• 0 Posts
  • 23 Comments
Joined 2 years ago
cake
Cake day: June 2nd, 2023

help-circle




  • Other comments here do a great job pointing to DH key exchange; I’d like to try explaining it with the paint analogy.

    You and Youtube need to agree on a “color of paint” (encryption key) without ever sending it over the network.

    You and Youtube agree on a common “yellow” in the clear, and you each pick a secret color. Youtube mixes yellow and their secret and sends it to you. This is okay, because un-mixing paint (factoring large prime numbers) is really hard. You add your secret to the mixture, and now you have yellow+Youtube’s secret+your secret.

    You mix yellow and your secret and send it to youtube. Youtube adds their secret; now they’ve got yellow+Youtube’s secret+your secret. You both have the final color!

    An eavesdropper can’t reconstruct this - everything sent over the network had yellow mixed in, and un-mixing paint can be really hard. Maybe you can guess that green minus yellow is probably blue, but you can’t get close enough to decrypt anything. And what if it’s brown? Is that blue + orange, or is it red + green?

    Cryptographers have worked very hard to make the communications secure. I would be more worried about the other end ratting you out - using a relay / proxy / vpn that you trust is a good idea :)



  • When dealing with children, the “oreo cookie” method works well - start with something nice, offer a “suggestion for improvement”, and then finish with something nice as well.

    You’ll want to submit the politically correct version through official channels for traceability. After it’s submitted there, you can give a copy over slack. Don’t let anyone make any claims about what you supposedly said over slack dm. Leave a paper trail.

    You’ve already been PIPed, so they have reason to look at you. Play nice and check the boxes; I would do the feedback even if the submission is entirely “yeah it was fine” level bs.

    All of the above is playing it safe. Offer to provide additional feedback / “discussion” over a voice call as well, and ask what they’re looking for. If they’re building a case against your former manager, you can be honest.

    If they just want “general” feedback, or they want it over text (“no time for a call”), or there are multiple people in the room, or the call is being recorded, then fall back to the politically correct version you already submitted.

    Your nuclear button is to claim the PIP was retaliation for (something; you can make this up, just make it realistic), but you don’t press that button unless you’re about to be fired. It makes things extremely complicated.

    I really hate office politics, but half of being promoted is knowing how to play this stupid game :(



  • It is not too hard and you can definitely do it! It’s like a puzzle - you will get stuck at times, but if you keep going then you’ll get there.

    APK files are just zip files, so you can unzip it to see its contents. From there, a java de-compiler get you a version of the source code. It will have random variable names and no comments, so it will take some digging to find and reverse the api layer.

    Or, who knows, you could get lucky and find an openapi spec file and auth.txt. Worse apps have been developed.








  • The supreme court was non partisan. Do you expect the truth arbitration department to go any better?

    The 50% of people who believe false things are going to vote for truth arbiters that we don’t like. Surely it will be amazing when the correct party is in control, but inevitably the wrong party will be in control sometimes too.

    The issue is that bad truth arbitration is “sticky”. Once a bad actor is in control, they have the power to silence their own opposition.

    In order for this to work, we must either make sure a bad actor never ends up at the wheel - which will eventually fail, or neuter the truth arbitration process to the point of inefficacy.

    The risks here are probable and tangible. We may have the techniques to do it eventually, but I don’t think we have them right now.


  • This is an excellent way of looking at it, that is very different from my initial understanding.

    This changes the concern profile entirely, from “who decides what is false” (big concern) to “how do we define advocating, how do we define violence, etc” - which are valid concerns, but apply to just about every law.

    Off topic, the cyber security world has been wrestling with “unauthorized access” - is there implicit authorization when a device is attached to the internet? Nobody authorized me to use google - are web requests access? Is bypassing authentication access? It’s a mess.


  • So… what? Are you arguing for an expansion of “punitive models”?

    Iraq has exceptional consistency in thought leadership. There are no drug addicts in Singapore.

    Moxie marlinspike has an excellent blog post on “perfect enforcement” - if the law were applied perfectly, we would not have the lgbtq marriage rights we have today. If America had perfect consistency of thought, we would all be protestant catholic.

    Consistency is not a world I strive for, and therefore, to return to the start of this thread, I do not believe the us gov should apply censorship to our communications, and I do believe that doing so would be a slippery slope, precisely and purely because censorship may prevent its own regulation.


  • No single body can wield this power, and therefore multiple should.

    /pol/ self-censors through slides and sages, and even maintains at least some level of toxicity just to dissuade outsiders from browsing or posting - you could call it preventative censorship.

    Fortunately, we don’t have to go there. We have the choice to coexist on Beehaw instead.

    Even on reddit, different subs could have different moderation policies, and so if you didn’t like ex. Cyberpunk, you could go to lowsodium_cyberpunk.

    Freedom to choose communities allows multiple diverse communities to form, and I think that’s the key - that there are many communities.

    When the scope of truth arbitration moves from lemmy instances to the us gov, the only alternative choice for any who disagree would be to go to another country.

    The beauty of the internet is that there are no countries. Any website could be anywhere - there are hundreds of thousands of choices, from twitter hashtags to irc rooms.

    I do not want one hegemony of information. I do not want 5, or one for each nato member. I want as many as possible, so I may find one (or more!) that I like.


  • Who is the arbiter of truth? What prevents the power to censor from being abused?

    The power to censor inherently includes the ability to silence its own opposition. Centralizing this power is therefore dangerous, as it is neigh impossible to regulate.

    Currently, we can choose our forums - beehaw does a good job, /pol/ silences all but one worldview, and therefore I am here and not there. What happens when that choice is taken away, and one “truth” is applied universally, with no course for opposition?

    Perhaps you believe you hold the correct opinions, and will not be affected. Only those who disagree with you will be silenced. Or perhaps you change your opinions to whatever you are told is correct, and therefore you do hold the correct opinions, though only by definition.

    Consider that 50% of the country disagrees with you politically. If you follow a third party, it’s 98%. A forced shared truth is only “good” if it goes your way - but the odds of that are so incredibly small, and it gets much smaller when you consider infighting within the parties.