Notice the "Knowledge Graph" feature that lets you "Visualize hidden connections between People, Orgs, and Places" just like the cork board meme.
This is the essence of what good "conspiracy theorists" do. Whenever investigative journalists uncover a conspiracy among the elite, they are talked down to and dismissed as "conspiracy theorists". But that is what good conspiracy theorists are: investigative journalists.
For sure - "conspiracy theorists" are just another group of people trying to find truth, patterns in the world and trying to connect the dots.
The cork board feel was very much intentional in some of the visualizations.
Specifically, the "lie web" visualization that uses "red yarn" visuals to connect detected contradictions across different entities and documents.
If I had the skills, I would totally map that onto a cork board.
After recent attacks [1] on the site, it appears the site may be gone for good, as it appears down for several days. A major loss leaving the Internet with only a single archiving service remaining.
you missed the point. Zed develops and pioneers ACP (Agent Client Protocol), which I can also use in other editors and with other agents. at the moment, only Neovim is available as an alternative editor, but nothing stops, say, JetBrains from implementing it. I can plug Codex, Gemini, Claude Code, and Goose directly into my editor of choice.
You aren't the only one doing this in the discussion, but I need to point out: This person made an app for themselves on the device they use, with no ads or subscriptions. So no business model.
And you want them to make an app for you on your platform of choice? Please just think about this.
What is wrong with stating your preferences or requirements? It might result in someone making "better" choices and making more people happy. For example by using cross platform tools or building a web app, or releasing the sources (sounds in this case) so someone else can build something better.
I don't see anything wrong with someone suggesting similar apps on Android or being disappointed they can't use this because they don't use the same OS as the author.
Comments suggesting an iOS developer who made a free iOS app for his own use and then shared it should go and make them an Android app can only be described as entitled ###holes.
Why didn't the author use cross platform tools? They weren't making a cross platform app. They did not need those tools. It wouldn't be "better" if they did, it would be unrelated to the requirements the author had for the project.
> They weren't just making an app for themselves, because it is in the app store
"It’s something I built for myself first, but I figured others might find it useful too."
Let someone make things for the sake of it, and share that thing because they want to. Because it brings them joy. Without asking for more because you would make different choices. I urge you to self-reflect on what led you to the comments you are making.
Nobody is forcing anyone to make different choices.
This is a forum, where people discuss things and make suggestions.
If some suggestions rub you the wrong way, then maybe take some distance and don't try to take it as a personal attack. Because that is totally not the intention here.
> I don't get the resistance to a digital/national id in other countries. To us it is quite bizarre.
It depends on the country and its relationship with the people. If the people trust that their government represents the people's interests, there is little push-back. In countries where citizens have reason to believe their government is hijacked by interests that do not have their best interests at heart, then every move is viewed with suspicion.
In this case people are tying Digital ID to CBDCs and social credit systems, which is a reasonable thing to do, given this is exactly how China uses them to enforce 15-minute cities with checkpoints between them. All citizens conversations are tracked, their movements are restricted as well [1], and their ability to purchase goods & services are tightly regulated based on their behavior via the social credit system. This is the world that people who are pushing back against this are trying to avoid.
Wow, crazy seeing the "15 minute city" conspiracy theory on HN! For those who haven't seen it, the idea of 15 minute cities is that a lot of people think it would be great to structure development of cities with the ideal of a person being able to access most of the services they want to (workplaces, schools, supermarkets, doctors) within 15 minutes (whether walking, cycling, using public transit etc.) of where they live. It's basically a target for how easily you should be able to access services without needing to travel far, and a push-back of massive suburbs zoned solely as single-family housing that force you to drive a long way to get to anything.
The more conspiratorial among us have baselessly decided the idea of "hey it would be great to build schools and things near where people live" must actually be a globalist plot to restrict people's movement to within 15 minutes of their home. It's wild!
If you are going to mock conspiracy theorists can you at least articulate the conspiracy theory correctly.
People are worried that it would be made difficult for you to travel outside 15 minute city via a combination of mandated digital payment system for all transactions that are tied to you identity and removal of personal vehicles (e.g. cars).
e.g. Person A is allowed by authorities to buy a train ticket, while Person B is not due to <arbitrary criteria>.
I've been told this has been done in China to stop people travelling to protests, but I don't actually know if that is true.
Do I think this is the intention behind 15 minute cities? No. I do however think that what they are describing is possible since I've had problems making transactions electronically for legal purchases because my transaction was flagged by the bank for being fraudulent.
Also in the UK the bank can refuse to give you your money.
I have also had a problem before with a transaction being inaccurately flagged as fraudulent. This could either be because an anti-fraud algorithm isn’t perfect 100% of the time, or it could be the result of a vast government conspiracy to limit my travel.
I have my doubts that China, which has many of the densest cities in the world, would get much mileage (pun intended) out of restricting travel to try to quell protests. They have tons of cities that each have millions of residents. If the CPC manages to piss off a significant fraction of the populace to the point where they’re interested in marching down the street demanding regime change, there will be enough of them in those cities that no amount of travel restrictions is going to matter.
Arguably much more important would be that I don’t think most people in China own any significant weapons, and we’ve seen decades ago how shy that government isn’t about just running people over with tanks until protests dissipate.
> I have also had a problem before with a transaction being inaccurately flagged as fraudulent. This could either be because an anti-fraud algorithm isn’t perfect 100% of the time, or it could be the result of a vast government conspiracy to limit my travel.
I never said it was part of a government conspiracy. What I am saying is that your ability to transact freely is infringed by opaque mechanisms.
If that is added with digital only payments which is tied to your gov id, it isn't difficult to imagine a scenario where your ability to transact freely be taken away to stop you from travelling for political reasons.
I admit you have a fair point here. I'm a political independent but started out left-wing. It's hard for me to accept the reality that a government that starts out well-meaning definitely can tilt toward totalitarianism, and that the lack of good chokepoints on the citizens (such as this hypothetical ability to control payments) may well be a key prevention mechanism. I think the left wing in the US likes to frame suspicion of those kinds of things as silly preparations for a future that won't happen, and the right frames roadblocks to government power as being in place to make that bad future harder to bring about.
> It's hard for me to accept the reality that a government that starts out well-meaning definitely can tilt toward totalitarianism, and that the lack of good chokepoints on the citizens (such as this hypothetical ability to control payments) may well be a key prevention mechanism
You are making the assumption that any politician or government is "well meaning" or started out as such. I am in the UK and I look at the politicians and the state apparatus with absolute contempt.
I suggest you listen to some of Dominic Cummings interviews about his experience with Whitehall (UK) during COVID. There was one situation that he described which really stood out to me. There was particular situation early in the pandemic where the NHS was going to run out of a key medical supplies in about 2 weeks and as a result thousands could die. These supplies were shipped from China and it took about 3/4 weeks (I forget the exact time frame).
For some reason it was written into law that they had to be shipped. He had the Prime Minister sign a legal waiver so they could be air-lifted, explained this to key officials in Whitehall. Everyone agreed what needed to be done and then nothing happened for 3 days. These people had to be threatened with losing their jobs and their pensions otherwise they wouldn't do their job, they fully understood the consequences of not doing the job (thousands of people might die) and still did nothing. It is an apathy of evil.
This behaviour is commonplace in ossified organisations unfortunately and I wasn't surprised one iota when I heard this.
As for mechanisms that reduce state power as prevent totalitarianism. No one thing will prevent it. It would be a combination of things.
It is similar to how running Linux (or any alternative OS) won't by itself stop the strangle hold of large tech players over most of the tech/online space. It will at least help you reduce your dependence on these large companies. Combine that with self hosting and/or using alternatives at least you can be somewhat free from the worst of it.
> I think the left wing in the US likes to frame suspicion of those kinds of things as silly preparations for a future that won't happen, and the right frames roadblocks to government power as being in place to make that bad future harder to bring about.
Silly partisan politics is going to have both sides pretending that the other side doesn't have any merit in their positions. I would just ignore the noise and actually read the facts about things and draw your own conclusions.
I believe that most of the politics you see is really theatre. It keeps people squabbling over things that are ultimately unimportant.
It’s not a social credit system because it doesn’t weight your social involvement in the society (political party, school credentials, race) but rather payment history, amount of debt, types of credit
Not at all. It is simply a score based on your ability to manage credit, it is scored differently based on the company making the assessment.
In reality that means "have you paid off what you owe in the manner that was agreed" and does the person have any red flags e.g. County Court Judgements against their name or residence.
There are people I know that manage it properly and those that don't. It has nothing to do with wealth or class.
It doesn’t inherently have to do with wealth and class, however, all of these things are so tightly correlated that it loses barely any fidelity and just saves you a little bit of time to assume that someone with an 815 credit score is law-abiding, upper-middle or high social class, and has a medium to high net worth, and that somebody with a 550 credit score is at least one of the following: poor, criminal history, and a low social class.
None of this should be that surprising: it’s hard to make all of your debt payment payments on time if you’re either broke or in jail.
No having a high credit score has nothing do with your wealth or social class. I have worked in this industry briefly. It looks at your ability to manage credit, and whether you have any flags.
e.g. I had a 995 credit score on Experian back in the late 2000s. The highest was 999. I earned £18,000 at the time, and was in my mid-20s and didn't really own anything at the time. I did have a credit card at the time where I made the payments, and I lived at a household which had no debt, and I was on the electoral roll.
That is why when you are making larger purchases they do a "means test" e.g. see if you earn enough to pay a mortgage.
Your case is a great example of why credit scores are not reliable indicators. You were living on the ropes then. One job loss and you probably have very little saved and will be forced to incur debt and and start defaulting on payments potentially. You were very much the risky bet. And yet, you were able to game the system to look like a reliable bet.
Gaming the system like you were able to do in order to improve your credit score is very much correlated to financial literacy which is correlated to socioeconomic class which is correlated to race. This is how we arrive at credit scores being race and class indicators, but not bound by laws that prohibit using race and class as indicators.
Your comment is a great example of "If you assume, it makes an ass out of u and me".
Everything about this reply is completely incorrect.
> Your case is a great example of why credit scores are not reliable indicators. You were living on the ropes then. One job loss and you probably have very little saved and will be forced to incur debt and and start defaulting on payments potentially. You were very much the risky bet. And yet, you were able to game the system to look like a reliable bet.
So you made a bunch of assumptions about my personal circumstances. Let me correct you:
- I didn't "Game the system". I had absolutely no idea at the time such a thing as a credit score existed. I cannot game a system when I have no idea that it exists. The only reason I checked is that other people at work were checking theirs and I did so sheerly out of curiosity. Many years later I happened to work a contract where they wrote software that did the credit checks.
- I was not "living on the ropes". I lived within my means.
- I had 2-3 months of savings. My strategy for saving this money was to save it on payday. So I forgot I had the money and couldn't spend it. I do exactly the same thing now.
- The debt I had on my credit card was paid off in full monthly. I only used it for online purchases (many online sites didn't take debit cards still).
> Gaming the system like you were able to do in order to improve your credit score is very much correlated to financial literacy which is correlated to socioeconomic class which is correlated to race.
Again I did not game the system. I was completely financially illiterate at the time. My only financial literacy, I had at time was that I shouldn't spend all my money after payday and I shouldn't spend more money than I had. I found that out in the first month of living on my own. My family actually earn a lot less than I do now.
None of this has anything to do with race. From reading your comments replying to me and your posting history, I am pretty sure you are from the US. You are applying your US centric view of the world onto the UK. The UK is not the US.
> This is how we arrive at credit scores being race and class indicators, but not bound by laws that prohibit using race and class as indicators.
What you are trying to do is to erroneously shoehorn in your brand of US politics into a discussion about the UK. As a result of this you have got everything about my personal circumstances (at the time) and the circumstances of family and wider community completely incorrect, in an attempt to score some political points (it obvious btw from the language you are using).
I suggest in future you shouldn't make assumptions.
Because there is already a barrier to prevent that. Defaulting on the home loan or not paying rent and facing eviction. Having a barrier based on past behavior is stupid. "Past performance is no guarantee of future results." Funny how that works for investment banks to cover their ass but they can't see how it might also apply to individuals.
I realize that you responded to a specific statement, not necessarily the entire context of the thread. However:
Saying that a person’s credit score is entirely due to their own financial decisions is incorrect because it’s overly simplistic, that’s true, although the main factor is that person’s behavior (whether that behavior is their fault or not is a different story). It can also depend on circumstances specific to the person but not directly related to their own actions (e.g. their credit provider revises credit limits across the board due to external factors, so their credit utilization changes too, without them having used any more or less of it).
In addition, and what you’re alluding to, is that these models are continuously revised. A set of behaviors and circumstances that lead to a higher score in one economic environment may not do the same in another.
Credit scores as implemented in for instance the US are not a direct reflection of a person’s moral character or intended as a reward for good behavior. They’re uncaring algorithms optimized solely for determining how risky it is to lend you money, so that financial institutions can more accurately spread that risk across their customers and maximize their profits. This also enables credit providers to give out more credit overall, based on less biased criteria (not unbiased, because models are never perfect and financial circumstances can be proxies for other attributes).
One can feel however one wants about whether this system is good or not. But it’s definitely different in kind to ”social credit” systems like the one China has implemented, which directly takes into account far more non-financial factors and determines far more non-financial outcomes, effectively exerting much more control over many facets of people’s lives.
> although the main factor is that person’s behavior (whether that behavior is their fault or not is a different story).
This is the whole crux of the situation so buying it in a disclaimer misses the point.
Every lender and background investigator I’ve ever interacted with have treated credit score as a social credit marker, but sure, your mileage might vary.
> They’re uncaring algorithms optimized solely for determining how risky it is to lend you money, so that financial institutions can more accurately spread that risk across their customers and maximize their profits.
This is a fallacy; algorithms are “uncaring” in an anthropomorphic sense, yes, they lack a psychological capacity to care, but their designers are very much not, as you admit in the very next sentence.
> But it’s definitely different in kind to ”social credit” systems like the one China has implemented, which directly takes into account far more non-financial factors and determines far more non-financial outcomes, effectively exerting much more control over many facets of people’s lives.
We entirely disagree on this point. Probably because we have different definitions of “non-financial factors” and “non-financial outcomes.”
> This is the whole crux of the situation so buying it in a disclaimer misses the point.
It maybe doesn’t adress the point you’re interested in, but it doesn’t miss the point I was making, that the goals and mechanisms revolves around how well a person manages credit. For the credit provider everything else is secondary or irrelevant, including whether it’s because you’ve made poor decisions or external factors have screwed you over.
> Every lender and background investigator I’ve ever interacted with have treated credit score as a social credit marker, but sure, your mileage might vary.
This is probably the crux of why we’re not on the same page, because I don’t understand what this means. I’m genuinely asking, what do you mean when you say that they treated it as a social credit score marker? What business did you have with them (or they with you) that didn’t involve whether or not to extend credit? What does the term “social credit score marker” mean to you?
> This is a fallacy; algorithms are “uncaring” in an anthropomorphic sense, yes, they lack a psychological capacity to care, but their designers are very much not, as you admit in the very next sentence.
I don’t see how you explain that it’s a fallacy, and I don’t think it is, but I concede that it’s a confusing word choice - I should probably have just omitted the word “uncaring”. My point was once again that their sole goal is determining the risk of extending a person credit - whether that would be a nice or moral thing to do or not doesn’t factor into it.
> We entirely disagree on this point. Probably because we have different definitions of “non-financial factors” and “non-financial outcomes.”
I assume here that you mean that people’s financial status, including their access to credit, determines a lot of aspects of their lives, too (correct me if I’m wrong). I don’t think any reasonable person disagrees with that. I do however think that you underestimate how constraining it can be when additional variables are factored in to more directly control what you are and aren’t allowed to do, and how.
UK credit score system don't even have "nationality" in it so not discriminating non-citizens that much. Neither it hold any ID card or passport numbers.
Yeah there is electoral roll, but you can still access credit without being on it and afaik all residents of scotland are on it since even non citizens can vote in local election.
And unlike US there not even a "score" number since lenders only get records but not some magical number. Whatever credit agencies sell you as credit score is just random number they come up with and it's not being used by lenders btw.
Seems like a red-herring. Does a government need a digital ID to do that? Many do that with the "free market" of publicly-tradable information + pre-existing government IDs already used for certain things. I don't know for sure how much the UK government is purchasing all that, but there's a lot of cameras and tech tracking in the country already, like those of us across the pond also are watched with.
It won't reverse surveillance states but fraud is also a huge problem that deserves addressing.
Yes, governments do need a centralized common identity if they intend to build something like a social credit system. Those without adequate experience dealing with the US system, for instance, may assume that the government already has your info and thus such a system is redundant. However, this is simply not the case. US government systems are a hodgepodge of different systems built by different vendors, over different computing eras, many of which lack a primary key relationship with something like your social security number (the current “default” identifier). Many are plagued with duplicate records, data problems, and other issues that prevent easy correlation of records without human verification. Talk to some people in the IRS or Social Security and you’ll quickly get a sense of how many problems this can create! Maybe it’s improved since I last talked to people about it, but I doubt it.
A central ID enforced on all systems by statute would significantly reduce the barrier to creating “airtight” oppressive systems. While the inefficiencies in the US system have a cost, certainly preventing the implementation of more efficient social benefit programs, they also provide a barrier against more efficient social repression. Given the political animosity present in the country right now, it’s probably good that we don’t have the ability to create a turnkey totalitarian system. Things are bad enough as is!
More generally, in nations where the population feels suspicion towards their politicians and bureaucrats, the people may prefer to leave inefficiencies baked into the system in order to hamper potential oppression. Those social tensions and trust deficits should be resolved before proceeding with any ambitious central ID schemes.
US government systems are a hodgepodge of different systems built by different vendors, over different computing eras, many of which lack a primary key relationship with something like your social security number (the current “default” identifier).
This is a feature, not a bug.
Even though we're only at the very beginning of the various U.S. systems being merged, we're already seeing it being abused.
(One example: States using license plate reader data to prosecute women for getting abortions in other jurisdictions.)
Honestly with things like abortion, where there are sincerely held beliefs with good points on both sides of it, I think it would be less work for literally everyone to truly leave it to the states and everybody just moves to the nearest or most convenient state that aligns with their values. I’m so sick of this one issue being a perennial divisive force. Both sides have a point. Go live wherever you agree with the policies. And if the blue states want to operate abortion clinics for runaway teens from red states that’s fine, then they can also build dorms for them and pay for them to stay there. Red states can do the opposite and build state-sponsored birthing centers and pay for childcare for the runaway teens from blue states whose parents want to force them to terminate.
Please read comments in full before replying to them:
> US government systems are a hodgepodge of different systems built by different vendors, over different computing eras, many of which lack a primary key relationship with something like your social security number (the current “default” identifier). Many are plagued with duplicate records, data problems, and other issues that prevent easy correlation of records without human verification.
Please understand that supposedly poor data quality is not a defence against an authoritarian country wanting to implement a social credit system.
Some national ID system won't make such ambitions significantly easier, but lack of such a system causes exactly the issues you quoted.
So is this hypothetical social credit system in the hands of an incompetent government worth it all? Over identity theft and the multi-billion industry around it?
And yet authoritarian countries without such central ID have historically had to use other less targeted methods of oppression, which creates pushback and dissent within the population, leading to either the downfall of the government or intensive reforms. The threat of a “clean” system of oppression is that it will only catch actual dissidents, without sweeping in innocents. This could freeze out any chance of effective opposition.
The most effective 20th century totalitarian states, such as the East German DDR, issued ID numbers to its citizens, along with ID cards that citizens were required to carry at all times. This greatly helped the security services coordinate the oppression of suspected radicals, but without modern computer systems it relied too heavily on human efforts. It eventually faced its limits against rising dissent and it could not prevent the downfall of the government. A computerized Stasi would be much more terrifying.
One can look around the US today to see why this lack of ID may be a good thing. Immigration officials are facing serious roadblocks in rounding up and processing suspected undocumented immigrants, and mistakes in this process are creating widespread pushback. Protestors who take steps to mask their identity are not easily identified, apprehended, and prosecuted, which has led the administration to overreach in their reaction to dissent. And the lack of a unified system of oppression means that even targets of the state can often find ways to continue living in between the cracks, and they are not totally frozen out. In many ways it’s not a great system, certainly far from perfect, but the many flaws serve an important purpose in the face of systemic oppression. Inefficiency is an escape hatch.
If you live in a high trust society, you may not get it. The mutual animosity in the US is such that we have government officials talking about “national divorce” and otherwise average people joking about political murder. I know the UK is not quite as bad off, but I understand that it is quickly moving in that direction. That’s no time to introduce new potential mechanisms of oppression.
> One can look around the US today to see why this lack of ID may be a good thing.
You have an identity though. You use other things as an ID in the end. Often shoehorned into fulfilling that task and mostly very cumbersome.
That's why it can be stolen, that's why "identity theft" is a multi-billion dollar thing. Thats why you keep your SSNs and I guess also CC#s rather tightly guarded.
> Protestors who take steps to mask their identity are not easily identified, apprehended, and prosecuted, which has led the administration to overreach in their reaction to dissent.
There's nothing about an electronic ID that would make this different from now. It makes no practical difference for oppression. If you don't have an SSN then other things about you are unique enough for identifying you. I'd say that's why it's even vaguely tolerated anyways.
> Inefficiency is an escape hatch.
I rather think it lulls you into a false sense of safety. Inefficiency in existing "numbering systems" can be overcome with resources. You truly do not lack an ID system, a number, computerization nor identity that could protect you.
A lack of one number is not really protection against any of that.
> You have an identity though. You use other things as an ID in the end. Often shoehorned into fulfilling that task and mostly very cumbersome.
My exact point, glad we agree. Very cumbersome indeed, and not centralized enough to use for turnkey totalitarianism. (Slow, plodding, inefficient totalitarianism, sure. But see my above post for why that isn’t as much of an existential threat.)
> There's nothing about an electronic ID that would make this different from now. It makes no practical difference for oppression. If you don't have an SSN then other things about you are unique enough for identifying you. I'd say that's why it's even vaguely tolerated anyways.
False. Electronic ID provides the means to tie together multiple systems that must currently be matched manually, with frequent false positives/negatives. It creates the means to quickly build a system that could “switch off” a person’s ability to function in society, and improves the ability of security services to pool data about individuals from disparate sources with a high level of confidence.
Nothing prevents oppression of individuals today, true. It’s a question of scale and accuracy. What we need to defend against is a system where oppression can be quickly, efficiently, and accurately targeted towards large groups. That’s the essence of turnkey totalitarianism. It can’t be built without a centralized ID system that’s applied consistently across other key systems. Current systems do not do this.
Myths about the US system:
* Every citizen has an SSN
* Every citizen uses the same name when dealing with different agencies and private businesses
* A person’s SSN always remains the same
* Citizens don’t register different addresses when dealing with different agencies and private businesses
* Government agencies use SSN as a primary key
* Agencies and businesses have a centralized, highly accurate way to determine who is deceased
* All citizens have a REAL ID license/ID
* All citizens have a license/ID
I hope this gives you a sense of how the US approaches ID. It’s extremely messy. Yes this enables things like identity fraud, guarding against this is part of the cost of our safeguards against totalitarianism. A price I’m willing to pay, given the behavior of our political establishment and the recent attitude of my fellow citizens.
> Electronic ID provides the means to tie together multiple systems that must currently be matched manually, with frequent false positives/negatives.
I don't think a totalitarian government cares much about false positives though.
> It creates the means to quickly build a system that could “switch off” a person’s ability to function in society, and improves the ability of security services to pool data about individuals from disparate sources with a high level of confidence.
I also don't think that bunch of different places to turn off someone's ability to participate in a society is a meaningful difference in practice. Even if it takes slightly longer or has false positives like you describe, it still achieves the totalitarian goal.
> A price I’m willing to pay, given the behavior of our political establishment and the recent attitude of my fellow citizens.
I unfortunately struggle to see the results of this sacrifice to be honest.
This reply tells me you haven’t read or understood my post above. Historically, inefficient totalitarianism is self-defeating, as its oppressive acts create constant friction and sweep up innocent bystanders, creating resentment among the population. This eventually builds to an explosive release.
Technologically modernized totalitarianism may be able to implement large-scale oppressive policies without affecting most of the population. In fact the average person may see a net benefit! This would create a more stable society despite the significantly lower level of freedom and self-determination. We may be witnessing the development of this sort of system in China, for example. The average person benefits, but a segment of the population faces brutal oppression with no recourse and must simply submit. (Contrast with the US, where people who face repression can sometimes start over by going dark and moving across the country.)
I read it and I think I understood it. But I disagree on the premise. I don't find that inefficiency is needed, protective or preventative.
I find it more likely that a totalitarian system that doesn't tolerate wrong-think will inherently start accumulating inefficiencies among other things. Which can then end up with the collapse of such a regime.
Building a technologically modernized authoritarian state might increase stability for a while, but not thinking is simply not competitive long-term. Unless you achieve total world domination, I guess.
Then I suppose I’m just less willing to risk tyranny through removing potential barriers. The best protection against a massive, complex system being wielded by evildoers is to never build the system properly in the first place.
While they may be able to gain power initially, would-be totalitarians will likely be fighting off multiple threats while they consolidate power. The more they have to manage and spend, the less likely they will be to succeed at their aims. You could argue that the DOGE debacle is the most recent and obvious example of this. All indications are that the project failed, and it occupied quite a lot of energy and effort during the critical transitional period of the administration.
> Yes, governments do need a centralized common identity if they intend to build something like a social credit system. Those without adequate experience dealing with the US system, for instance, may assume that the government already has your info and thus such a system is redundant. However, this is simply not the case. US government systems are a hodgepodge of different systems built by different vendors, over different computing eras, many of which lack a primary key relationship with something like your social security number (the current “default” identifier). Many are plagued with duplicate records, data problems, and other issues that prevent easy correlation of records without human verification. Talk to some people in the IRS or Social Security and you’ll quickly get a sense of how many problems this can create! Maybe it’s improved since I last talked to people about it, but I doubt it.
IMO this is another non-sequitor.
Let's say you had a digital ID in the form of a smart card for your SSN with a USB connection that was required to be plugged in when you auth'd to a government website to file your taxes. No new number would be required for a digital ID card in the US. Tax return fraud to get people's refund sent to someone else, though? Probably down! Does everyone have an SSN? Who cares, let's improve things for the vast-majority case where we have an extremely insecure little piece of paper.
That smart card doesn't magically reconcile and rationalize the sprawling hodgepodge of government systems.
Or, let's go the other way: not having a digital ID card does not prevent the government from rationalizing and tying all those systems together.
You might look back to the recent past when the executive branch sending employees to all those disparate agencies to grab that data and make changes to those systems! They didn't need a new digital ID to do that, and they wouldn't need a new digital ID to improve the use of SSN-as-PK-for-cross-system-joins.
Being more rigorous about tracking the existing numbers already assigned to you does not require smarter, cryptographically-sound, identification tokens. And those tokens do not require the government improve their processes for connecting things *after the "give us your SSN for identification" of their various separate web-based services (or the non-government entities that also use those SSNs) that people love to abuse for fraud.
Nor does any of this make it easier or harder for the government to take "absence of evidence of identity or citizenship" as "evidence of absence of identity or citizenship" - if you fit the non-citizen profile, the burden's already on you to prove it, and what makes you so sure that the courts wouldn't happily let this or a future administration expand the boundaries for "we picked you up because we were suspicious, now YOU have to prove who you are if you ever want to get out" regardless of if a digital ID card exists?
Slightly off-topic: how many people are maintaining GrapheneOS? Suppose Daniel Micay suddenly disappeared from planet earth - is there someone who has the knowledge, access and keys to continue immediately?
And get yourself drowning in insurmountable technical debt in about two months.
JS ecosystems moves at an extremely fast pace and if you don't upgrade packages (semi) daily you might inflict a lot of pain on you once a certain count of packages start to contain incompatible version dependencies. It sucks a lot, I know.
Updating packages daily (!) is insane to me as someone from the other end of the programming spectrum (embedded C). Is this really the recommended practice?
It is insane to me as a C programmer as well. It is something I got used to as a frontend js developer.
It so recommend to stay on top of the dependencies and for different stacks this means different update schedule. For some, daily is indeed a good choice.
Even if there is a new version every day, not every release is born equal. Wouldn't updating while developing to "stay on top of dependencies" only be necessary on a major version? Surely there is not a major version per day. I mean otherwise you would use a library, that constantly imposes work on you and it would probably make more sense to write the library yourself. Minor versions and bugfixes can be incorporated when you do your release.
All I want to say is that it's truly cheaper to upgrade and test daily in the world or javascript. Seriously, it breaks rarely and you can immediately spot what exactly failed and fix it right away.
Upgrading after a month will take some serious time.
It really isn't, and I've never seen anyone do that. In every project I've worked on in the past decade, dependencies were only occasionally bumped in the context of some maintenance task or migration.
It varies but there are a lot of tools built around the idea of rapid updates so things like APIs can change quickly throughout a far more fragmented ecosystem. I suspect that we’re going to see a lot of places back off of that a bit to have something like monthly update cycles where there’s more time for scanning and review while still expecting people to upgrade more frequently than used to be common.
> Then you probably have over a dozen CVEs in your code.
We continuously monitor our dependencies for CVEs and update them if necessary. Most of the time the CVEs that are reported are not relevant / worth updating for.
In this case it would not have prevented anything, but I never claimed that it would. Using Deno with appropriate sandboxing flags can protect developers against many classes of supply-chain attacks.
The reason it doesn't help in this instance is because the attack targets the generated bundle and runs on client devices, whereas other attacks will target developer machines themselves (and possibly also client devices). Those types of attacks can be mitigated by using Deno.
Notice the "Knowledge Graph" feature that lets you "Visualize hidden connections between People, Orgs, and Places" just like the cork board meme.
This is the essence of what good "conspiracy theorists" do. Whenever investigative journalists uncover a conspiracy among the elite, they are talked down to and dismissed as "conspiracy theorists". But that is what good conspiracy theorists are: investigative journalists.