386
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Aug 2023
386 points (97.8% liked)
Technology
59562 readers
1773 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
It sounds like those same "spying features" — e.g. examining server logs — would also be useful as *counter-*spying features, to verify that TikTok is not being used as a weapon by the genocidal regime currently in power in China.
Given that the genocidal regime has engaged in illegal harassment, assault, and espionage against people of Chinese ethnicity residing in the US, Canada, and other nations, that seems like a pretty good idea, really! The US government has a legitimate interest in protecting its citizens of Chinese descent from lawless abuse by a foreign power.
See also: Patriot Act
When has sacrificing our rights to privacy because of fear of an enemy been a problem? No way the government would use that to gain new powers and spy on everyone
Oh fuck off. They wanted it to spy on their own citizens and those of its allied nations. They wanted the same backdoor google, Facebook, Microsoft and all our telecom companies give them.
I've seen a lot of bad takes but this takes the cake. There isn't anything virtuous about mass spy programs and no way was any actual chinese data even on the table.
None of those companies give "backdoor access". All information has to be obtained legally via a warrant. Why do you think they're all throwing E2E encryption in their apps? Nobody wants to work with the government here, it's bad for business.
I suggest you read all about FISA courts.
They issue court orders which companies cannot divulge they're under and those things are often not limited to surveillance of specific individuals in the course of investigating a crime but are often mass surveillance orders.
This is how the NSA had servers directly in some US phone providers feeding directly from their core systems.
All this was brought out as part of the Snowden revelations, so you should know better than parrot the description of what has been a fantasy version of how the Law works in the US since 9/11 and the Patriot Act.
Still today it's a core rule for companies anywhere in the World which have trade secrets that might be of benefit to US companies to not use any systems hosted or owned by US companies (or, in fact, UK ones, were such laws are even worse) exactly because said US companies can silently be complied BY LAW to give the local spy agencies access to that data.
This isn't "backdoor access" being given by definition, as FISA courts still require legal warrants even though they're secret.
Not trying to argue the sketchyness of the US government though, I mostly agree with everything you've said, but the distinction is the context of the conversation. TikTok is still required to comply to FISA requests if they want to operate in the US, no additional access to user data is given by those American tech companies, or at least we have no reason to think that yet.
The IT Security definition of a "backdoor" is: something that provides open access to the data without the knowledge or control of the owners of the data - who are typically the users.
There's nothing about the legality or not of it or the company that makes the software being aware of it, which is why sometimes you get news about how a software maker having bing discovered to have a "backdoor" in their software and many of the ways the Chinese Government forces companies to provide access to user data, whilst being 100% legal (just like the US) are described as "backdoors".
From the point of view of IT Security specialists a technique having been endorsed by members-of-parliament/senators/congressmen/governments/presidents/monarchs/whatever or not is relevant for the naming of that technique - if it provides open access by a 3rd party to user data without user knowledge or control it's a "backdoor" and using it is "backdoor access".
So it's funny (sad funny rather than "ha ha" funny) how in (mainly American) newsmedia stuff which is 100% legal in China is described as a "backdoor" but the exact same techniques when 100% legal in the US are not describe as "backdoors" whilst technically being exactly that: honest and unbiased news would deem both backdoors or not depending on their characteristics (i.e. are they means of open access to user data without the knowledge of the owners of the data). It's clear the technical term is being misused due to it's association in the minds of people who aren't domain experts with "bad thing".
Normal warrants issued by a normal Court usually aren't considered "backdoor access" not because of their legality but because they're limited and executed by the people inside the company that received the warrants in a case-by-case basis (i.e. they fail the "open access" criteria), but the kind of warrants issue under FISA definitelly was open and forced the companies to provide open access: that's exactly the problem and that along with the absence of Probable Cause is why many consider it to go outside Rule Of Law.
It's unclear if FISA warrants have been used or not to force companies to provide what are (per the technical definition) "backdoors" in actual software implementations, but as we know thanks to Snowden they certainly did force some companies to provide NSA with free realtime access to their systems, and having a NSA server getting copies of any user communications passing through a mobile phone provider is technically "backdoor access" to their systems.
In summary, Engineering doesn't care about politics when naming technuques and beware that legality isn't the same as morality: all the shit that China does is just as as legal as all the shit the US does - after all, the people who make the laws are the one who authorized it.
Personally that was exactly the scary part in the Snowden revelations: the US plus a bunch of other supposedly democratic nations where doing exactly what dictatorships did, by changing the Law to make it legal and then deploying intrusive society-wide surveillance.
We can disagree about the definition of "backdoor access" all day, but you're still glossing over the context of the conversation, which is that the American tech listed above does not provide additional access to data that Chinese tech isn't also forced to comply to.
This is exactly what you wrote:
I pointed out that legality is not part of the definition of "backdoor access", so the second part of your statement does not at all not support the first part so your entire argument in that post is unsupported.
I don't even disagree that "American tech listed above does not provide additional access to data that Chinese tech isn’t also forced to comply to" - sadly, the limits on the subversion of American tech for surveillance seems to be only technical (as Snowden's revelations abundantly showed, the Law is not the limiting factor for surveillance in the US), so American tech probably provides the exact same level of additional access to data as Chinese tech and should be treated with the same distrust.
However I merelly responde to that very specific, very assured statement you made, which is simply wrong in technical terms.
Yes, but enough about the US regime.
and Iraq had WMDs, right? right?
It amazes me how you keep believing the lies of the US government.
Are you denying the Uighur genocide?
Are you denying that 30 years of invasions and bombings in the Middle East is anything less?
Genocide denial is illegal in many countries, just so ya know.
Maybe one day it will be illegal to deny the crimes comitted by American murderers.
If you're looking for an American genocide, the Middle East is the wrong place to look. You want the Native Americans.
"Genocide" means something, and "stupid fucking idiotic war" isn't it.
It's not illegal to discuss the crimes of the US government in the US. It is illegal to discuss the crimes of the China government in China, by the way.
"It's not that bad because it wasn't an actual genocide. we already have genocide under our belt."
geez. how many war criminals were put to justice during that "stupid fucking idiotic war"?
discussing does fuck all when you have laws to prevent any justice being served for the crimes you commit abroad and sanction the people investigating it.
https://www.hrw.org/news/2002/08/03/us-hague-invasion-act-becomes-law
https://www.hrw.org/news/2020/12/14/us-sanctions-international-criminal-court
and Fuck CCP too. There aren't just tankies and yankies on the internet. We can be critical of both of you.
then why the hell is the ukraiine conflict called a genocide so often?
Genocide is a specific thing. It's not the same as "unjust war" or "lots of killing". It's the attempted elimination of a people; a culture, language, religion, etc.
Not every war is genocidal; and some genocides are not wars (because they're internal to a state — e.g. the China regime's ongoing genocide of the Uighurs is not a war).
Some of the conduct in the Ukraine invasion has been genocidal, e.g. abducting Ukrainian children to Russia to be raised as Russians, for the purpose of eliminating Ukrainian culture, language, and identity. This is the sort of thing that e.g. the United States and Canada sometimes did as part of genocidal conduct towards the Native American / First Nations populations.
Some of the rhetoric of the Putin regime has been genocidal; e.g. saying that Ukraine is not a real country and that Ukrainians are just bad Russians.
When the US and allies invaded Iraq, the goal wasn't to destroy the Iraqi people; it was to replace the Saddam government. The rationale for getting rid of Saddam was false, predicated on war crimes that Saddam wasn't actually committing — it was an unjust war.
But it wasn't genocidal. That doesn't make it good, or acceptable, or nice. It makes it not genocide; just as if you were to punch me in the nose, that would be a crime, but it would not be the specific crime of burglary.
Again: "Genocide" is a specific charge. It's not just a word for "really bad behavior" or "evil war".
And what has that discussion produced? Has the American murderers stopped killing people? They let you discuss, because nothing will come out of it. You have no influence to change policy.
I mean, you certainly don't have any control of the China government, which is still actively murdering and raping people in Xinjiang in an ongoing concerted effort to eradicate a whole ethnic group. Why do you bother denying the ongoing genocide?
Have I said anything good about the Chinese government or said that they are not doing evil? You are inventing fantasies in your head.
All I am saying is that whatever the Americans accuse China of, they themselves are guilty of the same (or worse).