I'm not going to begrudge you IP-banning a compromised machine, but you don't need to burn anonymity to the ground to do that.
Who says the world at large needs to know who they are? I'm not exactly sure which conversation you're responding to. My suggestion for universal online ID does not in any way imply that the destination of your data stream has to know your name and address; it merely requires the exchange of a transactional token that is validated by a third party. You would choose what, if any, of your personal data to share.
A compromised system would be shut out of the 'net without anyone other than its immediate upstream provider knowing its identity. Any portion of the data pathway that is compromised or intentionally set up to deliver false authentication would be similarly shut out.
edited 19th Aug '15 9:54:59 PM by Fighteer
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"So...
I apologize if this has already been covered, but there's something disturbing about a lot of the moral posturing people are engaging in right now with Ashley Madison's recent leak. While I'm of the opinion that people should have a right to know if their partner is engaged in adulterous behavior (or any behavior they didn't agree to), a lot of the people celebrating the leak seem to miss a number of very real concerns the former clients have about their safety and emotional wellbeing.
For example, there are a few former AM users who used the website to express their homosexuality in privacy, and some of these people live in countries where they could be imprisoned or killed if word got out about their behavior. I came across a guy from Saudi Arabia who is trying to make arrangements to leave the country lest his family and colleagues uncover the data.
There's also the issue of people seeking out Ashley Madison because they wanted temporary relief from failed, abusive relationships.
Here is the thing though. Ashley Madison, as a tool, is used to foster the unfaithfulness and abusiveness in other relationships. Its slogan is literally "life is short, have an affair", that is "YOLO cheat on your bitch" in "hip teen" language.
This is the sole objective of Ashley Madison.
That some people found a good use for a horrible tool makes them more victims of society than it does of the leak. It is horrible that these people had to resort to such a tool in the first place to get away with things they have to hide from public otherwise they would get lynched or more.
But the fault of this does not lie so much on the leak, but more on other aspects of society that are fucked up.
Now then as an addendum, if you asked me about my position in traditional marriage vows and monogamy, I would kinda shrug my shoulders, really. Even on a personal level I just feel that "Meh. Whatevr works, so long as it is done in an emotionally and biologically healthy manner". That is, it is great if a couple lives in an open relationship even if it is a marriage but if they both cannot agree to it then you ARE an asshole for cheating on your spouse, you know?
It is sadly one of the things that are implicit in marriage, however. It is never something people actually discuss.
It has always been the prerogative of children and half-wits to point out that the emperor has no clothesLet me be perfectly clear: while I may engage in a bit of schadenfreude over the sudden embarrassment of people whose moral hypocrisy is revealed by the Ashley Madison hack (*cough* Josh Duggar *cough*), there is no doubt that it is a serious security breach that can harm a lot of people.
In many cases, marital infidelity is a predictable, inevitable outcome in cultures that practice arranged marriages, stigmatize premarital sex and/or divorce, and/or insist on patriarchal power dynamics within families. One or both partners feels trapped in a marriage that is not ideal and seeks an outlet. The existence of Ashley Madison as a site speaks to a failure of our cultures to provide adequate sexual outlets for men and women.
The potential for persecution attached to the use of the site by those same cultures is probably the worst thing about the hack. If we were all sexually egalitarian and thought of it as a humorous peccadillo, it wouldn't be a big deal. But if you live in a society where getting outed for infidelity or for your personal sexual habits might cost you your job, your freedom, or even your life, it's not funny at all.
It's hard to find anything to say about the web security aspects of the hack that I haven't already spoken my mind about on many occasions.
edited 21st Aug '15 7:37:31 AM by Fighteer
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"Mostly out of ignorance, to me, putting something on the web means that if someone big enough would ever want that info, they could get it. And "big enough" can not necesarily even mean the CIA or shit. Mexican cartels have assassinated people due to tweets and stuff.
But to me, there are some things that the risk is well worth it for the many benefits it provides.
For example, long ago Obama started a genetic study government funded that would gather the DNA info of thousnads of people in the U.S. The risk? Pharmaceutical companies stealing the info for obvious reasons: profit. If you wanna go full Gattaca or something, then it can get downright dystopian.
But the benefits are more comprehensive and efficient health knowledge for all professionals that are directed to human healthcare. To me that is well worth having this info be widely available.
of course I do not mean that this info would be accesible by literally everyone, or that we should not even try with the security. But running this shit on paper is impossible in the modern world.
It has always been the prerogative of children and half-wits to point out that the emperor has no clothesIt doesn't help that it's entirely possible for profiles to be fake. I mean one figures that all one needed to make an account is an email address? Old email addresses aren't going to be that hard to find and grab, or just ones that look like they belong to a person.
Plus in the end it's non of the publics business. An argument could be made that it's in the public interest when it comes to say politicians and other public figures that might have built a reputation on being against such things, but for the general public it's simply not relevant and the number of innocents that will be caught by such a blunderbuss approach to revealing infidelity is to high.
“And the Bunny nails it!” ~ Gabrael “If the UN can get through a day without everyone strangling everyone else so can we.” ~ CyranFrom what I read, you actually need to pay for an account there, and the eample of Josh Duggar, he seemed to pay the 250$ extra to get a "guaranteed affair or your money back".
You know I am not actually being a pervert this time because I don't have a spouse or anything resembling one. Just giving info, yo.
It has always been the prerogative of children and half-wits to point out that the emperor has no clothesTwo possible outcomes.
1) These universal ID's can be created at will, with as little as no identifying info, and you can have more than one of them. Which kind of defeats the point.
2) You have to have exactly one. Your personal information is entirely optional until your employer mandates it — then you have no anonymity anywhere, even after you quit that job.
edited 21st Aug '15 1:55:34 PM by Pykrete
Your social security number, IP address, car reg, email password, driving licence number, and more are also information an employer could technically demand, but we still have all of those systems. The problem isn't with the idea of having an ID system, the problem is with having such terrible employment law and unions that an employer feels they have any kind of right to demand such information.
“And the Bunny nails it!” ~ Gabrael “If the UN can get through a day without everyone strangling everyone else so can we.” ~ CyranThere is no way to prevent an employer from copying down your personal information and using it now, never mind with this hypothetical system I have in mind. Throughout your life, you have dozens of uniquely identifying ID numbers associated with you, unless you play "hide my identity" shenanigans. This system would be no less protective of your information than the existing one.
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"Those, however, are not necessarily attached to a persistent anonymous online identity that you use for literally everything else. You don't go parading those things around everywhere you go.
Is it even legal for your employer to demand your private email password?
edited 21st Aug '15 3:37:22 PM by Pykrete
Seeing as employers in the US apparently regularly demand access to your facebook I'm going to go with "for some reason yes".
Also depending on how the online identity thing works you might well not be parading it around. Plus your email certainly is tied to a lot of online identities.
edited 21st Aug '15 3:44:42 PM by Silasw
“And the Bunny nails it!” ~ Gabrael “If the UN can get through a day without everyone strangling everyone else so can we.” ~ CyranPykrete, you are still operating from the paradigm that anonymity online is the default condition from which any deviation should be justified. I fundamentally disagree.
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"Barring hax, your email is not tied to everything unless you're a moron.
I have three emails. A formal one I use for public communications, a private one with limited info for sites I generally trust, and an extra with zero identifying info at all used as a dummy when I suspect the site will spam me or something (I think I've logged in to it all of once, ever, and it was indeed full of spam from places I'd never even visited much less signed up for). Worst case scenario, I can close one of the latter two accounts and create a new one.
If an employer were to give me an ultimatum to give him my email password (and I wasn't in a financial position to tell him to go pound sand), I'd give him the public communications one and he can trawl all he likes through college alumni crap, people who wrote me letters of recommendation, job search updates, and the occasional thread with the Department of Transportation when I report their broken shit.
It's the default condition anywhere, online or not. For the same reason you don't go stop-and-frisking people or picking them off the street to ask them for papers.
edited 21st Aug '15 4:08:47 PM by Pykrete
If I see someone on the street, then see him again a day later, I know it's him because I can identify him by appearance, by voice, by mannerisms, unless he goes out of his way to disguise himself. It doesn't matter if I know his name; I know he's "the dude with brown hair and a lazy eye who called me a dumbass".
edited 21st Aug '15 4:09:58 PM by Fighteer
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"And if he's on the street he's in a public space and has no expectation of privacy.
The internet is in kind of a weird position on that. The internet itself is public, but any given site on it is generally private. I'd rather err on the side of anonymity unless there's a very, very compelling reason otherwise.
Actually, as strong a proponent of online privacy as I am, Fighteer's suggesting isnt any more dangerous than what we already have, and a deal more structured and manageable. After all, your ISP already does know your real identity, that's how they can bill you.
I think there’s a global conspiracy to see who can get the most clicks on the worst liesNope, you get in trouble if you go out wearing a mask, most private establishments ban the wearing of identity concealing gear. That's before we get into those countries where you are meant to carry your national ID card at all times.
“And the Bunny nails it!” ~ Gabrael “If the UN can get through a day without everyone strangling everyone else so can we.” ~ CyranLets not get into a derail here. I'm sure he meant we dont have to go around displaying our ID everywhere we go. Esp. if you pay in cash.
I think there’s a global conspiracy to see who can get the most clicks on the worst liesI don't have to show ID to the people working there but I still have to let the business log what I look like on their CCTV.
“And the Bunny nails it!” ~ Gabrael “If the UN can get through a day without everyone strangling everyone else so can we.” ~ CyranFor the moment, CCTV isnt linked into a global commercial database that can tell everyone who you are. Yet.
I think there’s a global conspiracy to see who can get the most clicks on the worst liesThe store owner, however, knows who I am, so if I come in and trash the place, he can kick me out the next time he sees me. Or, he can show his CCTV footage to the police, who can identify and arrest me.
edited 21st Aug '15 4:34:24 PM by Fighteer
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"