Some large company will claim to invent a product that solves the problem. It will fail some of the time, but that doesn't matter as customers of the product will have someone to blame. No one will ever be actually held accountable for failures as some combination of lawsuits and "you're holding it wrong" will be sufficient to deflect liability from the large company. And anyway there's no real choice as all the other large companies who also have solutions in this area are equally as bad.
The problem is that crypto is hard. When something is hard, people tend to pay someone else to do it. It only takes that one party to commit a private key to a public GitHub for the whole house of cards to come crashing down.
HTTPS is not hard, it's not even expensive anymore. Nothing stops us from using the same X509 rails backed by the same government that issued your id or driving license (or corporate access card) to do the client certs too.
We even have hardware keys that are capable of that in most big corp techworkers pockets already.
When I say cryptography, I mean some means of end-to-end encryption (i.e, something which can't be faked or MITMed).
What is hard is getting this implemented in consumer apps in a way that user doesn't need to know nor fully understand it, but only understand it to a degree to differenciate unsafe channels from safe.
All major VOIP solutions are already cryptographically secured. In this case the attacker was not able to pull off anything akin to a caller ID impersonation, they made the call from an unknown number and tried to explain it away:
> The Vigna deepfaker began explaining that he was calling from a different mobile phone number because he needed to discuss something confidential
Chapgpt doesn't read shit, doesn't remember shit, and can't tell you shit. It will repeat a common string of words which would probably be "pgp is too hard to use".
Getting security right in a scenario where I'm not sure how to tell which commands are right is exactly the kind of situation I don't want hallucinations for.
pgp is well documented and while i won't die on the hill that it won't generate hallucinations giving you various pgp command lines, especially me esoteric ones, I sincerely doubt it would have problems with basic useage that's haven't memorized that's on various cheat sheets on the web.
hallucinations aren't a problem for well trod ground.
Just use Signal. It's not 1999 anymore. Public key has been productized all over. When it warns you that someone's identity has changed, that's the time to double check out of band, because under the hood the public key changed.
SSH is another example of something that productized the ideas in PGP but easy and straightforward (for typical Unix users at least)
For a universe where everyone can turn into everyone, it seems this is way underutilized. Like, every single secret gathering or non-public meeting would need to start with everyone verifying their identity. Especially when parties are persecuted.
To be fair, when you are meeting under a place that is protected by magic (Fidelius Charm?) to make sure that only people who know about the secret place can attend the meeting (and this information can only be shared by a single person, the secret keeper), it automatically validates that the people joining the meetings are authentic.
Except that time it didn't, which every character in those secret meetings should be aware of. (There's no point trying to defend the plot holes in Harry Potter: it's an entertaining story and important to many people, but well-written it is not.)
This was explained: The secret-keeper died, so everyone who knew the secret became the new secret-keepers. They brought the outsider with them accidentally, which was enough for the magic to be satisfied that the secret-keeper showed them the secret.
The other time it didn't (revealed in the third book) should be enough for them to at least have their guards up.
Though, given the events of the fourth book, every participant in the war must be incompetent at warcraft – which we do see in subsequent books. You could argue it's consistent with the characters being incredibly complex (traumatised veterans, ego-fuelled tunnel-vision, not actually caring about victory, etc)… but realistically they were written by a millionaire[1] with no experience of war, and are fairly one-dimensional characters.
>For a universe where everyone can turn into everyone, it seems this is way underutilized.
That's what you think the biggest issues is with the writing in Harry Potter, and not the underutilization of a time travelling deice they only hand out to a student so she can ... take extra classes?
Don't get me wrong, I loved the books as a child, but as a grown-up now, they haven't aged well at all when you start to realized all the massive plot holes and sloppy writing.
They could wave a wand and feed the world, instead they come up with a pseudo racial slur for the people without magic that they laugh about behind closed doors.
I did, but that was about 20 years ago, I don't remember much from then except bits and pieces which may or may not be accurate as they're mixed in with the residual images form the movies.
To possibly jump-start your memory, the books had a whole thing with Hermione trying to free the Hogwarts house-elves. It mostly happened in the background and they just talked about it, but it was during one of these parts we learn about the kitchen and how the food gets to the great hall.
that's because on book five? (sorry i haven't read harry potter in a long time) all the time turners get destroyed (actually, they get into a time loop)!
I assume the actual questions will relate to conversations had in private in reality. Anywhere from "where did we go on [date]" to "I asked you X question back then, what was your reponse?"
I don't think that's the case, but geez whatever "AI" (ironically) they used to translate the book title botched it and made a fucking weird title...
Google Translate changed it to "Decalogue of complexity. Act, learn and adapt in the incessant evolution of the world". Evolution is a much better word than "Becoming", but "Acting, Learning and Adapting" from their translation is better.
The thought had occurred to me about seven years ago that improvements in communications technologies ultimately undermine trust. I'd posted to my (now redditstrike'd, due to repeated trust violations by Reddit's leadership, irony noted) subreddit at the time. Archived copy:
It turns out that the inconvenience and costs of face-to-face and even physical written communications are both their bad and good characteristics. Yes, you incur costs, yes, they're inconvenient, but you can far more readily verify that someone is who they say they are, and increase any possible attackers' costs phenomenally.
The thought occurs that very limited communications / interactions channels may be an increasingly valuable trust feature in future, though the current pitfall of such approaches is that you're very often interacting with someone who's using the same (or very similar) insecure systems as you'd be using yourself directly.
The other possibility is that new protocols and institutions will emerge to help deal with the problem. One interpretation of the Axial Age[1] is that the emergence of writing and sprawling empires co-evolved social-alignment mechanisms, a combination of moral philosophy and religion, which enabled at least four cultures to deal with the emerging complexities and trust challenges, in persia, India, China, the Greco-Roman world, and the Levant. The religious and philosophical institutions which emerged emphasized trust, obedience, loyalty, and respect, and probably had much to do with the success of those societies. Keep in mind that the level of reliability needn't match what we generally expect today in high-trust cultures, only that there be a relative advantage to the contemporary immediate neighbours those empires engaged with.
It's also true that comms can interact positively to trust, or at least to validation and enforcement, though audits, registers, double-entry bookkeeping, monitoring, and surveillance. Though to my mind those replace social trust values with technological trust mechanisms. Which somewhat underlines my initial point.
> What was the title of the book Vigna had just recommended to him a few days earlier (it was Decalogue of Complexity: Acting, Learning and Adapting in the Incessant Becoming of the World by Alberto Felice De Toni)?
via auto translate, the 10 points are:
Complexity has always existed.
Complexity always increases.
There is a light side and a dark side of complexity.
The signature of complexity is the power law.
Complexity manifests itself according to models that can be reconstructed ex post.
There is the dilemma of complexity.
The complexity of the social world is the highest.
Complexity, paradoxes and metamorphoses: the hidden plot.
Autonomy and cooperation: the mix for navigating complexity.
Complex thought and simple action.
64 comments
[ 3.2 ms ] story [ 127 ms ] threadMaybe we will pivot back to in-person meetings for important transactions.
Some large company will claim to invent a product that solves the problem. It will fail some of the time, but that doesn't matter as customers of the product will have someone to blame. No one will ever be actually held accountable for failures as some combination of lawsuits and "you're holding it wrong" will be sufficient to deflect liability from the large company. And anyway there's no real choice as all the other large companies who also have solutions in this area are equally as bad.
There’s many hopes riding on decentralized options.
But verification is hard.
Which is why all information networks tend to concentrate in some form or the other - to reduce the effort needed to authenticate
We even have hardware keys that are capable of that in most big corp techworkers pockets already.
When an "emergency" happens, and the caller claims they're not able to use the regular channels of communication, how do you authenticate them?
What is hard is getting this implemented in consumer apps in a way that user doesn't need to know nor fully understand it, but only understand it to a degree to differenciate unsafe channels from safe.
> The Vigna deepfaker began explaining that he was calling from a different mobile phone number because he needed to discuss something confidential
Also, phones get stolen and people lose their phones. This is fundamentally a social problem. Technology can help but not solve it.
hallucinations aren't a problem for well trod ground.
SSH is another example of something that productized the ideas in PGP but easy and straightforward (for typical Unix users at least)
I'm sure there's others
"What creature sat in the corner the first time that Harry Potter visited my office at Hogwarts?"
Though, given the events of the fourth book, every participant in the war must be incompetent at warcraft – which we do see in subsequent books. You could argue it's consistent with the characters being incredibly complex (traumatised veterans, ego-fuelled tunnel-vision, not actually caring about victory, etc)… but realistically they were written by a millionaire[1] with no experience of war, and are fairly one-dimensional characters.
[1]: Sunday Mirror, Jul 9, 2000.
That's what you think the biggest issues is with the writing in Harry Potter, and not the underutilization of a time travelling deice they only hand out to a student so she can ... take extra classes?
Don't get me wrong, I loved the books as a child, but as a grown-up now, they haven't aged well at all when you start to realized all the massive plot holes and sloppy writing.
Read the books instead of assuming things. The books are very clear on the point that food cannot be magically created.
I did, but that was about 20 years ago, I don't remember much from then except bits and pieces which may or may not be accurate as they're mixed in with the residual images form the movies.
https://harrypotter.fandom.com/wiki/Time-Turner#1996
<https://bw.vern.cc/terminator/wiki/Max>
<https://yewtu.be/watch?v=uaWw5wuBPs4>
everyone's a spy now.
We’ve graduated to everyone being a scammer / impersonator / saboteur.
Google Translate changed it to "Decalogue of complexity. Act, learn and adapt in the incessant evolution of the world". Evolution is a much better word than "Becoming", but "Acting, Learning and Adapting" from their translation is better.
<https://web.archive.org/web/20230603101919/https://old.reddi...>
It turns out that the inconvenience and costs of face-to-face and even physical written communications are both their bad and good characteristics. Yes, you incur costs, yes, they're inconvenient, but you can far more readily verify that someone is who they say they are, and increase any possible attackers' costs phenomenally.
The thought occurs that very limited communications / interactions channels may be an increasingly valuable trust feature in future, though the current pitfall of such approaches is that you're very often interacting with someone who's using the same (or very similar) insecure systems as you'd be using yourself directly.
The other possibility is that new protocols and institutions will emerge to help deal with the problem. One interpretation of the Axial Age[1] is that the emergence of writing and sprawling empires co-evolved social-alignment mechanisms, a combination of moral philosophy and religion, which enabled at least four cultures to deal with the emerging complexities and trust challenges, in persia, India, China, the Greco-Roman world, and the Levant. The religious and philosophical institutions which emerged emphasized trust, obedience, loyalty, and respect, and probably had much to do with the success of those societies. Keep in mind that the level of reliability needn't match what we generally expect today in high-trust cultures, only that there be a relative advantage to the contemporary immediate neighbours those empires engaged with.
It's also true that comms can interact positively to trust, or at least to validation and enforcement, though audits, registers, double-entry bookkeeping, monitoring, and surveillance. Though to my mind those replace social trust values with technological trust mechanisms. Which somewhat underlines my initial point.
_______________________
Notes:
1. See: <https://en.wikipedia.org/wiki/Axial_Age>
You couldn't make it up.
via auto translate, the 10 points are: Complexity has always existed. Complexity always increases. There is a light side and a dark side of complexity. The signature of complexity is the power law. Complexity manifests itself according to models that can be reconstructed ex post. There is the dilemma of complexity. The complexity of the social world is the highest. Complexity, paradoxes and metamorphoses: the hidden plot. Autonomy and cooperation: the mix for navigating complexity. Complex thought and simple action.