HackerTrans
TopNewTrendsCommentsPastAskShowJobs

rphlx

no profile record

comments

rphlx
·vor 7 Jahren·discuss
> people vote

The "high taxation is not slavery, because you voted" argument lost all merit once net recipients of the welfare state became able to out-vote its net contributors - which has already happened in the US.

> make sure old people don't starve

If only that were what the extent of what social security actually does. But it's not properly asset tested. So broke millenials are paying a ton of payroll taxes, which are - after substantial adminsitrative overhead - transferred to their elders who almost always have significantly more assets than they do, and often don't even need a transfer at all, let alone as their only way of avoiding starvation.
rphlx
·vor 7 Jahren·discuss
Slavery was not fully eliminated in the US; it was just fractionalized, and the terms - which groups are enslaved, which groups are entitled to their output, and how much of it, etc - were obviously heavily modified. For instance you are able to change employers now, but no matter which one you pick - even if it's your own firm - in most highly-valued fields 40-70%+ of your output will be taken by various layers of government - by force if necessary. Your children are subject to the same obligation so "fractionalized chattel slavery" is a decent first-order description.

It is true that acts of extreme violence are less common than they were in the 19th century South, but that alone does not make the system "not slavery" given that a threat of overwhelming force still underpins it.
rphlx
·vor 7 Jahren·discuss
> It's not legal for Americans to completely avoid taxes simply by operating in a jurisdiction with different tax laws.

This is not correct, and pretty much all of the US Elite, above a certain wealth level, have some offshore structure(s), because there actually are major, legal benefits - including ones that can zero out the US individual tax liability for that activity, at least in some years.

As a result it's only the legally- & financially- relatively unsophisticated middle classes, and perhaps the lower-upper-class, that has literally every single transaction subject to US taxation.
rphlx
·vor 7 Jahren·discuss
If the untoward event is solely in USD, perhaps, but not if it's in crypto. Exit scams, hacks, rogue employees, etc, could still hit a US exchanges' crypto holdings and the government probably cannot or will not compell a roll back, supply expansion, etc, on a major blockchain.

If anything is actually protecting clients against crypto theft, it's the exchange's privately-purchased insurance rather than the government. Although I wouldn't rely on that for much either as insurers are rarely eager to pay out.
rphlx
·vor 7 Jahren·discuss
I believe they valued at time-of-transaction. e.g. if you had no other transactions except for a $100 buy in 2013 that you immediately withdrew to personal cold storage, and then that appreciated to $20k+ today, you shouldn't have been included, assuming they supplied only the minimum amount of info legally required.
rphlx
·vor 7 Jahren·discuss
It doesn't necessarily tax everything but the IRS does seek God-level knowledge/insight into every transaction - and then it just exempts certain things based on size or other factors. If you are deducting charitable contributions to the church they actually do expect you to subtract out the value of coffee, meals, etc. Donate $100 to some non-profit that sends you a t-shirt as a thank-you? Your deduction is $87, not $100, because the t-shirt has to be valued at $13 or something similar that they consider reasonable. Somewhere they actually have federal employees tasked with determining this year's acceptable minimum value for a t-shirt.

The $20 gift from grandma is exempt, but not because they don't demand insight into intra-family transfers.. it's only non-taxable because of its size. If you have a rich grandma and she gives you $20k, that needs to be reported.. even if no tax is ultimately due, it probably reduces the future value of her estate tax exemption. Dying is a very complex taxable event!

If you want to follow the thousands of pages of rules to the letter - sufficient to sign a letter declaring under penalty of purjury, etc - the tracking and compliance burden on many US taxpayers is enormous, even with assistance from the commercial closed-source SW packages that you are more or less forced into buying each year because they won't let you e-file with them directly over HTTPS+JSON or whatever.
rphlx
·vor 7 Jahren·discuss
> that's just how the internet works

Well, the Internet does not strictly require all traffic between two parties to go through a MegaCo Cloud. Location privacy in this system would appear to be greatly enhanced (vs Apple-as-an-adversary) if A and B communicated directly, or through a server that they controlled, instead of through iCloud. In concise security terms, Apple man-in-the-middles the encrypted traffic in this system and thus may perform traffic analysis, deanonymization-via-inference, etc as I said above.

It's certainly true that NAT, firewalls, and a lot of other things make direct communication between two iDevices inconvienent and frequently impossible - that's fine and fair enough. But then the Company should not be making at least partially untrue privacy and anonymity claims that are essentially impossible to satisfy when by design all of the traffic flows through their cloud.

AFAICT Apple (and likely its host governments) will still need to be trusted parties in any scheme that flows through their infra, unless you care only about protecting your precise location, and are willing to expose your coarse location to them.

To be clear, they may already have that info from other services, and you'll have to trust Apple a lot anyway since they're making the phone and some custom silicon within it. And them having coarse location is certainly preferable to them having precise location data - so this system (as we are inferring it to work) is not worthless, and is still an improvement over a naive implementation.

But real internet anonymity and location privacy is hard to achieve; just ask any tor developer. So please don't let the marketing dept openly claim that, or even imply that, when the claim can't realistically survive a two minute security audit by HN infosec nerds. To be specific the WWDC claims that "this whole interaction is ... anonymous" and "there’s no need to worry about your ... privacy" are what I am taking some issue with here.
rphlx
·vor 7 Jahren·discuss
The Wired article is not detailed enough to definitively poo-poo this scheme, but I am pretty skeptical about some of the claims, given a) how easy it is to map an IP to a coarse location, b) how easy it is to map many IPs to a small number of already-known humans/users.

That is to say: the asym crypto may strongly protect the precise (GPS or LTE triangulation) location from Apple and from others, but I do not see how a cloud-based system can ever hide coarse location from Apple and/or from governments as, given the short range of BT, they can reliably infer that a device (and hence its owner) is/was near whatever IP sends the encrypted precise location to their cloud. Then it's just a matter of mapping the device's "randomized" ID back to an actual user/phone. That seems easy enough as soon as a second device accesses it from an IP that's mappable to a specific residential address, Apple account, etc.

e.g.

A and B both log into iTunes or some other Apple service using [email protected] and [email protected] from HOMEIP at some point in the past. HOMEIP is never used by any other Apple accounts.

A(lice) and B(ob) exchange a secret and otherwise begin participating in this "private" tracking scheme.

A goes out shopping and while there it pushes its encrypted precise location to the Apple cloud, using random ID 424242, from MALLIP. Perhaps A's device sends it directly, or perhaps it's relayed from BT to Mall wifi to Cloud by C's device if A has both LTE and wifi disabled.

A few minutes later S(omeone) requests encrypted location for random ID 424242, from HOMEIP.

Apple (and any government compelling it to share information) can reliably infer that "Someone" was A or B attempting to track either B or A, and that the tracked phone was at/near the business address of MALLIP - their coarse location - even if they can't decrypt the precise location without the secret key. If you know from public records that A and B are married, and assume that women are more likely to be at a mall on their own than men, you may further assume that A is at the Mall while B is at home.

Result: the "private"/"encrypted" precise location beaconing has an unfixable metadata side channel that will leak coarse location data to Apple and to any governments that compell it.
rphlx
·vor 9 Jahren·discuss
It's likely they could disable speculative execution in its entirety, either in ucode or UEFI, but that would harm many compute-intensive workloads by 5-10% or more, so my guess is that somebody decided to push this page table mitigation instead, taking the hit on the syscall/hypercall side as that's perceived as "less bad overall".