Nobody here suggested not punishing TWD offenses. Just, maybe, I dunno, find a way to enforce it equally. Like articulating a suspicion that somebody was texting while driving and having them show their phone.
And you didn't respond to my suggestion that implementing that device may actually embolden others with undetectable phones to feel safer from enforcement because cops will be going after people they can detect, primarily.
Sorry, I misread the middle of your post as a plea for leniency rather than equality of enforcement.
I don't really have a response to you query/suggestion though. It's certainly possible, but I have no data or even a gut feeling on whether that might actually be the case.
Nobody here suggested not punishing TWD offenses. Just, maybe, I dunno, find a way to enforce it equally. Like articulating a suspicion that somebody was texting while driving and having them show their phone.
And you didn't respond to my suggestion that implementing that device may actually embolden others with undetectable phones to feel safer from enforcement because cops will be going after people they can detect, primarily.
Sorry, I misread the middle of your post as a plea for leniency rather than equality of enforcement.
I don't really have a response to you query/suggestion though. It's certainly possible, but I have no data or even a gut feeling on whether that might actually be the case.
I don't have the data either because the device hasn't been deployed or tested anywhere. But these are the kinds of things one may want to cogitate over before going full-on tough on crime and unequal ends justify the surveillance means.
Technology has a very real impact on the world, particularly when applied to law enforcement.
0
Options
JuliusCaptain of Serenityon my shipRegistered Userregular
I think the manufacturers of this thing just want to make money. The cops will just want to meet their quotas that totally don't exist we promise please believe. It will just so happen that Blacks will continue to be disproportionately targeted. The problem with systemic racism is that you can have an organization with no racists in it, and it will still be racist. So when you have an organization with systemic racism that has people who are racist or don't care, or just like their authoritarian ego soothed, it can get even worse.
Which doesn't excuse turning a blind eye to the issues in the first place. And that seems to be a running issue with the tech industry.
"Have you considered that your new 'Death Ray' might be misused?"
"What? No. Of course not. That could never happen."
"Look, we're scientists, engineers. We work with pure ideas. Let other people worry about the applications."
To make texting while driving equally enforced during a pull over, I'd think you would have to institute a check as basic procedure for every time someone was pulled over. Even then it will skew racist because minorities are pulled over more than whites. I think I'd be happier with making it an add on to other offenses such as speeding that signifigantly raised fines and penalties, and not necessarily a ticket itself.
And even then it will probably skew racist because guess who gets prosecuted for these offenses more. Especially communities like Ferguson.
To make texting while driving equally enforced during a pull over, I'd think you would have to institute a check as basic procedure for every time someone was pulled over. Even then it will skew racist because minorities are pulled over more than whites. I think I'd be happier with making it an add on to other offenses such as speeding that signifigantly raised fines and penalties, and not necessarily a ticket itself.
And even then it will probably skew racist because guess who gets prosecuted for these offenses more. Especially communities like Ferguson.
Our entire justice system skews racist. You'd have to specifically target whites with enforcement in this instance for it to come out somewhat equal. I'd much rather address the structural problems directly than modify the enforcement of every single law to compensate for it.
And it should absolutely be a ticket unto itself. You don't have to be speeding to kill someone if you're paying attention to your phone rather than the road.
Nobody here suggested not punishing TWD offenses. Just, maybe, I dunno, find a way to enforce it equally. Like articulating a suspicion that somebody was texting while driving and having them show their phone.
And you didn't respond to my suggestion that implementing that device may actually embolden others with undetectable phones to feel safer from enforcement because cops will be going after people they can detect, primarily.
Sorry, I misread the middle of your post as a plea for leniency rather than equality of enforcement.
I don't really have a response to you query/suggestion though. It's certainly possible, but I have no data or even a gut feeling on whether that might actually be the case.
I don't have the data either because the device hasn't been deployed or tested anywhere. But these are the kinds of things one may want to cogitate over before going full-on tough on crime and unequal ends justify the surveillance means.
Technology has a very real impact on the world, particularly when applied to law enforcement.
I agree that it's good to be mindful about how technology will impact the world, but I don't know that I find much use in entertaining these "what ifs" without anything to point to whether they're even realistic or not. There are a lot of things that are possible, but not all of them are probable or worth considering from a policy perspective.
I don't think implementing a device that will work on an ever dwindling number of phones is a particularly good investment, but it would still probably save a few lives in the short term. Without some data to point to that it would somehow exacerbate the issue in the subset of the population that are "immune" to this particular device, I would say it's at least worth investigating. If people are honestly worried about it being selectively used against them over others, they should just not text and drive. At that point, they only have to worry about their normal chances of being persecuted just for the hell of it.
Any more substantive conversation would probably require them to actually develop the device though, as a lot of the particulars of it will have bearing on the discussion. How reliable is it? If it ends up with lots of false positives that would probably be net negative over just using whatever means they have for enforcement now.
I think the manufacturers of this thing just want to make money. The cops will just want to meet their quotas that totally don't exist we promise please believe. It will just so happen that Blacks will continue to be disproportionately targeted. The problem with systemic racism is that you can have an organization with no racists in it, and it will still be racist. So when you have an organization with systemic racism that has people who are racist or don't care, or just like their authoritarian ego soothed, it can get even worse.
Which doesn't excuse turning a blind eye to the issues in the first place. And that seems to be a running issue with the tech industry.
"Have you considered that your new 'Death Ray' might be misused?"
"What? No. Of course not. That could never happen."
"Look, we're scientists, engineers. We work with pure ideas. Let other people worry about the applications."
Ah yes the point in the activist life cycle where the problem is definitely concluded to not lie with the voter or policy maker, but instead whichever group it can be loosely pinned on and is small enough to intimidate regardless of effectiveness or sense.
I think the manufacturers of this thing just want to make money. The cops will just want to meet their quotas that totally don't exist we promise please believe. It will just so happen that Blacks will continue to be disproportionately targeted. The problem with systemic racism is that you can have an organization with no racists in it, and it will still be racist. So when you have an organization with systemic racism that has people who are racist or don't care, or just like their authoritarian ego soothed, it can get even worse.
Which doesn't excuse turning a blind eye to the issues in the first place. And that seems to be a running issue with the tech industry.
"Have you considered that your new 'Death Ray' might be misused?"
"What? No. Of course not. That could never happen."
"Look, we're scientists, engineers. We work with pure ideas. Let other people worry about the applications."
Ah yes the point in the activist life cycle where the problem is definitely concluded to not lie with the voter or policy maker, but instead whichever group it can be loosely pinned on and is small enough to intimidate regardless of effectiveness or sense.
Gooseshit, ELM. I'm tired of the same argument that technology is somehow neutral, and that it being twisted to bad ends is never the fault of the people who make it.
I don't think implementing a device that will work on an ever dwindling number of phones is a particularly good investment, but it would still probably save a few lives in the short term. Without some data to point to that it would somehow exacerbate the issue in the subset of the population that are "immune" to this particular device, I would say it's at least worth investigating. If people are honestly worried about it being selectively used against them over others, they should just not text and drive.
So you don't like to entertain hypotheticals that are inconvenient for your position, but you do like to entertain hypotheticals of "well, I'm sure this will save lives!"
The way this technology is designed, there's no way for the police officer to tell if the text came from you, the driver in the next lane, one of your passengers, a delayed message that failed to send earlier, etc. without violating your fourth amendment rights. Heck, even if the text came from your phone personally, what happens if you say that you asked your passenger to send a text in your place?
Earlier in this thread, we had a lot of people insisting that it was absolutely horrible that police officers should be able to look through the phone of someone who had already been arrested for a major crime, and where there was fear that the suspect would delete incriminating data from their phone before the police had a chance to issue a warrant.
So if the police shouldn't be allowed to look through the phone of someone who they already arrested for transporting a brick of cocaine, then why should they be able to look through the phone of someone who they merely suspect of texting while driving based on flimsy evidence?
Any more substantive conversation would probably require them to actually develop the device though, as a lot of the particulars of it will have bearing on the discussion. How reliable is it? If it ends up with lots of false positives that would probably be net negative over just using whatever means they have for enforcement now.
It depends on the department. If they're simply looking to bust people on TWD, then the technology isn't reliable.
If the goal is to find yet another bullshit excuse to pull people over, then this helps them a lot.
For instance, one of the things the cops will do when they pull you over is check for outstanding warrants. In Ferguson, there's an average of 3 outstanding warrants per household, usually for inability to pay an outstanding fine. So it doesn't actually matter if the TWD charge holds up or not. It doesn't matter if the text actually came from your passenger. All that matters is that they have an excuse to pull you over and run your name through the system.
I think the manufacturers of this thing just want to make money. The cops will just want to meet their quotas that totally don't exist we promise please believe. It will just so happen that Blacks will continue to be disproportionately targeted. The problem with systemic racism is that you can have an organization with no racists in it, and it will still be racist. So when you have an organization with systemic racism that has people who are racist or don't care, or just like their authoritarian ego soothed, it can get even worse.
Which doesn't excuse turning a blind eye to the issues in the first place. And that seems to be a running issue with the tech industry.
"Have you considered that your new 'Death Ray' might be misused?"
"What? No. Of course not. That could never happen."
"Look, we're scientists, engineers. We work with pure ideas. Let other people worry about the applications."
Ah yes the point in the activist life cycle where the problem is definitely concluded to not lie with the voter or policy maker, but instead whichever group it can be loosely pinned on and is small enough to intimidate regardless of effectiveness or sense.
It is also is astonishing to me that the same people who are convinced (probably correctly, tbh) that this new toy will inevitably used to further systemic racial profiling by local police departments are the same people who are sure that the federal government's investigation apparatus is above reproach. Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
It is also is astonishing to me that the same people who are convinced (probably correctly, tbh) that this new toy will inevitably used to further systemic racial profiling by local police departments are the same people who are sure that the federal government's investigation apparatus is above reproach.
Yes. It's odd that some people in this thread are more worried tangible threats that happen in broad daylight over purely hypothetical ones that happen in total secrecy.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
I think the manufacturers of this thing just want to make money. The cops will just want to meet their quotas that totally don't exist we promise please believe. It will just so happen that Blacks will continue to be disproportionately targeted. The problem with systemic racism is that you can have an organization with no racists in it, and it will still be racist. So when you have an organization with systemic racism that has people who are racist or don't care, or just like their authoritarian ego soothed, it can get even worse.
Which doesn't excuse turning a blind eye to the issues in the first place. And that seems to be a running issue with the tech industry.
"Have you considered that your new 'Death Ray' might be misused?"
"What? No. Of course not. That could never happen."
"Look, we're scientists, engineers. We work with pure ideas. Let other people worry about the applications."
Ah yes the point in the activist life cycle where the problem is definitely concluded to not lie with the voter or policy maker, but instead whichever group it can be loosely pinned on and is small enough to intimidate regardless of effectiveness or sense.
Gooseshit, ELM. I'm tired of the same argument that technology is somehow neutral, and that it being twisted to bad ends is never the fault of the people who make it.
I'm sure the problems of the TSA would've been completely solved if we'd protested research into X-ray backscatter technology.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
As we have been over many times it's because there was no actual abuse.
Edit: technology is not neutral does not imply technology is necessarily sufficiently harmful to be worried about or that it is not positive.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
How is that different from what you did by bringing up parallel constructionism?
You think that the surveillance you complain about is more serious that other people complain about. Other people think that the surveillance that they complain about is more serious than the surveillance that you complain about.
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
Note the bolded portion.
What is the main difference that the average ethnic person of muslim descent will notice as a result of parallel constructionism?
In the absolute worse case scenario, the NSA invests dozens of man hours to investigate a specific individual, then tells the local police to come up with a reason to pull him over for the sake of a phishing expedition.
Which is pretty much how racial profiling already works right now, except without the time investment.
It's the difference between "I'm scared that the local police are going to shoot an unarmed black kid for crossing the street" and "I'm scared that the white house will hire Seal Team 6 to murder an unarmed muslim in his sleep for no apparent reason."
I mean, sure. The second scenario could theoretically happen. But it's also a lot likely simply due to the level of work and time commitment involved.
The one problem with your post is that a phishing expedition would involve sending him fake emails (or just replacing his real ones, because fuck the NSA and their belief in tearing down all the security on the internet in direct contradiction to their fucking mission statement) to steal all his money (which the NSA totally doesn't need).
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
How is that different from what you did by bringing up parallel constructionism?
You think that the surveillance you complain about is more serious that other people complain about. Other people think that the surveillance that they complain about is more serious than the surveillance that you complain about.
Well, this is the Surveillance State thread, the Police and Racial Profiling thread is thataway. I'm not going into the diabetes thread and whining that it's an easily treatable disease compared to ebola.
But this is completely disingenuous anyway; up until this page you haven't been saying "these programs are problematic but not as serious as etc. etc." You have been defending them on their own merits. So let's continue from there.
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
Note the bolded portion.
What is the main difference that the average ethnic person of muslim descent will notice as a result of parallel constructionism?
In the absolute worse case scenario, the NSA invests dozens of man hours to investigate a specific individual, then tells the local police to come up with a reason to pull him over for the sake of a phishing expedition.
Which is pretty much how racial profiling already works right now, except without the time investment.
It's the difference between "I'm scared that the local police are going to shoot an unarmed black kid for crossing the street" and "I'm scared that the white house will hire Seal Team 6 to murder an unarmed muslim in his sleep for no apparent reason."
I mean, sure. The second scenario could theoretically happen. But it's also a lot likely simply due to the level of work and time commitment involved.
Well, when you set up the scenario to some ridiculous crap that nobody here proposed, it does sound ridiculous. Here, have a different framing:
1) An organization with comparatively little oversight targets Americans with "suspicious" (read: Muslim) foreign contacts.
2) For a given surveillance target, they don't find anything terrorism-related, because of course they don't.
3) They do find him e-mailing his dealer, so they send that information over to the DEA with a note of "hey, this won't hold up in court, but..."
4) The DEA are sterling examples moral rectitude and are immune to the systemic racism in the rest of America's drug enforcement apparatus, and so they ignore this "tip" and continue their top mission of tracking down who's selling cocaine to white upper class businessmen. No, wait, the opposite of that.
You don't even need the ridiculous extreme scenario of then having paramilitary-armed police rounding up hundreds of first-generation immigrants with a Muslim background on a flimsy bullshit pretext! (I mean, they just did that in Australia, but never mind, they can do that without having their high-tech surveillance infrastructure, so it's not really legitimate to question whether the technology makes the problem worse -- oh, wait).
As we have been over many times it's because there was no actual abuse.
Yes, of course, and you know this because you have access demographic information on the suspects that they're pursuing. You know, the kind of information you could get from any podunk police department. No, wait, in this case the information is top secret, to make it immune to democratic policy debate. (Never mind the definite instances of actual abuse that have already come to light -- those were against organizational policy, and so they don't count. Let's take that standard over to the Ferguson thread, by the way; it should be a big hit.)
Here, let me propose an alternate reading of events:
1) A libertarian-leaning techie set that you guys generally despise (for a whole host of legitimate reasons, and I say that without sarcasm) complains about something the federal government is doing.
2) There's a Democrat in the White House. (Why yes, I do remember the prevailing attitude on this forum when Bush's wiretapping scandal broke.)
3) Therefore, those damned techies are whining about nothing; there couldn't possibly be any abuse here.
I don't think implementing a device that will work on an ever dwindling number of phones is a particularly good investment, but it would still probably save a few lives in the short term. Without some data to point to that it would somehow exacerbate the issue in the subset of the population that are "immune" to this particular device, I would say it's at least worth investigating. If people are honestly worried about it being selectively used against them over others, they should just not text and drive.
So you don't like to entertain hypotheticals that are inconvenient for your position, but you do like to entertain hypotheticals of "well, I'm sure this will save lives!"
The way this technology is designed, there's no way for the police officer to tell if the text came from you, the driver in the next lane, one of your passengers, a delayed message that failed to send earlier, etc. without violating your fourth amendment rights. Heck, even if the text came from your phone personally, what happens if you say that you asked your passenger to send a text in your place?
Earlier in this thread, we had a lot of people insisting that it was absolutely horrible that police officers should be able to look through the phone of someone who had already been arrested for a major crime, and where there was fear that the suspect would delete incriminating data from their phone before the police had a chance to issue a warrant.
So if the police shouldn't be allowed to look through the phone of someone who they already arrested for transporting a brick of cocaine, then why should they be able to look through the phone of someone who they merely suspect of texting while driving based on flimsy evidence?
Any more substantive conversation would probably require them to actually develop the device though, as a lot of the particulars of it will have bearing on the discussion. How reliable is it? If it ends up with lots of false positives that would probably be net negative over just using whatever means they have for enforcement now.
It depends on the department. If they're simply looking to bust people on TWD, then the technology isn't reliable.
If the goal is to find yet another bullshit excuse to pull people over, then this helps them a lot.
For instance, one of the things the cops will do when they pull you over is check for outstanding warrants. In Ferguson, there's an average of 3 outstanding warrants per household, usually for inability to pay an outstanding fine. So it doesn't actually matter if the TWD charge holds up or not. It doesn't matter if the text actually came from your passenger. All that matters is that they have an excuse to pull you over and run your name through the system.
No, what I said was that I don't like entertaining them when we have nothing to inform their likelihood. I can back up my hypothetical with a small amount of data though. Seat belt enforcement has saved lives. DUI laws have saved lives. It stands to reason enforcement of another cause of car related deaths would also prevent some deaths. That really shouldn't be controversial statement to make.
Whether it's worth implementing and rolling out this device to law enforcement in order to save those lives is what we're discussing. That's where we get into the sticky details of a device that doesn't even exist yet.
So if the police shouldn't be allowed to look through the phone of someone who they already arrested for transporting a brick of cocaine, then why should they be able to look through the phone of someone who they merely suspect of texting while driving based on flimsy evidence?
I wasn't part of that conversation, but I would say the difference is that the phone is the basis of the crime in this instance. They have evidence that I have used it illegally, which seems like a good reason to check it to confirm whether I did so or not. We don't know how flimsy the evidence is until they make and test the device. Maybe it's reliable enough that they may not even have to check your phone and instead rely on the detection device as the evidence like they do with radar guns. Maybe it's so unreliable to not be worth deploying at all.
Your other point about passengers is a good one though. Radar guns are effective because cars can only be operated by the person behind the wheel, which makes the number of people in the car irrelevant to determining who is at fault. Now we're talking about a device that is only effective on people with 3G phones that are alone in their vehicles. That's not inspiring a lot of confidence that this will be useful enough to justify the costs.
1) A libertarian-leaning techie set that you guys generally despise (for a whole host of legitimate reasons, and I say that without sarcasm) complains about something the federal government is doing.
2) There's a Democrat in the White House. (Why yes, I do remember the prevailing attitude on this forum when Bush's wiretapping scandal broke.)
3) Therefore, those damned techies are whining about nothing; there couldn't possibly be any abuse here.
The issue isn't that they are whining about nothing, it's that they really didn't give a shit when it wasn't their ox being gored. And because of that, they don't really care about the underlying structural issues. For example, look at the amount of coverage given to government data collection versus private data collection.
Last Friday, 43 veteran and reserve members of Israel's secretive spy organization, Unit 8200, claimed they'd been directed to spy on Palestinians for coercion purposes.
[...]
The source of much of the Israeli data may be the U.S. National Security Agency.
Author and journalist James Bamford interviewed NSA leaker Edward Snowden in Moscow this summer. Bamford tells NPR's Arun Rath that Snowden was eager to discuss documents that show a U.S. agreement to routinely share information with Israel and Unit 8200.
The information includes the content and metadata of phone calls and emails from Palestinian-Americans living in the U.S., in an agreement reached in 2009, according to The Guardian.
The agreement calls for the material to be "raw" or unredacted, meaning names and personal information have not been taken out — "which is extremely unusual," Bamford says. "They don't even do that with their closest partners, like the British."
It's not clear if information from the NSA was used in the operations the 43 veterans are blowing the whistle on, but Unit 8200 veterans say Israeli spies search intelligence for sexual orientation, infidelity and other indiscretions that could be used against Palestinians living in the Mideast.
I haven't read anything else about this yet, and I don't know how much I trust veteran and reserve members of organizations given that we've got 9/11 truthers of a similar sort here in the U.S. (although the fact that there are 43 of them helps, and it sounds like they followed procedure), but the bolded seems... not good?
Last Friday, 43 veteran and reserve members of Israel's secretive spy organization, Unit 8200, claimed they'd been directed to spy on Palestinians for coercion purposes.
[...]
The source of much of the Israeli data may be the U.S. National Security Agency.
Author and journalist James Bamford interviewed NSA leaker Edward Snowden in Moscow this summer. Bamford tells NPR's Arun Rath that Snowden was eager to discuss documents that show a U.S. agreement to routinely share information with Israel and Unit 8200.
The information includes the content and metadata of phone calls and emails from Palestinian-Americans living in the U.S., in an agreement reached in 2009, according to The Guardian.
The agreement calls for the material to be "raw" or unredacted, meaning names and personal information have not been taken out — "which is extremely unusual," Bamford says. "They don't even do that with their closest partners, like the British."
It's not clear if information from the NSA was used in the operations the 43 veterans are blowing the whistle on, but Unit 8200 veterans say Israeli spies search intelligence for sexual orientation, infidelity and other indiscretions that could be used against Palestinians living in the Mideast.
I haven't read anything else about this yet, and I don't know how much I trust veteran and reserve members of organizations given that we've got 9/11 truthers of a similar sort here in the U.S. (although the fact that there are 43 of them helps, and it sounds like they followed procedure), but the bolded seems... not good?
Somebody tell me how to feel about this.
If this is the "agreement" I think it is (it came out several months back), then it's gooseshit - for one thing, the version he revealed wasn't signed by the US.
It's worth remembering that the US spook community does NOT like Israel, in large part due to some of the shit they pulled during the Cold War. There's a reason that Obama using Pollard as a bargaining chip was a big fucking deal.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
How is that different from what you did by bringing up parallel constructionism?
You think that the surveillance you complain about is more serious that other people complain about. Other people think that the surveillance that they complain about is more serious than the surveillance that you complain about.
Well, this is the Surveillance State thread, the Police and Racial Profiling thread is thataway.
You must have a completely unique definition of the word "surveillance" if a police officer using a device to personally surveilling you for outgoing text messages so that he can pull you over doesn't qualify.
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
Note the bolded portion.
What is the main difference that the average ethnic person of muslim descent will notice as a result of parallel constructionism?
In the absolute worse case scenario, the NSA invests dozens of man hours to investigate a specific individual, then tells the local police to come up with a reason to pull him over for the sake of a phishing expedition.
Which is pretty much how racial profiling already works right now, except without the time investment.
It's the difference between "I'm scared that the local police are going to shoot an unarmed black kid for crossing the street" and "I'm scared that the white house will hire Seal Team 6 to murder an unarmed muslim in his sleep for no apparent reason."
I mean, sure. The second scenario could theoretically happen. But it's also a lot likely simply due to the level of work and time commitment involved.
Well, when you set up the scenario to some ridiculous crap that nobody here proposed, it does sound ridiculous. Here, have a different framing:
1) An organization with comparatively little oversight targets Americans with "suspicious" (read: Muslim) foreign contacts.
2) For a given surveillance target, they don't find anything terrorism-related, because of course they don't.
3) They do find him e-mailing his dealer, so they send that information over to the DEA with a note of "hey, this won't hold up in court, but..."
4) The DEA are sterling examples moral rectitude and are immune to the systemic racism in the rest of America's drug enforcement apparatus, and so they ignore this "tip" and continue their top mission of tracking down who's selling cocaine to white upper class businessmen. No, wait, the opposite of that.
So basically the type of surveillance you're complaining about requires that the NSA invest tens of thousands of man hours going over millions of e-mails for the thousands and thousands of people within three hops of the potential terrorist, in the hopes of finding one "smoking gun" e-mail where a drug buyer e-mails his drug dealer (LOL!) with an explicit message where he outright says that he's intending to buy drugs (As opposed to simply, "Hey, can we meet at the gas station? I have $50. K thanx."). All in the hopes of nabbing some petty drug dealer (Because any drug dealer who operates over fucking e-mail is going to be extremely petty).
And even then, it only works if the police can a) justify pulling the guy over, and b) justify searching his car for drugs.
Where as the type of surveillance you deny qualifies as surveillance simply requires the police to say, "Hey, let's go to this muslim area armed with a TWD gun that detects outgoing texts so we can start pulling people over. And hey, let's just bring a drug dog while we're at it."
You don't even need the ridiculous extreme scenario of then having paramilitary-armed police rounding up hundreds of first-generation immigrants with a Muslim background on a flimsy bullshit pretext!
Because having the NSA personally read through millions of e-mails in the hopes of finding the smoking gun e-mail for a petty drug user isn't extreme at all.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
How is that different from what you did by bringing up parallel constructionism?
You think that the surveillance you complain about is more serious that other people complain about. Other people think that the surveillance that they complain about is more serious than the surveillance that you complain about.
Well, this is the Surveillance State thread, the Police and Racial Profiling thread is thataway. I'm not going into the diabetes thread and whining that it's an easily treatable disease compared to ebola.
But this is completely disingenuous anyway; up until this page you haven't been saying "these programs are problematic but not as serious as etc. etc." You have been defending them on their own merits. So let's continue from there.
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
Note the bolded portion.
What is the main difference that the average ethnic person of muslim descent will notice as a result of parallel constructionism?
In the absolute worse case scenario, the NSA invests dozens of man hours to investigate a specific individual, then tells the local police to come up with a reason to pull him over for the sake of a phishing expedition.
Which is pretty much how racial profiling already works right now, except without the time investment.
It's the difference between "I'm scared that the local police are going to shoot an unarmed black kid for crossing the street" and "I'm scared that the white house will hire Seal Team 6 to murder an unarmed muslim in his sleep for no apparent reason."
I mean, sure. The second scenario could theoretically happen. But it's also a lot likely simply due to the level of work and time commitment involved.
Well, when you set up the scenario to some ridiculous crap that nobody here proposed, it does sound ridiculous. Here, have a different framing:
1) An organization with comparatively little oversight targets Americans with "suspicious" (read: Muslim) foreign contacts.
2) For a given surveillance target, they don't find anything terrorism-related, because of course they don't.
3) They do find him e-mailing his dealer, so they send that information over to the DEA with a note of "hey, this won't hold up in court, but..."
4) The DEA are sterling examples moral rectitude and are immune to the systemic racism in the rest of America's drug enforcement apparatus, and so they ignore this "tip" and continue their top mission of tracking down who's selling cocaine to white upper class businessmen. No, wait, the opposite of that.
You don't even need the ridiculous extreme scenario of then having paramilitary-armed police rounding up hundreds of first-generation immigrants with a Muslim background on a flimsy bullshit pretext! (I mean, they just did that in Australia, but never mind, they can do that without having their high-tech surveillance infrastructure, so it's not really legitimate to question whether the technology makes the problem worse -- oh, wait).
As we have been over many times it's because there was no actual abuse.
Yes, of course, and you know this because you have access demographic information on the suspects that they're pursuing. You know, the kind of information you could get from any podunk police department. No, wait, in this case the information is top secret, to make it immune to democratic policy debate. (Never mind the definite instances of actual abuse that have already come to light -- those were against organizational policy, and so they don't count. Let's take that standard over to the Ferguson thread, by the way; it should be a big hit.)
Here, let me propose an alternate reading of events:
1) A libertarian-leaning techie set that you guys generally despise (for a whole host of legitimate reasons, and I say that without sarcasm) complains about something the federal government is doing.
2) There's a Democrat in the White House. (Why yes, I do remember the prevailing attitude on this forum when Bush's wiretapping scandal broke.)
3) Therefore, those damned techies are whining about nothing; there couldn't possibly be any abuse here.
No, it's actually because we have been over the specific complaints levied and there is no "there" there. The details of which are in this thread which I know you have read because you were a part of the discussion in which we came to that conclusion; it was your arguments that we found unconvincing!
We can go through as many alternate readings as you want but that does change the nature of the dismissal, no matter how much you would like it to be so.
All systems are vulnerable to abuse - in theory and in practice.
I have windows open on my desktop right now - six inches to the right of this window - that are one select * query away from pulling hundreds of thousands of people's protected health information. I could run the query, export to Excel, and e-mail / Dropbox it to myself. I can, but I won't.
Sure, I can abuse the EMR system and look for people I know. Maybe I want to check to see if my sister's boyfriend was treated by this health system for an STD. Maybe I want to see if the people I'm working with have been treated for mental illness or are prescribed narcotics. I could do this, but if I did, I could face $50,000 in fines and a year imprisonment under HIPAA, lose my job, etc. On top of that, it would violate my own ethical standards.
You've got to trust people somewhere, or literally nobody can do anything.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
All systems are vulnerable to abuse - in theory and in practice.
I have windows open on my desktop right now - six inches to the right of this window - that are one select * query away from pulling hundreds of thousands of people's protected health information. I could run the query, export to Excel, and e-mail / Dropbox it to myself. I can, but I won't.
Sure, I can abuse the EMR system and look for people I know. Maybe I want to check to see if my sister's boyfriend was treated by this health system for an STD. Maybe I want to see if the people I'm working with have been treated for mental illness or are prescribed narcotics. I could do this, but if I did, I could face $50,000 in fines and a year imprisonment under HIPAA, lose my job, etc. On top of that, it would violate my own ethical standards.
You've got to trust people somewhere, or literally nobody can do anything.
And that's ultimately something that tends to be lacking in tech circles, to the point that it's a pretty clear blind spot. Capability and authorization are two very different things, and they cannot be conflated.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
+3
Options
zepherinRussian warship, go fuck yourselfRegistered Userregular
It is also is astonishing to me that the same people who are convinced (probably correctly, tbh) that this new toy will inevitably used to further systemic racial profiling by local police departments are the same people who are sure that the federal government's investigation apparatus is above reproach.
Yes. It's odd that some people in this thread are more worried tangible threats that happen in broad daylight over purely hypothetical ones that happen in total secrecy.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
I feel like the NSA angle is really of little concern. This is one of the areas where federal bureaucracy works in your favor. There is of course the risk of parallel construction and the NSA looking through your shit, but honestly, they hate working with anyone else, especially local police. Also they bill outrageous amounts to do anything, even legal shit. Most Agencies can't afford to use them on a day to day basis. NSA MOU's are pretty much them getting huge chunks of your agencies funding for everything they do. At least when I was a fed that is how they seamed to roll. So unless you are moving a shit load of something really illegal you are safe. NSA doesn't care about you buying weed and a molly from the guy down the street, and the people who do care don't have the funds to afford the NSA caring.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
Which, of course, comes back to one of Greenwald's credibility issues that just got swept under the rug.. Initially, he sold Snowden as an analyst who had broad unfettered access to the data the NSA has. Then it came out that no, he was actually a low level sysadmin who used social engineering to gain unauthorized access to data.
And yet Greenwald complains that people impugn his ethics.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
It is also is astonishing to me that the same people who are convinced (probably correctly, tbh) that this new toy will inevitably used to further systemic racial profiling by local police departments are the same people who are sure that the federal government's investigation apparatus is above reproach.
Yes. It's odd that some people in this thread are more worried tangible threats that happen in broad daylight over purely hypothetical ones that happen in total secrecy.
Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
I feel like the NSA angle is really of little concern. This is one of the areas where federal bureaucracy works in your favor. There is of course the risk of parallel construction and the NSA looking through your shit, but honestly, they hate working with anyone else, especially local police. Also they bill outrageous amounts to do anything, even legal shit. Most Agencies can't afford to use them on a day to day basis. NSA MOU's are pretty much them getting huge chunks of your agencies funding for everything they do. At least when I was a fed that is how they seamed to roll. So unless you are moving a shit load of something really illegal you are safe. NSA doesn't care about you buying weed and a molly from the guy down the street, and the people who do care don't have the funds to afford the NSA caring.
The NSA can't even be bothered to vet their own employees, which is the only reason why Snowden had a job there in the first place.
I think part of the problem is that most of the people pushing the NSA angle the hardest are staunch libertarians with massive egos and delusions of grandeur, which lends itself to a persecution complex. Not on this board, where libertarians get chased away, but you'll see it elsewhere on the internet. i.e., "Ron Paul wasn't mentioned in this news article, so obviously it's a media conspiracy to silence him because they know how powerful he is, rather than the fact that no one really gives a shit about Ron Paul."
Since Snowden and Greenwald are both huge Ron Paul supporters, these same libertarian groups are doing everything they can to push the NSA scandal, because it gives them validation.
Remember the post-9/11 anthrax scares? You had total nobodies contacting the police, absolutely convinced that Al Qaeda was personally sending them anthrax. Part of it was fear, but another part of it is the willingness to believe that you're somehow important enough to be on Osama's radar (Yes, I realize Al Qaeda didn't actually send the anthrax, but that's still what they believed).
It's the same deal with the NSA. You have people who read Atlas Shrugged and believe that they personally hold up the world and that all of society would collapse if they went on strike. So of course the NSA would be interested in reading their e-mails.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Two points:
1) Actually, you can solve the problem to some degree, but you can't do it through pure technology. People problems need people solutions.
2) This argument is also a bit of goalpost shifting. Arguing that data collection is bad because end users could abuse it contrary to regulations is a much different argument from data collection is bad because the government could abuse it.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Two points:
1) Actually, you can solve the problem to some degree, but you can't do it through pure technology. People problems need people solutions.
2) This argument is also a bit of goalpost shifting. Arguing that data collection is bad because end users could abuse it contrary to regulations is a much different argument from data collection is bad because the government could abuse it.
But a people solution is one that work to minimize the possibility of the breach happening by training people not to do it and punishing them after the fact if they do.
Neither of which actually solves the problem. It just minimizes it. Because the problem arises from the very fact that someone can access the data, period.
Remember the post-9/11 anthrax scares? You had total nobodies contacting the police, absolutely convinced that Al Qaeda was personally sending them anthrax. Part of it was fear, but another part of it is the willingness to believe that you're somehow important enough to be on Osama's radar (Yes, I realize Al Qaeda didn't actually send the anthrax, but that's still what they believed).
It's the same deal with the NSA. You have people who read Atlas Shrugged and believe that they personally hold up the world and that all of society would collapse if they went on strike. So of course the NSA would be interested in reading their e-mails.
This, IMO, is half of where (not bad-brain-chemistry) paranoia comes from - the wish to not be utterly insignificant in an uncaring universe. The other half is the desire for that universe to be simple and make sense. It's "better" to imagine that there's some vast secret omnicompetent conspiracy behind everything, which is guided by one or a few organizations, than the more horrible likelihood that it's an incomprehensibly huge mess of things and agendas randomly bumping into each other, and no one is at the wheel or even really knows what the hell is going on.
(Some would say this is also why we invented and still cling to the notion of God...)
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Did we actually catch him? I mean he confessed by publishing all that material, so it's hard to say if whatever auditing apparatus the NSA has would have caught him eventually or not. Given how poorly they appear to vet their contractors, I'd be willing to bet their internal auditing problem isn't up to snuff either.
Not that it matters, even if this problem was solvable, it would require a massive loss of rights to implement. We'd need constant surveillance on everybody to prevent crime from happening. Implanted devices or drones fitted with cameras following everyone at all times or something along those lines, and we have a lovely amount of sci-fi literature detailing all the ways that can go wrong.
The best we can do is patch up any holes in security that allow people to exceed their authority as we find them, and prosecute the ones that use them.
Thankfully, we don't have to blindly trust people. That's why we have auditing systems. Of course they probably aren't going to catch low level abuse (e.g. you use it to check on your sister's boyfriend), but it should certainly catch a select *. As long as you are judicious with who gets admin rights to the auditing systems, you'll go a long way to curtailing that sort of behavior.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Did we actually catch him? I mean he confessed by publishing all that material, so it's hard to say if whatever auditing apparatus the NSA has would have caught him eventually or not. Given how poorly they appear to vet their contractors, I'd be willing to bet their internal auditing problem isn't up to snuff either.
We caught him in that once he actually did anything with the material, it was like "Oh, there he is!".
If he had, as suggested above, just stuck in on a USB drive and buried it in his back yard nothing would have happened because he'd have done nothing really.
Posts
Sorry, I misread the middle of your post as a plea for leniency rather than equality of enforcement.
I don't really have a response to you query/suggestion though. It's certainly possible, but I have no data or even a gut feeling on whether that might actually be the case.
I don't have the data either because the device hasn't been deployed or tested anywhere. But these are the kinds of things one may want to cogitate over before going full-on tough on crime and unequal ends justify the surveillance means.
Technology has a very real impact on the world, particularly when applied to law enforcement.
And even then it will probably skew racist because guess who gets prosecuted for these offenses more. Especially communities like Ferguson.
Our entire justice system skews racist. You'd have to specifically target whites with enforcement in this instance for it to come out somewhat equal. I'd much rather address the structural problems directly than modify the enforcement of every single law to compensate for it.
And it should absolutely be a ticket unto itself. You don't have to be speeding to kill someone if you're paying attention to your phone rather than the road.
I agree that it's good to be mindful about how technology will impact the world, but I don't know that I find much use in entertaining these "what ifs" without anything to point to whether they're even realistic or not. There are a lot of things that are possible, but not all of them are probable or worth considering from a policy perspective.
I don't think implementing a device that will work on an ever dwindling number of phones is a particularly good investment, but it would still probably save a few lives in the short term. Without some data to point to that it would somehow exacerbate the issue in the subset of the population that are "immune" to this particular device, I would say it's at least worth investigating. If people are honestly worried about it being selectively used against them over others, they should just not text and drive. At that point, they only have to worry about their normal chances of being persecuted just for the hell of it.
Any more substantive conversation would probably require them to actually develop the device though, as a lot of the particulars of it will have bearing on the discussion. How reliable is it? If it ends up with lots of false positives that would probably be net negative over just using whatever means they have for enforcement now.
Ah yes the point in the activist life cycle where the problem is definitely concluded to not lie with the voter or policy maker, but instead whichever group it can be loosely pinned on and is small enough to intimidate regardless of effectiveness or sense.
Gooseshit, ELM. I'm tired of the same argument that technology is somehow neutral, and that it being twisted to bad ends is never the fault of the people who make it.
So you don't like to entertain hypotheticals that are inconvenient for your position, but you do like to entertain hypotheticals of "well, I'm sure this will save lives!"
The way this technology is designed, there's no way for the police officer to tell if the text came from you, the driver in the next lane, one of your passengers, a delayed message that failed to send earlier, etc. without violating your fourth amendment rights. Heck, even if the text came from your phone personally, what happens if you say that you asked your passenger to send a text in your place?
Earlier in this thread, we had a lot of people insisting that it was absolutely horrible that police officers should be able to look through the phone of someone who had already been arrested for a major crime, and where there was fear that the suspect would delete incriminating data from their phone before the police had a chance to issue a warrant.
So if the police shouldn't be allowed to look through the phone of someone who they already arrested for transporting a brick of cocaine, then why should they be able to look through the phone of someone who they merely suspect of texting while driving based on flimsy evidence?
It depends on the department. If they're simply looking to bust people on TWD, then the technology isn't reliable.
If the goal is to find yet another bullshit excuse to pull people over, then this helps them a lot.
For instance, one of the things the cops will do when they pull you over is check for outstanding warrants. In Ferguson, there's an average of 3 outstanding warrants per household, usually for inability to pay an outstanding fine. So it doesn't actually matter if the TWD charge holds up or not. It doesn't matter if the text actually came from your passenger. All that matters is that they have an excuse to pull you over and run your name through the system.
It is also is astonishing to me that the same people who are convinced (probably correctly, tbh) that this new toy will inevitably used to further systemic racial profiling by local police departments are the same people who are sure that the federal government's investigation apparatus is above reproach. Pulling over people texting while driving: disproportionatly targets minorities and enables systemic racism. Reading e-mails "three hops away" from a foreign national and then forwarding information of interest to the DEA for parallel construction: no potential for systemic racism there, nosir!
Yes. It's odd that some people in this thread are more worried tangible threats that happen in broad daylight over purely hypothetical ones that happen in total secrecy.
You're coming at this problem from a privileged perspective.
One where the police generally leave you alone, unless a) you are blatantly violating the local traffic laws by driving erratically through red lights at 80 mph, or b) the NSA starts hacking your e-mails and realizes you're probably guilty of something else, so they tip the police off and tell the police to pull you over because you failed to use the turn signal.
And therefore, you're fine as long as the NSA doesn't interfere.
You seem completely oblivious of the fact that most minorities don't live in the same world as you.
That dude who got tased for sitting on a public bench? That didn't happen because the NSA hacked his e-mails and told the police to come up with an excuse to bust him. It happened because he was black.
Every fear you have of the NSA right now is basically the burden that millions of black people face every day simply for having too much pigment. But for some reason, you seem to think that the NSA is the higher priority.
It's like living in a community being ravaged with Ebola or Malaria, and listening to someone make a big deal about BPA content in plastic bottles. Sure, you might have a valid complaint. But in the real world, there are a lot more pressing issues going on.
So, two things here. First things last, if the appeal to priority argument was valid, we'd have to close about 90% of the threads on the first page. "This problem isn't a problem because I just thought of something else that's a more serious problem," really? We're doing that?
But, more to the point, my privileged perspective is that, as a white middle-class guy without an Islamic background or foreign ties, nobody in the NSA is going to devote any resources on me (beyond the baseline used to passively keep an eye on everyone, of course). If it wasn't for the fact that I work with crypto professionally (and was professionally troubled by the whole NIST scandal), I wouldn't have noticed a single difference in my life from these data collection programs being there. (I'm assuming that these programs have been ineffective at actually stopping terrorist attacks, and will continue to assume that until I see evidence to the contrary.)
Now, you've got an organization and a separate, private court that's openly targeting foreigners in America and American citizens with frequent contact with foreigners, and you're telling me that it's not going to disproportionately target ethnic minorities? Or is it okay because the minorities in this case will probably be Muslims and not African-American?
I'm sure the problems of the TSA would've been completely solved if we'd protested research into X-ray backscatter technology.
As we have been over many times it's because there was no actual abuse.
Edit: technology is not neutral does not imply technology is necessarily sufficiently harmful to be worried about or that it is not positive.
How is that different from what you did by bringing up parallel constructionism?
You think that the surveillance you complain about is more serious that other people complain about. Other people think that the surveillance that they complain about is more serious than the surveillance that you complain about.
Note the bolded portion.
What is the main difference that the average ethnic person of muslim descent will notice as a result of parallel constructionism?
In the absolute worse case scenario, the NSA invests dozens of man hours to investigate a specific individual, then tells the local police to come up with a reason to pull him over for the sake of a phishing expedition.
Which is pretty much how racial profiling already works right now, except without the time investment.
It's the difference between "I'm scared that the local police are going to shoot an unarmed black kid for crossing the street" and "I'm scared that the white house will hire Seal Team 6 to murder an unarmed muslim in his sleep for no apparent reason."
I mean, sure. The second scenario could theoretically happen. But it's also a lot likely simply due to the level of work and time commitment involved.
3DS: 0473-8507-2652
Switch: SW-5185-4991-5118
PSN: AbEntropy
But this is completely disingenuous anyway; up until this page you haven't been saying "these programs are problematic but not as serious as etc. etc." You have been defending them on their own merits. So let's continue from there.
Well, when you set up the scenario to some ridiculous crap that nobody here proposed, it does sound ridiculous. Here, have a different framing:
1) An organization with comparatively little oversight targets Americans with "suspicious" (read: Muslim) foreign contacts.
2) For a given surveillance target, they don't find anything terrorism-related, because of course they don't.
3) They do find him e-mailing his dealer, so they send that information over to the DEA with a note of "hey, this won't hold up in court, but..."
4) The DEA are sterling examples moral rectitude and are immune to the systemic racism in the rest of America's drug enforcement apparatus, and so they ignore this "tip" and continue their top mission of tracking down who's selling cocaine to white upper class businessmen. No, wait, the opposite of that.
You don't even need the ridiculous extreme scenario of then having paramilitary-armed police rounding up hundreds of first-generation immigrants with a Muslim background on a flimsy bullshit pretext! (I mean, they just did that in Australia, but never mind, they can do that without having their high-tech surveillance infrastructure, so it's not really legitimate to question whether the technology makes the problem worse -- oh, wait).
Yes, of course, and you know this because you have access demographic information on the suspects that they're pursuing. You know, the kind of information you could get from any podunk police department. No, wait, in this case the information is top secret, to make it immune to democratic policy debate. (Never mind the definite instances of actual abuse that have already come to light -- those were against organizational policy, and so they don't count. Let's take that standard over to the Ferguson thread, by the way; it should be a big hit.)
Here, let me propose an alternate reading of events:
1) A libertarian-leaning techie set that you guys generally despise (for a whole host of legitimate reasons, and I say that without sarcasm) complains about something the federal government is doing.
2) There's a Democrat in the White House. (Why yes, I do remember the prevailing attitude on this forum when Bush's wiretapping scandal broke.)
3) Therefore, those damned techies are whining about nothing; there couldn't possibly be any abuse here.
No, what I said was that I don't like entertaining them when we have nothing to inform their likelihood. I can back up my hypothetical with a small amount of data though. Seat belt enforcement has saved lives. DUI laws have saved lives. It stands to reason enforcement of another cause of car related deaths would also prevent some deaths. That really shouldn't be controversial statement to make.
Whether it's worth implementing and rolling out this device to law enforcement in order to save those lives is what we're discussing. That's where we get into the sticky details of a device that doesn't even exist yet.
I wasn't part of that conversation, but I would say the difference is that the phone is the basis of the crime in this instance. They have evidence that I have used it illegally, which seems like a good reason to check it to confirm whether I did so or not. We don't know how flimsy the evidence is until they make and test the device. Maybe it's reliable enough that they may not even have to check your phone and instead rely on the detection device as the evidence like they do with radar guns. Maybe it's so unreliable to not be worth deploying at all.
Your other point about passengers is a good one though. Radar guns are effective because cars can only be operated by the person behind the wheel, which makes the number of people in the car irrelevant to determining who is at fault. Now we're talking about a device that is only effective on people with 3G phones that are alone in their vehicles. That's not inspiring a lot of confidence that this will be useful enough to justify the costs.
The issue isn't that they are whining about nothing, it's that they really didn't give a shit when it wasn't their ox being gored. And because of that, they don't really care about the underlying structural issues. For example, look at the amount of coverage given to government data collection versus private data collection.
I haven't read anything else about this yet, and I don't know how much I trust veteran and reserve members of organizations given that we've got 9/11 truthers of a similar sort here in the U.S. (although the fact that there are 43 of them helps, and it sounds like they followed procedure), but the bolded seems... not good?
Somebody tell me how to feel about this.
If this is the "agreement" I think it is (it came out several months back), then it's gooseshit - for one thing, the version he revealed wasn't signed by the US.
It's worth remembering that the US spook community does NOT like Israel, in large part due to some of the shit they pulled during the Cold War. There's a reason that Obama using Pollard as a bargaining chip was a big fucking deal.
You must have a completely unique definition of the word "surveillance" if a police officer using a device to personally surveilling you for outgoing text messages so that he can pull you over doesn't qualify.
So basically the type of surveillance you're complaining about requires that the NSA invest tens of thousands of man hours going over millions of e-mails for the thousands and thousands of people within three hops of the potential terrorist, in the hopes of finding one "smoking gun" e-mail where a drug buyer e-mails his drug dealer (LOL!) with an explicit message where he outright says that he's intending to buy drugs (As opposed to simply, "Hey, can we meet at the gas station? I have $50. K thanx."). All in the hopes of nabbing some petty drug dealer (Because any drug dealer who operates over fucking e-mail is going to be extremely petty).
And even then, it only works if the police can a) justify pulling the guy over, and b) justify searching his car for drugs.
Where as the type of surveillance you deny qualifies as surveillance simply requires the police to say, "Hey, let's go to this muslim area armed with a TWD gun that detects outgoing texts so we can start pulling people over. And hey, let's just bring a drug dog while we're at it."
Because having the NSA personally read through millions of e-mails in the hopes of finding the smoking gun e-mail for a petty drug user isn't extreme at all.
No, it's actually because we have been over the specific complaints levied and there is no "there" there. The details of which are in this thread which I know you have read because you were a part of the discussion in which we came to that conclusion; it was your arguments that we found unconvincing!
We can go through as many alternate readings as you want but that does change the nature of the dismissal, no matter how much you would like it to be so.
(facepalm)
I have windows open on my desktop right now - six inches to the right of this window - that are one select * query away from pulling hundreds of thousands of people's protected health information. I could run the query, export to Excel, and e-mail / Dropbox it to myself. I can, but I won't.
Sure, I can abuse the EMR system and look for people I know. Maybe I want to check to see if my sister's boyfriend was treated by this health system for an STD. Maybe I want to see if the people I'm working with have been treated for mental illness or are prescribed narcotics. I could do this, but if I did, I could face $50,000 in fines and a year imprisonment under HIPAA, lose my job, etc. On top of that, it would violate my own ethical standards.
You've got to trust people somewhere, or literally nobody can do anything.
3DS: 0473-8507-2652
Switch: SW-5185-4991-5118
PSN: AbEntropy
And that's ultimately something that tends to be lacking in tech circles, to the point that it's a pretty clear blind spot. Capability and authorization are two very different things, and they cannot be conflated.
You would think, wouldn't you? But not really.
Because - for all intents and purposes - me running that select * is indistinguishable to pretty much anyone but myself from stuff I need to do as part of my normal duties. Hell, I've pulled a few dozen reports today that would - if I were to sell / release the report - be national news. Maybe not on a par with the Target / Home Depot breach, but certainly massive disclosure.
There's literally nothing in place that would prevent me from doing this if I wanted to. Granted, if I did so most likely someone would come back, audit the logs, and identify that I was the source.
But that would be in the future - if Snowden or Manning hadn't gone public, I would bet money that nobody would even notice the breach happened. If the data sat on a USB drive in their drawer and was never sold / released, it would still be sitting there.
There has to be a level of trust somewhere on the chain. Oversight and audits and process only get you so far - people need to be able to do their jobs, and making a system that's too secure for people to do their jobs just means they are going to work around the system and open a whole new set of vulnerabilities. Making it a pain to store data on a secure shared directory means people store the data on their personal laptop. Too restrictive a password policy means people will reuse passwords or write them down.
Same thing extends to Sysadmin stuff...and we know the system better than the person who creates the security policies and runs the audits.
Which, of course, comes back to one of Greenwald's credibility issues that just got swept under the rug.. Initially, he sold Snowden as an analyst who had broad unfettered access to the data the NSA has. Then it came out that no, he was actually a low level sysadmin who used social engineering to gain unauthorized access to data.
And yet Greenwald complains that people impugn his ethics.
I certainly couldn't run a select * against our production environment without someone noticing despite having the capability to do so, and I would argue though that someone catching it later in the logs is acceptable here. It's like law enforcement. Most of the time, you can't stop people from committing the crime, but you can catch them after the fact and hopefully that deters future would-be criminals.
But companies really do need to pay more attention to security (both external and internal). With things like HIPAA, it's too expensive not to take the risks seriously. To me, that means having dedicated resources for security and auditing, and it needs to scale as your company grows. What worked for my company a decade ago when we had fewer than a hundred employees won't work now when we have over 500 and multiple offices.
The NSA can't even be bothered to vet their own employees, which is the only reason why Snowden had a job there in the first place.
I think part of the problem is that most of the people pushing the NSA angle the hardest are staunch libertarians with massive egos and delusions of grandeur, which lends itself to a persecution complex. Not on this board, where libertarians get chased away, but you'll see it elsewhere on the internet. i.e., "Ron Paul wasn't mentioned in this news article, so obviously it's a media conspiracy to silence him because they know how powerful he is, rather than the fact that no one really gives a shit about Ron Paul."
Since Snowden and Greenwald are both huge Ron Paul supporters, these same libertarian groups are doing everything they can to push the NSA scandal, because it gives them validation.
Remember the post-9/11 anthrax scares? You had total nobodies contacting the police, absolutely convinced that Al Qaeda was personally sending them anthrax. Part of it was fear, but another part of it is the willingness to believe that you're somehow important enough to be on Osama's radar (Yes, I realize Al Qaeda didn't actually send the anthrax, but that's still what they believed).
It's the same deal with the NSA. You have people who read Atlas Shrugged and believe that they personally hold up the world and that all of society would collapse if they went on strike. So of course the NSA would be interested in reading their e-mails.
Right, but the point is that this ALREADY HAPPENS.
Snowden didn't get away with anything. We know he did it and how. But that didn't stop him from doing it because that can't be done.
And so the vulnerability that blog-post above is discussing is essentially unsolvable. Because there will always be someone along the line with the power to do this kind of thing because the system can't function without that.
All we can do is punish them afterwords. But that doesn't actually prevent the initial breach.
Two points:
1) Actually, you can solve the problem to some degree, but you can't do it through pure technology. People problems need people solutions.
2) This argument is also a bit of goalpost shifting. Arguing that data collection is bad because end users could abuse it contrary to regulations is a much different argument from data collection is bad because the government could abuse it.
But a people solution is one that work to minimize the possibility of the breach happening by training people not to do it and punishing them after the fact if they do.
Neither of which actually solves the problem. It just minimizes it. Because the problem arises from the very fact that someone can access the data, period.
This, IMO, is half of where (not bad-brain-chemistry) paranoia comes from - the wish to not be utterly insignificant in an uncaring universe. The other half is the desire for that universe to be simple and make sense. It's "better" to imagine that there's some vast secret omnicompetent conspiracy behind everything, which is guided by one or a few organizations, than the more horrible likelihood that it's an incomprehensibly huge mess of things and agendas randomly bumping into each other, and no one is at the wheel or even really knows what the hell is going on.
(Some would say this is also why we invented and still cling to the notion of God...)
Did we actually catch him? I mean he confessed by publishing all that material, so it's hard to say if whatever auditing apparatus the NSA has would have caught him eventually or not. Given how poorly they appear to vet their contractors, I'd be willing to bet their internal auditing problem isn't up to snuff either.
Not that it matters, even if this problem was solvable, it would require a massive loss of rights to implement. We'd need constant surveillance on everybody to prevent crime from happening. Implanted devices or drones fitted with cameras following everyone at all times or something along those lines, and we have a lovely amount of sci-fi literature detailing all the ways that can go wrong.
The best we can do is patch up any holes in security that allow people to exceed their authority as we find them, and prosecute the ones that use them.
We caught him in that once he actually did anything with the material, it was like "Oh, there he is!".
If he had, as suggested above, just stuck in on a USB drive and buried it in his back yard nothing would have happened because he'd have done nothing really.