From f63498c1d5afc9d92cd0e18c87a6808ee95b55affc758ab0021643acb3358765 Mon Sep 17 00:00:00 2001 From: Nicholas Johnson Date: Mon, 13 Mar 2023 00:00:00 +0000 Subject: Take care not to incite data leaking --- content/entry/leak-all-the-data.md | 32 -------------------------------- content/entry/on-data-leaks.md | 29 +++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 32 deletions(-) delete mode 100644 content/entry/leak-all-the-data.md create mode 100644 content/entry/on-data-leaks.md diff --git a/content/entry/leak-all-the-data.md b/content/entry/leak-all-the-data.md deleted file mode 100644 index c2a583e..0000000 --- a/content/entry/leak-all-the-data.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: "Leak All the Data" -date: 2021-11-04T00:00:00 -draft: false ---- -I know this entry is going to disqualify me from working for big tech or the government but oh well. Other things I've said on this journal have probably already disqualified me anyways. Whatever. This needs to be said. - -# Ransomware Groups Are Scum -If you work for big tech or some corrupt government institution, leak their data! I'm not talking about customer data. Customers are victims and they deserve privacy like everybody else. These ransomware groups that leak customer data if they don't get their ransom, they have no morals. The only useful societal functions they fulfill are: - -* Teaching people that corporations can't protect their data. -* Forcing corporations to care about cybersecurity. - -But don't be fooled. None of that motivates them. They only care about money just like the corporations they target. If you want to do some actual good then don't ask for ransom. Leak the data unconditionally. But not people's personal data. That's just scummy. Leak internal company emails that reveal corruption, source code for proprietary software with anti-features, and hardware keys used by vendors to prevent installing custom roms. - -# We Need Useful Leaks -## Corporate Leaks -It honestly blows my mind that with all the employees Micro$oft has they're able to keep Windows source code secret. Or any Micro$oft program for that matter. It only takes 1 person to leak it. I'd love to see Mac and iOS source code leaked so we know all the ways crApple is backdooring and spying on iBad users. The people deserve to know. It would be great if we could make leaks so commonplace that it's impractical for any moderately-sized corrupt organization to hide corruption. - -## Government Leaks -If you work inside the NSA, FBI, CIA, or another government agency for any country, I encourage you to consider whether your duty to your fellow citizens requires you to follow in Snowden's footsteps. If you expose significant corruption, you'll quickly find out that the 'rights' you think you have don't mean a damn thing. Take note of what happened to heroic whistleblowers like Snowden, Assange, and Manning. The state classified them as terrorists and traitors and pursued them relentlessly. So if you're a government whistleblower, plan cautiously. - -# Legality Versus Morality -Unless you're incapable of basic critical thinking, you understand what's right and what's legal are two very different things. The death penalty is wrong, but not outlawed everywhere. Shoplifting to feed a hungry child is illegal, but not immoral. Leaking classified government documents and corporate secrets can be ethical, if it serves the greater good. - -# Dumb Arguments Against Whistleblowing -Some people think it's not their decision to make to release documents. They think that the only moral option is going through the proper, legal channels through which inevitably nothing changes. It never ceases to amaze me that highly skilled engineers in corporate/government environments don't apply the same critical thinking required in their discipline to the ethics of what they're doing. They can explain singletons to you but they're too oblivious to notice their code is enabling fascism. Logic and critical thinking are general-purpose tools that apply to everything. If you can spend hours a day tracing through code, you can spend a few minutes a day considering the social consequences of what you're doing because that's more important. - -So what's wrong with the "it's not my decision to make" argument? The same thing that's wrong with the "I was just following orders" excuse that has been debunked since the Nuremberg trials. Who is making the decision about whose decision it is to make? You are. The buck always stops at you. You can delegate thinking to some authority figure but you're still choosing your authority figures. That can't be delegated away. You see, in the end, it always falls on you to decide what's right. - -# Becoming a Whistleblower -So if you're in a corrupt organization, blow the whistle. Leak that data. I encourage it. It IS your choice because it logically can't be anybody else's. Let people on the outside know what's really going on. We'll appreciate you. diff --git a/content/entry/on-data-leaks.md b/content/entry/on-data-leaks.md new file mode 100644 index 0000000..df8da13 --- /dev/null +++ b/content/entry/on-data-leaks.md @@ -0,0 +1,29 @@ +--- +title: "On Data Leaks" +date: 2021-11-04T00:00:00 +draft: false +--- +I know this entry is going to disqualify me from working for big tech or the government but oh well. Other things I've said on this journal have probably already disqualified me anyways. + +# Ransomware Groups Are Scum +Ransomware groups that leak customer data if they don't get their ransom have no morals. The only useful societal functions they fulfill are: + +* Teaching people that corporations can't protect their data. +* Forcing corporations to care about cybersecurity. + +But don't be fooled. None of that motivates them. They only care about money just like the corporations they target. In order to do some actual good, one can unconditionally leak internal company emails that reveal corruption, source code for proprietary software with anti-features, and hardware keys used by vendors to prevent installing custom roms. But not the data of innocent customers and citizens. + +# We Need Useful Leaks +## Corporate Leaks +It honestly blows my mind that with all the employees Micro$oft has they're able to keep Windows source code secret. Or any Micro$oft program for that matter. It only takes 1 person to leak it. I'd love to see Mac and iOS source code leaked so we know all the ways crApple is backdooring and spying on iBad users. The people deserve to know. It would be great if leaks were so commonplace that it's impractical for any moderately-sized corrupt organization to hide corruption. + +## Government Leaks +If you work inside the NSA, FBI, CIA, or another government agency for any country, I encourage you to consider whether your duty to your fellow citizens requires you to follow in Snowden's footsteps. If you expose significant corruption, you'll quickly find out that the 'rights' you think you have don't mean a damn thing. Take note of what happened to heroic whistleblowers like Snowden, Assange, and Manning. The state classified them as terrorists and traitors and pursued them relentlessly. So if you're a government whistleblower, it pays to be cautious. + +# Legality Versus Morality +Unless you're incapable of basic critical thinking, you understand what's right and what's legal are two very different things. The death penalty is wrong, but not outlawed everywhere. Shoplifting to feed a hungry child is illegal, but not immoral. Leaking classified government documents and corporate secrets can be ethical, if it serves the greater good. + +# Dumb Arguments Against Whistleblowing +Some people think it's not their decision to make to release documents. They think that the only moral option is going through the proper, legal channels through which inevitably nothing changes. It never ceases to amaze me that highly skilled engineers in corporate/government environments don't apply the same critical thinking required in their discipline to the ethics of what they're doing. They can explain singletons to you but they're too oblivious to notice their code is enabling fascism. Logic and critical thinking are general-purpose tools that apply to everything. If you can spend hours a day tracing through code, you can spend a few minutes a day considering the social consequences of what you're doing because that's more important. + +So what's wrong with the "it's not my decision to make" argument? The same thing that's wrong with the "I was just following orders" excuse that has been debunked since the Nuremberg trials. Who is making the decision about whose decision it is to make? You are. The buck always stops at you. You can delegate thinking to some authority figure but you're still choosing your authority figures. That can't be delegated away. You see, in the end, it always falls on you to decide what's right. -- cgit v1.2.3