It's important to understand the historical context. Aaron was arrested in 2011, when a lot of other internet politics was happening. Occupy Wall Street, Arab Spring, LulzSec (remember Fuck FBI Friday?), Wikileaks, SOPA. "The block was hot" so to speak.
The attitude in DC was, "those people on the internet think they can do whatever they want, we'll show them." Well, they showed us and we lost a truly inspiring person.
> I hope that law firms far and wide encourage their associates and partners alike to update their knowledge with this
"But most of all, the legal profession has failed. Democratic governance depends upon responsible individuals throughout the entire system who understand and uphold the law, not who understand and exploit it. On average, lawyers have become so deeply corrupt that it is imperative for major changes in the profession to take place, far beyond the meek proposals already on the table. To start, the term “legal ethics,” upon which codes of conduct and licensure are nominally based, has become an oxymoron. Mossack Fonseca did not work in a vacuum—despite repeated fines and documented regulatory violations, it found allies and clients at major law firms in virtually every nation. If the industry’s shattered economics were not already evidence enough, there is now no denying that lawyers can no longer be permitted to regulate one another. It simply doesn’t work. Those able to pay the most can always find a lawyer to serve their ends, whether that lawyer is at Mossack Fonseca or another firm of which we remain unaware. What about the rest of society?
The collective impact of these failures has been a complete erosion of ethical standards, ultimately leading to a novel system we still call Capitalism, but which is tantamount to economic slavery. In this system—our system—the slaves are unaware both of their status and of their masters, who exist in a world apart where the intangible shackles are carefully hidden amongst reams of unreachable legalese. The horrific magnitude of detriment to the world should shock us all awake. But when it takes a whistleblower to sound the alarm, it is cause for even greater concern. It signals that democracy’s checks and balances have all failed, that the breakdown is systemic, and that severe instability could be just around the corner. So now is the time for real action, and that starts with asking questions." [1]
Most Americans are actively hostile to privacy, not just ambivalent. If you tell them, "Alice doesn't carry a cellphone, because she thinks it shares her real time location with advertisers, hedge funds, private investigators, debt collectors, bounty hunters, and the government," most will conclude that (a) Alice is mentally ill, or (b) Alice is a degenerate criminal. Either way, Alice needs to be investigated. That means the state needs to interview her colleagues and neighbors, and subpoena her bank and medical records.
From the statement, "In addition to further harming already marginalized communities, these charges could be used to brand as terrorists people who protest against government injustices by engaging in civil disobedience or actions that result in property damage."
Clearly demonstrated this summer, when these people [1] were charged with crimes punishable by life imprisonment. One of their charges had a 45 year mandatory minimum sentence. What sense does it make to create more Draconian laws? According to a former AUSA, "It's batshit... and I'm a pretty law-and-order guy."
When you say "these terrorist attacks", do you have a concrete definition in mind? Or are you just expressing outrage and disgust?
Because right now, people accused of terrorism can be held in Guantanamo without habeas corpus. They are also subject to inclusion on government "kill lists"[1] with no opportunity for judicial review. The executive branch is claiming powers it has not had since the time of absolute monarchy. We should carefully consider any proposal to expand the meaning of the word "terrorism".
I'm outraged too, but I think these criminals should be afforded full due process rights. At both the investigatory stage and the trial stage.
No, domestic terrorists are treated as criminals if they are citizens or permanent residents because they have Constitutional rights. If convicted, they go to the Supermax in Colorado.
Non-state foreign terrorists are held at Guantanamo.
If a group of muslims rushed a barricade and put pipe bombs outside Republican offices in the Capitol because they disagreed with the outcome of a political election, what would you call this action?
Please don't insinuate that I think people should be treated differently based on their religious affiliations.
I think that due process rights of despicable people should be protected precisely because I want them to be available to disfavored affinity groups like religious minorities, labor movements, and pacifists.
I also understood this as an instance of the security state threatening Congress. The police were saying, "Don't even think about de-funding or reforming us." DC police spend $210k/employee. 80% of its 2500 employees are "sworn officers," whatever the heck that means.
> Your metadata just ends up getting semi-permanently logged on various machines, and there is nothing you can do about it at this time.
Sealed sender means that an eavesdropper who can introspect into RAM inside Signal's AWS infrastructure is no better off than a network eavesdropper who passively sniffs ingress/egress.
That doesn't mean they can't build a reasonably accurate metadata database covering most people--people who communicate from a limited number of mobile ips to a limited number of mobile ips.
Signal is way better than matrix, but let's not pretend it has totally solved the metadata problem.
These responses are over the top. The photo of the congressional office that is circulating shows a wireless Logitech keyboard and mouse, and an unlocked workstation. That tells a pretty damning story about the ambient level of security awareness in congressional offices. Congress has a very serious technology competence problem. Probably a better long term strategy to focus on that.
I agree. The risk from this intrusion is not a whole lot different (and considerably more overt) than from the access that any number of other people have had to this building in the past. (Tour guides, visiting civilians, contractors, cleaners, ...).
Professional attackers were not waiting to follow a Jamiroquai knock-off around during an event whose CCTV footage will be heavily scrutinized.
This may be a good incentive to review policies such as full disk encryption and proximity-card workstation lock/unlock but pulling miles of CAT-6 from this building is not a sensible response: defenses _should_ already account for this sort of threat. If purple team has not already "what if"'ed this particular variant of the evil maid problem then that's a serious issue but clearly weak physical security was already a known feature of the threat model.
What makes you so sure said workstations had any significant value or access worth locking it down like it held the launch codes or something? According to one of the replies in the tweets you linked, pretty much everything would have been open information anyway.
All this talk from random internets about how "terrible" their infosec is strikes me as a bunch of armchair quarterbacking by people who think they know a lot more than they do... so basically your typical tech worker I guess.
I'd rather they not focus on security. I'd rather everything they do with their computers is live streamed all the time really.
Their incompetence isn't any different than the average person in the work force, and they shouldn't be keeping secrets anyway.
I'm sure some replies and downvotes to this will think I am crazy because they have important secrets like terrorism intel etc, and yes I understand that, but continue to disagree. I believe a nation could function just fine without secrets. It would simply be different. We don't a good job with the secrets anyway.
Terrorism intel is the least of my concerns with your proposal.
IMHO, privacy is a key part of negotiation, creativity, and planning. Lack of privacy would make it difficult for them do their jobs well or (more likely) drive them to use unofficial, private channels.
Sometimes a deal or a new idea needs a "safe space" to grow.
I assume you are a programmer (this is HN). Do you think operations at your company would improve if everyone's screen was constantly broadcast to management? Personally, I'd prefer to be judged on my job performance, rather than having some non-engineer decide if I'm doing a good job based on their impression of what's on my screen.
The legislative record and public statements of our congressmen are almost always enough to evaluate their competence.
This is probably an indicator that outside counsel is saying "antitrust might be a real thing again, why don't you lower your profile a smidge." Nothing says "cartel" louder than a "joint venture" comprised of 3 companies with $2.5 trillion in market capitalization.
This assumption that countries need population growth is insane. Humans are not bacteria, we should not pursue endless population growth. What we need is serious investments in technology to make elder care easier.
The attitude in DC was, "those people on the internet think they can do whatever they want, we'll show them." Well, they showed us and we lost a truly inspiring person.