Yours is a legitimate concern, but a separate issue.
Stalking can present real, immediate, and severe consequences to the target(s).
Right, don't talk about advanced persistent threats here.
Readit NewsDead Comment
Dead Comment
everlastingfan commented on FTC Brings First Case Against Developers of “Stalking” Apps ftc.gov/news-events/press... · Posted by u/detaro
in general, you are responsible for whatever is done with your account/machine, authorized or not. if you are doing even the bare minimum to secure the computer, you should not be vulnerable to these kind of pranks from siblings/classmates.
if it's unreasonable to expect a child to clear this bar, then they are not yet responsible enough to be entrusted with their own computing device.
Even baby's have a computing device: the brain.
When do they get clearance to use their brains?
everlastingfan commented on Don't Outsource Your Thinking (2015) medium.com/@blakeross/don... · Posted by u/ascertain
It's seemed to me for a while that you could take an infosec-style approach and use voluntary controls, policies, procedures and third-party non-government certification via accounting firms to give the public more confidence in the press, something that is obviously fundamental to a democracy.
Just like in infosec, controls (etc) do not guarantee safety (accuracy), but they let you know that processes were followed and that fact is documented. Third parties (accounting firms) confirm that you have the evidence of having followed your processes. Corruptable? Sure. Better? Definitely yes.
Just like in infosec: if you have evidence that every week you've plowed through the access logs, you're more likely to have caught an intruder/mistake. The approach tends to route out single acts of sloppiness and subterfuge and turn mistakes in to conspiracies, which is a much harder thing to pull off than a single actor looking for fame or a raise.
For my part, I genuinely believe these organizations are trying their best to do something very hard but that their own efforts at fairness can be undermined by a lot of factors, especially money. The natural incentives (clicks/$) need to be counterbalanced with self-imposed "regulation" that is third-party verified.
[EDIT: s/factories/factors
Yeah, be prepared to be treated like a paranoid schizophrenic when you do that.
You're going to stop having conversations, or will you be recording them all?
Not to say you shouldn't, but it isn't easy and requires a lot of consideration, energy and discipline.
The digital tools are definitely NOT ready, there's a few gigabytes of raw mathematical data to be processed by humans into algorithms before we get there.
The only way is mesh. It’s the only way to permanently stop it.
Sneakernet mesh. RF can be triangulated and blocked.
Yes, traditionally official exile to another continent was considered sufficient. However, eventually the United States, and later Australia, started refusing exile shipments. I suspect that Mexico would refuse exile shipments.
Prisons are pretty expensive, couldn't Mexico be paid to house exiles? I doubt they couldn't handle a few people with violent tendencies if paid the right price.
everlastingfan commented on Guix Reduces Bootstrap Seed by Half guix.gnu.org/blog/2019/gu... · Posted by u/stargrave
> secrets management stores
Maybe starting from something like an Arduino is a better route for that.
Is Arduino firmware open? Are the PCB and chip designs open?
everlastingfan commented on Guix Reduces Bootstrap Seed by Half guix.gnu.org/blog/2019/gu... · Posted by u/stargrave
well if you look at #bootstrappable's logs it looks like they are planning on building custom hardware out of TTL chips to eliminate all software/bios/firmware from the bootstrap; which when combined with libresilicon means no place for any attacks to hide.
Well there is when you design signals that play on the physical properties of the silicon and the silicon design is known, think Rowhammer. The next level of this is making permanent modifications to the silicon, e.g. using focused RF signals to change the properties of individual transistors.
Relying on security through obscurity is bad, but you need some obscurity.
Passwords and keyfiles are ultimately a form of security through obscurity.
https://en.wikipedia.org/wiki/Advanced_persistent_threat