boracay's comments

Too bad I got tired of sharing and explaining mine in this forum. None of those countries you mention are actually prosperous to a larger degree. Is really shouldn't be that hard making an effort to think outside of you own though pattern should it?

The same narcissism that makes you believe that you are right?

Not all people value the same things. That we can't give up freedom for security is still just an idea. How much of western culture is really better than something else and just not because we're prosperous.

"They just can't do much before they commit a crime"

Of course you can, you just need a mindset where you are fighting extremism rather than extremists.

I think the idea that we can fight extremism with freedom of speech is wishful thinking. There's very clear indication that pictures as those published not only increase extremism in muslim communities, but also in far-right groups. I also think we are being a bit arrogant if we think that it's a few pictures and not global conflicts that are the main reasons for the existence of these attacks.

People don't really care about fighting extremism, they just want to be right.

The whole things is just a charade. Not because we suddenly want to stand up for free speech and civil rights. But because we are so terribly afraid of being just as wrong as the extremists. That we would know of, if not instigated, the terrible faith of hundreds of thousands of muslims in the last decade and didn't really do anything about it.

I'll upvote something that actually discusses how this effects our freedom rather than just some "let's all be upset". As far as I know western politicians have been far more effective at undermining our freedom and increasing extremism than the terrorists could ever have been on their own.

Do you see any trend where companies want their data more structured from the beginning?

I don't necessarily think it's a bad proposal. It's seems rather good actually. Google is still one of the most tracking entities on the Internet and they can't really argue with NSLs even if they wanted to.

I just think the US government is the best organization in the world in asserting pressure and that Google, even if they really wanted to (which isn't clear), isn't going to end up with an agenda hugely contradictory to the US governments wishes. The US has a long history of using industry for geopolitical goals and the tech industry isn't any different.

If we do end up with a system that is in line with peoples fundamental rights I'll be the first one to commend them for it though.

You do need a good alternative systems of course. But once those old e-mails isn't around anymore you would have to use the other system to still have access to the data.

I'm not even sure current e-mail systems are such a good tool. I would think chat for internal things and some CRM type system (leveraging e-mail) would be better. But yes as you said, easier said than done.

For a lot of internal data it's having and using the appropriate systems in the first place. It's like VCS. You don't e-mail someone code anymore. You make a branch or whatever and then reference that in your communication.

I'm not so sure. I think the biggest mistake programmers make is learning the same thing over and over again. It's much easier to find someone that can implement a basic server in ten different languages than someone who now the many different aspects of a desktop application. It's like everyone is a mediocre butcher that also does fish and vegetables, but you can't find any chefs. Probably myself included.

I wouldn't be surprised if there's actually a fight inside Google over this.

Hm. I think the most important lesson here is that we need to treat "communication data"[0] more like we treat financial or medical data. If there isn't already there should be a rule in security that says that anything that's actively being used can't also be secure. They had year and year of data just lying around that people had mentally filed under "communication". It's kind of like web security where you lock down all your servers and then some developer leaks all the credentials on pastebin.

[0] There's probably a better word for this. A basically mean volatile data i.e. e-mail, working documents, logs etc.

That's exactly what I'm saying, you can't expect one entity to solve this.

There's clearly some good people working at worthwhile things at Google. My concern is that a lot of those things doesn't end up being pushed by Google. Not only because it might hurt themselves, but because of non-obvious outside influence.

We shouldn't forget that many things we accuse the NSA for like lack of accountability, overzealous collection of data, the undermining of privacy etc. are all things we can expect from a corporation.

That's not really my position to represent though. As an engineer you have to be firm if the issue is worthwhile. Just because the tech industry is a largely a vertical oligopoly doesn't mean we should support it. Technology would be a better place if the parties opposing security, robustness, privacy etc. would have to take an active stand against it rather than being able to hide behind vague design decisions. I do also think there are things that aren't worthwhile to be fighting for though.

I don't think the laws are vague so much as how we use cookies today. With different mechanisms for different purposes it would (could) be much more transparent to the end users how things work. It would be more like the "save password" feature in various browsers. Of course since all the major browsers vendors also make money from ads this isn't really in their interest.

Not if you are using the session identifier for it's intended purpose, see the exceptions at: http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm#se...

Of course Google is only trying to improve the situation as long as it doesn't hurt their bottom line or government relations.

I don't see how this should stop us from fixing legitimate problems. As far as I know IPv6 adaptation is not a software problem at this point.

Not really. "Luxury" though.