site banner
PaperclipPerfector  6mo ago (text post)   24831 thread views

Culture War Roundup for the week of May 6, 2024

This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.

Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.

We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:

  • Shaming.

  • Attempting to 'build consensus' or enforce ideological conformity.

  • Making sweeping generalizations to vilify a group you dislike.

  • Recruiting for a cause.

  • Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.

In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:

  • Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.

  • Be as precise and charitable as you can. Don't paraphrase unflatteringly.

  • Don't imply that someone said something they did not say, even if you think it follows from what they said.

  • Write like everyone is reading and you want them to be included in the discussion.

On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.

6
Top Bottom Old Controversial Comments
Jump in the discussion.

No email address required.

I am not sure that government providing long detailed lists of how to do security is going to help anyone.

My solution would be to simply make vendors liable for damages caused by security flaws of their devices, up to say 10 times the sticker price. Or impose a fine per vulnerable unit per day. An authentication bypass for a cloud-enabled webcam might cost 10% per day it is known for an exploit which allows recording if the fact that the camera is recording is visible from an LED, or 30% if the camera-on LED can be bypassed.

In Germany, the BSI is a federal agency tasked with enhancing computer security (except for when they are tasked with breaking computer security). The gist I get from German IT blogger fefe is that most of their security recommendations serve more to cover the backside of the company than actually prevent incidents. 'We were running two different anti-virus programs plus a Cisco Firewall, and our Windows+ActiveDirectory network was still compromised by ransomware. This simply shows the immense criminal energy of our attackers, we are the victims here!"

Again, laws should not try to specify the process, they should specify the outcomes. In this case, minimizing the time a device is exploitable.

Ensure software integrity

In practice, this will mean Tivotization. Personally, I am following the philosophy of "if you did not install the operating system, it is not your device". Owning a mobile phone is a lot of hassle. First you pick a vendor which supports OEM unlocks at all, then you find out that their dreadful unlocking process does not actually work, send the phone back, order a phone from a different vendor, request the unlock code, wait a week and finally unlock it. Give me a PC with a legacy boot option or a RasPi any day instead.

On the other hand, if it is no longer possible to sell Rasbian in the UK, I will consider that a win. "Let us just put a default user+password usable via fucking ssh on the image, YOLO" is so far from any responsible security mindset that I can hardly fathom it.

My solution would be to simply make vendors liable for damages caused by security flaws of their devices, up to say 10 times the sticker price.

I suspect 1x the sticker price would be more than sufficient if it happened reliably.

In Germany, the BSI is a federal agency tasked with enhancing computer security (except for when they are tasked with breaking computer security).

This sounds like the role NIST plays in the US. But those are also contractually enforced on companies doing business with the government.

What is this place?

This website is a place for people who want to move past shady thinking and test their ideas in a court of people who don't all share the same biases. Our goal is to optimize for light, not heat; this is a group effort, and all commentators are asked to do their part.

The weekly Culture War threads host the most controversial topics and are the most visible aspect of The Motte. However, many other topics are appropriate here. We encourage people to post anything related to science, politics, or philosophy; if in doubt, post!

Check out The Vault for an archive of old quality posts. You are encouraged to crosspost these elsewhere.


Why are you called The Motte?

A motte is a stone keep on a raised earthwork common in early medieval fortifications. More pertinently, it's an element in a rhetorical move called a "Motte-and-Bailey", originally identified by philosopher Nicholas Shackel. It describes the tendency in discourse for people to move from a controversial but high value claim to a defensible but less exciting one upon any resistance to the former. He likens this to the medieval fortification, where a desirable land (the bailey) is abandoned when in danger for the more easily defended motte. In Shackel's words, "The Motte represents the defensible but undesired propositions to which one retreats when hard pressed."

On The Motte, always attempt to remain inside your defensible territory, even if you are not being pressed.


New post guidelines

If you're posting something that isn't related to the culture war, we encourage you to post a thread for it. A submission statement is highly appreciated, but isn't necessary for text posts or links to largely-text posts such as blogs or news articles; if we're unsure of the value of your post, we might remove it until you add a submission statement. A submission statement is required for non-text sources (videos, podcasts, images).

Culture war posts go in the culture war thread; all links must either include a submission statement or significant commentary. Bare links without those will be removed.

If in doubt, please post it!


Rules


Recommended Posts And Communities

Recommended Realtime Chats