• 0 Posts
  • 44 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle





  • I have no doubt that China can and does buy data from data brokers. I think it’s unlikely, however that any of the major players are going to be willing to sell all their data on anyone- being able to target ads to individuals is their entire value proposition after all. On top of that, Facebook, Twitter, and Instagram have fallen pretty heavily out of favor with folks in their teens/early 20s (i.e. the demographic most ripe to be sources of bad OPSEC).

    But even assuming that an adversary could buy all the data they could possibly want, doing so could tip off anyone who cared to be watching about the sorts of data they’re interested in. This is generally not something you want as it can reveal your own strategic concerns/intentions.

    Having your own app that can collect whatever you want, where you can promote whatever information/view that you want is a pretty big advantage over buying data.

    If the argument is about privacy, I think banning tik tok is complete bullshit. If it’s about limiting intelligence gathering and influence campaigns, I think it makes more sense.


  • Yes and no. Without endorsing them, the arguments for banning Tik Tok are subtler than Chinese = security risk. The fears, however reasonable you may find them, are largely that it presents a danger of foreign information gathering of detailed behavioral/location/interest/social network information on a huge swath of the U.S. population which can be used either for intelligence purposes or targeted influence/psyops campaigns within the U.S. When you look at the history of how even relatively benign data from sources not controlled by foreign adversaries has been used for intelligence gathering, e.g. Strava runs disclosing the locations of classified military installations, these fears make a certain amount of sense.

    Temu, et al., on the other hand are shopping apps that don’t really lend themselves to influence campaigns in the same way (though, if they are sucking up data like all the other apps, I wouldn’t be surprised if folks in the U.S. security apparatus are concerned about those as well.

    Ultimately, I think the argument fails because it assumes an obligation for Congress to solve every tangentially related ill all at once where no such obligation exists.







  • Aside from driving being an activity that, in my opinion, will require something approaching AGI, there are other issues to consider. Self driving cars will be completely unable to make difficult decisions reliably. How, for example, do they deal with a robbery where you just have someone stand in front of the car to immobilize it and then have the folks inside the car at your mercy? I have to imagine that either you’re producing pedestrian murder machines or serving up passengers on a silver platter.




  • I’m a big fan of cheap (as in ~$10/yr vps) and reverse proxy over wireguard. My home ip isn’t exposed and I’m able to quickly spin new containers up by updating my reverse proxy config and adding a wireguard peer.

    I keep two VPSs- one as reverse proxy for all my miscellaneous services and another solely for email. The latter port forwards raw traffic over wireguard to my email server container. That way, even if the VPS gets compromised, my personal data remains secure.

    I end up paying ~ $30/yr (+ whatever I’m paying in electricity) for domain + VPS. It’s a bit more involved than tailscale, etc, but I’m willing to put in a little extra work to make sure I’m not at the mercy of some company getting up to some rent-seeking bullshit.




  • The only option that fits your budget today I can think of would be picking up one of the old xeon combos off of AliExpress. I spent like $100 on a MB+CPU+64GB DDR4 combo with a 2880 v4 I think. 14c/28t at any rate. You can probably grab a case/power supply/video card used for under $50 on eBay.

    Please note that I’m not saying that this is a good option; it took a lot of fiddling for me to get mine running smoothly. But if you’ve got more time and patience than money, it might work for you.


  • Since before it was the CIA. Open Source in this context isn’t about software licensing, it’s about gleaning everything you can about an adversary from publicly available information without infiltrating anything.

    A non-intelligence example of this would speculating on what products a company is working on based on their job postings.

    To bring it full circle, one can glean from this posting that the CIA is looking to hire someone to troll the internet for folks to target for further intelligence gathering. Business as usual.