You realize that they've already repeatedly said they'd "bail out" people and groups affected by this? They just weren't willing to reward Evergrande's reckless behavior by giving them more money. Something the US should've done (so much for free market capitalism as a principle).
I don't think it's clear yet if they plan to bail out everyone or just Chinese-based people and groups. From my understanding, evergrande had a lot of international investors.
Sometimes that’s what you want to do and you trigger a lehman.
No one really knows where the trigger line for systemic with these things is. Hence the weird financial regulations like Dodd-frank in US, MiFID in EU etc
This creates at least one agent that will directly suffer the consequences of the default they caused.
Of course one can create two companies, make the first borrow from the second, make the second hide the money and default, get the first bailed out and pocket the hidden stash.
> This creates at least one agent that will directly suffer the consequences of the default they caused
Iif you think of companies as “agents”. But they are not, the agent causing the default is the human in charge. And those aren't often suffering a lot from their mistakes…
Confused. Shouldn't we be fining companies that break the law? We should be expanding it, instead of complaining when another country happens to fine a company that happens to be from the same country as us.
As German, fine the fuck out of the corrupt people in Deutsche.
I'm terrified by the fact that there are so many antivaxxers in Germany that they're showing up here too, as supposedly educated and intelligent peers. It is absolutely the fault of unvaccinated that they're unvaccinated and putting society at risk. It doesn't matter how many ICU beds and staff you have, an unvaccinated population would quickly overwhelm it simply by virtue of how incredibly long it takes to recover and how quickly new strains would develop.
Vaccinated people get the disease and transmit it about as well as unvaccinated people.
This means the virus is busy making copies of itself in their body. Those copies not only have a chance to mutate, but have evolutionary selective pressure to mutate around the vaccine.
If you don't have the vaccine, it has no pressure to mutate around the vaccine.
I'm sick of people, so I'm not going to read the inevitable comments that are going to come. Look, face it, some people like taking nude photos of themselves and they like sharing them with their partners. There is absolutely nothing wrong with this. It's not their fault if something like this happens. People should be able to feel secure in the tech that they use, in the companies that they entrust their information with. It's a fuckload of bullshit victim blaming and I see it every time the topic comes up. I'm sick of it.
Amazing how most of the replies of your comment and the other comments too are still victim blaming, not for taking or sharing the nudes but for being so naive to send a phone unwiped. There's no excuse for violating and exposing someone's private life like this, being tech unsavvy (or you know, not being able to wipe a dead phone) is absolutely not an excuse to shift the blame to the victim. We get it you're good, you're smart, you wouldn't have done such a stupid mistake... congrats, but honestly, who cares.
What's really amazing is how the reddit post says very clearly that they were unable to wipe it bc it was broken. The post was deleted but someone posted the text in a comment here.
I had an old phone that failed, I couldn't wipe it, so I pried it open, yanked the battery, and went after it with a hammer.
I have done the same with old or failed hard drives for decades.
The difference being, I didn't want these devices back. I never intended to use them again. This person obviously wanted an unbootable phone fixed, and the repair drones 'had fun with it'. Someone (Google) is going to have to pay damages, and also chase down and take down copies of those photos forever. What a mess.
I had a friend that worked at an independent film/photo processor back in the early 1970s. The walls in the process area were papered with printed nudes. Floor to ceiling. Of course, in the pre-digital era, those elicit copies never saw wide distribution, but they were there.
This feels like a limitation of our ability to have constructive conversations online.
Someone can be less than perfect and that can cause them to be victimized.
We should be able to talk about both aspects of this story, perhaps independently.
Some people want to discuss how the offender should be punished, and other people want to discuss how we can behave to prevent being victimized ourselves.
I don't think it's valid to argue that people discussing how to prevent victimization, are somehow "victim blaming".
There's nothing tonedeaf about exploring how the situation can be avoided in the future.
Obviously, the phone being borked is relevant, but in that case we need to ask what preemptive measures can be taken on a phone that isn't yet borked. It may be that the only answer right now is "don't keep nudes on your phone" then that's unfortunate and should be addressed.
There's a subset of people who get angry at any implication that people have agency they can use to make decisions to make their life less risky in these sorts of contexts. Fine, whatever, they're entitled to their world view.
What boggles the mind is the overlap this group appears to more or less be a subset of people who are up in arms anytime someone doesn't take steps to de-risk their life in any other context (like using an older car seat for your kid or not putting GFCI breakers into everything under the sun).
I am not. For you to interpret helpful advice as blame is some serious mental gymnastics. "If you need to send in your phone, you can do X and Y to protect yourself" does not assign blame to anyone.
> Someday you might be hacked. Is it your fault for using technology at all knowing you can be hacked?
Why are you so obsessed about assigning blame? Do you think everyone should ignore security best practices, since its not their fault if they get hacked?
Go ahead and set your HN password to "password", please. It wouldn't be your fault if you got hacked, so why would you care if I knew your password?
To actually answer your question, no. It would not be my fault if I got hacked. But I don't want to get hacked, so I take reasonable steps to avoid being hacked anyway. I am an adult with the responsibility and agency to take care of myself.
> I don't think it's valid to argue that people discussing how to prevent victimization, are somehow "victim blaming".
Weird also, that talking about preventative measures is only considered "victim blaming" when it comes to certain specific topics. If you say it's a good idea to wear a seat belt or helmet in your car or motorcycle, it's not victim blaming. If you say people ought to lock their doors at night, it's not victim blaming. We tell our kids not to get into strangers' cars--not victim blaming. What is it about this topic that always seems to set off the alarms?
I used to really over-share online, and reading stories like these over the years has helped a great deal to educate me about good online OpSec and privacy best practices. I have data sharing/storage habits to this very day that stem from good advice received from others.
> If you say it's a good idea to wear a seat belt or helmet in your car or motorcycle, it's not victim blaming.
(1) the purpose helmet is to protect you from accidents, not malicious actors. When you get hurt in a car accident, it is rarely because a criminal set out to deliberately hurt you.
(2) if you responded to an article about someone specific getting hurt in a car accident with "well they should have been wearing their seat belt", you probably wouldn’t be called out for victim blaming, but you probably would be called an asshole.
Thank you. There's a big difference between "it's your fault you were murdered because you were unarmed" and "carrying a gun would be one potential mitigation for the future", which I think is too often lost in discussions on social media.
I agree, but I also view it as the failure of Silicon Valley or even Tech industry to cater for majority of its users. The Tech unsavvy as you say. Both in terms of features and policy ( As in what is happening here ).
Thanks for posting this. I get why people do the victim-blaming thing; it lets them feel smart and superior, two feelings I have been known to enjoy.
But it's a fundamentally bad way to approach analyzing safety issues. For those who really want to dig in on the topic, I strongly recommend Dekker's "A Field Guide to Understanding 'Human Error'": https://www.amazon.com/gp/product/B00Q8XCSFI/ref=dbs_a_def_r...
It's nominally about examining airplane crashes. But he breaks down into great detail why the default analytical model is entirely inappropriate in ways that makes real safety improvement impossible. And it's the same set of analytical mistakes you see in a lot of blame-related behavior.
This has entered programming language design. It's not longer "educate the programmer so he doesn't make stupid mistakes", but "design the language so that stupid mistakes are detected by the compiler". Mechanical verification is far more reliable than hoping people don't make mistakes.
Yeah, the "you should wipe your phone!" and "you should never keep sensitive data on your device!" chorus seem to be missing the point entirely:
We can design devices and operating systems to be safe by default in the same way we are now designing programming languages to be safe by default. There's no reason why the data should have been recoverable from a bricked phone without the user's authentication.
We really can have our cake and eat it too - we can have devices that you can freely store nudes on without risking that some rando with a USB cord and physical access can just make off with the data, bricked device or otherwise!
The goal in the D programming language is to allow the programmer to do unsafe things (no way to implement malloc() in safe code!), but it is not by default and isn't going to happen by accident. The programmer will have to positively do something.
It's also done in a way that a programming manager can mechanically verify the absence of such code. Exceptions can be flagged for special review. Often there are safe ways of doing the equivalent.
Yep, and I think we should apply the same principles to consumer technology. You should be free to do unsafe things - but it should not be possible to accidentally do unsafe things.
It should be harder to have your photos be unencrypted on device, accessible via any USB connection, than it is to have them to be entirely inaccessible at rest.
I finally made a HN account, after many years of lurking, to show appreciation for wpietri's comment. Sidney Dekker transformed the way I think about techno-human systems and cybersecurity, and so much more than that. I don't know when I was introduced to his work on safety, but it may have been through this site, and it has changed my life and career for the better. I'm incredibly happy every day to see not only thoughtful comments on HN, but also learn about entirely new viewpoints through which I can grasp the day's events.
It's not just about feeling smart and superior, it also helps them feel invulnerable. People victim-blame smokers who get lung cancer because they don't want to think about the chance they might get it too.
You're not wrong, but you're missing how people become smokers. "Approximately 90 percent of all smokers start before age 18; the average age for a new smoker is 13." [1] A momentary error in childhood judgment (to the extent that isn't an oxymoron) quickly becomes an addition. "Inhaled smoke delivers nicotine to the brain within 20 seconds, which makes it very addictive—comparable to opioids, alcohol and cocaine." [2] Once they're hooked, it's very hard to quit [3], so it's often a life-long addiction. And that's before we even get into all tobacco companies have done to hook people.
So even as a life-long nonsmoker who absolutely hates smoking I think there's a lot of unnecessary victim-blaming for smokers.
Yeah this is yet another reason to want phones to have removable storage (micro sd card). So private photos can go onto the card instead of built-in storage, and you can remove the card if you have to send in the phone.
I don't take nudes but I tend to use my phone as an impromptu photocopier for stuff like bills and receipts, so the photos are full of private info such as account numbers. I worry about that sometimes. For photos that have to be treated with real security (typically the screen of recovery codes when enrolling a 2FA token), I use my old dedicated digital camera which has an SD card, no network connection, and never leaves my bedroom.
I feel like removable SD card is a tech person solution but ... kinda doesn't solve it for a lot of folks.
Most folks are just going to take nudes and not strategize much and expect them to remain private as part of the typical photo taking and sharing workflow.
> I feel like removable SD card is a tech person solution but...
As an older person, I find this observation very interesting.
Today, I would consider people in general to be much more technically knowledgeable compared to people 20+ years ago. And yet, 20 years ago, removable storage was quite common, and probably expected of most devices.
Do not confuse the ability to use a phone or laptop with technical knowledge. People know how to use apps, but all the technical stuff is abstracted away.
I'm pretty technical (As is nearly everyone on HN), and I have no idea where my photos are stored on my Android's file system. I have no idea where the APKs are for all my installed apps, or where their saved data sits.
I was surprised the other day that my photos weren't being stored locally on my iphone, but in the cloud. I finally found a setting that turned that "feature" off. Obviously, it had defaulted to "on".
But if _everything_ is always saved on the card, then you don't need the technical knowledge. Removing the card would leave the phone in a "factory clean" condition.
If everything is on the SD card (as in: it won't work w/o the card inserted), then it will have to come with a card pre-installed. In that case, the average user won't even realize there's a removable card. It's turtles all the way down.
The card could come separately from the phone in the same box. Phone boots up off the OS on internal storage, and the intro wizard says "Now insert your SD card, which is where your personal data will be stored." Done.
But if the phone doesn't come with a card pre-installed, people are going to complain that it doesn't work, or that they didn't know they had to purchase a card.
Unless it comes with a card, but the card is not inserted, so the user has to do it before booting up the phone
> Today, I would consider people in general to be much more technically knowledgeable compared to people 20+ years ago
Very few people know how apps actually store files on a mobile device and as people increasingly use phones / tablets instead of PCs their knowledge of PC file systems reduces. So for many people, copying photos from a phone (or cloud backup) to a computer could be quite a challenge.
Sounds like a design issue, no? If Apple implemented it, they'd call the feature "Secure Liferaft" or something equally silly, but I have no doubt in my mind that they could engineer a proper solution for it. Today's users go out of their way to hide files and folders, so why not give them a chance to do so the right way? The technology is there, all you need is a little marketing pizzazz and a 30 second ad spot with Billie Eilish in the background.
The majority of young people I know (in Brazil) doesn't know the concept of "file". So adding/keeping files in SD Cards is a task that requires some explanation.
I'm young-ish, but my general observation has been that my peers forget it was our grandparents and great grandparents that invented computers in the first place.
Admittedly, the technological world is nearly impossible to avoid exposure to these days, where it was entirely optional (or downright prohibitive) to be involved with in the past.
So in general, thank you older people for creating them, I have a lot of fun with them.
> I feel like removable SD card is a tech person solution but ... kinda doesn't solve it for a lot of folks.
What's so tech about removing a physical piece that has data? It's an action pretty much everyone can understand intuitively - "this is where your pictures are, if you remove it they stay yours".
But even I struggled at times to get those pictures then onto a given pc.
I know what a filesystem and a driver is, so I can make it work, if something is missing. A layperson usually cannot.
Partly on purpose, one might say. They are supposed to stay in their walled gardens, where you transfer everything over the approved cloud way and can be thankful, if their data is accepted in another garden.
The technical problem is that you would need files to be encrypted in case the phone gets stolen. Security mechanism like a pin obviously don't help if someone can just pull the card with the interesting data. Still, even the "worst" users are able to understand the concept.
No. We do NOT need fucking removable storage to fix this.
What we need, to fix this, is to enforce felony charges against the kind of fuckers who do this, and put them in prison for 20 years, and stop victim-blaming, and stop the insane medieval attitudes about nudity, and slap every single fucking person who espouses this kind of bullshit upside the head, daily, every single day, until society is finally purged of their bullshit, and we don't need anything. fucking. else.
This isn't a product design issue. It's a punish evil people issue.
In some places, people lose their lives if they do something bad. Yet, people still do bad things. I guess taking someone's life isn't enough of a punishment?
Laws discourage certain behaviours. It doesn't stop them.
Regarding victim blaming, obviously this person isn't to blame, but it seems that even suggestions to be cautious are seen as "victim blaming".
When you tell a kid to look to both sides when crossing the road even if it's green, you're not blaming them for a possible accident. It's just that sometimes people ignore traffic lights. And when you tell someone not to give their pin or send a device with sensitive content for repair, you're not blaming them. You're just telling them to be careful because sometimes stuff like this happens.
I get your anger here, but pure punitive measures won't solve this. This is easy to prove in that it hasn't solved any other sort of crime.
One, the correlation between "do a crime" and "do the time" is quite low. Look at the stats for sexual assault (0.25%), robbery (0.2%), and assault and battery (0.3%): https://www.rainn.org/statistics/criminal-justice-system
Even for murder, the US's clearance rate is only about half.
But even if the correlation were somehow perfect, it still wouldn't eliminate it. People just have a hard time believing in the consequences of actions until they experience them. I couldn't count the number of times I've gone through the "ooh fire pretty" -> " ow fire hot" loop in various ways.
So this is thing where we need defense in depth. We need solutions in criminal law and civil law and provider regulation and product design and user education and culture shifting. Each one of those will be fallible, but each one will bring the rate down. With enough work we can at least make the bad outcomes rare.
We don't punish out of some fantasy that it will "solve" crime. At least I hope we don't. I'm under no such delusions, I promise.
We punish in order to hopefully deter, in at least some cases, though. And sometimes, we punish because it's simply the right thing to do, because people deserve it. This is such a case. They busted into these phones; that was bad enough. Then they searched for the most personal and compromising stuff they could; that's crime #2. Then they posted it! That's three crimes. This sort of brazenness needs to be punished, at least occasionally, to show people and future offenders that we still have at least some semblance of a functioning justice system. That they can't just do whatever the heck they want and laugh about how it might affect people.
You were the one who said, "We do NOT need fucking removable storage to fix this," before going on to glory in punishment. If you now admit that punishment isn't enough, then presumably you now agree that we should do things beyond punishment to fix this.
Nobody said that. I certainly didn't mean or say that.
We do need the right Americans in prison, though. I can easily find tens of thousands of folks who need to be released. These fuckers, though, need to be incarcerated. Otherwise, why do we even have prisons?
How about make it so that the "hidden" photos on a phone require a security code/biometric to access? I've always been shocked that this isn't the case with iOS (don't know Android), it seems so obvious and simple.
It's proprietary but that's exactly what Samsung's "Secure Folder" is. Apps, contacts, files, photos ... That can't be listed or accessed without a secondary auth, protected by knox. I don't know about non samsung android phones.
It's fairly simple to use, and if you sometime give your phone to other people / kids / etc ... It quickly becomes absolutely necessary.
Need to remember to use the "secure folder" camera though, if you merely take the pic THEN move to secure folder, while it's super quick and easy it's usually too late as google photos, dropbox, whatever else will already have duped it.
> How about make it so that the "hidden" photos on a phone require a security code/biometric to access?
Pixel with the latest Android should have that ("Move to Locked Folder" [1]), though as with all security things it is annoying to use in a lot of ways. Doesn't work for SMS images or Whatsapp (Signal is much nicer on this front, but images on Signal get lost if a phone is bricked - the account backup/transfer method sucks a bit).
I have a bunch of old USB sticks, HDDs, phones, tablets, etc in my garage because I can't wipe them, but I can't possibly remember what data was stored on them over the years. Micro SD cards are great because they're teeny tiny.
Nothing nefarious. I'm just not very trusting with my data, and not going to just hand it over like that.
Modern Android versions are encrypted by default. Though given weak/no passwords by default I believe it only helps if you remember to factory reset first.
And if it's damaged a reset or wipe may be impossible for the end user.
I hear you, and agree wholeheartedly that there is "absolutely nothing wrong with this", but maybe if the topic keeps coming up, people should have less trust in the companies (and their respective flawed human supply chains) that keep our information.... and act accordingly. Unfortunately that's easier said than done these days.
Sure, but you probably wouldn’t ever hear someone say “maybe you should have had less trust” if Google employees snooped on your Drive account to steal financial records or something like that to use against you. Why do we tend to treat people like they’re asking for it when their nudes get compromised?
But you would. People here preach that every single day.
If you had highly sensitive info of a non-sexual nature on Google Drive that was going to have a massive negative impact on your life if it got leaked, half of this site would still be saying "that's awful, but you can't trust Google" if that happened.
> you probably wouldn’t ever hear someone say “maybe you should have had less trust”
No you would hear the exact same thing. My sensitive data on the cloud is all encrypted. Have you ever seen anyone suggesting to do backup on any cloud platform in any other way than encrypted? That's because the data is sensitive and you can't trust whoever store it for you.
> Why do we tend to treat people like they’re asking for it when their nudes get compromised?
We do that over anything that is sensitive. It's just that nowadays, people no longer consider much of their things sensitive... except nudity.
I agree entirely that we should be able to trust companies and I agree completely that the biggest issue is on them, but the thing is, we will never be able to trust them fully, there's just too much to handle. I'm not saying not to push the responsibility on them, for sure we need to do that or it's gonna be even worse, but we also need to remind people to consider their data security and how they handle it. Both are essentials if we want to lower the number of instance of theses happenings.
I'm curious, if I upload nude picture on my Google Drive and with the password "potato", and then my picture were published by someone that guessed my password. Wouldn't you suggest a stronger password? Still a victim, but still good to suggest ways to avoid it in the future.
Why do we tend to treat people like they’re asking for it when their nudes get compromised?
Because nudity is akin to sex and sexual ways, which are taboo in many societies. Upstanding citizens do not have nudes, in general. Especially women or nudes hinting at same-sex romance.
It isn't right, but it is.
Edit: I'm not saying I agree with this. But it doesn't take much to see folks putting others down for nudity. YMMV depending on where you live in the US. There is a reason most politicians (in the US) wouldn't get caught with nudes and I'm guessing that in some areas of the world, it would be even more detrimental to your life. It is the same line of thinking that punishes women for being "sluts" but are OK with men having a series of one night stands.
What's great about this is you don't need evidence. People just need to believe it. People at large have a large number of vices they do in private, but the moment our private lives are made public it is very common for others to point the finger and say how dare they do that, even when said person does the same thing.
I remember hearing a court case where a small video rental shop was accused of renting vulgar content by someone claiming that the community standards didn’t allow pornography. This was in an area that is predominantly religious. So it hinged on whether it was true or not that people viewed such material in private. The defense was able to find both rental and internet traffic data for the region demonstrating viewing porn was basically the norm for a large percentage of the community. The court found for the video store, but IIRC the legal costs still destroyed the business.
I don't think the parent was asserting that this is true, just that this is the general public sentiment in many societies (which I'd agree with, unfortunately).
Neither your very strict, seemingly religious-based and ethically dubious idea of an "upstanding citizen", nor anyone else's, should ever justify someone's reputation being irreparably compromised by a professional phone repair person / google employee on the job.
Anyway, your comment doesn't seem to have much purpose but to weirdly say "this isn't right, but it actually is right."
I'm not saying I agree with it, but it is an observation. I'm pro nudity, and think it should be normalized. And I'm atheist. And live in Norway, where nudity isn't as big of a deal. I lived the first 30 years of my life in the midwest US, though, in small to medium towns.
But come on, I'm sure you can find examples of folks putting down others for it. It isn't common for politicians to have nudes, at least not in the states. Melania trump had her nudes used against her (put as degrading her character): Janet Jackson had people outraged over a nipple. Facebook doesn't allow nipples. Heck, even further back, I remember folks in high school shaming a singing group (TLC?) for having nudes printed in another country (the cover wasn't even showing breasts as hands covered them).
I don't trust Apple to not snoop on my iPhone and macbook, share the data with law-enforcement, and maybe use it to sell ads. I do trust them to not log in to my bank and transfer all my money to Tim Cook.
How do you "act accordingly" when you want to partake in sharing digital private documents with your wife? In order to follow that advice, you'd have to stop using smart phones entirely, and that's not really feasible today.
Sure, it's lurid in this case because it was nudes, but this could have just as easily been identity theft or something more mundane but equally wrong for Google to access.
No, this is what we have laws for. What Google did is wrong and if the person responsible cannot be criminally prosecuted, we should seek legislative changes to enable prosecution in cases like this in the future. This is not merely a matter of individuals trusting Google too much. The individuals don't have much choice; that's where the law can step in.
Say I have a bedside table that needs repairs. I send it to a carpenter. If I am fool enough to leave my nude photos in the drawer then I should fully expect the carpenter to have seen them. I'm the fool, he's innocent.
If, however, he takes those photos and sends them to a tabloid, now he's the asshole.
Maybe stay with the carpenter and observe him so you can make sure the pictures are secure?
Might seem weird, but if you explain to the person doing the work that you have sensitive data on the device they'd probably understand the precautions.
Of course it's not necessarily easy. But you might as well make the request. If you are in that situation and you're concerned about sensitive data being leaked, then it is an option.
Some people no doubt engage in victim blaming, but I don't think that's what's generally going on here. For instance, I don't think anyone would disagree that the individuals that made those photos public should be prosecuted to the fullest extent of the law.
The world contains bad actors, and we should be having conversations about what are the reasonable steps people should take to protect themselves. The fact that this happened, and that it could easily happen again, suggests that we should take additional care with sensitive data on our phones. Maybe an app for encrypting sensitive photos and that requires a password to access?
Yes, people should feel safe in their tech. People should also feel safe in their homes, but most everyone still have locks, and many people additional layers of security.
There's a difference between victim blaming and protecting oneself against the world. The sad reality is that systems in society don't always work the way they're supposed to, whether that be companies being egregiously unprofessional when working on user's devices, or police showing up to an armed burglary long after the events have transpired and lives were harmed/lost.
People should be able to feel secure in the tech that they use, in the companies that they entrust their information with.
I can never tell whether I'm paranoid, or worried for good reasons, but cases like these + mass leaks which happen occasionally are basically the reason why I don't have this secure feeling at all for anything which isn't on an offline device which is in my hands or device-side encypted then put online (but to a lesser extent). And I'm afraid nothing is ever going to be able to fix that feeling anymore, it just seems to late for that, and I feel like people who do feel secure lost touch with reality somewhat.
I still get that feeling for the most part with open source self-hosted stuff and devices running as open as possible software. Could someone hack my up-to-date linux server behind my VPN? Yeah. But it feels a lot less likely than any other device. If it's not an open source OS with a good track record, I feel like every key stroke, swipe, or picture is spied on.
On devices I trust less, like my android phone, I feel better than default (but not perfectly comfortable) about open source encryption software and the stuff stored there.
Well said, A basic consumer shouldn't be expected to be aware of OPSEC for repairing a broken phone(which in this case seems to be the reason for not wiping data as well).
This also brings an important aspect of repairability, I've been paying for extended warranty and discount on battery replacement for years to an android manufacturer and when the time arrived(during lockdown) they wanted my device sent to the repair-center as there was no policy to send the parts to the consumer's place.
Although I don't believe for a moment that Apple is pro-repair now, I hope them sending parts directly to the consumer would be followed by android manufacturers as well.
Comments like that ruin threads for me too, but pre-empting them as you have just draws attention to the sewage, so I don't think it helps.
Unless I missed something, I believe that you currently have the only top-level comment to mention victim blaming. There's one other, but it's dead, which means the HN "immune system" (as dang calls it) worked.
That's not always an option -- my last android phone died with a reboot loop. It was several years old so I opted to discard and replace it (after opening it up and snapping the main circuit board in half), but if it was newer and I wanted warranty service, I'd have no choice but to send it in for repair, unwiped. In theory, device encryption would protect my data unless the service center has some way around it.
> That's not always an option -- my last android phone died with a reboot loop.
You're not wrong, but for future reference, there is a way to stop such a reboot loop; I did it just yesterday with my wife's phone. (Of course, it was a Pixel, so it might not be on every phone.) You do it by holding power and down volume until it says "Command not found", then you hold power and volume up until you get a menu. One of the items should be "Power off". Another one is "Factory reset" or something like it.
Once my wife's phone was off, I left it off for a couple of hours to let it cool. Then I booted it again, and all was well.
I spent days going through every blog post I could find for tips on how to fix it, including booting to recovery mode -- it would reboot as I scrolled through the recovery menu and even when I got as far as trying to do the factory reset, it would reboot before it even started the reset. I let it reboot itself until it ran out of battery and waited a day after that to let it completely drain. Even tried putting it in the freezer.
Don't take digital photos that you don't want the world to see.
I don't like seeing "don't victim blame" taken as gospel. Blame isn't a simple binary thing. Every time a company is hacked we don't line up to defend their shoddy security practices even though they are a victim.
This is a dangerous argument. There’s been a lot of public statements from the big tech firms about how data on phones is encrypted and that the devices are safe.
Resorting to “do not do X if you don’t want Y to happen” is a cop out and demonstrates a fundamental failure of technology doing what it says on the box.
I've said in another comment that I am extremely interested to know the outcome of this since I am a Pixel owner. It is concerning but right now it's unverified.
This is a really bleak way to look at digital devices and their role in the world. Should you only write things you want the world to read on a computer, and for everything else, just use pen and paper?
Hackernews is full of people with the skill and position to actually influence what decisions the tech world makes.
It's much less forgivable for engineers and managers that work at Google, Apple, Facebook, Microsoft, etc to be cynical and say "yeah Tech is evil what can you do" compared to the average person, and this site is full of people who are in those positions.
Yes. Anything you write into your computer has the potential to be shared. The same way anything you write and send in the mail has the potential to be shared.
And yet, if GMail published email exchanges of a protected nature between someone and their lawyer, would you just throw up your hands and say, alas, digital communication is cursed?
Some digital activity should be considered private, and violating that privacy should have legal and social consequences.
I agree completely that you should be able to take nude photos of yourself, but I still wouldn't use a phone to do it -- my phone's pictures get backed up to the cloud automatically, and even if they didn't, the phone provider is probably the least likely risk that I face. I am probably more at risk from some rogue app that I installed on my phone.
When I have done this in the past, we did it the old fashioned way -- took the pics with a non-connected digital camera, printed the ones we liked, then kept the rest on an encrypted USB drive. Even this has the risk of leaking your photos to the cloud if your computer is set up for cloud backup.
Probably got too close to "victim blaming" for the crowd here.
Being able to trust your hardware/software is important, but also knowing why you can't (for now, maybe not ever) trust your hardware is also important - maybe more important.
> Look, face it, some people like taking nude photos of themselves and they like sharing them with their partners. There is absolutely nothing wrong with this.
It doesn't have to be "wrong" for it to be stupid, and trusting your private life to a device you literally do not own is. This isn't victim blaming, this is recognizing the fallacious logic that most people have when approaching this subject. Call it tech illiteracy if you want to be nice, but I'll just call it "dumb".
I imagine a lot of people sharing nude photos don't especially mind if they become public (I personally don't, I've had many partners who don't fear this). So they aren't "dumb" for taking a risk they are comfortable with. Nor are they dumb to expect the criminals to pay if they do become a victim. Both things can be true without anyone needing to be "dumb" as you seem so desperate to assume.
It's definitely the fault of some individual related to the service. BUT, you must be pretty stupid to send a device away that contains sensitive information.
And unfortunately, a lot of people in society don't expect this type of intrusion by a company they trust. But they should. And I don't think you can blame Google for any of this.
It is relevant because there's a massive deficit in basic infosec among the populations of the world. Why keep blaming big corporations when we need to get smarter ourselves?
Once you start throwing around terms like "basic infosec", I think you need to recognize that the vast majority of people in the world won't even know what that term means. And shouldn't have to. It's up to us (the more technically-minded people) to protect them by helping to drive change, both in legislation, and technical measures to make it so people don't need to trust these big corporations. That's our failure, though I certainly recognize that this is a difficult thing to do.
Of course the fault lies with the person who posted the images online. That person also violated state and federal laws. There is no doubt about that.
However, most people wouldn't knowingly leave nude images of their spouse on the car's back seat when getting the car serviced. In many ways this is similar.
Edit: For people who think I'm blaming the victim, I am not. I thought that was clear, since I blamed the thief/poster of the photos! This is in many ways similar to leaving photos in a car. That is not to say that the person with the phone is at fault, but that this also happens in many other cases. If this happened to me (which it has), I'd do something else instead of sending my phone for repair by an unknown person.
I don't know how broken the phone was, but it's possible for a phone to be so damaged that you can't wipe it's contents prior to sending it in for service.
I love car analogies (who doesn't), I think this is more like your car being on fire and asking a firefighter to put it out, while hoping they won't find and share any documents they find in the back seat.
Indeed, when my Pixel 1 abruptly failed it would not turn on at all. Not merely briefly, not a boot loop, it was truly a brick and there was no way to alter what was on it. I thought it was unfortunate that it happened a mere few months past the end of warranty, but at least that way I didn't send it back to Google. Instead, a local school got it for the students to disassemble in a technology course.
Now, I don't store nudes on my phone. That said, it was recently suggested to me, here on HN, to use a scanner app in lieu of a flatbed scanner for all my scanning needs (primarily documents around tax time). Not so sure that's a good idea versus this.
So what do you do when your car is on fire but there's also nude photos in the back seat? Asking genuinely, don't know what would be the best thing to do...
> The post said the phone wouldn't turn on, so how were they supposed to clean it up before sending it out?
I think you are asking the wrong question. It's more useful to ask how to initially safeguard the pictures instead of how to remove them after something broke. If the pictures were encrypted, then it doesn't matter who has possession of the phone.
I am so incredibly tired of Germany being a legal and technical internet backwater. It's exhausting and depressing and I hate it so much. I wish the old people would fuck the hell off, because they simply don't belong in positions that represent our society in a modern world.
A good friend of mine is German. She moved out of the country a couple of years back because it was crammed with backwards ideologies and Ludditism to use her own words. Her father ran a small shop which went bankrupt because he was closed at lunch times and weekends (when everyone wanted to go in there) and only took cash and this was everyone else’s fault apparently. She came here (UK) and was surprised you could actually pay pretty much anywhere with a phone for example and says we live in a technology utopia compared to there.
> Her father ran a small shop which went bankrupt because he was closed at lunch times and weekends
That only means that her father was crazy, I don't know a single shop that closes during lunch time. The smaller places I know intentionally shift their opening hours to explicitly open early, during lunch or during closing hours.
> and only took cash
Afaik most electronic payment providers require that you hide their transaction fees in the normal price, so a shop that doesn't offer electronic payments can be cheaper. However most places support contact less payments so that must have been some years ago.
"Nur Bares ist Wahres"...and it's true. With cash you have full control of the money while with some CC or phone you rely on third parties. Not to mention the privacy and data issues. It's always "funny" when people whine about that or how their CC got compromised, despite it being their choice.
>"Nur Bares ist Wahres"...and it's true. With cash you have full control of the money
Well nobody said cash payments should be banned, but it sucks when cash is the only way to pay in some places, meaning I always have to carry a bulky wallet filled with banknotes and coins just in case the bar, restaurant, shop, cafe, deli, parking meter or whatever, does not accept digital payments.
I also used cash for buying greens since that's not yet legalized, but for everything else that's been legal for over 100 years already, please accept digital payments.
you're getting downvotes which is puzzling because a sibling thread laments the all too common overreach of law enforcement citing the "zwiebelfreunde/CCC" raid. It's perfectly consistent to be suspicious about paying by cash and also wanting to avoid leaking information to advertisers or taking care about security. Rejecting FinTech or traditional banking in a high tax country even as a law abiding citizens is not being a Luddite. It's good data hygiene for when they eventually come knocking and demand you explain yourself.
>you're getting downvotes which is puzzling because a sibling thread laments the all too common overreach of law enforcement citing the "zwiebelfreunde/CCC" raid
Because just because people want CC/contactless payments to be accepted everywhere, doesn't mean they want cash to be banned, if you wish to stay anonymous.
So why should you deprive everyone of contactless payments if you wish to stay anonymous, when you can acomodate both.
Once traceable transactions become widespread there's a push to limit cash payments - see reporting requirements for paying more than 10000€ in cash, the amount des not get inflation-adjusted, see other countries with higher percentages of cashless transactions.
So the people who want to pay cashless enable a power-grab by law enforcement. Not intentionally, but through their own convenience. So while their preferences taken on their own are not harmful if you combine them with known dynamics they are in conflict with the preferences of those who want to pay cash.
And I think simple convenience (not having to carry a slightly heavier wallet) does not quite weigh (heh) the same as privacy.
So until we get the ratchet of increasing surveillance solved it is entirely reasonable to push back on cashless transactions.
>see reporting requirements for paying more than 10000€ in cash
Why is that a problem? The bank is doing the reporting, not you and it's not like the government is stopping you from transferring over 10000€, electronically or in cash. You are free to do that. I transferred over 50k without any issues. And you can still use cash to buy weed if anonymity is what you wish, or use cash to pay some handyman to fix stuff around your house or piano lessons for your kids, without paying taxes.
The issue is with large cash sums, as believe it or not, money laundering and tax fraud is a real thing, and large cash transactions make this a breeze.
So, knowing how much tax money the taxpayers are loosing every year thanks to cash driven tax fraud, I'm all in favor of more scrutiny on large cash transactions and moving to more transparent wire transitions.
Because they're boiling the frog. It doesn't stop at reporting. And it doesn't stop at 10k€. And it often does not get inflation-adjusted, so the real limit keeps getting lower too even without regulatory changes.
> So, knowing how much tax money the taxpayers are loosing every year thanks to cash driven tax fraud
I assume the bulk of tax fraud happen by corporations cooking their books, using legal loopholes and writing their own legislation, not by average citizens paying a car in cash.
If it were about tax fraud they would have set the limit once, decades ago, and kept increasing it with inflation, not the opposite. Organized crime isn't something novel after all. So this reeks like a post-rationalization for more surveillance.
Also, tax reporting is the duty of the merchant for most transactions, private citizens shouldn't have their privacy voided just because others evade taxes. Instead make it mandatory to provide bills (with audit logs) and prosecute customers after tax fraud has been uncovered if they knowingly benefited from the tax fraud (e.g. by waiving the billing). Create bounties for people reporting billing evasion. I believe something like that has been implemented in greece. Search for privacy-compatible solutions instead of proclaiming that taxes and privacy cannot coexist.
This feels to me a bit like saying "wheelbarrows trump cars" because you're way less likely to get into a life threatening incident while operating one.
You're highlighting one small convenience of cash and ignoring its many real disadvantages.
It is more secure against remote hacking and imposition of a serious negative interest.
In a purely cashless society, the central bank could force a -10 per cent interest on all savings, thus forcing people to spend even if they don't want to.
This is harder to do in economies where people can take their money out of the bank as cash. There, the lower limit for interest seems to be around -1 per cent.
That’s a fundamental misunderstanding of sensible economics.
Cash is a facilitating fluid which should be channeled into diverse investments which are not based on monetary value such as property and resources, not stashed in large piles. Holding any cash in any quantity is a risk. Doesn’t matter if it’s magic numbers in a computer or bits of paper in a mattress.
As usual, some people want to undergo this risk in order to balance out other risks. For example, your bank account can be frozen under a variety of scenarios, even unjustly so. In such situation, it is better to have emergency cash at hand.
Diverse investments are good, but some liquidity is good as well. If you e.g. need to escape a starting civil war, things that can be carried on a person and have near universal acceptance are more valuable than a roll of blue chip stocks or a nice house that you cannot take with you. I have met people who escaped the siege of Sarajevo; cash and gold went a long way helping them out.
Countries like Italy cannot inflate their way out of debt anymore. ECB, at least officially, is trying to keep inflation low. But negative interest rates would help the heavily indebted countries to ease their debt service burden.
(If such constellation of parameters is sustainable, IDK, but that debt isn't going anywhere.)
There being no transaction history is good (less data/more privacy). Not sure how it's easy to lose. At least I have never lost my cash. And if you lose your wallet for some reason, you also lose your CCs. There is "often" fraud with CCs, with cash that rarely happens, unless it's counterfeit money. Also not sure what you would do with the money that you would damage it. Usually, it's in your wallet or somewhere stored.
Promises that the money will be worth it the next day, sure. But at least I have my cash in my hand (and some stored where I live), so access to it can't just be denied.
Depends on where you lose it. If it's in/at some place where you can buy something, people usually bring it there and you can get it back as soon as you notice. If it's the whole wallet, it's even easier (would be true for CCs then as well). But yeah, if you don't get it back, then it's gone. But to be honest, if I lose like 100-150€ once in 80 years because of that, then I can take it. I never have more than that in my wallet, unless I intend to buy something. (And that's also another benefit. Cash prevents against impulse buying and you spend your money better (you visually see how it's shrinking etc)).
antifragile doesn't mean no shocks no sacrifices. it's regular shocks and sacrifices to reduce chances of black swan events. Zimbawe is a (predictable) white swan event not a black swan.
That changed a lot since 2020. I regularly pay small things, like franzbrötchen, with my Apple Watch (that was not always possible before). At least in Hamburg it is now possible to use a card/contact-less payment almost everywhere.
Regarding cash payments, things have slightly improved due to covid. Many places that did not use to accept cards/phones now do but there's still a ways to go.
And then of course there are many smaller places that only accept cash payments for the same reason they only enter half of your order into their cash register.
Ironic because a lot of left leaning US folk think it is a utopia.
I think the culture around employment contracts preventing people from quiting when they want, penalty free, and the letter of recommendation requirements from a previous employer are insane. Seems like you would really have to go above and beyond to not get screwed on your next job by a bitter ex employer.
Also find the gov owning large shares in the private sector (Volvo.. Ect) to be a conflict of interest and may encourage them to bypass emissions laws for example.
France isn't a lot better in this regard. You need a permit from the Conseil Supérieur de l’Audiovisuel to operate a public open wlan. They had a three strike policy for sharing infridging content but they just gave up for some reason. Maybe they finally realised it's a waste of public servant time to go after people in the benefit of a few corporations.
Big copyright holders hold a lot of political power in France. That's why France has been one of the country in the E.U fighting the most against piracy and taxing pretty much everything you can store music file on (we used to buy blank CD/DVD in germany or spain because they where close to 10 time cheaper).
The three strike / hadopi bullshit was clearly a political move to satisfy the biggest copyright holder, a lot of it was completely unenforceable and even unconstitutional from the start. In the end, very few people even got to the third strike, and they couldn't even do what they "promised" (forbidding the person from having an internet connection) and had to go through costly court procedure just to give fines in the end. It was just a machine to burn public money for the miniscule benefit of a few. It died very fast because nobody wanted to try to make this bullshit actually work and burn even more money when they have to get re-elected.
Its a systemic rot. Old people in this case are definitely part of the problem, but so are the young bureaucrats who just step into their predecessor's shoes and continue working as they were in the 70's. "Bitte per Fax zukommen lassen."
Hmmm okay, so first of all I should had said Berlin, as perhaps my experience does not necessarily reflect the situation in the whole Germany. So about Berlin: Aside from the internet paper-based communication, and general love for bureaucuracy, I found the city's infrastructure to be generally deprived. When I arrived Tegel and Schönefeld were the only airports, the state of which I frankly found shameful, especially for the capital of Europe's biggest economy. And the new Brandenburg airport that took 10 years to finish is not great either. I found the state of S-Bahn and U-Bahn pretty disappointing too, and parts of the public transport system to be constantly broken. Also the general customer service is very bad, a lot of places don't even accept credit cards, and overall people seem to be reluctant to adopt new technologies. I have the feeling that Berlin is stuck in it's golden age, and doesn't want to move forward. As for the point of reference, I moved from Hong Kong (not my native country), which I consider to be very modern in these aspects, so the whole experience was like a time-travel back to the 90s :)
I recently went to work in Germany (not Berlin). It surprised me how conservative the country is, in many ways, not just the use of tech. Its lack of tech is a reflection of that attitude is my impression. Unfortunately the pandemic has made it difficult to get to know people personally and study this in a bit more detail.
And the younger ones are better? I think this has nothing to do with age per se, more of mind, character, experience. Or class. Or how compromised and corrupt they are. I mean, look at Spahn. Or Dorothee Bär.
Or lets not concentrate on persons, but on concepts instead. What makes anyone competent to be at the top of any branch, resort, ministry? Their staff? Then why not appoint someone from the staff to that position?
It's all non-sense now, a tragicomedy at best. Regardless of party and age.
Releasing a project as open source is associated with a lot of work and responsibility. People get quite entitled over open source projects and get quite upset when developers don't do what they want. I can see why he's unwilling to undergo all that stress and pressure if he feels it doesn't benefit him.
He can do what I do with my own personal projects: if you install something I wrote, you get the source code whether you want it or not. Setup.exe basically dumps a copy of my development directory into the specified installation folder.
That way, if I get hit by a bus, it's fine, The Source Is Out There. If someone wants to send a bug fix or improvement, great, thanks, I'll be glad to take a look. Otherwise, don't bug me.
The idea that "open source" is necessarily a full-time maintenance job with formal processes and expectations is something somebody made up.
> if you install something I wrote, you get the source code whether you want it or not. Setup.exe basically dumps a copy of my development directory into the specified installation folder.
This is really cool, can you share a bit about how you do this? Are you using a makefile and putting a gzip as an embed into the setup? Is this a function of the installer you're using? Thanks for any insight.
Not a whole lot to it. I just add the makefile, .cpp and .h files, Windows resource script, and other sources to the .iss file that Inno Setup uses to generate the setup program. They all get dumped in the same directory at installation time, for better or worse.
In the case of one commercial application, there are also binary blobs in the form of DLLs that support custom hardware.
It's not one of those practices that scales particularly well, but it works for me...
Seems to me like the fact it doesn't scale is why you do it. It's a decent way to avoid the responsibilities of having to lead an open source project while still giving others the benefits of having the source code available and modifiable. I wish more devs would do this.
Or he could just do it FamiTracker style: make no mention of source code on the website/communications, include a zip named "SOURCE" on the normal download which contains the source code, license, and a simple text file with build instructions.
"McDonalds is a place to rock, It is a restaurant where they buy food to eat, It is a good place to listen to the music, People flock here to get down to the rock music." - Rock 'N Roll McDonalds
"Batman beat the hell out of me and knocked me to the floor, I got back up and knocked him to the floor, He was being such a jack off" - I Whupped Batman's Ass
"This beast killed as many as 100,000 people / It's wings can flap like a bird / It can break a glass / It can also stab you in the ass" - The Chicken Cow
For the love of god, having a monopoly is not required to be guilty of anti-competitive behavior. Every time the topic comes up somebody says "but FB/whoever doesn't own the entire market so everything is fine", as if it absolves FB from acting like complete and utter pieces of shit socially and in business. News flash, it doesn't fucking matter. They don't need a de facto monopoly to have an adverse effect on competition or their consumers/users.
> For the love of god, having a monopoly is not required to be guilty of anti-competitive behavior.
The original comment said monopoly, not anti competitive behavior. They are different, you're right.
> They don't need a de facto monopoly to have an adverse effect on competition or their consumers/users.
True. That said, i'd argue facebook actually has a positive affect on competition in their space. They're regularly rolling out new features and making changes due to competitive forces, meaning others compete on better experience rather than just different.
Eg. FB copied snapchat stories... and snapchat had nothing to stay relevent. FB copied tiktok format and TT is stronger than ever, since TT's advantage wasn't the format but the algorithm.
Every freaking time a German dictates a number they do it in a sane way for half the number then do the backwards way for the rest which totally trips me up. I hate it.
I like the idea of the site but it doesn't match what I want when I'm in a particular mood. If I'm sleepy, I'm more likely to want to watch something chill. If I'm sad, I'm more likely to want to watch something sad. But there are also situations where I want the opposite, so it's not like there's a hard rule. I feel like the site would be better asking what mood they want to be in, instead of trying to guess it based on their current mood.
