And this is rather an anemic take. The (proposed) UK VPN ban that was recently discussed here have a definition on what exactly is a "VPN" for the purposes of the ban (basically "VPNs generally advertised to normal consumers") but a lot simply shouted "ssh go brr" (and definitely did not read the proposed law). These "let's go techical" thinking never flies with the poeple who makes such legislation, and in (probably unpopular!) opinion we should talk to them in terms that they can understand. Yes, we don't want that law, but having a purist take would probably alienate regular people.
It doesn't really matter that a single person has found a loophole because many, many other people don't have such a luxury, and that's what the lawmakers are aiming for.
I have worked for fintech companies that mandate VPN use as a security measure.
It's going to be interesting when the majority of the UK accesses the internet via VPN because of the increasingly ridiculous hoops that the UK makes them go through, and the government tries to stop them while also allowing VPNs to be used by the tech sector.
I agree, these are two separate legal processes powered by the same technology. But the internet doesn't have any awareness of legality (thankfully) so we're stuck with only the technical meaning.
Are we to assume that the people at the EFF haven't heard of how European nations, like Denmark, are building government infrastructure to verify your age without disclosing sensitive information?
Are we also at assume that the EFF fail to see the similarity of age-gating porn websites and age-gating entrance to strip clubs?
That doesn't seem likely to me, and I find it way more likely that the EFF is purposefully excluding the best argument against their chosen position.
A lot of the proposals don't involve you sending your drivers license or "other information" to anyone. The site in question asks you to verify with a trusted third party (usually a government entity), and that trusted third party only provides then with the end result of the validation.
> which is what Google etc have been trying to do for years but this would just completely fast track that.
Excuse me? They have done that for years. There's nothing to "fast track" here. Big Tech already implemented surveillance.
How many of those proposals do not have a government-mandated app as a spider in the middle of the web, which is aware of all the apps and websites you try to visit which ask for validation?
> I can absolutely guarantee you that any teenager can easily get access to weed, cigarettes and alcohol
Is you argument then that we shouldn't age gate those things in reality either? Would you suggest that teenagers smoke and drink just as much as they would have had it been legal to sell to minors?
Laws don't just exist to stop you, they also exist to shape society. They exist as signals for what we deem appropriate behavior.
So we make meaningless laws that inconsistently enforced? What do you think happens when little Johnny is caught with weed in his car in a 95% White high income school district vs little Jerome in a 95% Black school district?
Also how much “shaping of society” do you expect to happen when you pass a law that no one respects?
How many kids do you think a law is going to stop from going to the porn sites that completely ignored the law?
How many kids say “I really want to smoke weed but it’s illegally so I won’t do it”?
My guy, this is making the opposite argument from what you think:
"On the illegal market, no one is checking IDs before selling marijuana. When and where cannabis is illegal, high schoolers often sell cannabis to their peers. In contrast, licensed cannabis stores have overwhelming compliance with age-gating."
It has indeed not increased the cannabis use of kids, but that would also still be illegal. That study is an argument that age gating works.
To make this more concrete: There are a lot of "legally sanctioned" government actions happening in the US right now that are pretty dubious. That includes digging up old laws and giving them spicy new interpretations that legal experts agree are an abuse of power and not in the intent of the original law.
Some of these are getting batted down by judges, so right now the category of "legal" is especially vague. That's why I phrased it like that.
But also, we see cops just straight up stalking people using government tools. So that's another reason to be concerned about "legal" government actions.
The states (or rather the national banks of said states) are usually the ones running the central clearing system. That's the place where all the different banks report their net change in relation to all the other banks, and settle that change on their account with the central bank.
Believe it or not, banks don't ferry around cash to each other. It's all just numbers in a computer.
In my opinion, this isn't a problem of AI. the people who get deceived by this are willing participants in the lie. When proven wrong, they will fall back to the echo chamber and rely on it to give them more false facts. They won't seek information outside of their own circle. They cannot be understood as merely passively misinformed. They are actively lying to themselves.
What you'll tend to notice with "willing participants" is that they're not looking for truth, they're looking for confirmation. No-one asks for proof when you tell them what they want to hear.
What you've identified here is a core part of what the banking sector calls the "risk based approach". Risk in that case is defined as the product of the chance of something happening and the impact of it happening. With this understanding we can make the same argument you're making, a little more clearly.
Cloudflare is really good at what they do, they employ good engineering talent, and they understand the problem. That lowers the chance of anything bad happening. On the other hand, they achieve that by unifying the infrastructure for a large part of the internet, raising the impact.
The website operator herself might be worse at implementing and maintaining the system, which would raise the chance of an outage. Conversely, it would also only affect her website, lowering the impact.
I don't think there's anything to dispute in that description. The discussion then is if cloudflares good engineering lowers the chance of an outage happening more than it raises the impact. In other words, the things we can disagree about is the scaling factors, the core of the argument seems reasonable to me.
After you've done that, why would these supposedly expert security researchers review random code in your package manager?
reply