[HN Gopher] Google Drive flags file only containing "1" for copy... ___________________________________________________________________ Google Drive flags file only containing "1" for copyright infringement Author : thanatosmin Score : 621 points Date : 2022-01-24 17:01 UTC (6 hours ago) (HTM) web link (twitter.com) (TXT) w3m dump (twitter.com) | kats wrote: | May want to back up your Google account if you see a message like | that. | loudtieblahblah wrote: | Protondrive is a thing. | | Zero knowledge storage needs to be the default everywhere. | daneel_w wrote: | And googling "15.91/4" throws a SafeSearch alert letting us know | that "some results may be explicit". | ahsima1 wrote: | I wonder if it's a part of some sort of cyberattack. Someone | knows that deleting a file, containing a "1" or "0" from target's | gdrive will break something they want, so they filed a false DMCA | claim. | dibujante wrote: | Maybe it's a low-key attempt to disrupt the use of Google Drive | as a command and control source for botnets? Seems very easy to | work around. | tyingq wrote: | I'm curious if it was related to the file name. I created a few | 1-byte files with just "1" in them, with different names, | including "output04.txt". No problems so far. Also uploaded | variations with "\n" and "\r\n" after the "1". And enabled | sharing to anyone with the link. No issues so far. | | Google drive does support metadata like a description and | comments. I wonder if someone posted some copyrighted text in a | comment? | | Update: Recreated it. Most of them are now flagged. Took about an | hour for that to happen. So far, all that have just one byte, | being a "1", and also the one that contains "1\n". | | The one with "1\r\n" hasn't been flagged. The file names of the | flagged files: "one.txt", "onev2.txt", "output04.txt" and | "output05.txt". | | Screenshots of the email and Google drive: | https://imgur.com/a/RHnEJcj (note the little flags on the Google | drive view, and the file sizes) | | Just added some files with "0" and "0\n", we'll see if "0" is | copyrighted :) | knodi123 wrote: | "A review cannot be requested". What a soulless suck machine. | JorgeGT wrote: | "In order to review, please reach the top of HN" | OneLeggedCat wrote: | Just tested this myself. Got the same results as you while | using different file names. | | Difficult to believe that Google has become so internally | dysfunctional that it hasn't fixed this technical embarrassment | twenty hours after first being being seen, and then five hours | after being reported on front page of Hacker News. | judge2020 wrote: | It only affects sharing so it isn't a disaster if this | happens, probably P3 medium if you went by their bug bounty | priorities. | CJefferson wrote: | Turns out Google also hates 500, 174, 833, 285 and 302 (from | generating files from -1000 to 1000). | CJefferson wrote: | Another bunch of numbers got flagged (186, 451, 336, 173, | 266). I deleted the experiment, just in case I got my account | deleted for too many naughty numbers. | tyingq wrote: | That's interesting. 500 and 302 popped into my head as common | HTTP status codes. The others don't seem notable to me. | can16358p wrote: | Does it flag comments for copyright infringement? | | What if I comment on some file with some copyrighted content in | the text, just implying something about that IP, with the | copyrighted text in my comment? How can this be infringement? | tyingq wrote: | No idea. I was just trying to guess at why it might flag a | single byte file as a copyright infringement. | hulitu wrote: | They changed their algorithm. Now it will flag files full of | 0s. | duxup wrote: | "A review cannot be requested for this restriction." | | Absolute madness cannot be reviewed... | | Reason cannot be applied. | folbec wrote: | My bet is someone did a DMCA claim on a file containing 1, | either by mistake or as a joke. | | Then Automated Stupidity took over. | DebtDeflation wrote: | "A review can not be requested for this restriction." | avisser wrote: | I wonder if this is an incredible hash collision. hash("1") == | hash(disney_movie.mp4) | p1mrx wrote: | Assuming is's a cryptographic hash function, that sort of | collision just never happens. | tyingq wrote: | Update: It has now flagged the file with "0\n" in it. | | So it's official, Both 0 and 1 are copyrighted :) | | https://imgur.com/a/xMgh6Xn | Crosseye_Jack wrote: | Well that MP3 the RIAA flagged was FULL of ones and zeros, so | it only makes sense they would get flagged ;-) | blibble wrote: | I hope you did that from a burner account! | bl4ckneon wrote: | Does that mean someone copyrighted binary? :p I guess that | mean that this comment and everything digital is copyrighted. | jrockway wrote: | Technically any creative work you author is copyrighted, so | your comment was copyrighted anyway. | | Whether or not large tech companies will punish people for | infringing upon your copyright is yet to be determined. | johannes1234321 wrote: | I don't know about US lawy but in German law there is a | requirement on some originality. ("Schopfungshohe") The | barrier is low, but a 1 certainly doesn't receive the | protection. | teachrdan wrote: | Relevant Onion article here: | https://www.theonion.com/microsoft-patents-ones- | zeroes-18195... | meshaneian wrote: | I believe 0 and 1 belong in the public domain, at least under | US copyright law - there appears to be a significant amount | of prior art. | lostcolony wrote: | Not sure if prior art is relevant, per se (usually quoted | in the context of patent law but IANAL), but, certainly, | any copyright has expired by this point. | judge2020 wrote: | FYI while Drive and YouTube's Content ID systems operate | based on copyright, they are not entirely bound to it since | they only actually have to comply with DMCA requests | (barring any lawsuits that claim Google has the resources | to create automated copyright detection systems[0]). Even | when claiming copyright, they can remove and block access | to content for any reason they want legally. | | 0: | https://www.nytimes.com/2014/03/19/business/media/viacom- | and... | melissalobos wrote: | It may take some time for it to index and check the file, | youtube for example takes ages to process video, I would | imagine google drive is lower priority. Check back in a week or | two and see if it changes. | mooman219 wrote: | It looks like those files are marked as public. Does it trigger | for you on files not being shared? | tyingq wrote: | I didn't try that. I marked them public because I assumed | that's what triggers the scan. | reincarnate0x14 wrote: | AFAIK the copyright scan only happens on files shared from | certain types of Drive accounts, the assumption presumably | being that while Google doesn't know or care if you have | rights to possess data, they can be reasonably sure you | wouldn't be using Drive links as the means of distributing | many well-known files (video, music, software, mostly) if | you had rights to do so. | | How far Artificial Stupidity runs into the weeds from that | basically sound beginning appears to be "still farther." | | FYI Drive also does scans (configurable on business | accounts) for data such as likely accidental PII | disclosures on shared data, and anti-malware checks on at | least Windows and Mac executables, installers, and dmgs. | radicaldreamer wrote: | What is the best in class cloud drive software which | doesn't do this? I feel like Dropbox is a bit more | selective, but without going into the Megas of the world, | there doesn't seem to be a good file share with solid | end-user desktop sync. | reincarnate0x14 wrote: | Maybe B2? It's not something I have to looked into | extensively. My needs for sharing data from GDrive are | limited and if there is data I don't feel like google | automation getting at I have it encrypted via rclone | mounts. | obmelvin wrote: | Does it just prevent you from sharing the files or does it | prevent you from accessing the file as well? | tyingq wrote: | Just tried that, and I get a "request a review" link. | Interesting. | | _" Unable to share This item may violate our Terms of | Service - Request a review"_ | | Clicking on it, though, gives no joy: | | _" 451. Sorry, Google is unable to process your request. | This item was taken down for legal reasons and cannot be | appealed. Please visit the Legal Removals Requests page | for more information."_ | | https://imgur.com/a/5YHQtLi | lhorie wrote: | I have a pet theory that all of these recent Google bloopers | could be explained easily if you start from the assumption that | Google internal incentives promote efforts to cut costs such as | storage. | | "Garbage" docs, inactive email accounts, less search results etc | can all be reasonably explained by a desire to not spend money on | storage for "low value" data (i.e. data that is unlikely to be | accessed in a way that translates to profit for Google). Users, | having been trained to rely on free services and the magic of | search to summon stuff, have zero incentives to clean up their | digital "pollution", and at some point, something's gotta give. | withinboredom wrote: | > explained by a desire to not spend money on storage for "low | value" data | | I think this "just happens" when you reach a certain scale. For | example, I was looking at our reporting at my job the other day | and realized for 10k people a day, something wasn't working | with our emails. We decided it was a "low priority" because | it's "only" 10k people when we send over 30 million emails a | day. I'm sure those 10,000 people (a small city's worth!) don't | feel that way. | munificent wrote: | I don't think there's anything specific to Google. I think the | chain of events was basically: | | 1. Storage is expensive, so software designers and users build | tools and habits that are parsimonious with it. Programs would | store files in carefully designed binary formats to save space | because space was expensive. Users would periodically go | through directories on our computers and manually delete old | stuff. Apps required users to explicitly choose what to save. | | 2. Storage gets much cheaper. | | 3. Seeing that, companies like Google and others offer | "unlimited storage" by projecting the observed user behavior | from (1) onto the storage costs of (2). | | 4. But now users and app developers change their behavior since | the incentive environment is now (3). Camera apps automatically | save every photo you take. Phones record higher and higher | resolution video. Users stop deleting anything and rely on | search to wade through their sea of bits. | | 5. Companies how have to adapt to the reality of (4). | | I don't think there was anything particularly nefarious or | shitty on the part of any participant. It's just the nature of | big complex iterated systems with emergent properties. | lhorie wrote: | > I don't think there was anything particularly nefarious or | shitty on the part of any participant. It's just the nature | of big complex iterated systems with emergent properties. | | I find it interesting that one can draw some parallels to | physical consumerism and its impact of ecology. We don't | generally consider buying day-to-day stuff as nefarious | either, until we pay attention to the aggregate impact of the | entire supply chain machine, and then it's "80% less | polinators" this, and "donated clothes landfills" that. The | big difference is that Google as an organization _can_ make | the call to - and follow through on - telling users directly | to back off if users ' consumption patterns themselves become | a significant enough liability on the sheets. | mbfg wrote: | i remember BlackDuck flagging a one pixel (white) image as a | copyright infringement in our product. | TedShiller wrote: | Maybe but anyone can claim that on Twitter | zydex wrote: | It's been reproduced by other users, see below comment in this | topic. | | https://news.ycombinator.com/item?id=30061080 | TedShiller wrote: | Interesting, you're right then. | | The thing with Twitter posters is they often don't understand | what they're doing. | luckystarr wrote: | Could this be a rare case of a SHA-whatever collision? Or do they | use MD5 to identify these files. | version_five wrote: | "A review cannot be requested for this restriction" | | ML enforcing rules is bad enough, but not allowing false | positives to be corrected is ridiculous. This is why I would | never consider g-suite for any business application. | | Otoh, I think there is a legitimate business to be made helping | small businesses and individuals secure themselves against | arbitrary behavior from big tech. This kind of thing can have | serious consequences (imagine if it was something of real | substance that got restricted without recourse) and people need | to consider hardening their activities against google et al | pdonis wrote: | _> people need to consider hardening their activities against | google et al_ | | Isn't your own solution--that you would never consider g-suite | for any business application--the obvious simplest way to | "harden" against Google? | hetspookjee wrote: | I think the most likely outcome is much like the services they | offer to help with settling airplane ticket compensation. I | presume most of them are actually in service of the airplane | operators. | | Imagine a device that indeed offers to help small time | companies in resolving the issues with big tech. The business | case will eventually come up to just buy them up and slowly | drain their effectivity, while upping the rate tremendously and | being able to - if any - strike up the compensation dishes out | by big tech. Pardon my cynism but I sometimes look at the | airflight industry as the equilibrium of a race to the bottom. | With big tech we're not there yet | Volker_W wrote: | > I presume most of them are actually in service of the | airplane operators. | | why? | robbedpeter wrote: | Automated tools that overwhelm these triggers should be | deployed. Get everything flagged and force them to put a human | in the loop and fix the system. Make it technically impossible | to appease the entertainment mafia and batshit regulations. | karsinkk wrote: | I've noticed the same behavior with the recommendation engine | from Reddit and Instagram as well. While they don't totally | block providing feedback on recommended posts that I'm actually | not interested in, the UI flow to submit the feedback is | difficult/confusing enough that I've just stopped doing it | altogether. Could this be because retraining whatever model | that they've built is difficult/expensive with new feedback? | wolpoli wrote: | A benign explaination would be that the feedback feature is | really designed as a relief valve for the most frustrated | users to feel better. Moderately frustrated users will find | it takes too many clicks to provide feedback and just scroll | to the next item. | friedman23 wrote: | "The trial" by Kafka needs to be required reading for everyone | involved in implementing systems like this. | capableweb wrote: | Most likely the people actually implementing this system did | raise potential issues to their supervisors. It's not the | implementer that needs more education, it is the people who | drive the implementer that needs better education in how to | design systems. | | But since it probably doesn't affect the bottom-line, it's | unlikely to actually happen. | miohtama wrote: | There probably was risk discussion involved in some point | of feature implementation. Lawyers got involved and the | discussion likely went like this | | 1) DMCA Safe Harbor gives us, Google, unlimited protection | | 2) What are the users going to do any case? Sue us? Migrate | to Microsoft Office 365? The minuscule amount of issues | caused on 0.1% users is not going to hit our bottom line | and the users cannot damage us. | | 3) We offer key account manager services for organizations | large enough that could cause stir (Spotify size) | forgotmypw17 wrote: | 4) We have 1 billion users and 1 million reports of | copyright infringement per day, which we have to address | according to the DMCA somehow. | kevin_thibedeau wrote: | If the full DMCA process was implemented, takedowns could | be immediately reverted and then the trolls would have to | use the court system as intended. Abusive behavior from | bad actors could then be addressed. | IshKebab wrote: | This isn't a DMCA takedown. | miohtama wrote: | This is actually a fair point. Thus, this should limit | Google's escape intoany safe harbour. Though still leaves | the problem who is going to go after Google for them | locking users out from their own files. | tinus_hn wrote: | Really? They don't need any more ideas! | newsbinator wrote: | Or "Catch-22" by Heller: | https://en.wikipedia.org/wiki/Catch-22 | robocat wrote: | A wonderful comedy. I presumed it was American literature, | so I had avoided reading it because that isn't a category | that interests me by default, but decided to read it and I | had a good laugh. Easy to pick up cheaply second hand. | | I don't really think the book is relevant to this | discussion though. | kwhitefoot wrote: | And RMS' Right to Read: https://www.gnu.org/philosophy/right- | to-read.en.html | jrockway wrote: | How long until cloud providers are forced to scan block | devices, so you can't even self-host a file erroneously flagged | by the ML? (Actually, how long until this is integrated with | the "security engine" in CPUs, so you can't even hide with | encryption? Everyone is talking about on-device voice- | recognition and CSAM recognition, but no doubt the copyright | lobby is going to push hard for this as well.) | matheusmoreira wrote: | It hurts me to even think about this. We're headed towards | such a bleak future. The only solution I can think of is to | kill copyright in order to save computing freedom. Otherwise | our computers will eventually no longer be ours. | josephcsible wrote: | Do we need to kill copyright? Couldn't we just kill | vigilante enforcement of it? Maybe we should make it the | law that if you see a copyright violation, your only legal | options are (1) nicely ask the infringer to stop | voluntarily, or (2) sue. | matheusmoreira wrote: | Copyright is fundamentally a monopoly on data. The very | name implies that you can restrict who can copy data, how | many copies can be made. Copying data is among the most | basic, fundamental computer operations. Therefore all | computers are inherently capable of violating copyright, | they merely need to be instructed to do so. It's the 21st | century and copyright is absolute nonsense. Computers | make it seem absurd by trivializing copying to the point | artificial scarcity is exposed for the illusion it always | was. | | So in order for copyright to exist in the 21st century, | it must be impossible for us to instruct computers to do | anything. They must own our computers. They must ensure | computers obey them so that they can make it refuse to | copy data without approval. We cannot be allowed any | control because we can easily subvert their business | model. | | So in this matter it really is us or them. Either the | copyright industry loses, or we lose computing freedom | and everything hackers stand for will be history. There's | also the looming threat of government encryption | regulation which faces the exact same problem. I say | computers and the internet are jewels of humanity and too | important to be compromised by these governments and | stakeholders, and I'd sacrifice a thousand copyright | industries to keep them alive and free. | simonh wrote: | Cameras made it easy to copy things, so did printing | presses, photocopiers and now computers. None of them | have killed copyright, which is still functioning just | fine. Musicians still sell music, directors still make | films, the apocalypse simply isn't happening. | | Yes there are occasional abuses, unfair YouTube takedowns | and crap like this from Google. They must be fought, no | argument there. Life will go on. | matheusmoreira wrote: | > Cameras made it easy to copy things, so did printing | presses, photocopiers | | Not at massive global scales. Not at negligible costs. | Not with complete impunity. Not in a way that was | accessible to everyone. | SR2Z wrote: | > It's the 21st century and copyright is absolute | nonsense. | | This is an awful, terrible take. We know that | intellectual property is much more artificial than pretty | much every other type of property right, but we still | want governments to enforce copyright and other IP law | because it's a good way to make sure that people have a | financial incentive to be creative or do R&D. | | Copyright needs reform (and many types of DRM need to be | banned), but just because you'd gladly sacrifice | thousands of industries (how many jobs is that? | millions?) to have some ideological purity, it doesn't | mean that such a decision would be broadly supported or | even in the best interest of society as a whole. | | Source: work in copyright, have seen firsthand how shitty | IP protections can destroy businesses that produce | excellent content. | ncmncm wrote: | Copyright is spelled out in the US Constitution as | distinct from property, for clear and well-justified | reasons. | | Every move to make copyright more like property makes | copyright less useful for its designated purposes, and | more a drain on the public interest. But copyright | holders are continually pressing courts and legislators | to try make copyright law subservient to property law, | and succeeding, incrementally, so case law on copyright | has become hard to distinguish from property law. | Nowadays copyright lawyers even call themselves | "Intellectual Property" lawyers, deliberately trying to | obscure the difference. | | The consequence is that Copyright, which was once a | benefit for the public interest, is now a benefit only | for entrenched media companies. Eliminating it would once | have been taking away from the public. Now, eliminating | it would benefit the public. But, since copyright is now | a matter of international treaty, we no longer have, even | in principle, the power to eliminate it: treaties | override the Constitution. | matheusmoreira wrote: | > we still want governments to enforce copyright and | other IP law because it's a good way to make sure that | people have a financial incentive to be creative or do | R&D. | | I have to believe that there must be alternatives. We | need better post-copyright business models. This | artificial scarcity thing is simply not going to work | anymore. At least not without sacrificing everything | about computers that make them special. | | Maybe crowdfunding where creation is treated as an | investment. Maybe patronage where it's treated as a | subscription. I really don't know for sure. I just know | it can't go on like this. | snowwrestler wrote: | Without copyright you cannot write contracts about | creative works, because there is no value to exchange. | Creative works without legal protection are free and | therefore cannot be investments or subscriptions. Just | like I can't get people to invest in or subscribe to the | air in front of my house. | | I think you are headed down the wrong path here. You | don't need to eliminate intellectual property to preserve | general purpose computing. You just have to change the | guardrails on how IP enforcement works. | | They've changed many times and they can change again. And | it's way more achievable than ripping copyright out of | society entirely. | matheusmoreira wrote: | > Without copyright you cannot write contracts about | creative works, because there is no value to exchange. | | There is no value even with copyright. Its value is made | up, created via artificial scarcity whose days became | numbered the minute computers were invented. There's no | point in perpetuating this system. | | The _true_ value is the labor of creators. Data is | abundant. Creators are rare. They need to somehow get | paid for the labor of creating rather than copies of the | finished product. | | > Creative works without legal protection are free and | therefore cannot be investments or subscriptions. | | We can invest in the creator. Paying them up front like | investments, or continuously every month like patronage. | | > You don't need to eliminate intellectual property to | preserve general purpose computing. You just have to | change the guardrails on how IP enforcement works. | | I'm not convinced the copyright industry will ever stop. | The situation gets worse every year. How is this supposed | to change with copyright holders still around? Their | lobbying power is immense. | | > They've changed many times and they can change again. | | They've changed for the worse. How many times has | copyright duration been extended? How many of our rights | eroded? Fair use rights? Public domain rights? They mean | nothing anymore. When was the last time some work entered | the public domain? | scrollaway wrote: | Since you work in copyright, you've probably also seen | firsthand how overzealous copyright enforcement can | destroy businesses that produce excellent content. | | Frankly, your bias shows and you might have a case of | EverythingLooksLikeANailitis. The copyright industry may | be "protecting" jobs in some ways, but it's also | destroying jobs in others. It's halting progress in so | many cases. | | You also need to look at who, _in practice_ , is | protected by copyright. The grand majority of the money | being protected is that of big, rich industries. Even | when the Little Guys are protected, it's usually by a | bigger company that gets the way bigger cut from it (eg. | stock photo and music artists). | | A world without copyright is a different one. IP lawyers | and copyright enforcers might be out of a job, but it | doesn't mean it'd be one without music or art. We'd find | a different way to make it work, hopefully a way that | doesn't drive the next Aaron Swartz to suicide. | AnthonyMouse wrote: | > So in order for copyright to exist in the 21st century, | it must be impossible for us to instruct computers to do | anything. | | This is not true. It could be enforced by courts and not | by computers. | | Courts are slower and more expensive, so they'll only be | used for the most egregious violations. But that's fine. | Those are the high value ones. You wrote some code or | made a movie, Netflix wants to use it, Netflix has to pay | you for it. Because Netflix is big and you can sue them. | | > We cannot be allowed any control because we can easily | subvert their business model. | | The assumption here is that everybody wants to subvert | their business model. For the RIAA that might be true, | but we don't need the RIAA. They can lose. Specifically | because they're crooks and nobody respects them. | | But already right now I can find basically the entire | Netflix catalog on BitTorrent sites, and still I pay | them. | | And look at Substack. You have people making content, the | readers respect the writers, so they pay. In many cases | even when the articles are available without paying or | after only a short delay. Because the readers know they | won't be created if the creator has to go dig ditches | instead for money. | | We should get rid of DMCA 1201 (prohibiting circumvention | of DRM). We don't need to get rid of the law that | prevents Google News from hosting the full articles on | their own servers while stripping out the subscription | links. | rcoveson wrote: | > This is not true. It could be enforced by courts and | not by computers. | | No, this doesn't get you through the century with | copyright intact. Bandwidth and storage only get cheaper, | and copyright-able files are not getting proportionally | larger. | | Eventually--and the 21st century does seem like a | reasonable timeframe--something like Google Glass is | going to become the norm, for all people, all of the | time. Somehow or other we will patch the imperfections of | memory and information exchange; think of it like | recording everything you see and hear and being able to | instantly share those recordings with those around you. | We can already do this with a sentence or two of text or | the gist of a melody! In the future it'll be a full book, | or a song. It's no different from inventing vehicles that | allow us to travel at hundreds of miles per hour. | | What does copyright look like as the ease of recording | and repeating an experience increases at the rate of the | past few decades? If technology is in reach that would | blur the line between "recording" and "remembering", and | "recounting" and "copying", are we going to just say "no" | to it? Allow our memories and communication skills to | remain in their ancestral, imperfect state just because | it is imperative that those who "own" certain bitstreams | be paid whenever they reach a new consciousness? | | Human courts can't enforce copyright when faced 2050's | technology. Not when we can "memorize" and "repeat" | everything we hear with the same ease that we memorize or | repeat a haiku today. | kmeisthax wrote: | Well, the problem is that all this "vigilante[0] | enforcement" was there to enable online services to work | at all; and it has been further extended by private | business agreements to give copyright owners powers above | what the law requires. | | Any tort in law also has secondary liability attached to | it, and it's generally accepted caselaw that online | service providers get secondary liability if someone uses | them to infringe. Congress decided that said providers | should be able to disclaim that liability if they | participate in a notice-and-takedown process; and the EU | has gone further and replaced that with a very context- | sensitive "best practices" approach that almost certainly | will be interpreted as "video sites must have an | equivalent to YouTube Content ID". | | From an old media perspective, this is crazy. If CBS | licenses a TV show that infringes upon a third-party | copyright, they cannot disclaim liability by saying it's | the licensee's problem. If they could, then you could | construct a bunch of LLCs to separate the infringement | from the liability. And this is effectively what online | services have done: YouTube, for example, gets to | automatically[1] recommend you infringing content, and | those who have been infringed _only_ have the legal | recourse of sending takedown notices. | | Getting rid of the takedown system would mean that | copyright owners would have to go back to suing | individual users, which is both expensive and, IMO, | wrong. YouTube gets to own online video and infringe | copyright with impunity, because they passed the buck | onto individuals that largely cannot afford to pay | damages on infringement. If you're a legitimate[2] user | of copyright, you can't economically get the infringement | to stop or go underground. Furthermore, if you are a | copyright troll, this does nothing to stop you; you will | still be able to sue individuals and coerce them into | settling baseless claims. | | The underlying problem is that online platforms want to | half-ass copyright. You can decide whether this is | because they understand the draw that infringing content | provides to them, or if proper enforcement interferes | with the FAANG business model of "own the platform and | take 30%". Either way, it's a compliance cost. We don't | want people just suing individuals, and we don't want | people suing online services to the point where any | amount of third-party content is too legally perilous to | touch. The answer was supposed to be notice-and-takedown, | which is designed basically as a way for online service | providers to push papers around between copyright owners | and users without having to resort to an expensive | lawsuit. | | However, nobody likes this. Online service providers that | try to do things "by the book" wind up with all sorts of | legal pitfalls for both themselves and their users. So | even the current notice-and-takedown regime in the US has | been subverted by private agreement. For example, DMCA | 512 requires copyright owners to actively monitor | infringements of your work; but YouTube Content ID | instead provides a turn-key solution to find infringing | work on that platform. It also lets you just monetize the | infringements instead of taking them down, which is also | a sort of backdoor license for Google. I suspect some | sort of similar arrangement is involved with Google | Drive, where you can't share files that trip whatever | content ID system is involved here. | | So even "killing vigilante enforcement" would not be good | enough, because Google has already found it lucrative to | privilege copyright owners over regular users. You need | to specifically regulate these takedown alternatives | rather than just getting rid of takedowns. | | [0] Technically speaking, a DMCA takedown notice from | someone who does not own the copyright to the work in | question is legally deficient and can be safely ignored | by Google. However, most online service providers do not | do a good job of checking. | | [1] As per Mavrix v. LiveJournal, the process _has_ to be | automatic. Human curation takes you out of your DMCA 512 | safe harbor. This is effectively a "willful blindness" | requirement, IMO, which is also bad. | | [2] As in, you're interested in preventing sharing of | newly-published works for a reasonable time frame, rather | than keeping an ironclad grip on Steamboat Willie or | Super Mario Bros forever. | version_five wrote: | I think there needs to be more work on open source hardware | (and the associated fab capabilities to make what people | want) in order to preserve computing freedom. I have no | idea how to actually do this, but it feels like it should | be prioritized | idiotsecant wrote: | There are people trying to make hardware more open source | and user friendly for the average user right now. The | Framework laptop, for example, is not a perfect product | with DIY silicon but it's well on it's way to open, | repairable hardware, open bare iron code, and other user- | friendly attributes. | | It's also quite expensive because by definition such | things will always be more expensive. Vote with your | wallet and not just your HN post and you'll push the | world just the tiniest bit in the direction you want. | matheusmoreira wrote: | I agree. The only reason these "stakeholders" have any | leverage at all with which to push this is the fact | semiconductor fabrication currently costs billions of | dollars. So while it is possible for us to make our own | freedom-respecting software, freedom-respecting hardware | is out of our reach. Hardware manufacturing is | concentrated in the hands of few corporations and those | are friendly towards the copyright industry and good | targets for government regulation and intervention. | | Some kind of innovation that lets people fabricate at | home is necessary. Just like the free software compiler | changed the software world, the free as in freedom fab | must do the same for computer hardware. Access to | fabrication must somehow be democratized or we'll never | be free. | foxfluff wrote: | Making fabrication accessible would definitely be nice. | | In the meanwhile, I'd be interested in finding a | community that puts "relatively open" hardware to good | use. That includes old computers that won't grow | antifeatures on their own, but also e.g. | microcontrollers. I believe the dual-core 125MHz $1 | Raspberry RP2040 is more powerful than my first PC was | (although it might have less RAM and unfortunately can't | be transparently expanded as far as I know). It's not | exactly open hardware but it's well documented, and even | the boot rom is open source (that is _rare_ ). You don't | exactly have lots of integrated peripherals (e.g. | ethernet) so it'd be very difficult for them to have some | kind of remote backdoor. It's also quite simple to | program; a hacker scale operating system is entirely | feasible. | | And that is of course just one of many choices out there. | There are far more powerful microcontrollers out there. | And by their nature, it's not going to be very easy for | the copyright mafia to get their slimy tentacles between | you and the core. | | You'd give up a lot of power but on the other hand, I | could buy 500 of them for the price of my laptop. I don't | know, maybe we don't need to run everything on a single | high performance CPU and could instead have a small | cluster; perhaps each chip running its own application? | | It's definitely not a "ready world" but I see lots of | possibilities and am excited for the future of | microcontrollers. But I'm also seeing the line between | microcontrollers and processors getting blurred. | voldacar wrote: | You could just use FPGAs. They aren't fast, but your | homegrown chips won't be either. | matheusmoreira wrote: | Those are also fabricated by huge corporations. No | guarantee they won't be compromised by industry or | government interests. | version_five wrote: | It does seem to some extend the higher the level of | abstraction, the more potential for inappropriate | controls or restrictions. More restrictions exist in apps | vs OS vs cpu, or in cloud services like gdrive vs an EBS | volume on AWS. So FPGAs are at least a step closer to | free (or harder to secure). Even if they are under | control of the manufacturer, there is a lot more | flexibility and less potential for "oversight" at the | gate level. | | There is still the question of all the peripherals, I'd | be worried about internet and video and other i/o | adapters only being compatible with proprietary hardware, | and impossible to use with a home programmed fpga | foxfluff wrote: | Depending on what your performance target is, you might | do without adapters. Low speed USB can be bitbanged even | with 8-bit attiny. RP2040 with PIO can run DVI, 720p@30Hz | (though you do need to overclock the chip heavily). I | don't know how to implement Ethernet with digital logic | (it uses pulse amplitude modulation) but bandwidth-wise | it's not too challenging. Gigabit signals to PHY are | 125MHz using RGMII. I think 100Mbit Ethernet would use | 25MHz but I'm not actually sure. All doable using | commodity microcontrollers _without_ an FPGA. | | I could see a long road to a dystopia where these legacy | protocols are deprecated and they push out devices that | only speak new protocols that won't let unapproved | devices talk.. but I'm not that pessimistic. I can't see | the copyright mafia chasing things down so far, and | they'd rail up against all the industrial users. | foxfluff wrote: | True, but it's harder to compromise a fully programmable | device. In essence, you'd have to somehow prevent certain | kinds of programming while still permitting all the rest. | How is the device to know that flipping pin 121 and 122 | in a specific pattern is actually clocking bits from a | storage device? | | I think the web is broken (user-hostile) for the same | reason. It's been made to support arbitrary programming, | and now you have to play this weird cat and mouse game of | trying to prevent a particular kind of programming -- | that can be used against you -- without breaking all the | rest of the web. Google can block your browser because | they can run code in your browser. | https://news.ycombinator.com/item?id=30051512 | babycake wrote: | For sure, but companies didn't win by building a better | product. They won because of copyright laws that helped | them to enforce their goal of profits. | | If we want computing freedom, or in other words: consumer | rights, then we need to enact laws that are pro-consumer | to ensure an open future. Things like being able to | repair our devices were taken away (Apple) and brought | semi-back with right-to-repair laws (albeit only proposed | atm), ownership of software and your data taken away by | online services (Adobe, etc), and lots others. | | Having open source hardware won't stop companies trying | to take control away. We already see Microsoft and their | SecureBoot problems with Linux. Or maybe they just won't | support those open source machines by refusing to deploy | their OS or whatever. Then what audience are you gonna | have to make that product successful to become the new | standard? | | Laws are the only way to force everyone to play nice. We | can have the nicest open source stack, but that's nothing | if companies can just seize them with their own laws. | matheusmoreira wrote: | > Having open source hardware won't stop companies trying | to take control away. We already see Microsoft and their | SecureBoot problems with Linux. Or maybe they just won't | support those open source machines by refusing to deploy | their OS or whatever. Then what audience are you gonna | have to make that product successful to become the new | standard? | | We need to get rid of those products and replace them | with free software instead. It doesn't even matter if | it's better or worse, as long as it's ours. This is the | most sensible long term investment since it's the only | thing that will truly benefit humanity forever. | landemva wrote: | The surface is larger than just copyright and includes | anything the government can enforce in the name of | protecting or preventing ... [children, terrorists, money | laundering]. | | Lobbyists wondering why not slip this into appropriations | bill and make MS put this in desktop. | foxfluff wrote: | It's also larger than that; I believe one of the biggest | threats to freedom today is complexity. That's why people | are so bitter at Mozilla for example, and perhaps to a | lesser degree systemd. But it applies to a lot of stuff, | for example everyone who complains about GPU drivers on | Linux (or "Linux is not there yet" in general) complains | because they feel powerless to fix the issues. I'm glad | AMD is doing their part but I'd be happier if we didn't | need them to. | | If things weren't so complex, a small group of hackers | would "shut up and hack" and fix their grievances and | give the community something new to play with. Instead, | we've gotten to the point where most people realize that | they are too small in face of all the complexity. Then | what choices do you have left? Give up, or get bitter and | angry because those who have the resources to maintain a | browser or Linux distro aren't doing what you want (and | eventually you give up anyway because shouting into the | void doesn't fix anything). One can go against the grain | but they will be left in the dust; I saw lots of bitter | Palemoon users who were ignored as the web moved on and | sites started breaking on their increasingly outdated | Firefox fork. I can't blame those users. | | It's this same complexity that enables e.g. Google to | just block your browser: | https://news.ycombinator.com/item?id=30051512 | | Open standards mean nothing if only one company on earth | has the resources to implement them (and they | deliberately push out others). Open standards mean | nothing if they require you to implement user-hostile, | freedom-disrespecting features that enable behavior like | above. | easrng wrote: | Google blocking browsers is understandable, they're | trying to stop apps from implementing Sign In with Google | in a webview because that's a security issue. (Apps could | steal passwords or non-oauth session information) Some | actual browsers (mostly built around those same webview | tools) got caught up in the blocks too. If they were | blocking everything except Chrome, that'd be a different | story, but they're not. | foxfluff wrote: | My take on this is that you always have plausible | deniability when you deny freedoms "for security." I | don't like it. | | Blocking everything except Chrome would immediately raise | way too many eyebrows, but allowing the few big (non-) | competitors while making life hard for any potential | rising stars has value if you want to maintain the status | quo (near monopoly on browser market). | | In any case, I don't really even care about Google's | motivations here. I have a problem with the fact that | they can do this at all. Open technology should not | enable overriding user control and arbitrarily blocking | clients based on prejudice. | matheusmoreira wrote: | I agree. Attempts to regulate cryptography, to force | computers to police and snitch on their own users... It's | all deeply concerning and all of it depends on their | covert ownership of our computers. | [deleted] | bostik wrote: | I don't think we need to _kill_ copyright, but we sure as | hell need to control how it 's used. To start with, we need | to spay and neuter the out of control copyright enforcers, | and especially every form of copyfraud. | | My previous take on the subject: | https://news.ycombinator.com/item?id=22488496 | kbrannigan wrote: | Load up on usb drives. I mean really when did we suddenly | become dependent on cloud services? It's phenomenon that's | less than 15 years old. | matheusmoreira wrote: | Won't help me when my computer starts refusing to read | copyrighted files because it has decided its real masters | are the copyright holders. | vorpalhex wrote: | Buy hardware you can own. Stop buying Apple products. | belter wrote: | We are in the middle of the hostilities, and we can always | appreciate if more young idealists, as well as practical | and hands-on militias want to join the revolution: | | "The Coming War on General Computation": | | http://opentranscripts.org/transcript/coming-war-general- | com... | matheusmoreira wrote: | I remember that article. Deeply influenced my views on | this matter. It's so good to read it once more. So many | examples I'd totally forgotten about. | narrator wrote: | Gab.com is how to run a service that gets kicked off all | cloud providers. They had to build their own bare metal | infrastructure. That's right! They use zero cloud | infrastructure. No AWS, etc. They even have release | announcements about how they've upgraded or bought more | servers so things should go faster and they can enable more | features and so forth. | Johnny555 wrote: | If Amazon didn't offer EBS block device encryption (with a | key that's ostensibly only accessible to the customer), then | customers would just use full disk encryption instead. | rsync wrote: | "How long until cloud providers are forced to scan block | devices, so you can't even self-host a file erroneously | flagged by the ML?" | | If you are using a cloud provider you are not self-hosting. | | Self hosting means you own the machine. | withinboredom wrote: | I have an email from myself to myself sent in 2007 in GMail. | I can't open the attachment because "it is malicious." It | doesn't, just a schematic, but there's no way to tell GMail | to let me download it anyway. | vidarh wrote: | Have you tried downloading it via IMAP? | withinboredom wrote: | No actually. That's a good idea! | ehnto wrote: | Reminds me of that 70s IBM presentation quote that surfaced | recently, "A computer can never be held accountable, therefore | a computer must never make a management decision". | | It's one thing to have a computer flag issues, another to make | it responsible for taking action and in this case, making a | decision final. Google continues to set poor examples with | irresponsible implementations of machine learning. With no | accountability, no recourse, no humans to talk to. | LudwigNagasena wrote: | A program can never be held accountable, but the person (or | the whole company, or both) who decided that it should make | management decisions can. | ehnto wrote: | It's possible to read the original quote was as a warning | of exactly that. We should all be very wary of letting our | code do the walking because the fault should realistically | lie with us, but it's as if the software industry feels | invincible, and it's not hard to see why. | mywittyname wrote: | Yeah, that's basically how I read into it. Or, more | specifically, if the computer can't be held accountable, | then those doing the holding get to decide who they think | is responsible, and that might not end in your favor. In | pithy terms, computers make poor scape-goats. | | Given the context IBM operates in, that's probably what | they are getting at. | | Bill Gates tried this argument and lost. | | Lawyer during deposition: "So who sent that email?" | | BG: "A computer." | sb057 wrote: | I think that quote should be flipped. | | "A computer can never be held accountable, therefore a | computer must always make management decisions." | queuebert wrote: | That misunderstanding could explain the last several | decades of corporate management. | sandworm101 wrote: | Or.. | | "A computer can never be held accountable for decisions, | therefore all computer decisions are management decisions." | beebeepka wrote: | I thought the same as that's our current reality. "It | wasn't us, it was the computer!" Things are only going to | get worse | Croftengea wrote: | "Computer says No!" | withinboredom wrote: | No? Why is this computer talking about Norwegian? | bobm_kite9 wrote: | Yes! This is one thing humans are still much better at than | AI: taking blame. | giaour wrote: | The best of both worlds is when you have a human supervise | a fully automated process. You can pay them peanuts and | still use them as liability sponges. | | (The term "liability sponge" is shamelessly stolen from | https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2757236 | .) | nefitty wrote: | AI-aided management decisions can't come soon enough. | Decision Model and Notation made big headway on this, but I | don't see it discussed. They're fancy decision trees but | can handle complex factors and are designed to be intuitive | to reason about. | Retric wrote: | That's begging for some leaky abstraction to absolutely | ruin your business. | nefitty wrote: | Management is made of leaky abstractions. I think of | course that humans should still be the accountable party, | but AI can guide baser decisions so that more time can be | spent on the hard problems. | | Imagine how many thousands of hours managers have wasted | at this point discussing WFH. They should have been | figuring out their supply chain and labor strategy. | ska wrote: | This argument would be more compelling if companies were | in general better at driving management decisions using | all of the many data analysis techniques already | available. Making something lower effort but also harder | to understand and more error prone doesn't seem like an | obvious win.... | nefitty wrote: | I agree! I think management processes need more open | experimentation, though. Documenting and creating | decision trees makes those decisions more transparent | overall. It also aids in transfer learning, something | which, from first hand experience, is lacking on ground- | scale. Meaning, there's a lot of management knowledge in | people's head's that increases bus factor risk. That can | be mitigated, whether through my proposed method or | otherwise. | Volker_W wrote: | What do you mean with "leaky abstraction" here? | dylan604 wrote: | Computer: "It's not my fault". The sunspots made me do it. | | Sunspots are computers' devil. | [deleted] | nervlord wrote: | tempodox wrote: | Given that going viral on Twitter is the only functional help | desk for such situations, "Tweet storm as a service" would be a | promising proposition. | ThrustVectoring wrote: | Companies can _say_ that they won 't have an actual human | look into your issues, but there's a person that handles | letters that might turn into lawsuits and other legal issues, | and you can always ensure that they get contacted instead. | Certified mail is pretty quick to write and costs like $3 to | send, and you can look up the company's agent for service of | process. | | It might not _do_ anything - writing a letter that | sufficiently implies that you are actually collecting | documentation and preparing for a lawsuit is an actual skill, | and your demands may be unreasonable for them to handle - but | you _will_ get an actual factual human being to at least | start reading what you 've written. And as a bonus, their KPI | is in terms of "number of incidents per year" rather than | "number of resolved tickets per day". | klyrs wrote: | You don't think that would automatically get shut down for | spam-like activity? | kadoban wrote: | Most of the spam bots don't, they'd have a good shot if | they don't put all their eggs in one basket. | pokot0 wrote: | I agree with you and in general the move from owning software | to accessing a service has been detrimental for the end user | (more costs, more problems, less control). | | But the restriction here is most likely just the inability to | share (I would guess publicly). I don't believe it prevents you | from accessing your file. | gopher_space wrote: | A public share might be the entire point of using a service. | dane-pgp wrote: | > ML enforcing rules is bad enough, not allowing false | positives to be corrected is ridiculous. | | And potentially illegal. According to Article 22 of the GDPR: | | "The data subject shall have the right not to be subject to a | decision based solely on automated processing, including | profiling, which produces legal effects concerning him or her | or similarly significantly affects him or her." | | I think that being accused of copyright infringement (and | having your free speech rights curtailed) should count as | "similarly significant" to a legal effect on someone. | bryanrasmussen wrote: | Free speech does not exist in the same way in the EU, where | the GDPR exists, as it does in the U.S | | on edit: clarification as I seem to have offended some | people, there is no right to free speech in Europe similar to | the right in the U.S Bill of Rights, the closest is the | following https://fra.europa.eu/en/eu- | charter/article/11-freedom-expre... | | hope this clarifies it for people. | | on edit 2: here you can get a country by country overview htt | ps://en.wikipedia.org/wiki/Freedom_of_speech_by_country#E... | [deleted] | jjcon wrote: | I really don't think their copyright checks are run by anything | in the ML domain. | diogenesjunior wrote: | I feel bad for the new hire who wasn't entirely sure what he was | doing. Something similar happened at reddit[0], wouldn't put it | past google. | | 0: https://redd.it/m0rmux | reaperducer wrote: | I've said it before, Google is trying to be the new Microsoft. | | https://www.theonion.com/microsoft-patents-ones-zeroes-18195... | iameli wrote: | All software has bugs; I'm not mad at all that this silly test | case was flagged incorrectly. The truly infuriating part is "A | review cannot be requested for this restriction." | | Translation: "We have no idea if you actually own this content or | not, but it would be _way too expensive_ for us to find out for | sure! So you're out of luck, but don't worry -- it's all worth it | so we can make sure children can't stream Marvel movies from | Google Drive! Thank you for your contributions to Disney+'s | bottom line." | vidarh wrote: | A legal requirement to provide an appeals process for automated | decisions would be a good step. | | Many places have restrictions like that for limited things like | loan decisions, but it's about time to start forcing companies | to provide a manual appeals process for other types of | decisions that can significantly affect people. | JamesBarney wrote: | It'd be nice if the law had a escrow appeal process. Alleged | violator now posts a $100 escrow, now accuser has to do the | same. Then Google reviews it, makes a decision, and loser has | to pay for it. | withinboredom wrote: | Sounds like some shenanigans you'd see on a blockchain. | Though, if a blockchain did something like that to reverse a | transaction, that'd be amazing. | jacquesm wrote: | Pretty weird that Google would be scanning files for copyright | infringement in the first place, it's supposed to be a _Drive_ | not the enforcement arm of the copyright mafia. | nocturnial wrote: | Just call google support... oh... wait... right... | | I wonder how many ads we need to watch before google implements | something even remotely similar to user support? How many | billions are enough before we get support? | | I know I'm overreacting but I'm getting tired of these articles. | We all know that google is messed up (to put it lightly). Some | people here don't think that's the case and that's fine. Other | people, including me, don't find it surprising at all. | | Post something about google killing cute kittens. | | I wouldn't be surprised but I would be interested in that story. | blunte wrote: | Ironically, it may end up being one of these "tiny" scenarios | which finally does Google in. | | When trying to illustrate a problem or bug, one of the typically | time consuming challenges is reducing the scenario to the minimal | case which illustrates the problem. So thank you, @emilyldolson! | | Aside from an empty file, you cannot reduce this any further. It | brings to light in simple terms that non-techies can understand | how absurd the "ML to solve everything" promise is -- and even | moreso how wilfully negligent companies are by providing NO human | intervention or support when the machines break down. | quickthrower2 wrote: | It's a real motivator to leave Google and the MAG cloud in | general. It has at least reminded me again to do regular Google | takeouts. | trhway wrote: | > "tiny" scenarios which finally does Google in | | Danger of tiny scenarios - I expect that Google like any BigCo | will try files containing only 2, 3, 7 - no bug, ok, and then | push the fix like this | | if (l = read(file) ; l == "1") ... else | cgrealy wrote: | Given it's almost certainly a ruleset generated by an ml | agent, it's more likely to be a change in the training data. | bonzini wrote: | Or just don't flag any file below 100 bytes. | leokennis wrote: | 15 years ago the first word that came to mind when thinking of | Google was "magic". | | 10 years ago "useful". | | These days it's just "dread". | bxparks wrote: | Maybe not "dread", but distrust with a tinge of sadness. It is | surprising to see how much their executives are willing to | destroy Google's reputation, in search of.. I don't know.. | their next bonus and promotion? Seven to eight years ago, I was | using probably 30-40 Google products and services. I used to | recommend Google products to my friends and family without | reservation. But over time, I have whittled down my dependency | to Google to maybe 7-9 products/services. With the killing of | Legacy GSuite, I'll be migrating to FastMail or something | similar, and I'll be down to only a handful of Google products | in a few months. I never thought that I would stop using Google | Search and Chrome, but DDG and Firefox have been perfectly fine | for me for several years now. | notyourwork wrote: | I think dread is a bit over dramatic. I still find utility in | Google Maps and GMail. Some products in the Google domain are | heading that way but I don't dread Google I treat them as a | business with respect to my coupling to them on a case by case | basis. | | I used to be a Google first, now I am one to look at all | options and decide if its worth coupling something else in my | life to Google. In many cases its not worth it or even | required. | fsflover wrote: | > I still find utility in Google Maps and GMail. | | Concerning the maps, try https://openstreetmap.org | | Concerning the GMail, see | this:https://news.ycombinator.com/item?id=30051054 | notyourwork wrote: | Thanks for sharing but I wasn't really trying to debate | whether I do or do not find utility in these. I do and I'm | fine using them. I'm also aware of the alternatives, I use | Apple maps from time to time, I use DDG on occasion. | Neither is of consequence to the premise in my original | post. | matheweis wrote: | > I still find utility in Google Maps and GMail. | | Give it time... There are a lot of people feeling that dread | about "gmail" now. Have you seen the recent threads about | GSuite Legacy? Small businesses and families suddenly need to | cough up hundreds of dollars per year or figure out how to | migrate away from a product that originally marketed itself | as free forever. | notyourwork wrote: | Sure, maybe they will and maybe they won't. Personally, | I'll be happy to pay for it and have considered over the | last few months a migration plan away to a paid | subscription. It's just not on top of my todo list. If | Google started asking me to pay, I'd pay because they have | provided this service and its pretty darn good if you ask | me. How much I'd pay is an open question. | aendruk wrote: | Google Maps may not have progressed to "dread" yet, but it's | solidly at frustration/wariness as a result of its incessant | attempts to manipulate me. It used to be just a tool, but | it's become an adversary. | verytrivial wrote: | A quick note to anyone working to reproduce this: the automated | stupidity that caused this is of the same variety that will | CANCEL YOUR GOOGLE ACCOUNT without recourse if your stats lean a | certain way. Tread carefully. | superkuh wrote: | Play stupid games, win stupid prizes. Putting your data in a | megacorp basket means it'll be treated primarily with | consideration towards their legal liability first, other | megacorps second, and you third or fourth. | xiphias2 wrote: | If the megacorps buy up the best competitors, there's not much | chance left for people, just use them. | gruez wrote: | It's true to some extent, but in the file storage space it's | not really applicable. There are hundreds of competitors, and | I'm not even sure if any file storage providers got bought up | by "megacorps". | xiphias2 wrote: | Not really. I'm using all parts of Google suite together as | they are well integrated with every device I have and | eachother. I am using Adobe cloud for photos instead of | Google photos for example, and even there I quite often | feel the difference in integration with the Android | operating system. | asdff wrote: | Adobe software is especially annoying. There are probably | five or six adobe launch daemons running in the shadows | on my Mac as we speak and it's unclear if when I want to | uninstall that their uninstaller will actually purge them | all (in my experience, no), or I'm going to have to write | a script to collect anything with adobe in the name and | rm -rf. Microsoft is bad with this too on Mac at least. I | tried killing a microsoft autoupdate daemon and I ended | up getting a system notification like three times a day | about it until I relented and reinstalled it. | dmitrygr wrote: | "A review cannot be requested for this restriction" | | I always did say that Franz Kafka never died. He is semi-retired | working in google's PM org, occasionally consulting for the UX | teams as well. | shmerl wrote: | Copyright was always bizarre in the sense that any information | can be expressed as numbers. So why are some numbers more | copyrightable? | | Also reminds me this ("Microsoft Patents Ones, Zeroes"): | https://web.archive.org/web/20100607151726/http://www.theoni... | otterley wrote: | Any novel can be expressed as a sequence of alphabetical | characters. So why are these copyrightable? | shmerl wrote: | Exactly the question you should wonder about. So translating | in to abstract form, different numbers have different legal | application :) | | Illegal numbers anyone? | newhotelowner wrote: | I am a small business owners. I pay for google one so that all my | files are backed up and sync across devices. I also pay for | backblaze to backup all my files (Just in the case google screws | me). | | Is there an alternative for encrypted backup & sync between | different computers? | Filligree wrote: | Plenty. One of the easiest to use is probably Syncthing, if | you're thinking of self-hosting. | kbumsik wrote: | I use Dropbox for almost 10 years and I have been using it well | so far! | | Dropbox offers great file history and restoration support. One | day I deleted files permanently then the team kindly supported | my case to restore the files within a day. | manquer wrote: | Depending on how technically inclined you are something like | Tarsnap might be a good fit. [1] | | [1] https://www.tarsnap.com/ | hyperdimension wrote: | You're talking about their subscription, Google [Removed for | DMCA Violation]? | jpambrun wrote: | Google's bots are crazy. Thank god they sold Boston Dynamics... | choward wrote: | The fact that Google is scanning your files for "copyright | infringement" is bad enough. They have no way of knowing that you | don't legitimately own something. Then pair that with this | example and if that isn't enough of a deal breaker for using | Google drive I don't know what is. | Qub3d wrote: | Always operate under the assumption that iCloud (Apple), | Microsoft and Google will delete any/all of your data, with no | notice, and for no reason. | | Because they explicitly reserve the right to do so in their | TOSes. | | Not your computer, not your data etc. | | (https://www.quentb.com/posts/diy-cloud-backup/) | quickthrower2 wrote: | Cloud drives are a cache. (Actually treat all storage as a | cache, i.e. the data will be lost, it's just a matter of | when.). | Qub3d wrote: | Good advice. This is why I encourage anyone with sensitive | digital data (photos, important receipts, etc) to set up a | 3-2-1 backup: | | _3_ copies of the data, | | _2_ of which are on different, local mediums (i.e. hard | drive and a thumb drive) | | _1_ of which is offsite (cloud storage, safe deposit box, | salt mine, etc) | panarky wrote: | _> they explicitly reserve the right to do so in their TOSes_ | | Do you have an example of Google explicitly reserving the right | to delete any/all data with no notice and for no reason? | Qub3d wrote: | https://edit.tosdr.org/points/14762 | | Note the wording "we reasonably believe". There is nothing | objective about this. | | Additionally: https://policies.google.com/terms#toc-removing | | > Removing your content | | > If any of your content (1) breaches these terms, service- | specific additional terms or policies, (2) violates | applicable law, or (3) could harm our users, third parties, | or Google, then we reserve the right to take down some or all | of that content in accordance with applicable law. | | Finally, buried 3 links deep in the Terms[0], we can find a | list of some of what Google considers valid under this | clause. A lot of it makes sense (clearly illegal things) some | of it is subjective ("misleading content"). If you feel | comfortable all of your data could never be interpreted by | anyone as falling under any of these categories, be my guest, | use GDrive. | | [0]: https://support.google.com/docs/answer/148505 | PaulHoule wrote: | Must have infringed on Metallica. | gpderetta wrote: | Must be google's new Easter egg... | iszomer wrote: | "it's not a bug, it's a feature!" | itronitron wrote: | I guess the moral of the story is, never do business with a | company that doesn't provide a mailing address to which you can | mail a turd (at book rate.) | olliej wrote: | 1 is the loneliest IP :D | spaniard_dev wrote: | Who said that "Don't be evil" thing? | fortran77 wrote: | Ar least it wasn't flagged for illegal porn, too. | TT-392 wrote: | "Thanks for helping google keep the web safe" | | Interesting thing to add in there, how on earth does copyright | stuff have anything to do with safety? | mminer237 wrote: | I assume that message is used for both trojans and copyrighted | content and that there's quite the overlap there. | j0ba wrote: | Because they're doing God's work, and how dare you question | their motives? | tyingq wrote: | Not that I agree with it, but here's the FBI view: | | _" Not only can the violation of intellectual property rights | damage the economy, it also poses serious health and safety | risks to consumers, and often times, it fuels global organized | crime."_ | | https://www.fbi.gov/investigate/white-collar-crime/piracy-ip... | | No helpful detail on why it's not safe. | thomond wrote: | That's the FBI's general view on IP rights infringement and | covers more physical products. You can apply of that to file | sharing. | EdwardDiego wrote: | Because the FBI might ask your government to enforce US | copyright law and your overly enthusiastic leader sends | helicopters filled with heavily armed Police officers to raid | your house at dawn, perhaps? | | https://www.nzherald.co.nz/nz/dotcom-wins-settlement-from- | po... | zerocrates wrote: | Since they went wide with "intellectual property rights" | there, the references to health and safety are probably more | in the realm of trademark and maybe patent... think | counterfeit drugs. | | You can probably gin up a copyright example from, I dunno, | the DRM system on some medical device or something, though | that's obviously not the real focus of their copyright | enforcement work. | coliveira wrote: | But drug safety is not an issue of copyright, but of | physical control of medications. You don't need to break | the copyright of a drug to create and distribute fake | medication. | dane-pgp wrote: | But you might be able to trick more people to buy your | fake medication if you put another company's logo on it. | I'd hate to think that a country's procedures for | stopping copyright infringement are so efficient that | they are the optimal route for preventing the | distribution of fake medication (even making trademark | law pointless), but I must admit that comparing two | images is simpler than comparing the composition of two | medications. Corporate needs you to find the difference | between these two approaches. | onion2k wrote: | If Google has the copyright on "1", they only need to get "0" as | well and they'll have everything. | vmception wrote: | Here is a joke that relies on the assumption that the platform | is suggesting they own the copyright, instead of someone else | that isn't the user. | misnome wrote: | All copyright-infringing files are ~50% 1's, therefore there is | a 50% chance of every file with a 1 in being copyright- | infringing! | | Statistics don't lie, which is presumably why google employs so | many of them, to calculate these efficiencies. | denton-scratch wrote: | > Statistics don't lie | | However statistics can be used to confuse. | | If a file is 50% 1's, then a 1-digit file has a 50% chance of | infringing. More than that, the chance of infringement grows | pretty fast. | | Also, if "1" is copyright, then a file with a "1" in it is | infringing; there's no chance there. It's certainty. | tyingq wrote: | Already there, I made some test files. The ones with "1", | "1\n", and "0\n" are all now flagged. | https://news.ycombinator.com/item?id=30063319 | | So, "someone" has them copyrighted. | gvb wrote: | 0 = 1 - 1 so they have everything already! | smnrchrds wrote: | Only if they have patented - | gvb wrote: | Point of order: you've changed the method of restriction | from copyright to patent. | wlesieutre wrote: | Not - as an abstract concept, but perhaps "a method and | apparatus for subtracting numbers" | tragomaskhalos wrote: | There must be some internet law that states something | like "no flippant comment about the absurdities of | copyright law is so crazy that a patent troll won't be | inspired by it" | version_five wrote: | Or XOR | bluecheese33 wrote: | https://www.smbc-comics.com/comic/2012-08-29 | Animats wrote: | File a DMCA counter-notice, of course.[1] | | You may have to do this the hard way, via Google's address for | service of process.[2] Use registered mail or FedEx. | | There's also the option of taking Google to arbitration. Legal | advice from one of those "free quick consult" services may be | helpful. | | [1] https://www.nolo.com/legal-encyclopedia/responding-dmca- | take... | | [2] https://support.google.com/faqs/answer/6151275 | watusername wrote: | Can you file a counter-notice _in absence of_ a DMCA notice? | The problem at hand is not DMCA. | Animats wrote: | Google claimed a copyright violation and did a takedown. | That's what DMCA counter-notices are for. They phrased it in | other terms, but ask a lawyer if that matters. | manquer wrote: | It matters for counter notice that they didn't issue a DMCA | notice, you can always sue them of course, but since the | first action is not under framework of DMCA, you cannot | issue a counter notice to what is not a DMCA notice. | | The lawsuit is not strong either because their ToS says | they can delete your all your data for any and no reason at | all. | ccbccccbbcccbb wrote: | No surprise here. One World Corporation is going to reserve 1 for | itself. This tweet is just a test drive. | marivilla wrote: | Google Drive also offers client side encryption, which would make | this scanning ineffectual: | https://flowcrypt.com/blog/article/2021-06-14-google-workspa... | | So as long as you have a ton of money and are a corporation your | privacy should be just fine | Devasta wrote: | No pity, if you are using Google products for anything important | you only have yourself to blame. | ChicagoBoy11 wrote: | I experienced something similar building an internal tool on | GSuite. I had a large file with sequences of 9 digit numbers | specific to our use-case, all tied to names of people | (employees). Whelp, at one point the tool I was working on | stopped working, and it was flagged as apparently containing | social security numbers (which I suppose matched the character | length). | | Whelp, on the admin panel, you can get a report of those files, | and then mark it as a false positive. Which I did. But then | nothing happened, and nothing changed. It was no use. | | The hilarious bit: It did, of course, allow me to make a copy of | the file in question, and then just point the resource I was | building to the new file, which was exactly the same. Weeks | later... so far, so good. | slig wrote: | Google is working very hard to make everyone drop their shitty | services. | Arnavion wrote: | This is another case for only pushing encrypted files to | storage hosts, unless it's against Google Drive's TOS or | something. Has anyone tried it? Did Google complain? | stevens37 wrote: | yes | | openssl enc -e -aes-128-cbc -in ${1} -out ${1}.cr -iter | +123456 -k <password> | aspenmayer wrote: | If you don't know about this feature of rclone, you're in for | a treat! Combined with unionfs or mergerfs, or the builtin | union function, you can have cached local decrypted mounts of | locally encrypted remote mounted directories on gdrive, | mirrored to a local folder. | | https://rclone.org/crypt/ | | https://rclone.org/union/ | | Edit: there is also the (sorta abandoned, or | finished/complete depending on your pov) plexdrive project, | which does a bit of Plex server specific opinionated stuff | and mounts gdrive read only, but which may help with reducing | API quota usage according to some reports. I've never had any | issues with the quotas that I'm aware of, but I did have to | tune my settings a fair bit to get it dialed in on a somewhat | memory constrained vps. | | https://github.com/plexdrive/plexdrive | anon9001 wrote: | Tarsnap is entirely encrypted and the service provider can't | see the keys. They run it on EC2 and S3: | https://www.tarsnap.com/infrastructure.html | xcjs wrote: | I have an Enterprise Gsuite account with 50 TB of encrypted | data for around 5 years (this was of course prior to the | rebranding). I've had no complaints from Google so far. | aspenmayer wrote: | You use rclone, or another stack? I'm always trying new | tools in this space. | Kim_Bruning wrote: | This is why running filters on automated data is never a good | idea, and should never be accepted (at least for enterprise | applications, but really for anything) . | spicybright wrote: | That's ridiculous. Storing social security numbers is necessary | for lots of businesses. | | Imagine your filing cabinet not letting you file employment | forms with a SS# on them. | | It's the sticky note password problem all over again... | 015a wrote: | This isn't some default thing on G-Suite; its the DLP setting | which enterprises can elect to toggle on, if they pay for the | most expensive G-Suite plan. It also, afaik, only applies to | shared files. | | It does not work, in such a myriad of ways that I'd be blown | away if it wasn't just some summer intern's project three | years ago and it hasn't been touched since. But it does check | boxes for audits. And enterprises don't care about actual | security, they just want to check boxes for audits. | driverdan wrote: | > That's ridiculous. Storing social security numbers is | necessary for lots of businesses. | | They should absolutely not be stored in a GSuite document. | SSNs should be treated more securely than credit card | numbers. | jsymolon wrote: | > SSNs should be treated ... | | As someone who dealt with identity theft, SSN should only | be collected if contact with the SSA is needed. I.E. | payment of social security benefits. | | Any and ALL other "ID", nope. Use some other number. | spicybright wrote: | I definitely agree, but in america it's impossible to be | legally employed without your employer having your SS# on | record. | inetknght wrote: | Well, yes. Employers need to talk to the Social Security | Administration regarding your social security | withholdings... | AnthonyMouse wrote: | You say things that are true, and yet they are | inconsistent with existing practice. Is there a word for | this? | aspenmayer wrote: | Not even wrong. | | https://en.wikipedia.org/wiki/Not_even_wrong | ldoughty wrote: | "I'm sorry, we can't put you in the system without it.. | it wont let us".... | | I always omit SSN, but often can't get away with it. | panarky wrote: | My dentist said I couldn't leave the SSN field blank so I | filled in 867-53-0909. | inetknght wrote: | > _As someone who dealt with identity theft, SSN should | only be collected if contact with the SSA is needed._ | | You wanna tell that to phone carriers, internet service | providers, electricity providers, and even water | providers? | bob1029 wrote: | > SSNs should be treated more securely than credit card | numbers. | | I disagree. Both SSNs and credit card numbers should be | treated with equal consideration. | | Establishing arbitrary classes of PII protection based upon | perceived severity of compromise is a bad strategy. In the | market we work in, you either get this 100% right or you | don't get it right at all. There is no happy middle-ground | when you are selling software to banks or other such | organizations. No one is interested in "mostly" correct | when it comes to PII they are responsible for protecting. | bonzini wrote: | Which is a problem of its own, since they're effectively | usernames. | | Secure usernames that have no corresponding password is | already an oxymoron; that's what credit card numbers used | to be, hence the introduction of the CVV, 3DSecure and so | on; but at least a credit card can be blocked with relative | ease. But SSNs are secure _unchangeable_ usernames, which | makes even less sense. | | Do any countries other than the US have such an | abomination, where you can figure out the SSN of someone | and ruin their life? | C19is20 wrote: | Italy: https://ilmiocf.it lets you generate your | equivalent of an ssn (fiscal code). And, yes...if you | know someone's very basic details you have the number. | | For US viewers, enter 'stati uniti' as 'comune di | nascita'. | | Use deepl.com for the bit at the bottom. | spicybright wrote: | Not that I know of. It really is a horrible system. But | it's not one I want Google trying to solve. | AnthonyMouse wrote: | You can actually change your social security number in | the circumstance of "victim of identity theft continues | to be disadvantaged by using the original number": | | https://faq.ssa.gov/en-us/Topic/article/KA-02220 | | It's a huge pain, obviously. Especially when you get to | all the systems which blindly assume it isn't possible. | But you can do it. | | They ought to just open it up and let anyone who requests | to change it once a year no questions asked. | spicybright wrote: | Should, yes, but in practice not really. I'm talking more | about employee information. | | You need it for tax forms, background checks, citizenship | queries, sometimes bank information, etc. | | So your options are: | | 1. Store them locally on a computer. Typically on some old | windows 7 machine in the corner that hasn't been updated in | some time. | | 2. Store documents physically. Which will either be scanned | onto random computers belonging to whoever needs them to be | sent through probably insecure mail servers. | | Or worse, your boss taking a picture of your form and | sending it to people that way, leaving the form on their | phone. | | 3. Some other online storage like whatever M$ is offering | | 4. Use google and somehow store SS#'s somewhere less | secure, or obfuscate them in a way no one but a few people | will understand and hope they don't block any other files | you upload. | | Businesses have been deciding how to manage these things | since the start that work best for them. Having google | force you into procedures that might not work for your use | case is annoying at best. And they obviously don't know | best if they have issues like in OP's post. | | It's like they take away your gun so you can't shoot | yourself in the foot, then fires it at things it thinks are | problems hoping not to hit your feet. | | And what's a few toes to a company the size of google? | nathanaldensr wrote: | Thanks to Equifax, SSNs are effectively public anyway. | madaxe_again wrote: | Why? You can figure out someone's SSN if you know where | they're from and what their birthday is. They're highly | predictable - particularly given that you'll often see the | last four digits as the "obfuscated" version in lists etc, | and the first three are state, and the next two are based | on when they were born. Put the two together, and job done. | They're effectively public data. The fact that they're used | as a magic security number/identifier is frankly mind- | boggling. | | Citation: https://www.pnas.org/content/106/27/10975 | vidarh wrote: | Not just that, but official US government websites publish | plenty of data with SSNs of dead people in them. For my | genealogy research I have plenty of SSNs sitting around for | relatives to emigrated to the US because they've happened to | show up in searches. | | E.g. here[1] is one of Ancestry's many catalogs based on US | government data dumps that even allows you to explicitly | search by SSN. | | So even if one were to argue that SSNs of living people | shouldn't be in GSuite, and there may be many good arguments | for that, there are vast quantities of SSNs out there that | are explicitly and openly shared by the government. If Google | starts blocking me from accessing any of my files with notes | about family history, I'll be pissed off. | | I guess it's time to move off Google Docs too (I've largely | left Gmail) | | [1] https://www.ancestry.com/search/collections/60901/ | kwhitefoot wrote: | Is this a tool that you pay money for? Sounds like it fails the | 'fitness for purpose' test. | wanderingmind wrote: | Maybe just use rclone or other tools to store encrypted files at | rest in drive. | everyone wrote: | It's so dystopian / Kafkaesque it's like a parody. | | "Thankyou for helping google keep the web safe" | | followed by... | | "A review cannot be requested for this restriction" | slig wrote: | Computer says no. ___________________________________________________________________ (page generated 2022-01-24 23:02 UTC)