• 0 Posts
  • 112 Comments
Joined 1 year ago
cake
Cake day: June 2nd, 2023

help-circle
  • I’m dubious of faster than life travel being for reasons beyond our understanding of physics. If there were a reasonable way to do so 1 race anywhere in the galaxy could have colonized the entire galaxy or at least a substantial portion thereof in only a few million years. If it is possible it seems to suggest that life is so rare that there are very few forms of higher intelligent life in the galaxy at any given time and probably relatively few ever.







  • Are they so different that it’s justified to have so many different distributions?

    Linux isn’t a project its a source compatible ecosystem. A parts bin out of which different people assemble different things. The parts being open source means you don’t need anyone’s permission or justification to make something different out of them.

    From these many and varied efforts comes life, vitality, interest, intellectual investment. You can’t just take the current things you like best and say well what if we all worked on THOSE when many of them wouldn’t even have existed save for the existence of a vital ecosystem that supported experimentation and differentiation.

    If we really believed in only pulling together maybe you would be developing in cobol on your dos workstation.


  • michaelrose@lemmy.mltoPolitics@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Go far enough back and there were no passports but you were near certain to be killed if you wandered into another tribes space. Horrific violence is incredibly common. Go further and you might be able to wander in to trade but not welcome to settle and only if a handful of assholes who run everything hadn’t personally decided they had a dispute you ordinary folks ought to die over with zero recourse to pick new assholes.

    Looking backwards is almost always a mistake because most of history is pretty awful.



  • Present wisdom is to design something that would work well on mobile first so single column and then make it work on larger screens the easiest way being to keep everything the same except for replacing ☰ with the actual nav menu at a certain width and setting a max width that keeps it looking like stretched out crap.


  • You hire competent people to hold the election, you pass laws declaring how the election is to be held, and if people deviate you sue them or hold them accountable. If the people conducting your election are themselves corrupt AND are secure against consequences technology doesn’t in any way save you but it can trivially damn you if its impossible for even competent people to conduct fairly as is trivially true.

    You have not addressed a single point I have made. There is reason to believe electronic voting is impossible to secure with any presently forseeable level of technology while paper and pen are trivial to secure in ways that someone with a 6th grade education could have understood 100 years ago.

    We vote every few years. In WA state you show your ID and register once or check a checkbox when you register for your license or ID and we give you an ID for $5 if you are poor. Thereafter your ballots come in the mail with a book about candidates positions in their own words. You have at that point weeks to fill it out and either walk a few blocks and drop it in a designated drop box or put it in a mailbox and let your mailman carry it.

    Once the election is conducted we know the results in a few days. This is already incredibly easy, secure, and convenient. If there is any question ballots can be manually recounted by hand in a few more.

    Your suggestion would be incredibly hard to implement, flawed, and give up either secrecy or security right off the bat. Further since it would rely on inscrutable computer code a single bad actor anywhere in the world could corrupt another-wise clean election with no legal means to go back and switch horses after the election had taken place and was adjudicated.

    It is purely a nightmare of an idea implemented to cure the fiction of insecure paper ballots, to serve the specter of technology for technologies sake, and tickle the fancy of people who think they know what a smart person looks like.

    Voting electronically is an inevitability given technological progress anyway, especially as we move out into space, so arguing about it isn’t going to do any good.

    This is a complete fantasy. Changes in how elections are conducted don’t happen magically because the calendar flips over they are implemented by lawmakers who answer to constituents. Such lawmakers are generally old and are generally VERY conservative about technology and proponents of e-voting like yourself have no good answers to ANY of the inherent flaws of such a measure. Just because you think it will eventually be fit isn’t any reason to implement it now or ever.

    Come back when you have an answer to ALL the flaws of e-voting. EG when you have mathematically verifiably secure clients that are verifiably secure even handed to morons which is universally available and usable by all and which can be understood to be secure by even said idiots. Then after that magic trick you can explain why spending Trillions was totally worth it compared to simply electronically tabulating paper ballots and hand counting to verify so we can spend 5 minutes in front of a screen instead of 5 minutes with a pen and know the answer a day sooner.

    If you continue to have zero answers to any of the challenges please don’t bother to respond. To reiterate the most serious

    • No way to verify AND have voting be anonymous

    • Clients are impossible to secure see reflections on trusting trust for the ultimate question

    • Possible for a single bad actor to corrupt the process from the outside

    • Impossible to audit with 100% certainty because the mechanism to conduct election and verify it rely on the same technology

    • Even if 100% secure proving this to the average person is basically impossible as it is well beyond their understanding. This makes it easy to drum up support for election denial fantasies like Trump even in the absence of any evidence.

    Please address every single point.


  • If you vote on your computer how exactly do you keep people’s computer from voting for them? How do you keep them from for instance changing the UI so that the graphic for candidate A actually registers a vote for B?

    How do you provide a way for user bob to verify he voted for A without also implicitly providing an easy way for him to verify his vote to someone pressuring him to share how he voted either to reward him for voting how that party pleases or to punish him for voting “incorrectly”.

    How do you provide a way to audit the vote without being able to see how people voted? If you do as you must have a database of ids to actual voters how do you keep that from leaking allowing everyone to see how everyone voted? Alternatively maybe it just leaks to whatever party is in control and THEY know how people voted so they can better target people for encouragement or suppression.

    Not a single one of these issues is an issue with paper ballots but every one of these is a deal breaker for e-voting and some of them are mathematically unsolvable like it being impossible to have an auditable and secret electronic ballot.

    Our current method of voting works and works well. We don’t NEED an answer a few days quicker at the expense of totally destroying actual security and secrecy. This is a dumb idea and we are all dumber for having spent time thinking about it.







  • Security is about understanding reasonable threat models. 99.99% of reasonable threats to your machine involve theft or loss of the entire machine and personal data or accounts being accessed. This doesn’t require advanced attacks or paranoia nor does it require extreme measures to protect against. No installer will create such a configuration without a passphrase because its a simple and effective step to take to protect your data that is enforced by systems created by people who are all smarter than you.

    Your cute statement about child porn is tasteless and thoughtless. I don’t take reasonable precautions like taking 5 seconds to type a password because I’m paranoid or criminal I do so because I have basic common sense.

    “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” https://en.wikipedia.org/wiki/Nothing_to_hide_argument


  • I never suggested there wasn’t value in the TPM for anyone although I think such validation has small value for most folks use case. Normal users are worried about theft of laptop by criminals not spies bugging their machine. I suggested that any configuration without a passphrase was inherently insecure.

    It’s not an “optimal setup” its the only setup that makes even the slightest sense because the alternative configuration can be defeated by a smart 12 year old with access to google.


  • Ah yes security brought to you by the same folks who brought you “bypass encryption by holding down the enter key” and “name your user 0day to get root access”

    It’s like putting security cams and interior locks all over your house instead of locking the front door. If your storage can’t be read without the passphrase then NOTHING can fail in such a way as to provide access. Simplicity and obvious correctness have virtues.

    There isn’t much reason to use anything other than FDE with a sufficient passphrase, auto login so the user doesn’t have to type two distinct passwords, and go luks suspends to evict key from memory on suspend.

    Boot up enter the passphrase -> see your desktop -> close the lid -> open the lid -> enter your passphrase