what the evil government is doing
| with it.
|
| I think it would be wrong to ignore either. Especially since
| most of the data the government gets is from corporations.
|
| > Corporations showing me better-targeted ads is the least of
| my troubles.
|
| You're right about that. That data sure isn't only used for
| ads. Companies use it to decide what services you're allowed
| to get and under what terms. The policies a company tells
| _you_ they have are different from the polices they tell
| others they have. Companies use it to set prices so that what
| you pay can be different from what your neighbor does for the
| same goods /services. Companies even use that data to
| determine how long to keep you on hold when you call them.
|
| Employers use it to make hiring decisions. Landlords use it
| to decide who to rent to. It's sold to universities who use
| it to decide which students to accept or reject. It's sold to
| scammers who use it to select their victims. Extremists use
| it to target and harass their enemies. Lawyers use it in
| courtrooms as evidence in criminal cases and custody battles.
| Insurance companies use it to raise rates and deny claims.
|
| The data companies are collecting about will cost you again
| and again in more and more aspects of your life. Ads are
| absolutely the least of your troubles.
| aaroninsf wrote:
| Now do,
|
| "declining to hire, insure, or loan to you" and "declining to
| admit your kids into school|sports program|internship"
| rootusrootus wrote:
| I don't think many people actually care much about privacy.
| There are a few, and they're loud. But look at what matters in
| politics -- both major political tribes in the US are only
| interested in privacy and protection from the government as it
| relates to _their own_ interest, but they are perfectly happy
| to use that power against their perceived opponents.
| unyttigfjelltol wrote:
| Thirty years ago, one perceived element of moral superiority
| in the West was revelations of the extensive internal
| surveillance in places like East Germany and own-spying.
| There used to be news items and documentaries mocking this
| behavior and intimating how backward and uncouth those
| governments were to stoop to furiously wiretapping irrelevant
| private conversations.
|
| So, whether the world has changed enough to justify it,
| people still do care and when adequately informed about some
| magistrate furiously eavesdropping on private matters, people
| universally recognize this is antisocial bizarre conduct.
| riversflow wrote:
| Meh, collecting information is different from acting on it.
| My underdtaning, which could be wrong, was that people
| legitimately lived in fear of getting found out by the
| stazi. There isn't a good reason to fear the NSA based on
| current actions, that I'm aware of anyway.
| just_steve_h wrote:
| I'm afraid the NSA regularly funnels information to the
| FBI and other domestic policing entities, and this has
| been widely documented [1]. The government even deigned
| to declassify proceedings from their special secret (!)
| court that decry the practice where NSA gives illegally-
| obtained surveillance to the FBI, which then manufactures
| a reason to go after someone using a technique known as
| "parallel construction," concealing the surveillance
| source(s).
|
| [1] https://theintercept.com/2019/10/10/fbi-nsa-mass-
| surveillanc...
| 0xEF wrote:
| It is my opinion that people do not about privacy as much
| as they did in your mention Cold War-era times (or the tail
| end of it, anyway). They've been shown how easy it is to
| trade their privacy for considerable convenience and now
| they're in so deep that the idea of our governments
| tracking us seems remarkably mundane. Normalization is a
| helluva drug.
| wormius wrote:
| Great point. Convenience plays a hell of a role in a lot
| of society's issues. I go back to a song by Deee-lite
| where she sings "Convenience is the enemy" - I've always
| thought that was pretty pertinent in a lot of ways, this
| is just one more example.
| autoexec wrote:
| > I don't think many people actually care much about privacy.
|
| People _absolutely_ care about their privacy. If you don 't
| believe me try going outside and following someone in public
| with a video camera. They'll scream at you about how horrible
| and illegal what you're doing is. They'll probably call the
| police on you. Upset as they are, they ignore the fact that
| they've been being filmed from the moment they stepped
| outside and have in fact been being extensively tracked and
| recorded even while they were still inside their homes.
|
| People don't understand the extent that their privacy is
| being violated. It's mostly out of sight/out of mind. They
| also don't understand the impact the data they give up has on
| their daily lives. They aren't allowed to know when or how
| much that data costs them. The moment they are confronted
| with the reality of the situation, they suddenly care very
| much about their privacy. Mostly they feel powerless against
| the invasion of their privacy.
| darigo wrote:
| Assembly 2023 had a fantastic presentation[1] from
| @BackTheBunny (from X) about precisely this. When the US really
| wants to do something, the constitution is a parchment
| guarantee and the media runs cover for them. Many US gov
| agencies are basically supranational and extrajudicial.
|
| I don't agree with everything he said but the information was
| well presented and enjoyable.
|
| [1] - https://www.youtube.com/watch?v=rUTcIXuw2f0
| mirkodrummer wrote:
| What Crypto and DeFi has to do with State Surveillance? Or
| anything about the comment above? I don't understand
| miloignis wrote:
| While I believe that you can't solve (at least permanently)
| political problems with technology, and we need political
| action, you can prevent a good bit of surveillance with
| technology if you invest in setting it up.
|
| E2EE for chats (Matrix, Signal, or XMPP) is pretty solid I
| think. More shaky, Tor/reputable VPNs or some combo for
| browsing. FOSS ROMs for phones (Graphene), or Librum/PinePhone
| if you can deal with not always having a working phone.
|
| It's not a great situation, but it's not hopeless!
| nonethewiser wrote:
| Unfortunately, the constitution isnt very clear on privacy. It
| should be. There should be a new amendment which makes it
| crystal clear that the Patriot Act, for example, is completely
| unconstitutional.
|
| But what the 14th amendment says is that people and their
| property are protected against searches by the government
| wherever there is a "reasonable expectation of privacy." That
| and some combination of other details imply a right to privacy,
| but its mot very explicit and clearly limited. In light of
| this, the Supreme Court has actually ruled quite favorably In
| practice, the Supreme Court has actually ruled pretty favorably
| towards a right to privacy, considering whats actually in the
| constitution.
| AnthonyMouse wrote:
| > IX. The enumeration in the Constitution, of certain rights,
| shall not be construed to deny or disparage others retained
| by the people.
|
| > X. The powers not delegated to the United States by the
| Constitution, nor prohibited by it to the States, are
| reserved to the States respectively, or to the people.
|
| Operating a surveillance apparatus isn't an enumerated power
| of the federal government. The courts screwed up by reading
| its enumerated powers so unreasonably broadly that this even
| came up.
| hedora wrote:
| The only real way to fix this in the US is via election reform.
|
| The GOP is trying to create an apartheid state where minority
| rural areas dictate the laws for the majorities that live in
| urban areas while they extract resources from those areas.
|
| They know this is incredibly unpopular, so they don't even
| pretend they're trying to get the majority of the vote in most
| places. Instead, they've been trying to set vote thresholds to
| > 60% for ballot measures and stripping authority from all
| elected offices that aren't subject to gerrymandering.
| godelski wrote:
| It's also crazy to me that people are frequently arguing over
| what is the best security app to use for communication arguing
| over privacy maximalist viewpoints but not considering the old
| and have forgotten the major flaw we learned about from PGP:
| can't decrypt, please resend unencrypted. It doesn't matter how
| good your encryption is if no one will use it. Pareto is a
| bitch. (This is a crack at the Signal vs Threema or whatever
| app is hot this month and we discuss next month. But when
| usernames?)
| robbiet480 wrote:
| We at the Home Assistant Companion for iOS team have been wanting
| to implement end to end encryption for our push notifications for
| a while now but Apple has denied our request for the
| com.apple.developer.usernotifications.filtering [0] entitlement
| multiple times. Wondering if with today's news we could apply
| again and get it.
|
| For context, we are sending ~35 million push notifications per
| month on iOS and ~67 million on Android, see more at [1]
|
| [0]:
| https://developer.apple.com/documentation/bundleresources/en...
|
| [1]: https://threadreaderapp.com/thread/1721717002946191480.html
| michh wrote:
| for my understanding, you need that entitlement so you can send
| an encrypted invisible notification which you can then decrypt
| locally in your app and push out again as a local notification
| that doesn't go over the network (i.e. not use apns)? Or is
| doing this kind of stuff just weirdly tied to that specific
| entitlement?
| robbiet480 wrote:
| Correct, we need to be able to filter to properly unencrypt
| notifications and pass them on as a local notification.
| albatrossjr wrote:
| Just curious, why do you need filtering permissions for your
| use case?
|
| Decrypting a push notification appears to be supported using
| 'mutable-content' with a notification service.
|
| In fact that is the example used here:
| https://developer.apple.com/documentation/usernotifications/...
| robbiet480 wrote:
| The filtering entitlement allows us to decrypt messages and,
| depending on the content, choose to not send any notification
| (for example if a user sends an app specific command, like
| asking for a location update). The example you linked
| requires that a notification is emitted at the end, which we
| don't want.
|
| Zac also just let me know the other reason we need filtering
| is so we can properly unsubscribe users from notifications
| when one is received from a server they no longer are
| connected to.
| wkat4242 wrote:
| Are the ones on Android encrypted i wonder? I hope so
| robbiet480 wrote:
| They are not currently as we need to roll out e2ee with iOS
| and Android in lockstep as they both use the same mobile_app
| component as well as the local push stuff which bypasses
| Apple and Google but we would also like to encrypt.
| rickmode wrote:
| Naive question: why not remove all sensitive data, or all data,
| from the notification and leave the context for a secondary API
| call?
| st3fan wrote:
| Yup that is also a great way. Just send a message ID and
| fetch the actual content in the notification extension that
| can pre process incoming notifications.
| st3fan wrote:
| We implemented APNS encryption for Firefox iOS without much
| trouble. Keys are negotiated out of band and message decryption
| is done in a Notification extension that allows you to pre
| process incoming notifications. Did not need any special
| entitlements.
|
| Source code on GitHub.com/mozilla-mobile
| willmadden wrote:
| In the past, Google, Apple, Amazon, Facebook, and a slew of other
| companies would have been broken up using anti-trust laws. These
| aren't just monopolies at this point, they are clusters of
| monopolies. This is leading us down a dark path.
| jodrellblank wrote:
| > " _" In this case, the federal government prohibited us from
| sharing any information," the company said in a statement. "Now
| that this method has become public we are updating our
| transparency reporting to detail these kinds of requests."_"
|
| When they were building the CSAM detector: "what if the
| government asks you to extend the detection to include other
| media such as political meme images?" "we would refuse".
| rootusrootus wrote:
| Being prohibited from disclosure does not in any way refute
| their promise to refuse. It would make it hard to prove one way
| or the other, but that is not the same problem.
| nickthegreek wrote:
| But if they fail in their refusal, we would not know. So you
| have to treat it as if they have already failed and plan
| accordingly.
| AnthonyMouse wrote:
| This is really the conclusion of the debate over whether
| privacy protections should be legal or technological.
|
| The answer is both, which in particular means that they
| have to be technological. We need to prove their inability
| to defect with math because otherwise they can just lie
| about it.
|
| What you need from the law is the right for everybody to
| use that kind of technology by default.
| 1oooqooq wrote:
| wow. Yahoo have a better track record than google or apple on
| figthing against that
| https://money.cnn.com/2014/09/11/technology/security/yahoo-f...
|
| I guess now the yahoo phone doesn't sound like that bad of a
| joke https://www.slashgear.com/wp-
| content/uploads/2010/05/nokia_y...
| richardwhiuk wrote:
| Better public track record. It's very difficult to reason
| about a hidden private track record.
| readyplayernull wrote:
| We can safely assume they are already doing it, it's just that
| laws are coming slowly to normalize this survelance so they
| can't tell us just yet. Vote for those laws to learn more.
| Ruthalas wrote:
| UnifiedPush[0] seems like a great alternative to notifications
| passing through Apple/Google's hands, and I wish it was
| implemented in more apps.
|
| [0] https://unifiedpush.org/
| alberth wrote:
| I'm probably naive, but what insights could a government gleam
| from Push Notifications?
|
| And why aren't push notifications E2EE?
| rootusrootus wrote:
| > I'm probably naive, but what insights could a government
| gleam from Push Notifications?
|
| Looking at my own phone right now, it just got a push
| notification that my wife has arrived at home. That could be
| useful if you wanted to track my wife.
|
| > And why aren't push notifications E2EE?
|
| That's a great question. And I hope the answer is "we're on it,
| they will be E2EE in the next release."
| alberth wrote:
| Does the push notification indicate where (location) home is?
| rootusrootus wrote:
| In this case, no. But as a data point it is useful at
| providing a named location and a timestamp. Presumably any
| governmental agency with access to the push notification
| stream can already determine my wife's home address. We
| could lie in the app and call some other place "Home" but I
| expect very few people are resorting to codewords in their
| mundane daily life.
| zer0x4d wrote:
| If the notifications were to be truly E2EE, it would have to
| work something like this:
|
| 1. Generate a local key pair per app (never uploaded to
| Apple). 2. Each app can request their public key from iOS (or
| provided with (void) application:(UIApplication _)application
| didRegisterForRemoteNotificationsWithDeviceToken:(NSData_
| )deviceToken andPublickKey: (NSData *)publicKey;). 3. App
| uploads token + public key to their own server. 4. Server
| encrypts notification payload with the public key before
| sending to APNS. 5. Apple forwards encrypted payload to
| device. 6. Device uses the bundle name to look up the local
| private key and uses it to decrypt the payload.
| fsflover wrote:
| https://news.ycombinator.com/item?id=38544063
| zeppelin101 wrote:
| This reminds me, whatever happened to mesh networks? If you
| wanted to be out and about in public, you could simply carry a
| very anonymized device that had only more basic abilities. But
| among those abilities, you could certain send messages and maybe
| even smaller-sized files - all over a mesh network. Feds could
| infiltrate it, but it wouldn't be nearly as trivial as it is
| right now. And users could rotate their devices. Furthermore, if
| the device in question wasn't a real phone, but rather something
| more generic (a wifi-capable device with a keyboard, virtual or
| physical), then it wouldn't even need to have an IMEI.
| anigbrowl wrote:
| They're still a thing, and more of a happening thing than ever
| because they're useful for IOT. There's a bunch of private LoRa
| network operators offering a mix of free and paid services.
| Amazon is already a large player in this space because of their
| delivery network.
| jjtheblunt wrote:
| I wonder if Apple's Airtag devices use mesh networking of some
| sort.
| withinboredom wrote:
| I imagine they designed it the way they did specifically to
| prevent law enforcement from tapping them.
| hedora wrote:
| Apple AirDrop was basically this, but they neutered it at the
| request of the Chinese government. It still works, but it
| automatically turns itself off every 30 minutes, so you can't
| (for instance) opt-in to allowing people to automatically push
| uncensored news to your phone during your daily commute
| (without interacting with the phone every half hour).
|
| (It isn't technically a mesh, since it doesn't support multi-
| hop routing. Still, it is peer to peer, and doesn't require a
| data connection.)
| mckn1ght wrote:
| Apple also has an API called MultiPeerConnectivity[0] that
| handles this better than AirDrop. I've long wanted to try
| building a mesh network with this. Not sure about multi-hop,
| maybe that could be part of the business logic.
|
| [0]: https://developer.apple.com/documentation/multipeerconne
| ctiv...
| standardUser wrote:
| The only way out of this mess is with new laws and that will
| require new lawmakers. Any other solution - relying on the
| kindness of corporations, toiling away with obscure technologies,
| gong 'off the grid' - are all foolish or unrealistic for 99% or
| so of people and shouldn't even be considered.
|
| The most promising starting point is probably at the state level.
| cronix wrote:
| I'm not sure new laws will matter much considering they've been
| breaking the existing laws through creative interpretation.
| crawfordcomeaux wrote:
| This legal structure of governance already kills so many
| people unintentionally, it's unethical to keep trying to
| reform it when it was designed from flawed principles. Time
| for a full redesign.
| standardUser wrote:
| And if they shoot you dead first, you're cool with that?
| For the cause?
| standardUser wrote:
| Just because laws don't matter 100% of the time does not mean
| they don't matter. And the solution to better enforcement of
| laws is the same as the solution to passing better laws:
| elect better lawmakers.
| mark_l_watson wrote:
| The Libertarian party might fit our needs for privacy, but very
| few people belong to the party. As a liberal, I started
| listening to the Ron Paul (Libertarian, retired US Senator)
| podcast at least once a week. Maybe because I am older, but
| what he says mostly makes sense to me.
|
| (Now I expect to get in trouble here because I mentioned a
| third party, that is fine with me.)
| timeon wrote:
| Problem is that US has two party system.
| verisimi wrote:
| You want the state to write laws to prevent it spying on its
| citizens?
| standardUser wrote:
| I want legislators to pass laws that prevent spying by the
| executive branch. I don't care who writes them.
| verisimi wrote:
| But, who do you think sanctions this stuff in the first
| place? I think it's an insane expectation to think that
| government would sanction itself, when it is also
| requesting and enabling the ability to spy on citizens!
|
| I think you've read the government's self promotional
| material, and believe it - that it's trying to do the best
| for its citizens, keep people safe, etc as opposed to
| seeing it for what it is, which is a mafia exploration
| racket that keeps it's major beneficiaries out of public
| view.
| deviantbit wrote:
| Wyden voted for the Patriot Act. If he is concerned why hasn't he
| introduced legislation to repeal it? This government is out of
| control.
| jay-barronville wrote:
| Legitimately scary stuff but not surprising. Snowden risked
| everything to tell us what was going on and where things were
| headed yet here we are. At this point, it seems the only way to
| not be subject to this type of treatment by our governments is to
| completely unplug from the system, but of course, practically
| speaking, this isn't feasible for the overwhelming majority of
| our society. So what are the alternatives here?
| crtified wrote:
| Are powerful mobile phones packed with Apps and constant
| notifications so necessary to a full, fun, enjoyable techy
| life, really?
|
| I am legitimately surprised that more tech-heads didn't see
| this state-of-affairs (and all the other obvious drawbacks of
| The World's Most Featureful Spy Device, controlled end-to-end
| by a giant multinational, becoming ubiquitous in peoples back
| pockets) as an obvious, absolute given, right from the very
| start of the whole smartphone trend. Instead we all seem to
| have bought into it, hook-line-and-sinker.
| SuperNinKenDo wrote:
| The really scary thing is that, forget what you said, they're
| starting to become more and more necessary for the bare
| minimum existence. We're not quite there yet, but it's
| becoming harder and harder to simply exist without one of
| these things.
| timeon wrote:
| > I am legitimately surprised that more tech-heads didn't see
| this state-of-affairs
|
| Didn't see or didn't bite the hand that feeds?
| wkat4242 wrote:
| Great news considering we're now getting an extreme-right fascist
| government in Holland. Why not give them all our data on a
| platter, they can be trusted.
| OneLeggedCat wrote:
| > "The source declined to identify the foreign governments
| involved in making the requests but described them as democracies
| allied to the United States"
|
| Oh look! The US end-running constitutional protections again via
| 5+Eye proxy governments. Who could ever have guessed.
| motohagiography wrote:
| Is this a timing side channel attack, where say I am a member of
| a Signal group, or have a Proton email client or Matrix/Element
| or something, are they sending patterns of beacon messages that
| may look normal, and then watching the traffic across mobile
| networks (or directly on platforms) that matches, and then
| narrowing endpoints that show it?
| diebeforei485 wrote:
| Push notifications are sent from an app server to an individual
| device, correct? And the device enrolls with the server for
| receiving push notifications.
|
| Why isn't there key exchange happening at the time of enrollment?
| Why is it something apps have to manually do? We moved the web to
| https everywhere for a reason, why are apps behind the web in
| privacy?
|
| Potentially stupid question - how is iMessage encrypted end to
| end if the notifications aren't?
| contact9879 wrote:
| Apps can still do what they want in the content of the
| notification. This includes encrypting the content however
| they'd like. By default, though, apps don't encrypt the
| content. And the metadata (what appleID is receiving
| notifications from what app) is still known to Apple.
| gnarlouse wrote:
| I disabled notifications on my phone long ago. I wonder if they
| still occur.
| simplypeter wrote:
| If you think world governments can't back door into any aspect of
| your life, you've been deluding yourself.
| getcrunk wrote:
| How does signal address this? I always wondered
| happytiger wrote:
| It's time for a privacy bill of rights. You have to attach
| inalienable rights to people and then enforce them at the civil
| rights level.
|
| These things are troubling now. In the post AGI world these are
| much more difficult problems because the data becomes training
| for purposes far beyond anything that could be foreseen in the
| data collection questions.
___________________________________________________________________
(page generated 2023-12-06 23:00 UTC)