My Librem 5 phone runs desktop GNU/Linux and can be used with a screen and keyboard with no restrictions. Unlike Android, it doesn't run mobile apps on a big screen but full desktop apps. See: https://puri.sm/posts/my-first-year-of-librem-5-convergence/
I would consider HN a barebones forum more than social media. It's a bit "I know it when I see it" but the clear differences are things like no media uploading, no mysterious algorithmic feeds (like you allude to) designed with the explicit goal of keeping you on, no "discoverability" like we see on these sites, etc. It's text posts, [edit: essentially] one page, and a simple up/down system with some weighting. You can't even really build an independent community within HN. We're all more or less seeing the same thing at the same time. Everyone's facebook or instagram or whatever is wildly different. It's siloing.
Also, there's no ad servicing going on/major profit element for ycombinator here. Doesn't mean there isn't self-promotion/astro-turfing, and it clearly benefits ycombinator's reputation to have this, but it isn't an ad platform with social aspects like social media.
Well, I don’t agree with any laws like that, they’re all silly.
Nobody under 16 should be on social media for their own good, but it’s their parent’s job to prevent them from rotting their brains, not some governing body.
> but it’s their parent’s job to prevent them from rotting their brains, not some governing body.
The counter argument is that even if you want to do that as a parent, it’s hard when all your kid’s friends use the thing you’re prohibiting. It makes their life harder, and yours too in the process.
It’s worth noting the first initiatives to gate kids from social media did come from parents, who organised locally and collectively agreed on a course of action.
As a parent, you have direct control over who your kid’s friends are.
We used to say, “If all your friends jumped off a cliff, would you?”.
Now we say, “Well, the kids are going to jump off a cliff anyway, I can’t stop them, so the government should make a law about it!”
I don’t think that’s the way to handle things. Parents who are bad at parenting will raise kids that fraternize with kids who jump off of cliffs. Maybe theirs will too, one day. Unfortunate, but the kids at the top of the cliff, who were actually raised, will excel.
You do not have control of who your childrens' friends are unless you spend all hours with them. And most people are happy nobody can legally sell smokes, booze, and drugs to 12 year olds.
Surely you can see how requiring ID for a physical cigs, drugs, and alcohol purchases is different from requiring ID to use a website?
“Think of the children” is the exact tool fascists use to erode liberties. Governments worldwide salivate at the idea of having a registry of what every individual is doing online at any given moment.
I agree, the challenge still remains to classify social media if the objective is to arrest or reverse the negative effects, while possibly not depriving children of positives of things like forums like HN which are clearly also social media, even though it’s clearly not what people are primarily thinking of regarding this issue.
I suspect there is not a clear or even uniform definition of what is and is not social media that would be banned for children. Usenet is attributed as being the first social media application from 1979. I presume many here would not include Usenet even though by the technical definition of social media HN and forums in general are in fact also social media, while also at the same time one could make the case that things like TikTok or YouTube shorts are not very “social”, while at the same time being part of the problem people are upset about.
I agree that there is definitely a problem with children and the internet, but frankly, maybe the ban should be for smart phones in general for children, because the same kind of toxic behaviors that I think people are actually calling “social media” can simply just continue in things like telegram and iMessage; aren’t they social media too, especially now with video/image sharing?
I preemptively apologize to anyone if my words are taken as flame bait or personal attacks on anyone that likes social media or smart phones for children, it’s simply my opinion and how I speak and if you don’t like it you can simply disagree and ignore what I say, even if yuppy are a mod.
I don’t think the answer is banning phones (except in school, context dependent), it’s letting lazy, bad parents have natural outcomes for their children and allowing the rest to work itself out through the social free market.
It sounds cruel, but if someone is set on allowing their children to be raised by strangers on the internet and the government, they need to be ready to accept any outcomes that come along with that.
Although I agree with you directionally, reality simply is that at least speaking for the west in general terms, this approach does not strike me as feasible because it will always contact the pathological altruism of our current civilizational state that will be compelled to "help" and "protect". But there is also the issue of simply writing off the children of such parents is rather callous and simply not compatible with civilization. We are not individuals in a modern society/civilization; your notion of parents "accepting any outcomes" turns out to always result in society/civilization dealing with the effects like crime, loneliness, degeneracy, etc. As an aside; it is in fact the deepest of problems of the whole "libertarian" premise that we are all just individuals, in spite of all the evidence to the contrary. Do we want to be a civilization or do we want to be a conglomeration of wild animals where we just accept the "natural outcomes" of the consequences of things that was imposed on them in the first place?
Frankly, (and no, I don't mean this as a flame bait, mods) I see it similar to when alcohol was introduced to the tribes of America, when they were genetically predisposed to both increased intoxication and addiction to alcohol; we introduced smartphones not only to a population that was simply not at all prepared for it psychologically (arguably, genetically too), but it was also introduced largely to the young through the adults, who were even more psychologically vulnerable to every single form of predation and things you would want to protect children from one could imagine.
I know people who suffer from both the effects of smartphones and "social media" (some both, some each) in several ways too broad in scope to detail here now (but it is very bad in many ways), even though the irony in one case in particular that comes to mind, is that it is due to secondary effects from their parents' behaviors, actions, and inactions related to social media and smartphones. To your point, the saddest part is that it is not the "bad parents have natural outcomes..." it is the "children" who are suffering and having to recover from even things like grooming and psychological conditioning, and having to "reparent" themselves following a young life of neglect and what can easily be described as abuse from it.
The challenge presents itself there that barring adults from "social media" and smartphones due to negligence, neglect, and various forms of abuse is a far more tricky issue and topic; especially when a double-digit trillion dollar industry is behind it that makes up what can be argued is the only remaining, functioning industry in America.
I will have to stop here. It has given me an idea for a book. Thank you for spurring that.
I don’t care how anyone else chooses to raise their children. They can let their kids rot their brains, do poorly in school, and fail in life without ever getting me or the government involved. I am not responsible for raising the failed children of failed parents. I care ONLY about the outcomes of my family, friends, and, to a slightly lesser extent, my broader local community.
Promoting failed parents and children, not in spite of their failures but because of them, is suicidal empathy, a modern mental illness that was never able to fully take root in the past, because the world was always much smaller, divided, and cutthroat.
If given the binary choice between “being an individual” or a “civilization”, I would choose to burn down the civilization in a moment IF it meant the eradication of the individuality of those that I love. I would hope every single person with a heart beating in their chest would feel the exact same way, or else THAT is when a society truly collapses.
To borrow your analogy, the Indians became alcoholics because “they were genetically predisposed to it”? Okay, well why would we want to increase genetic predisposition to alcoholism in the gene pool by denying someone their freedom to drink themselves stupid?
You can argue that it wouldn’t be fair to their children, but those who aren’t drunkards could become wealthy casino owners whose children will prosper more than even you or I, while those whose genes, according to your perspective, apparently don’t allow them to control their own urges will fail, and their lineage will end, along with their hereditary alcoholism.
I see no reason for society to bear any level of responsibility for individuals regardless of context, as society is built by successful individuals , and it is torn apart by failed ones. We must allow the natural outcomes, which is that failed people will fail.
Evolution, if guided by humans, would quickly devolve into chaos, as we can’t accurately select for the correct pressures for success. It simply has to occur. Society is a living organism in the same way.
Platforms like HN are still vulnerable to astroturfing and bubble effects, but at least the operators aren't optimizing for engagement beyond [what I assume is] a fairly simple up/down ranking system based on user votes and time decay.
Moderation is another question. On HN again I don't really get the sense that there is a lot of censorship. On Reddit, on the other hand, the behavior of moderators and admins is legitimately frightening once you start paying attention.
Overall I would shut it all down forever if I could, but if I had a limited budget I would prioritize Meta's platforms and similar algorithmic infinite-scroll slop feeds. I think all they do is addict people to scrolling and epistemically poison them without giving any real value back.
Great question. Algorithmic recommendations with infinitely scrolling feeds that get fresh, fungible content—i.e. content produced by strangers, not your friends—whenever you visit the platform are are the biggest issues I have with social media. They're designed like slot machines to boost engagement at the cost of, you know, accommodating social connections.
I'm worried that while these bans have good intentions, they might be targeting the wrong things. The direction is right, and I'm glad action is being taken, though.
I can't read the article so don't know if they give enough details on the Norway law to tell, but most of the other countries or states with such laws prohibit specific practices that are very common on social media sites. If you site does those things it is covered. If it does not, it is not covered.
HN is usually not covered.
For example New York's law covers sites with an "addictive feed", and defines "addictive feed" this way:
> "Addictive feed" shall mean a website, online service, online application, or mobile application, or a portion thereof, in which multiple pieces of media generated or shared by users of a website, online service, online application, or mobile application, either concurrently or sequentially, are recommended, selected, or prioritized for display to a user based, in whole or in part, on information associated with the user or the user's device, unless any of the following conditions are met, alone or in combination with one another:
> (a) the recommendation, prioritization, or selection is based on information that is not persistently associated with the user or user's device, and does not concern the user's previous interactions with media generated or shared by other users;
> (b) the recommendation, prioritization, or selection is based on user-selected privacy or accessibility settings, or technical information concerning the user's device;
> (c) the user expressly and unambiguously requested the specific media, media by the author, creator, or poster of media the user has subscribed to, or media shared by users to a page or group the user has subscribed to, provided that the media is not recommended, selected, or prioritized for display based, in whole or in part, on other information associated with the user or the user's device that is not otherwise permissible under this subdivision;
> (d) the user expressly and unambiguously requested that specific media, media by a specified author, creator, or poster of media the user has subscribed to, or media shared by users to a page or group the user has subscribed to pursuant to paragraph (c) of this subdivision, be blocked, prioritized or deprioritized for display, provided that the media is not recommended, selected, or prioritized for display based, in whole or in part, on other information associated with the user or the user's device that is not otherwise permissible under this subdivision;
> (e) the media are direct and private communications;
> (f) the media are recommended, selected, or prioritized only in response to a specific search inquiry by the user;
(> g) the media recommended, selected, or prioritized for display is exclusively next in a pre-existing sequence from the same author, creator, poster, or source; or
> (h) the recommendation, prioritization, or selection is necessary to comply with the provisions of this article and any regulations promulgated pursuant to this article.
New York's definition is one of the most detailed. The Australian definition on the other hand probably includes Hacker News because it includes both "a logged-in feature" and "endless feed" and the fact that posts move off the home page probably falls under "time-limited features". Perhaps some legal interpretation will find that paging is not legally "endless feed", but I could see it going either way. The definition basically is written so that blogs with comment sections aren't included, but with quite an expansive scope otherwise.
I mostly agree with you, I think what you're implying is correct on average, but I'm probably not the only one to whom HN is more addictive than Instagram, Tiktok and all the other classic social media apps.
They get boring much more quickly and also make me feel guilty about spending time on something so shallow, so it's very self limiting.
>Physical isolation is a given safeguard that the digital world lacks
…
>In our digital lives, the situation is quite different: All of our activities typically happen on a single device. This causes us to worry about whether it’s safe to click on a link or install an app, since being hacked imperils our entire digital existence.
>Qubes eliminates this concern by allowing us to divide a device into many compartments, much as we divide a physical building into many rooms. …
Qubes OS is a great solution for this threat model. By my (admittedly cursory) understanding of this attack, one would have to chain the attack to escalate to dom0 to get around it.
Having said that, fsflover exhibits a poor grasp of how this stuff works and all should be aware that even in Qubes OS, one would need to spawn new disposable VMs for each identity; relying on the Tor Browser's new identity creation within the same disposable VM would be little different from running Tor Browser on a traditional OS.
> one would need to spawn new disposable VMs for each identity
This is by design how everyone should always be using Qubes OS for any task, according to its documentation and approach to security.
> relying on the Tor Browser's new identity creation within the same disposable VM would be little different from running Tor Browser on a traditional OS
You should note that improperly using Qubes OS, creating a New Identity inside of Tor Browser, even in a disposable Whonix workstation VM, would leave one vulnerable to this.
A user would have to manually start a new disposable VM for each identity.
> It seems Qubes OS and Qubes-Whonix are not affected.
This is dangerously incomplete and bad advice.
Qubes OS does not work the way you seem to think it does.
Creating a new identity in the Tor Browser inside a disposable VM does not automatically stop that VM and start a new disposable VM. That initial disposable VM launches the new identity from the existing process and therefore remains vulnerable, the same as any bare metal computer running Tor Browser would.
Virtualization is not magic.
A Qubes OS user needs to spin up a new disposable Whonix VM to sidestep this attack. Creating a new identity alone is ineffective in this threat model.
If you care about these projects as much as you say you do, please stop giving harmful advice. You do it in various places on the Internet and in every thread which gives you half a chance to do so, and these projects would be better off if you either took any of the extensive well-reasoned correction many people offer you, or opted to stop making such claims. The former would be ideal, the latter still vastly preferable to the existing state of affairs.
I believe you are correct, and that this poses a significant risk for people who don't properly understand the underlying concepts.
A Qubes OS user needs to start a new disposable Whonix workstation VM to sidestep this attack, NOT create a new identity in the same disposable VM's browser, which is exactly what this attack targets.
On Qubes, you do not create a new identity in the same VM. This would go against the Qubes approach to security/privacy. Using separate VMs for independent tasks is the whole point of using Qubes.
> On Qubes, you do not create a new identity in the same VM. This would go against the Qubes approach to security/privacy. Using separate VMs for independent tasks is the whole point of using Qubes.
This is technically incorrect information and could get people in trouble if followed literally.
On Qubes OS, if a user creates a new identity inside a Whonix workstation disposable VM via the browser's new identity functionality, the new identity spawns within the same disposable VM. I just tested this on Qubes OS 4.3.
That, I assume would expose one to OP's vulnerability, as its still running in the same VM. I would be glad to learn that I'm incorrect in my unverified assumption.
Even Qubes OS users still need to be mindful to launch new disposable VM when keeping identities separate to sidestep this attack.
You are right, and I am saying exactly the same thing. You seem to misunderstand that Qubes saves you whenever you use it as designed by its security approach. To benefit from Qubes security, you have to use virtualization to compartmentalize your tasks. Only virtualization is a guarantee of security. Everything running in the same domain is assumed to be not isolated, and a compromise would affect everything in it. Even root access has no password by default in VMs. So what you're saying is obvious to any Qubes user. This is why I didn't mention it. (But I should have indeed.)
By you reasoning, Qubes doesn't provide more protection than the underlying operating systems. I've seen this myth on HN multiple times.
This has nothing to do with "No True Scotman", because my definitions and assumptions are not flexible. They are defined by the Qubes developers and documented. You misunderstanding me does not equal me being wrong.
When I say "this tool protects you" and you reply "it doesn't protect you if you misuse it; you give dangerous advice", you are the one misleading everyone. (Same with the kill switches on Librem 5.) Other people asked me for details instead of making a personal attack, https://hackernews.hn/item?id=47868133
Perhaps you are right that I could add more details for newcomers, but I was not wrong or harmful, unless you think every advice must have a full documentation for tools attached to it.
In the last ten years has qubes moved on to support more hardware? Every 4 years I would try to use it only to find it didn't support any of my hardware.
Qubes OS hardware support, while still far from perfect, is vastly better than it was ten years ago.
Joanna Rutkowska's understandable preference for older kernels had its advantages, but the current team is much more likely to ship somewhat newer kernels and I've been surprised by what hardware 4.3 has worked well on.
Beyond that, I'm currently running a kernel from late Feb/early Mar (6.19.5).
Driver support can still be an issue, and a Wi-Fi card that doesn't play nice with Linux in general is doing to be no different on Qubes OS.
We buy off the shelf laptops, not sure anyone ever checked that it can run Qubes specifically before trying to install it (I'm sure of at least one person: myself). Doesn't just about any x64 machine with hardware where drivers are available in standard kernels also work with Qubes? What have you bought that's not supported?
Tested hardware can be found here https://qubes-os.org/hcl. New hardware is being constantly added. If you plan to switch to Qubes, consider buying something from that list or, better, certified, or community-recommended hardware linked there.
Most hardware (especially GPUs) is hard to virtualize in a secure manner, which is the entire point of Qubes. People who use it typically buy compatible hardware.
People who use tools incorrectly bear responsibility for corresponding dangers themselves. They can always ask for an additional advice or more details. I don't understand why you are attacking me for that. See also my answer elsewhwere (and please stop repeating the same thing in every comment thread): https://hackernews.hn/item?id=47878794.
Wow, that is neat! I had never heard of that before. However, they still have a long way to go to even equal the capabilities of normal phones made by huge companies for a typical consumer. Whether that is normal app support or even just simple stuff like camera quality.
Although...that was likely never the main goal for that phone anyway.
> I would care if my data is (1) available to Apple to read by virtue of not being e2e encrypted, and (2) used to train models and target those advertisements.
Here we go:
Apple fined $8.5M for illegally collecting iPhone owners' data for ads (gizmodo.com)
reply