undefined | Better HN

0 pointssequoia8y ago0 comments

"The hacker spirit" was NEVER about harvesting user data so you could sell it to advertisers. Bite your tongue.

0 comments

6 comments · 2 top-level

closeparen8y ago· 3 in thread

Yes, and? No one claims that it is. It is, however, about iterating quickly on networked software in the absence of heavy bureaucratic process. Process that is now necessary to ensure auditable, provable compliance with the letter of the law, even for activities that are already complaint with its spirit. One can argue this is necessary for society, but it's certainly a crackdown on the hacker spirit.

Fun fact: GDPR has not one word to say about advertising in particular. Ad targeting may still be legal in some cases! Meanwhile all networked software is illegal by default unless its operator can prove that it stays within the defined GDPR exceptions.

sequoiaOP8y ago

I don't agree that keeping track of data processing operations, where you store data, creating an ability to delete user data and basic security hygiene is onerously burdensome on projects where you know about these requirements ahead of time. Yes it absolutely is a major pain in the butt for existing projects but that's a different argument and not a good reason not to improve consumer protections.

> Meanwhile all networked software is illegal by default unless its operator can prove that it stays within the defined GDPR exceptions.

This doesn't make sense to me. Can you please instruct me how I would go about suing the curl project? Please help me understand how this networked software is "illegal by default." I actually don't understand precisely what you mean by "networked software" so perhaps my misunderstanding lies there.

Overall I find statements like this "all networked software is illegal" to be FUD hogwash. It's just the same as when environmental regulations are going to "destroy the energy industry" and labor regulations are going to "destroy the service industry" etc.. Industry (represented here by tech entrepreneurs) is doing their typical disingenuous wringing of hands they always do when consumer/worker/environmental protections are brought forth.

Let's get rid of the GDPR, the EPA and the Paris climate accords while we're at it.

closeparen8y ago

>suing the curl project

Any server you curl is processing your personal data by addressing the HTTP response to your IP address. Curl itself arguably fails "privacy by design" test in that there is no Tor, etc. enabled by default, although I admit that's a stretch. The entire HTTP protocol design of obtaining documents by interacting directly with their publishers is similarly careless from a privacy perspective.

>"all networked software is illegal"

It's not always illegal. It's illegal by default, and up to you to demonstrate that it falls within one of the defined exceptions.

>"destroy the energy industry"

I'm quite happy that only serious and well-capitalized entities can surmount the regulatory hurdles to running a smoke-billowing power plant. I'm not happy that we're doing the same things to websites.

cbfoo8y ago

Not about creating broken networking software or broken software in general.

Have you been in Usenet in a networking group around 2000. Good luck with these fake opinions.

Just because some startup incubator is great at grabbing words from the hacker culture ("ycombinator", "hacker" "news"), does not mean they get to redefine the meaning.

They are just greedy, greedy for money and words they can appropriate.

baryphonic8y ago· 1 in thread

This is a false dichotomy that I fully reject. I feel disgust for the current generation of creepy, centralized, ad-ridden websites that make a pittance on each of us and use our data to create the next generation of (proprietary) AI.

I also don't think the _solution_ to that problem is to create a new bureaucracy and complex set of rules ("you won't be targeted, trust us!") that seems to address a "problem" (if it even is so) that is a large superset of ad-driven tech. Overcharged bureaucracy goes against the hacker spirit.

By the way, a way out of this mess seems to include crypto. We know right now that most ICOs are scams, crypto has lots of technical issues, and is in general still not ready for "prime time." That being said, when it _is_ ready for prime time, it's hard to even imagine how a crypto network could even comply with any of the basic ideas of GDPR, despite the fact that privacy is not really a concern.

How would you implement a "right to be forgotten" on a blockchain ledger? It may not even matter that the EU itself would not interfere, as GDPR also apparently creates private rights of action. Any sufficiently loony EU citizen can drag foreigners to court with gigantic lawsuits.

delinka8y ago

My understanding of "blockchain ledgers" is that it's not the case that every single byte of a ledger entry is present in the blockchain, but that some other ledger is maintained and its digest (at various points along the way) is incorporated into the blockchain.

That being the case, "the network" doesn't own these 'side ledgers.' They have owners who may well keep non-public data. Further, that the data comprising a particular digest needn't be disclosed, only that the owner of the digest vouches for the digest. For forgettable mode, said owner validates their own data, generates the digest, adds it to the blockchain, and subsequently 'forgets' the data that created the digest.

Now maybe that flies in the face of a fully public blockchain, but it allows the implementation of that which you couldn't fathom: a right to be forgotten alongside blockchain technology.

j / k navigate · click thread line to collapse