Docker is not a sandbox. In fact, it is less secure than other containerisation systems. Docker has never been designed for security or sold as a security system.
I don't run with resist fingerprinting, the problem persists even if I am on a fresh firefox install with no addons and try to log into my google account.
I enable all that stuff and the number of ReCaptchas, while annoying is probably on like 30% of the sites I visit. And most of them I can live without.
It already exists, Its called ad nauseam. Its an adblocker that opens every ad in the background. Google has banned it from the chrome store so that says something.
This may be true but the end game for governments is to have facial recognition everywhere. They start at the airport because "it doesn't matter, you are already giving your info out" and then we become OK with the idea so they start rolling it out for public transport and "it doesn't matter, you already do this every time you fly"
It seems to me that the only way to resist is to take a very hard rejection of facial recognition entirely in any situation.
> It seems to me that the only way to resist is to take a very hard rejection of facial recognition entirely in any situation.
Realistically the only way to resist is to develop an informed, engaged populace. There's a huge gulf between "facial recognition for crossing international borders" and "facial recognition for getting on the subway" - the former is obviously beneficial and the latter is obviously a massive overreach.
The idea that one will inevitably follow the other is only really plausible because of the public's apathy, and it leads to situations where we throw the baby out with the bathwater.
I would argue against the first being obviously beneficial. The downsides of having such a system in place in my opinion outweighs any current or foreseeable benefit. One step further, I have yet to hear of a scenario where facial recognition would be a positive application. In my opinion the complete rejection is the right approach when it comes to facial recognition. Being able to automatically identify a person without them noticing or being able to prevent the identification in the future is in its very core dystopian. Its an application to end privacy, no different to the old scifi idea of getting a remotely readable identification chip implanted at birth. With the difference of the hypothetical chance to remove your scifi chip surgically. With facial identification the only realistic option is plastic surgery. We were lucky for a while that the technology wasnt ready yet, but it is getting more and more practical to utilize.
Its unfortunate that the idea of privacy is in such a downhill spiral, but the much more daunting question is, if privacy can so easily be abandoned, how will other stuff, like freedom of thought be treated in the future? What happens if technological development of surveillance could catch up some day? We are currently living in a society where no matter how horrific the methods, there are some who will find justifications to utilize them on other people. If the charges are heinous enough, human rights go out of the window. You only have to think of torture and look as far as Guantanamo. Differently put, in a society that preserves samples of eradicated plagues for possible future military uses and has no quarrels of threatening to torture the kids of enemy combatants, the research into and work on offensive capabilities with disastrous capabilities, like I would argue facial recognition is, is morally reprehensible.
I believe "facial recognition for crossing an international border" is an obvious benefit because, look, the world is not all sunshine and daisies and it's important that we're able to validate that a person going from one country to another is who they say they are.
You seem to be operating under the core assumption that because we as a society allow facial recognition in that situation it will inevitably expand to others, and that's exactly the point I was trying to make in the first place. If an educated and well-informed populace says "no, we will not allow this technology to be used outside of these specific circumstances" and then enforces that position at the ballot box, there won't be a problem. Unfortunately most people just don't care, and no amount of technological backtracking will fix that.
In other words, don't worry about the tech; worry about the people that make the tech matter.
I understand your point about the responsibility of a democracy but I do worry about the tech, I would also be alarmed if someone developed a biological weapon to extinct humanity, even if the usage was controlled by a democratic mechanism. Just dont develop such dangerous technologies with no positive use case. Dangerous being the combination of efficiency and scale-ability.
The argument also assumes that we will continue have democratic systems and the population not voting for such systems to be implemented. The reality is what ever means and information we currently entrust to governments later versions will also have access to. Not to mention the export of these technologies to "friendly" dictatorships. Its the old problem of census data in the Netherlands. They had extremely detailed census data involving peoples religious beliefs before the Nazis invaded and with the data available the persecution of Jews was extremely efficient. The resistance targeted the locations of these datasets but it didnt work good enough.
I also dont see how international borders need anything more then fingerprints. They are also far more accurate and reliable. Facial recognition has the only added benefit of being usable without the effected people noticing. Thats not a positive characteristic.
To come back to the central argument, we do already have other means of identifying people and facial recognition only differs in a few core issues from existing mechanics. The core characteristics of facial recognition are
* No need for a cooperative, consenting subject
* Not alerting the subject being identified and no protection against being identified without noticing
* Unchangeable identification characteristic
We already have reliable easy to use systems for characteristic 1 and 3, fingerprints, and I see how there might be a need for such systems at specific locations. For example at a police station or border checkpoints.
Then we have facial recognition which is a lot less accurate and its only additional benefit is point 2. Point 2 however has no positive use cases, its a purely totalitarian instrument aimed at its scale-ability. For not only being used in specific places but everywhere. You cant even make the argument which makes nuclear weapons a worthwhile technology to have, the possible usage for war against a foreign aggressor. Facial recognition is only beneficial to keep a population suppressed.
>There's a huge gulf between "facial recognition for crossing international borders" and "facial recognition for getting on the subway" - the former is obviously beneficial and the latter is obviously a massive overreach.
The same was said about the TSA searching people boarding aircraft, but then that moved to people in train stations, greyhound stations etc. being searched. Overreach is commonplace.
In a society where people refuse to have food inspectors and some are being harmed by food poisoning, I think one could argue that there isn't something wrong with that level of action.
I think it's more like firearms. These devices can be and are used as weapons to hurt 3rd parties on the Internet. It's more like firearm owners leaving their weapons in front of their barely-sturdy windows. Then, folks needing weapons keep breaking the windows before firing them at others. The homeowners and homebuilders keep letting it happen.
So, vigilantees concerned about damage to innocent people keep breaking into the windows, stealing the guns, unloading them, and tossing them into landfills. I'd be like: "Stop putting your guns in front of the windows. Be a responsible gun owner." Enough broken windows and stolen guns might incentivize them to do that.
Soft-bricking is hardly comparable to burning something down. More like adding an extra lock and throwing away the key. Inconvenient, but not destructive.
Food safety inspectors have an official remit to do this that is enshrined in statues and local laws. You don't get to just decide for yourself you will shut down some restaurants on a freelance basis.
You'll find it in tons of large-scale (e.g. governmental) decisions at the very least. "is it worth more to prevent X than to deal with the fallout" is a decision that has to be made at some point, and human life / injury are part of that equation.
So, in a way, yes. I do. So do lots of people when they go to urgent care rather than the ER, knowing that the ER could bankrupt them, and they'd rather risk the delay. I don't have numbers off the top of my head, but I don't think it's as uncommon as you seem to think it is.
> you think people would support your cause of measuring everything in dollars and going around destroying their property because they're "just as dangerous as food poisoning"?
"People", in general, are dumb. Individuals, when explained, might actually support it, but I guess you'd have to start teaching the following in school:
If you want to compare things, you need to express them with the same unit. It so happens that there is universal unit already in use to compare everything to everything else - money. Which, internationally, means dollars. Moral caveats apply, but this is how you correctly compare arbitrary things when you lack a more suitable common unit.
> Like, seriously? If you went around and asked people whether their restaurants should be shut down for unsanitary practices, do you think you would get a response on the same planet as what you would get if you asked them about their IoT devices getting shut down? Come on.
Sure, why not.
Unsanitary practices: you weigh some people likely ending up in the hospital with food poisoning against shutting down a business employing a dozen or more people for unspecified amount of time, which may or may not have pretty bad secondary effects (e.g. waiters aren't exactly the kind of people who can afford asudden job loss).
IoT botnet: you weigh bricking a bunch of (at this point in time) non-essential trinkets, thus inconveniencing innocent consumers and making it worse for garbage companies who shouldn't be in business in the first place, vs. enabling moderate-probability inconveniencing events for thousands to millions of people, such as DDoSing random websites, and occasional low-probability high-impact event, such as Maersk getting pwnd and disrupting worldwide shipping.
Ultimately I'd expect the IoT scenario to be less important than food poisoning scenario when you tally up both sides of both choices - and accordingly, food poisoning is something governments worldwide are already dealing with. However, and circling back to tty2300's original comment, the pattern of thinking is pretty much the same here in both scenarios.
>You're comparing urgent care to ER to somehow argue people view both DDoS and food poisoning in dollars?
No. I'm responding to:
>You measure your health in dollars?
And apparently reading it with a different intent than it was written with.
---
>If you went around and asked people whether their restaurants should be shut down for unsanitary practices, do you think you would get a response on the same planet as what you would get if you asked them about their IoT devices getting shut down?
They should, yes. I don't really think they do though. Botnets cause them harm (they're often used to hide the source of hacks, which often target financial info, which does affect millions of people), but it's often further removed than food poisoning, so it's harder for them to identify the cause. They're also usually more attached to purchases of things that work for longer than a meal lasts.
People don't have visceral reactions to things in line with what they should rationally fear. I don't think anyone would debate that. I'm arguing DDoS (and everything else botnets are used for) are in that "does not get an appropriately strong reaction" category.
Most people have wildly inconsistent treatment of health risks and are largely reactionary. Not sure they are a good basis for determining what is ethical/moral actions.
Having a known security bug unpatched for longer than x days should be grounds for a warrenty refund. That should get companies moving when there is a real world cost for not dealing with security bugs.
