Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Remember Apple's initiative to scan photos on user's devices to find child pornography?
Today I finally decided to research this.
The evidence is conflicting.
For context, the database of prohibited material is called CSAM (child sexual abuse material).
“If it finds any CSAM, it will report the user to law enforcement.”
— Futurism
“Apple said neither feature would compromise the security of private communications or notify police.”
— NPR
CSAM initiative is dead. It won't scan photos in iCloud. It won't scan photos on your device. It will be a feature that only works in some countries, only on children's devices, and it will be opt-in. It will only work for iMessage attachments.
This is what Apple actually said at https://www.apple.com/child-safety:
- “Features available in Australia, Belgium, Brazil, Canada, France, Germany, Italy, Japan, Netherlands, New Zealand, South Korea, Spain, Sweden, UK, and U.S.”
- “The Messages app includes tools to warn children when receiving or sending photos that contain nudity. These features are not enabled by default. If parents opt in, these warnings will be turned on for the child accounts in their Family Sharing plan.”
News outlets telling people they will be automatically reported to authorities, and then telling there can be false-positives is a classic example of fearmongering. I hate this. Remember, anger and fear are the most marketable emotions. They make you click. News are and will always be worded to cause these emotions — it brings in money.
When presented with good news, people think they're not being told the truth. When presented with bad news, even when they're made up, people think it's the truth that's being hidden from them. This is how news works.
Now, a HUGE but:
Apple is a multi-billion dollar corporation. There is no such thing as good billionaires. Corporations will always wait for chances to invade privacy. It's like boiling the frog — one tiny measure here, one there, and just like this, step by step, they will eliminate the privacy completely. It's in their interest to have all the data about you. It brings control.
This is not the first time Apple tries to do shit like this, and it definitely won't be the last. You have to keep an eye on your privacy. If you want your privacy in the digital age, it's necessary to fight back. If you live in Europe, take the action and vote for initiatives that oppose corporate tyranny and privacy invasions.
Privacy on the internet is one thing, but scanning people's devices is a whole another thing. This is unacceptable no matter the rationale behind it. Expect more measures like that in the near future.
Research Linux. Find a distro that suits you. The notion that you can't switch because of apps/UI/etc. may be dictated by our brain's tendency to conserve energy and avoid the change.
Take a look at mobile distros like Graphene OS and LineageOS. The former only supports Pixel devices, the latter supports a wide range of devices including OnePlus and Xiaomi. They'll have FAR better privacy than iPhones.
Consider switching. It's easier than you think. Yes, it's me who's saying this. I do and will always protect people/companies from unjust criticism, and I consider myself an Apple fangirl for personal reasons related to my childhood, yet I won't fight blindly. CSAM initiative is a valid criticism, and there's nothing preventing me from saying this is unacceptable, and Apple deserves the backlash they got.11 -
Good question, what wasn't bad about 2020?
As far as good things go.. well, COVID-19 actually. Back in February the lockdown began in Belgium, and while many people got bored out of their minds, I actually became a lot more productive. So many projects started back then, and I got a lot better at programming because of it. Now I can confidently write most bash stuff without ever looking anything up. And the code is maintainable, on account of putting everything into functions. You can literally navigate the code just by looking at it. On older code I always had issues with that.
I'm very glad that essential travel even back then wasn't really restricted. Because my bank is retarded about online banking, I have to go to the bank every so often to check my balance. At the time I tended to do that late in the evening, when nobody else was outside and I had the entire town to myself. That was one of the travels considered essential. So I kept doing it and made that my biweekly walk. I really enjoyed that. Gets your mind off things.
Bad things would be the utter stupidity that the general public had shown me during that pandemic. Burning down 5G antennas and not even getting the right ones, toilet paper, 5G death beams in street lamps?! They even sent death threats to telco workers over sensationalist bullshit from what IIRC was just a random Twitch streamer. Those people should just fucking kill themselves, choke yourselves in that pile of toilet paper you got yourself and then called yourself financially challenged. You braindead fucking retards!
Another dev-related thing is the normalization of SJW terminology. Now even "blind playthrough" gets your ass banned on Twitch. I saw a tweet about a Twitch employee (I think) proudly saying that they implemented it. Most upvoted comment on it was from a blind person, asking why they did this and not made the Twitch app more friendly to use for blind users. They too thought this was bullshit. Yet it still got added in, and more and more people are starting to think that "this is fine". Hell even that "this is necessary".
What annoys me the most is that this mostly comes from the US, where around that time they laid their knee on George Floyd, and didn't fix their legal system at all. As a European it baffles me since we have many immigrants here (the Drumpf even called Belgium a hellhole over it) and we just don't give a shit about whether or not they are "truly Belgian". We just let them live their daily lives like everyone else. Imagine just not giving a shit. Imagine not bothering them, not with racism, not with reverse racism, not with anything. Just let them do their thing and that's it. Yet despite Belgium being one of the most inclusive countries in the fucking world, I still got called a racist many times for asking.. why did you implement this? Why this, and not tackling the problem at its actual and pretty fucking obvious core?
So all in all I can only hope that 2021 will get a little bit better. But that's the same thing I said in 2019, and it didn't quite come true.11 -
Oh boy, this is gonna be good:
TL;DR: Digital bailiffs are vulnerable as fuck
So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:
The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.
So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!
This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.
I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.
Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!
Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...
The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.
But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.
So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)
So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"
So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones6 -
!rant ✓devrant-meetup
Met @condor irl today. He's the same weird guy as I feel at moments. Interests that don't interest people around us in any way..
Drank some beers, evidently called Belgium.
He came all the way to the town I work at.. kudos!
Talked about breadboards taking 230V via cables that aren't meant to take the voltage in any way.. Security implications in networks and online services, like Fb. Faraday's cage & how it works; and some other shit I swear I won't tell anyone about as you should be comfortable discussing it.
Quite interesting, I swear! (:
Now on the bus home, as I had to cut it short to get to some parental business... But I'm looking back on some positive social interaction, which I'll gladly re-do another time.
Condor, it was sure nice to meet ya. I'll come your way next time. That ~10eu for your transport will be equalled some day in the near future.
@FunkDelegate sorry it was badly timed and plaved, you'll join us soon enough! At least you saw decent ass! xD3 -
You fucking fucktard! First, learn how to fucking read an email and secondly, I was referring to the fucking login issue you mentioned before, not the fucking logout issue!!! Serioursly!>!?!?!?! How the fuck do you function!
Fucking belgium fucktard!7
Top Tags
Weekly Rant
View