Readit NewsYou can look up the Canadian list of accepted identification documents if you want the full thing, but it includes library cards, public transit cards, correspondence from educational institutions, student IDs, blood donor cards, letters of confirmation of residence from shelters and soup kitchens, residential leases or utility bills, and personal cheques.
You can also vote without ID in Canada by having a guarantor with ID vouch for you.
Contrast the proposed SAVE act, which accepts... passports, birth certificates, naturalization documents, and "REAL ID-compliant documents that also indicate citizenship", which is a fun one.
likewise e-voting systems pass through cryptography experts auditing to verify it does what it says it does.
said that the voting solution can also provide cryptographic proof that your vote was unaltered, and accounted for, without need to expose your actual vote.
the claims about database altering, are also false as the vote is cryptographically signed and unalterable.
also there is another feature where you can recast vote on top of your previous one and the last vote will be the valid one. This is crucial for countries where the bad guys can come at your place and under distress (gun) force your vote. you can then recast safely invalidating the forced vote.
e-voting solutions is really interesting and in an alternate reality I think we could have had a mainstream e-voting and more even direct-democracy vs our current democracy by proxy (elected officials)
...because when I get on the plane, I can look out the window and see that it's in the air.
With paper ballots, the systems are very interpretable - you can sign up to audit the ballot counting process and watch it happen, etc.
But you can't do that with electrons in a computer - it's really just pure trust. That's what you lose.
I hope you see how this quickly will advance from a project being about accomplishing some goal, to a project becoming about humans showing they are the ones writing code. Much like we see in religions where people don't give money to the poor to benefit the poor, but show they give money to the poor to benefit themselves. Hence the game playing will continue and the underlying problem will never be addressed.
Your assumption that all rules must be about enforcement is incorrect. Your assumption that only that which can be measured matters is incorrect. I don't know where this belief system comes from, but it strikes me as profoundly toxic.
By this logic, we obviously shouldn't ban drinking and driving - there's no way to test every driver every time, and presumably those most skilled at drunk driving would be undetectable, so it's really just religious moralism.
"Good drivers don't drink and drive even if they think they can get away with it" is just a no-true-scotsman argument, and thus we should actually encourage people to drink and drive so that they get better at it. Nobody should ever have any standards that can't be automatically enforced by a linter, after all.
And look: https://news.ycombinator.com/item?id=47340079
Unenforceable rules might just be the backbone of society, if you think about it.
Then onto prompting: 'He fed only the API and (his) test suite to Claude'
This is Google v Oracle all over again - are APIs copyrightable?
AI is making handling the edge cases that kept people locked in almost trivial. Any workflow, custom spreadsheet, specific OS-only app can be worked around, easily. Staying stuck on Apple or Microsoft is a choice - they're no longer returning value concurrent with the money they charge.
You're free to continue giving them money, but the reasons to do so make less and less sense each day that goes by.
What's the AI workaround for Illustrator/After Effects/etc.? You're not suggesting generating vector art or video assets via LLM replaces these, surely?
"Government Controlled PKI!"
- Governments own the domains, you just rent them. They can kick your site off and validate their HTTPS certs regardless of DNSSEC.
"Weak Crypto!"
- 1K key sizes were fine given the threat model required cracking one in a year. They have since been increased.
"DNSSEC Doesn’t Protect Against MITM Attacks"
- DNSSEC protects against MITM attacks!
- It's just that most clients don't perform local validation due to low adoption.
- In reality, you are just making the circular argument to NOT adopt DNSSEC because adoption is low.
- There are LOTS more MITM opportunities with HTTPS. We spent a massive effort on cert transparency, yet even Cloudflare missed a rouge cert being issued.
"There are Better Alternatives to DNSSEC"
- There is no alternative to signing domain name data and you point to crypto systems that do something other than that.
- "There are better alternatives to HTTPS: E2E JS crypto with trust on first use"
- What about SSH? I guess we are doomed to run everything over HTTPS and pay dumb cert authorities for the privilege of doing so.
"Bloats record sizes"
- ECC sigs can be sent in a single packet.
- Caching makes first connect latency irrelevant.
On and on and on. These are trivially refutable but you just shut the conversation down and point out instances of downtime ... as if DNS doesn't cause a lot of downtime anyaway.
From your link elsewhere, https://easydns.com/blog/2015/08/06/for-dnssec/
>We might see a day when HTTPS key pinning and the preload list is implemented across all major browsers, but we will never see these protections applied in a uniform fashion across all major runtime environments (Node.js, Java, .NET, etc.)[...]
Is this not the same flaw?