It's also worth stating that the worst part of that proposed amendment [1] isn't even necessarily the VPN ban, it's the next clause, on page 20:
"The “CSAM requirement” is that any relevant device supplied for use in the UK
must have installed tamper-proof system software which is highly effective at
preventing the recording, transmitting (by any means, including livestreaming)
and viewing of CSAM using that device."
"Regulations under subsection (1) must enable the Secretary of State, by further
regulations, to expand the definition of ‘relevant devices’ to include other
categories of device which may be used to record, transmit or view CSAM"
> any relevant device supplied for use in the UK must have installed tamper-proof system software
It's happening. Computer freedom, everything the word "hacker" ever stood for, will be officially destroyed if this passes. We're about to be robbed of control over our computers by force of law. It's just the UK now but eventually it will be every country.
This is a very dark day. I've been prophesizing its arrival for a while now. I was secretly hoping I was wrong about everything, that we'd turn this around, that we'd enshrine a right to control our computers into law. The opposite is happening instead. It's so sad...
I wouldn't give up. When it gets to the level of mandatory government rootkits there are bound to be underground organisations circumventing this and/or trading old hardware.
I'd even go as far to say that if things become this authoritarian, certain "direct" acts would be justified in preventing or fighting it.
An illegitimate underground scene running on life support, using old unlocked computers which are a finite resource they will eventually run out of. Utterly depressing... We used to be free...
If this passes, the only strategic move available is to somehow develop the ability to make our own computer processors in our garages. Billion dollar fabs are single points of failure and they will be exploited, subverted, regulated and controlled. The only possible solution is to democratize and decentralize semiconductor manufacturing to the point anyone can do it. We must be able to make free computer hardware at home just like we can make free computer software at home.
Seems to me this is a cultural issue that runs deep. You are his majesty’s loyal subject, like it or not, and more importantly, you are a subject of his bureaucracy. The US works in a similar fashion, except the deep state has slightly different excuses to exist.
I work extensively in the UK(past 5 years, I’ve worked there maybe two years in total). Nothing gets done without endless approval from people with cushy office jobs in the bureaucracy.
It’s in the bureaucracy’s interest to extend its power, and who is going to stop them?
CSAM is an excellent excuse to control the digital world. I wonder what took them this long.
I'm not british. "We" refers to computer users worldwide. The UK is just the beginning, this will spread to other countries. My country loves to copy whatever Europe is doing.
The obvious answer (that HN hates) is that the right can stop them. The only party in the UK against the Online Safety Act is Reform. The only party that wants to shrink the state is Reform. Every other party is supportive of this kind of thing. This makes sense because every other party in the UK is left wing.
This isn't a problem of one country's specific culture. Australia and Canada are doing the exact same thing, the Democrats would absolutely do the same thing if the libertarian Constitution weren't in their way. The rest of the EU is doing the same thing. It's a left vs right thing.
In fact everywhere is going the same way except the USA, because the USA has a constitution that encodes libertarian values (a minority position) in such a way that it requires a supermajority to overturn.
> This makes sense because every other party in the UK is left wing.
Definitionally not. Left and right are always relative to the local average, "left wing" and "right wing" are nothing more than a seating arrangement turned into a badge.
The Conservatives are, famously, right wing by British standards. If you think the Tories are lefties, you're so far to the right you can't even see the UK's Overton Window from where you are.
> In fact everywhere is going the same way except the USA, because the USA has a constitution that encodes libertarian values (a minority position) in such a way that it requires a supermajority to overturn.
It’s mostly the Tories that were responsible for the drafting of the Online Safety Bill, and let’s not forget the downright evil Investigatory Powers Act. Another Tory creation.
The OP was correct. The Tories were left wing and authoritarian. They raised taxes, and failed to shrink the UK’s bloated state and civil service.
Only Reform have made a stand against the Online Safety Act and other creeping dystopian measures.
I don’t know if I fully trust Reform to deliver, but by a country mile, they’re a safer choice than Conservatives, Labour or Lib Dems in 2029.
The next General Election cannot come soon enough.
Your obvious solution is wrong, though. The right wing is just as eager to implement a police state.
The correct answer is decentralisation of power, and put the government back in the hands of the people. That means frequent voting(multiple times a year), by an educated population.
> The correct answer is decentralisation of power, and put the government back in the hands of the people. That means frequent voting(multiple times a year), by an educated population.
Sufficiently well educated and also willing to read carefully and without partisan (or other) fear of favour.
How many of us read the terms and conditions before clicking "I agree"? How many support a side only because it's their own side?
I don't know how to fix this. The "obvious" solutions (seen in various government systems over the world and the centuries) all have demonstrable problems.
Yes. Like I said, this works well in Switzerland, where stupid decisions are at least made jointly, not by some career politicians. Makes it easier to slowly make changes. The key point is to keep things local - what works in Zürich doesn’t necessarily work in Appenzeller.
> If this passes, the only strategic move available is to somehow develop the ability to make our own computer processors in our garages.
How feasible is this really? I'd feel a lot better if it were possible to produce chips free from backdoors even if the resulting CPUs weren't even as fast as an old Pentium III, but my guess is that any effort to do this at scale will be quickly shutdown by the government
Lithographically fabricated integrated circuit in a garage. Whatever this is, we need a lot more of it to stand a chance at resisting governments.
> any effort to do this at scale will be quickly shutdown by the government
The whole idea is to make this so easy and ubiquitous that they can't shut it down completely. They can shut down some but not all. I believe this is the only way a law like this can be resisted. Promote civil disobedience by making it easy.
It's not. And any effort to do this at scale would be quickly shut down by physics and economics, not the government. Modern computing technology is a wildly complex supply chain, with extremely specialized manufacturing equipment and facilities. Billion dollar fabs are worth billions of dollars for a reason, and it's not for the real estate or the views.
Trying to determine the best "diy chip" sounds like a fun project and an admirable goal, but if you actually wanted something useful I'd wager you'd be better off buying esp32's in bulk so you'd have all the spares you might need.
The absurd thing is that the amendment only covers smartphones and tablets - which means those who the bill aims to target can easily break the law by using a laptop, desktop, camera, smart TV etc.
In short, the Pandora's Box of automated surveillance and security risk on any smartphone or tablet is opened, while a gigantic loophole for serious offenders is left open.
Computers are too powerful, too subversive for us citizens to have access to.
Give citizens computers and they can copy at will, making a mockery out of things like copyright, they'd wipe out entire sectors of the economy if left unchecked.
Give citizens computers and they will have cryptography which can defeat police, judges, governments, spies, militaries.
They cannot tolerate it. They will eventually lock everything down. PCs were left out because everyone is on mobile these days, not because they are opposed to locking them down. They will close the loophole if it becomes an issue. Besides, with remote attestation they can just designate those devices as untrustworthy and ban them from everything.
It's a politico-technological arms race. They make some law, we make technology that subverts it. Due to technology, they must continuously increase their own tyranny in order to enjoy the same level of control they had before. The end result is either an uncontrollable population or a totalitarian state. We're heading towards the latter. I was hoping the government's limits would be discovered along the way, some set of basic principles it'd refrain from violating in its quest for control, thereby reaching the fabled "the ideal amount of crime is non-zero" state. Turns out governments know no limits.
The other side of this coin is that, disgusting horrific pedophiles, terrorists and drug smugglers also have access to this stuff too.
I'm not in support of this bill, I'm just saying whenever I read these arguments, it's almost like you're entirely discounting the challenge the very tech your praising incurs for law enforcement and society.
For me the paradox is simple, one the one hand people want everything to be "open and transparent" including their computers, but those same people often want the ability to completely hide everything in cryptography. Which one is it? If you were for openness and transparency in it's entirety, why wouldn't you by default be against cryptography ? This paradox is where the rubber hits the road on legislation like this and likely why the average Joe Smith doesn't really care about the cause. Because realistically, it all sounds suspicious. To a law abiding citizen, if you have nothing to hide, you have nothing to fear.
There is no paradox. The optimal amount of crime is non-zero. You must tolerate some crime in order to keep your humanity and dignity. Orwellian dystopias with omniscient surveillance can reduce crime to zero but you wouldn't want to live in one.
This is just something people need to accept no matter how angry they get about it. If they don't, they will be manipulated through their fears into trading away their freedom for a false sense of security.
What about when a group of individuals forms an institution that's self serving and harmful to other citizens, and they're able to do a lot of this under the guise of "privacy"?
All operations as a public institution should be transparent. We fund them through taxes, we have a right to know what is going on.
I don't know what you are getting at with "self serving and harmful to other citizens"? Like a private institution? a company? Of course private companies are self-serving. All of them could be described as perpetrating some subjective and nebulous "harm". There are already transparency requirements for businesses, and they are subject to warrants. To the extent that they are public institutions (monopolies, publicity-traded companies), there are increasing demands for transparency and vice-versa.
Individuals have a right to privacy and protection from undue search, regardless of scare quotes employed, unless they are living on a prison island such britan.
The institutions you're talking about are under attack by online propaganda and smear campaigns by countries that want to see them taken down. Open online speech is important but it's also been hijacked to do a lot of harm.
Personally I think we're cooked but I can understand why some people are trying to take action and destroy online anonymity. Ideally we'd just live in a world where people can run their own mail server and people would leave it a lone, but we don't.
Maintaining the status quo means western democracy is fucked. There is no anti-dote to propaganda and lies being spread through social media. Maybe getting rid of online anonymity would help but I understand why people don't want a digital ID either.
If what they did is never revealed to someone else, what is the problem here? It is not like we have no way to hide stuff without cryptography, and people are not advocating for police to search every apartment once in a while to look for illegal stuff.
Authorities cannot tap into your brain, cannot tap into physical face-to-face conversations, and people can plan out crimes using these means. It is not like there is no way to hide stuff before the born of modern cryptography.
And who want everything to be open and transparent? I am not aware of anyone who wants this.
The US was tested for tyranny during Covid, election interference, and BLM burning down cities. You sat at home, utterly impotent. You're gonna stop VPN bans? Please.
This post shouldn't have been dead. It's right. There's an American meme that sidearms create freedom. When has that actually been true in practice in the past 100 years?
For HNers who just automatically flag anything right wing and want left wing examples instead, right now leftists are outraged by deportations. And a tiny number have tried to assassinate ICE agents using sniper rifles, indeed. But it's making no difference, not even when they're protected by corrupt local prosecutors and juries. They have even accidentally shot migrants instead of ICE.
Where's the evidence that an armed population can resist tyranny, however you define it? Whether it's COVID or ICE, there's been no meaningful armed resistance.
The reason the US seems to be less totalitarian is purely because the constitution and the culture that supports it stops Congress from passing the same kind of restrictive speech laws the rest of the world has. If it weren't for the Constitution the Democrats would have already passed lots of speech laws under Obama and Biden, then used them to harass and illegalize the Republicans to maintain a majority. For example they'd have banned Trump's campaign on the basis that it encouraged "hate" against immigrants, and then they'd have forced big tech to do what Europe is now trying already, to strip all anonymity from the internet so they can harass random individual voters who disagree with government policy online, Germany style.
What protects America isn't guns, it's respect for the voting thresholds in the constitution and a right-leaning SCOTUS.
In the end, effectiveness is irrelevant. Basic human dignity requires that you always have the option to resist.
> Where's the evidence that an armed population can resist tyranny, however you define it?
Drug gangs in latin america.
In my country, drug traffickers have become so organized they have established control over a quarter of Brazil's continental territory. They have armies, laws, tribunals, even taxes. They have essentially pulled off a stealthy unannounced secession. It's theorized that they control politicians, judges.
All thanks to the fact they were willing to arm themselves and die in order to achieve their own ends. The rest of the brazilians constantly prove unwilling to do either, and as a result they are dominated by the people with guns. Police state, military dictatorship, drug gangs, makes no difference.
Give it time. The natural end state is that all computing devices available to the general public are dumb framebuffers that are only capable of displaying a UI running in the cloud. No more privacy for anything; even if the cloud OS lets you run Linux in a VM, everything you do will be visible and constantly monitored for suspicious activity.
They just won't stop. We needed to have laws in place to prevent digital IDs being continuously pushed on people because the powers that be want total control of all information.
It's happening in the US now under the guise of AI data centers for consumers but I suspect it will be instead used to surveillance everyone who doesn't agree with the fascist government. This is Larry Ellison's public vision but Musk and Thiel also play a role.
The modern societies run via those devices and the enforcement will move to the mostly free Internet that was "a long time ago, when it didn't matter as much".
Apple tried to do it in a way where nobody would see your personal data until they had multiple confirmed matches against known CSAM - and even then a human would check the results before involving any law enforcement.
But the internet had one of their Misunderstanding Olympics and now we're here again - with an even shittier solution, being formed into actual law.
It's already the law in Brazil that online services and "terminal operating systems" must perform age verification in a secure, auditable manner. This presumably includes smartphones and computers, meaning you can't just run an arbitrary Linux distro in Brazil anymore. I expect similar laws to pass in at least a few U.S. states by 2030—places like Texas, Mississippi, Louisiana, maybe Florida...
When I say "the future is signed, verified code from bootloader to application level" I mean it will likely be backed up by force of law. No one complains about the mandatory safety features various governments require cars to come equipped with. The voices of a handful of nerds will go unheard when the law starts insisting computers come equipped with safety features also.
While that's really terrifying about Brazil, is it actually enforced? I can't really imagine there being a "Linux Police" kicking down the door of a hooded teenager and prying the Ubuntu DVD from his clammy hands.
I mean this is the country of favelas where even the police don't dare to enter.
No, but Brazil can (and did) exercise strict import controls over what kind of electronics can get into the country. For the longest time the only game consoles you could legitimately get in Brazil came from Sega through special arrangement with Brazilian manufacturer TecToy—in particular, the Master System and Mega Drive. When the market finally did open up, import consoles were subject to stiff tariffs. Piracy was rampant. That's why the Brazilian gaming market is... weird to this day, and until recently was generally avoided by major manufacturers creating openings for also-rans like the Zeebo.
So while police arresting a kid for having an Ubuntu DVD is unlikely, the Brazilian government twisting the arm of PC manufacturers to prevent the installation of any but approved operating systems on hardware sold to the Brazilian market is highly plausible. Since this already aligns with Microsoft's eventual goals, Microsoft and the PC manufacturers will just hasten the rollout of Palladium 2.0 and nothing will stop it.
Wow thanks, I didn't know any of that. It feels alien to me and yeah I'm sure that MS wants this to happen. Now that windows has only become an advertising vehicle for their cloud services, Linux is a way for customers to avoid that tax.
Law never had anything to do with reason, but this is one more law that mandates an unreachable goal. This will trigger an untold amount of brain-rotten despotism.
They're probably thrilled with themselves because everything will have to be closed, locked down platforms and devices.
IMO the solution to child safety is education with strong user controls. Hell, just delete the social media apps from existence if the other option is dystopian control of our communications.
This is a clearly terrible idea. It's clear to us, at least, not to them. As is on the public record, there are three proponents behind this amendment. They and their contact details are:
LORD NASH [Tory, contactholmember@parliament.uk]
BARONESS CASS [Crossbench / 'independent', rivisn@parliament.uk ("staff")]
BARONESS BENJAMIN [Liberal Democrat - which particularly disappoints me – benjaminf@parliament.uk]
If you're reading this website and are either living in the UK or are a British citizen I strongly urge you to write a personalised and above all polite email stating with evidence why they are misguided. The "think of the children" brigade is strong – you may well be able to persuade these individuals why it is a bad idea.
Oh. Cass. She was given the peerage for constructing the Cass Review, an extremely one sided anti trans "review" of the science around puberty blockers. I suspect she's against VPNs and in favor of total information control of children because of trans panic.
Indeed. My understanding of modern powerstation gas turbines is that they all basically run _at_ the Carnot efficiency eta = (1-T_cold / T_hot) and that rather than chasing marginal gains in how close to that theoretical limit you actually are the biggest differentiators are on maintenance intervals and reliability, which collectively have quite a large effect on eta...
This all sounds like a wonderful way to write some truly annoying malware. I expect to see hidden mounts on SQL-escape-type-maliciously-named drives soon...
I understand your point; but I'm struggling to see how this could be weaponized. Keep in mind, that these Dos compatible drive letters need to map to a real NT path endpoint (e.g. a drive/volume); so it isn't clear how the malware could both have a difficult to scan Dos tree while also not exposing that same area elsewhere for trivial scanning.
Not sure if it is natively supported, but the malware can just decrypt a disk image to RAM and create a RAM disk mounted to +. Or it can maybe have a user space driver for a loop device, so the sectors of the drive are only decrypted on the fly.
It would likely break a lot of analysis tools and just generally make things very difficult.
They're still actively used to apply the Mark of the Web to indicate a file has been downloaded from an untrusted zone and should be handled with caution. I believe macOS also applies similar metadata.
There are a few other places where they also show up, but the MotW is the most prevalent one I've found. Most antivirus programs will warn you for unusual alternate data streams regardless of what they contain.
I thought this article would be about freezing rights on either Godstow meadow or Christ Church meadow; both places where you can expect to see both horses and cows and places where it is not surprising to learn of medieval rules pertaining to the keeping of such...
Indeed. Martin's a great name in the field -- the thing that has actually made most clinical proton MRI substantially better over the last twenty years has been parallel imaging (acquiring the magnetic resonance signal from different spatially separated devices known as RF coils) and associated reconstruction techniques such as compressed sensing.
Given the fact that macrocyclic gadolinium complexes accumulate in the brain and the linear ones dechelate I think very few companies are pursuing new agents. I've done some work with different ions (like Dy, which has Curie paramagnetism) but a lot of focus in the field is trying to find alternatives to gad and reduce its use. There are plenty of great ways of getting more info out of a machine that spans quantum mechanics to medicine, from the established but now actually useful and routine (like advanced diffusion models) to the sort of utterly mad techniques I work on... [0]
Advanced diffusion certainly benefited from the acquisition speed ups. That is its biggest challenge in my opinion preventing it from wider clinical adoption. It takes too long to get enough images for the models. Hyperpolarized MR will run into issue of lack of expertise in clinical imaging centers. There is already a shortage of good techs and MR companies are working to further automate the workflows. Unless there is a major benefit of the advanced techniques, people will stick to the bread and butter FSE and DWI.
Funnily enough there's a different Martin (Martin Plenio) pushing the boundaries of MRI resolution using quantum effects (molecular hyperpolarization).
Also cool, but it does not push the boundaries of MRI resolution. They try to bring a hyperpolarizer to market for a ¹³C-Pyruvate contrast agent, but it seems their hyperpolarizer is not yet certified. In any case, this will give metabolic information at low resolution so competes with PET.
I sold an old Ultra45 from my lab on eBay rather than letting the university people scrap it.
It went for the equivalent of $2000 (which I later donated to a charity) and attracted quite a bidding war. Apparently at least one major airport (I won't say where or in which bit of the world) used one to control its landing light system and were, through a weird network of contractors, looking to buy more hardware for redundancy...
I have also put an IndyO2 SGI machine on eBay that similarly found a repurposed fate. We are now finally at the point where the machines I held on to as a teenager much to my mum's chagrin are now becoming highly valuable again!
Yup, the most desirable RISC systems are in the four figure range these days. SGIs have a zealous collector community and a long tail of applications like simulators keeping up demand.
I for one take every consumer survey opportunity to spell out why these things are a bad idea, and routinely contact my elected member of parliament to ask about this - she's sympathetic. The other opportunity to rebel is just to be difficult. Route all your traffic always through an anonymising VPN with defence against traffic analysis. If someone geoip blocks you from making a purchase, reach out to their customer support and gently reeducate them. Spend money on open source things, personally and professionally, and never buy DRM. Advocate for e2ee (I work partly in medicine - this is an easy sell) and highlight how decentralisation and encryption puts power in the hands of practitioners rather than big tech giants. If a large corporation breaks eg gdpr rules, report them to the regulator. Be the change you want to see in the world.
I don't like the way it's going either, but the array of technical solutions from mesh networks like zero tier and tailscale to briar, i2p and freenet right the way through to technologies such as wush, v2ray and x-ray, tor or daita all give me some hope that there will be a technological out for a long while yet. The social issues are best served socially though.
"The “CSAM requirement” is that any relevant device supplied for use in the UK must have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device."
"Regulations under subsection (1) must enable the Secretary of State, by further regulations, to expand the definition of ‘relevant devices’ to include other categories of device which may be used to record, transmit or view CSAM"
Apple, what did you start?
[1] https://bills.parliament.uk/publications/63901/documents/746...
reply