| ▲ | Aurornis 3 hours ago |
| > Back in the day hackernews had some fire and resistance. Most of the comments are fire and resistance, but they commonly take ragebait and run with the assumptions built-in to clickbait headlines. > Too many tech workers decided to rollover for the government and that's why we are in this mess now. I take it you've never worked at a company when law enforcement comes knocking for data? The internet tough guy fantasy where you boldly refuse to provide the data doesn't last very long when you realize that it just means you're going to be crushed by the law and they're getting the data anyway. |
|
| ▲ | thewebguyd 2 hours ago | parent | next [-] |
| > I take it you've never worked at a company when law enforcement comes knocking for data? The solution to that is to not have the data in the first place. You can't avoid the warrants for data if you collect it, so the next best thing is to not collect it in the first place. |
|
| ▲ | direwolf20 2 hours ago | parent | prev | next [-] |
| "Good" companies in the old days would ensure they don't have your data, so they don't have to give it to the police. |
| |
| ▲ | matheusmoreira 2 hours ago | parent [-] | | Plenty of companies would do that if they could. The problem is it has become illegal for them to do that now. KYC/AML laws form the financial arm of warrantless global mass surveillance. | | |
| ▲ | direwolf20 2 hours ago | parent [-] | | KYC/AML is luckily still confined to the financial sector. There's no law for operating system vendors to do KYC/AML. | | |
| ▲ | matheusmoreira an hour ago | parent | next [-] | | There is no law yet. Where I live, government passed a similar law to the UK's online identification law not too long ago. It creates obligations for operating system vendors to provide secure identity verification mechanisms. Can't just ask the user if they're over 18 and believe the answer. The goal is of course to censor social media platforms by "regulating" them under the guise of protecting children. In practice the law is meant for and will probably impact the mobile platforms, but if interpreted literally it essentially makes free computers illegal. The implication is that only corporation owned computers will be allowed to participate in computer networks because only they are "secure enough". People with their own Linux systems need not apply because if you own your machine you can easily bypass these idiotic verifications. | |
| ▲ | an hour ago | parent | prev [-] | | [deleted] |
|
|
|
|
| ▲ | morshu9001 21 minutes ago | parent | prev | next [-] |
| That's not the point. Microsoft shouldn't be silently taking your encryption key in the first place. The law doesn't compel them to do that. |
| |
| ▲ | smt88 12 minutes ago | parent [-] | | It's not silent. It tells you when you set up BitLocker and it also allows you to recover the drive. |
|
|
| ▲ | nemomarx 2 hours ago | parent | prev [-] |
| If you design it so you don't have access to the data, what can they do? I'm sure there's some cryptographic way to avoid Microsoft having direct access to the keys here. |
| |
| ▲ | t-3 2 hours ago | parent | next [-] | | If you design it so you don't have access to the data, how do you make money? Microsoft (and every other corporation) wants your data. They don't want to be a responsible custodian of your data, they want to sell it and use it for advertising and maintaining good relationships with governments around the world. | | |
| ▲ | NegativeK 21 minutes ago | parent [-] | | > If you design it so you don't have access to the data, how do you make money? The same way companies used to make money, before they started bulk harvesting of data and forcing ads into products that we're _already_ _paying_ _for_? I wish people would have integrity instead of squeezing out every little bit of profit from us they can. |
| |
| ▲ | caminante 2 hours ago | parent | prev [-] | | What are you talking about? > I'm sure there's some cryptographic way to avoid Microsoft having direct access to the keys here. FTA (3rd paragraph): don't default upload the keys to MSFT. >If you design it so you don't have access to the data, what can they do? You don't have access to your own data? If not, they can compel you to reveal testimony on who/what is the next step to accessing the data, and they chase that. |
|
