this post was submitted on 10 Apr 2024
372 points (98.7% liked)

Technology

59574 readers
3360 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] HootinNHollerin@lemmy.world 32 points 7 months ago (2 children)

Why would anyone trust, want to use, and yet alone pay for Russian antivirus software

[–] sugar_in_your_tea@sh.itjust.works 9 points 7 months ago* (last edited 7 months ago) (1 children)

I'm not sure how that's relevant. People should be free to use whatever they want. I'm not interested in Russian software, but that doesn't mean banning it is okay. The same goes for Chinese software like TikTok (not touching that), Iranian software, or North Korean software, if that's even a thing. I don't care if literal Nazis made the software, people should be free to use what they want.

The only areas the government should get involved are:

  • government owned devices
  • public advisories
  • prosecution of crimes where the software is involved

The software I choose to use is not the government's business. If I violate a law, charge me with a crime, but don't preemptively ban stuff.

[–] Plastic_Ramses@lemmy.world 6 points 7 months ago (5 children)

What if said software is being used to manipulate national interests from a civilian level and its owned by an adverserial nation?

[–] Miaou@jlai.lu 7 points 7 months ago (1 children)

Can't wait for the EU to ban Facebook :(

[–] Kedly@lemm.ee 2 points 7 months ago

I mean, yeah? I'm down!

[–] sugar_in_your_tea@sh.itjust.works 0 points 7 months ago (2 children)

That's one of the costs of liberty. The government will need to find another way.

The barrier to banning something in the interests of national security must be much higher than "this could be used by our enemies." That's the entire basis for the War on a Terror, the Patriot Act, and the NSA spying on Americans, and I won't stand for it. It's also the same idea as banning books, that's just not how a free society works.

You combat misinformation through integrity and transparency, not bans.

[–] RidcullyTheBrown@lemmy.world 2 points 7 months ago (2 children)

That’s one of the costs of liberty. The government will need to find another way.

No, that’s not liberty. If the average user would have any way of detecting when software is doing nefarious thighs, then sure, you’d be right, but the average user can’t possibly know that software is misbehaving just like they couldn’t have possibly known that asbestos or lead was bad for them. Software is opaque. As long as it remains opaque, consumers are unsuspecting victims and need help.

[–] Kedly@lemm.ee 1 points 7 months ago (2 children)

Side tangent, but your oopsie of Nefarious Things to "Nefarious Thighs" fucking FLOORED me xD Wish I could detect nefarious thighs!

[–] RidcullyTheBrown@lemmy.world 2 points 7 months ago

Hah! I'm not changing it

[–] abrinael@lemmy.world 1 points 7 months ago

Sounds like a George Michael song to go along with Careless Whisper.

[–] sugar_in_your_tea@sh.itjust.works 1 points 7 months ago* (last edited 7 months ago) (2 children)

average user can't possibly know

Hence the information campaign to make people aware.

Look at cigarettes, they are harmful and therefore have a strong information campaign to inform the public. I highly doubt you'll find anyone today who isn't aware of the dangers of smoking, but just 100 years ago, it was considered classy and largely innocuous. The difference was a big information campaign to counter the tobacco lobby's attempts to spin smoking as somehow healthy.

The government's role should be to make opaque things transparent, not to bad things that could be harmful. At the same time, they can spy on other countries to get an idea of what types of control they can exert, which would help them better inform the public.

But at the end of the day, it's up to the individual what they choose to believe. Liberty is having the freedom to make poor choices, and to live with the consequences. The government's role should be to earn our trust, but they violate it at every opportunity in the name of "security" (NSA, TSA, etc). Yes, a lot of people will ignore it, and that's a part of having liberty.

[–] RidcullyTheBrown@lemmy.world 5 points 7 months ago* (last edited 7 months ago) (1 children)

Hence the information campaign to make people aware.

There are still those who think the lunar landing didn’t happen so this is not a valid option for something that might pose an immediate danger to society.

But at the end of the day, it’s up to the individual what they choose to believe. Liberty is having the freedom to make poor choices, and to live with the consequences.

Government backed malicious software is not just dangerous to the user, it’s a societal level threat. And unlike smoking, which is banned wherever it poses a danger to more than just the smoker, there isn’t a way to restrict usage in a way in which it only affects the user.

[–] sugar_in_your_tea@sh.itjust.works 2 points 7 months ago (1 children)

immediate danger to society

But what exactly is the definition of that?

For example, which of these meet that definition:

  • an antivirus that ignores viruses from the county of origin
  • a social media app that collects data from a device and sends it home
  • a social media app that likely promotes content with a specific political agenda the government doesn't like
  • an app that hides monetary transaction details, which is commonly used by terrorists and other criminals
  • a social media app that doesn't id users and allows criminals to use it to communicate

The first two are probably the initial targets, but a law enforcement agency could make a decent case for the rest. Where does it stop?

That's why I think we need a hard limit on government authority here. It's better for some bad stuff to propagate than for the scope of what's blocked to expand and effectively limit freedoms of speech, association, press, etc.

Government have a lot of tools at their disposal, I honestly don't think banning software needs to be one of them.

[–] RidcullyTheBrown@lemmy.world 1 points 7 months ago* (last edited 7 months ago) (1 children)

There is no way you of knowing what closed software does, especially software such as Kaspersky. Any piece of software can act as a backdoor for total control of all your devices and network. And when that software has the power of a state like Russia or China behind it, it can gain access to all sorts of secrets it shouldn’t have access to and can be used to corrupt people, compromise entire corporate level security systems and entire state level security systems.

Government have a lot of tools at their disposal, I honestly don’t think banning software needs to be one of them.

I really don’t understand why this is where you think the line should be drawn. Countries routinely decide to stop trading with various other countries for multiple reasons. For example, Russia is already under an embargo, why should software of all things be left free. Software is one of the least controllable goods that can be traded across borders.

effectively limit freedoms of speech, association, press, etc.

Since when do you have the freedom to associate with non-US citizens? Do you even understand what this is about!

[–] sugar_in_your_tea@sh.itjust.works 2 points 7 months ago (1 children)

There is no way you of knowing what closed software does

Sure, and that's why I very much prefer FOSS and avoid nonsense like Kaspersky. I also actively tell everyone I know to prefer FOSS.

Countries routinely decide to stop trading with various other countries for multiple reasons

I'm also against that, generally speaking. I think open trade promotes freedom and therefore democracy, and blocking trade just encourages more authoritarianism. I have yet to see a case where it actually impacts the leadership enough to matter, especially when it comes to larger countries like Russia.

Since when do you have the freedom to associate with non-US citizens?

Why wouldn't I? If they have the freedom to associate with me, I should have the freedom to associate with them.

[–] RidcullyTheBrown@lemmy.world 1 points 7 months ago (1 children)

Why wouldn’t I? If they have the freedom to associate with me, I should have the freedom to associate with them.

That’s a very very big “if” considering US’ foreign policy. An “if” that translates to you not actually having this freedom.

I very much prefer FOSS and avoid nonsense like Kaspersky. I also actively tell everyone I know to prefer FOSS.

How noble of you, but what do you suggest we do about people who aren’t reached by your words of wisdom?

[–] sugar_in_your_tea@sh.itjust.works 1 points 7 months ago (1 children)

An “if” that translates to you not actually having this freedom.

I'm not sure what your point is. Someone not having the freedom to associate with me doesn't limit my freedom of association. Someone else being locked away in jail doesn't mean I'm in jail just because I can't freely associate with them.

We should be pushing to remove barriers to association, not responding in kind. And yes, that includes changing our foreign policy.

what do you suggest

As I mentioned, the government should raise awareness around the issues of proprietary software, especially software originating from adversarial countries. Don't raise FUD, but instead fund research into these software products. Get researchers onto platforms where they can reach a wide audience, like late night talk shows, popular YouTube and similar channels, etc.

For individuals, promote and donate to organizations like Mozilla, the EFF, and Proton that push for open software and privacy. Use those services and recommend them to your friends and family.

If you ban something, you just get the Streisand effect and erode trust. If something is dangerous, the best strategy is to be completely transparent about why and provide information that can be independently verified.

[–] RidcullyTheBrown@lemmy.world 1 points 7 months ago (1 children)

Someone not having the freedom to associate with me doesn’t limit my freedom of association.

US visas & other things make it so that otherwise free people cannot do business in US or even enter the US. This means that, by definition, your state prevents you from associating with them.

the government should raise awareness around the issues of proprietary software

But this doesn't remove the threat at all. Look at tiktok, governments have been raising awareness about it and flagging it as a national security concern and yet the user count is growing.

There are things where raising awareness makes sense, e.g. alcohol consumption, smoking, etc. There are other cases where state intervention is required, e.g. working with asbestos, led, mercury, etc. Software falls in the latter category, because, like I said, it's not just a matter of personal choice. S

If you ban something, you just get the Streisand effect and erode trust.

I really doubt that banning Karspersky would have the effect of more people using Kaspersky. That's silly.

[–] sugar_in_your_tea@sh.itjust.works 1 points 7 months ago (1 children)

US visas & other things

I agree, and I'm absolutely in favor of dramatically relaxing our immigration policy. If I could snap my fingers, I'd double immigration quotas and guarantee visa renewal for anyone here legally who has not been convicted of a crime. I work with some wonderful immigrants, and I think we need more.

That said, my freedom of association isn't being limited with poor immigration policy, I can still collaborate with them online, share software with them, etc. The only limitation is physical proximity. That's an issue, but I don't see it as an abridgement of my freedom of association in at all the same way as banning software.

yet the user count is growing

Then the people have spoken. They prefer whatever that app provides over national security.

The government should step up the awareness campaign and find legitimate issues to substantiate the guidance to avoid it.

But I do not consent to the government banning any form of media.

Software falls in the latter category, because, like I said, it's not just a matter of personal choice

What's special about software? The defense here is proper security practices at all levels. The main risks are:

  • botnets - ISPs should shut that down
  • worms - proper security
  • identity theft - insurance and criminal prosecution

Honestly, if governments pressured computer vendors to properly sandbox applications, we'd have far fewer problems. That's where the awareness campaign would do wonders, naming and shaming when vendors cut corners on security.

I really doubt that banning Karspersky would have the effect of more people using Kaspersky.

Maybe not, I don't think people have a real sense of loyalty to their antivirus.

But I think it could totally be a thing for TikTok.

[–] RidcullyTheBrown@lemmy.world 1 points 7 months ago (1 children)

Then the people have spoken. They prefer whatever that app provides over national security.

You should read about the tyranny of majority.

[–] sugar_in_your_tea@sh.itjust.works 1 points 7 months ago (1 children)

I'm quite familiar with it.

But think of it this way. The majority is often poorly informed and will likely agree to some group making decisions on their behalf. That group is not necessarily subject to the will of the people and instead operates in its own bureaucracy where "security" is preferred over other priorities the people may have. Look at the TSA, they have been blinded by a pursuit of the appearance of security that they have gone well past the effective controls necessary to provide reasonable security to likely threats (e.g. bullet proof cockpit doors), and have failed to actually prevent things their tools are designed to detect.

The majority want safety, and a government agency wants to maintain relevance. Solving the problem by granting the government more power will devolve into the agency looking for more reasons to stay relevant and keep its funding. There's plenty of examples of that, so it's not an unfounded slippery slope argument.

So instead of the majority blindly handing over their responsibilities to a third party, we should instead teach the majority to avoid the worst of it. And then we can use the agencies we already have to gather information about potential threats and shut them down through other means (e.g. instead of banning potentially harmful apps, they could sue the app makers for actual damages).

[–] RidcullyTheBrown@lemmy.world 1 points 7 months ago (1 children)

through other means (e.g. instead of banning potentially harmful apps, they could sue the app makers for actual damages).

but that’s just the point, isn’t it? There are no means of obtaining compensation from an adversarial state or its companies and the damage caused might be irreparable. The discussion is not about countries that US has strong ties with. This is foreign policy. And just like your fundamental US granted rights are not guaranteed outside the US borders, nor should adversaries enjoy the same rights in the US. Since the country in question, Russia, makes no commitment to observing any US laws and since there is no way of coercing it or punishing it when it doesn’t, why should US citizens be exposed to this?

And by the way, I think there’s another piece of info that you’re missing. Software bans are not the same as other bans. Banning Kaspersky, for example, just means that the company cannot officially trade and advertise their products in the US. But there is no way of preventing users from using those products(unfortunately).

There are no means of obtaining compensation from an adversarial state or its companies

If they do business here, they are subject to our laws. TikTok, for example, does have an entity here, so they would be subject to our laws. I don't know about Kaspersky though.

why should US citizens be exposed to this?

Because they choose to. Restricting that is a restriction on US citizens' freedom of association.

Banning Kaspersky, for example, just means that the company cannot officially trade and advertise their products in the US

It goes further than that, it also restricts companies like Google and Apple from including them in their app stores. And for something like Apple, that effectively means users cannot install the app on their device because Apple does not allow other app stores.

I may reconsider if there were no practical limits on what users can do with their devices. Any restrictions should purely be on the companies offering the service, and it should never be illegal for me to use a given piece of software, even if it's on the government's "do not trade" list or whatever. What I do with that software may be illegal, but merely possessing and using it without violating other laws should never be illegal.

I also don't think it should be illegal for any app store to distribute and process payment for a given piece of software, though perhaps it could be illegal to promote it. Otherwise, that's a restriction on the freedom of the app store as well.

[–] KingThrillgore@lemmy.ml 1 points 7 months ago

The cost of liberty and freedom is eternal vigilance from those who want to harm us, and those who claim to protect us.

[–] 0xD@infosec.pub 0 points 7 months ago (1 children)

Banning software is not the same as banning books, lol. Books are passive ideas, software is active and can be used for espionage. You're creating a false equivalence here.

[–] sugar_in_your_tea@sh.itjust.works 2 points 7 months ago (1 children)

They're absolutely in the same category.

If the government can ban things in the name of "national security" based on little more than "it's potentially dangerous," what's stopping them from labeling any platform that doesn't censor information the way they want as "dangerous" and subject to bans?

The government doesn't get to choose what I run on my computers, nor do they get to choose what books I read, what movies I watch, etc.

[–] 0xD@infosec.pub 1 points 7 months ago (1 children)

Oh yeah, the fallacious slippery slope again. How creative and intellectual!

If there's anything it applies to, it's government overreach. Look at how the TSA expanded its violation of personal privacy in the name of "security," or how the NSA and FBI have expanded surveillance of individuals. Look at the militarization of police.

Once you let the government ban a handful of apps, it's going to use that new power more frequently. That's what bureaucrats do, when you give them a hammer, everything looks like a nail.

There are so many examples of government getting its foot in the door and steadily expanding its control. That's what it does.

[–] ATDA@lemmy.world -1 points 7 months ago

You do just as you did. Tell people and let them make up their minds. Posts like yours convinced me in the past and it will others in the future .

[–] Harbinger01173430@lemmy.world -1 points 7 months ago

I'd still use it if my friends and most of the people I know do