[HN Gopher] Google Drive flags file only containing "1" for copy...
___________________________________________________________________
Google Drive flags file only containing "1" for copyright
infringement
Author : thanatosmin
Score : 621 points
Date : 2022-01-24 17:01 UTC (6 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| kats wrote:
| May want to back up your Google account if you see a message like
| that.
| loudtieblahblah wrote:
| Protondrive is a thing.
|
| Zero knowledge storage needs to be the default everywhere.
| daneel_w wrote:
| And googling "15.91/4" throws a SafeSearch alert letting us know
| that "some results may be explicit".
| ahsima1 wrote:
| I wonder if it's a part of some sort of cyberattack. Someone
| knows that deleting a file, containing a "1" or "0" from target's
| gdrive will break something they want, so they filed a false DMCA
| claim.
| dibujante wrote:
| Maybe it's a low-key attempt to disrupt the use of Google Drive
| as a command and control source for botnets? Seems very easy to
| work around.
| tyingq wrote:
| I'm curious if it was related to the file name. I created a few
| 1-byte files with just "1" in them, with different names,
| including "output04.txt". No problems so far. Also uploaded
| variations with "\n" and "\r\n" after the "1". And enabled
| sharing to anyone with the link. No issues so far.
|
| Google drive does support metadata like a description and
| comments. I wonder if someone posted some copyrighted text in a
| comment?
|
| Update: Recreated it. Most of them are now flagged. Took about an
| hour for that to happen. So far, all that have just one byte,
| being a "1", and also the one that contains "1\n".
|
| The one with "1\r\n" hasn't been flagged. The file names of the
| flagged files: "one.txt", "onev2.txt", "output04.txt" and
| "output05.txt".
|
| Screenshots of the email and Google drive:
| https://imgur.com/a/RHnEJcj (note the little flags on the Google
| drive view, and the file sizes)
|
| Just added some files with "0" and "0\n", we'll see if "0" is
| copyrighted :)
| knodi123 wrote:
| "A review cannot be requested". What a soulless suck machine.
| JorgeGT wrote:
| "In order to review, please reach the top of HN"
| OneLeggedCat wrote:
| Just tested this myself. Got the same results as you while
| using different file names.
|
| Difficult to believe that Google has become so internally
| dysfunctional that it hasn't fixed this technical embarrassment
| twenty hours after first being being seen, and then five hours
| after being reported on front page of Hacker News.
| judge2020 wrote:
| It only affects sharing so it isn't a disaster if this
| happens, probably P3 medium if you went by their bug bounty
| priorities.
| CJefferson wrote:
| Turns out Google also hates 500, 174, 833, 285 and 302 (from
| generating files from -1000 to 1000).
| CJefferson wrote:
| Another bunch of numbers got flagged (186, 451, 336, 173,
| 266). I deleted the experiment, just in case I got my account
| deleted for too many naughty numbers.
| tyingq wrote:
| That's interesting. 500 and 302 popped into my head as common
| HTTP status codes. The others don't seem notable to me.
| can16358p wrote:
| Does it flag comments for copyright infringement?
|
| What if I comment on some file with some copyrighted content in
| the text, just implying something about that IP, with the
| copyrighted text in my comment? How can this be infringement?
| tyingq wrote:
| No idea. I was just trying to guess at why it might flag a
| single byte file as a copyright infringement.
| hulitu wrote:
| They changed their algorithm. Now it will flag files full of
| 0s.
| duxup wrote:
| "A review cannot be requested for this restriction."
|
| Absolute madness cannot be reviewed...
|
| Reason cannot be applied.
| folbec wrote:
| My bet is someone did a DMCA claim on a file containing 1,
| either by mistake or as a joke.
|
| Then Automated Stupidity took over.
| DebtDeflation wrote:
| "A review can not be requested for this restriction."
| avisser wrote:
| I wonder if this is an incredible hash collision. hash("1") ==
| hash(disney_movie.mp4)
| p1mrx wrote:
| Assuming is's a cryptographic hash function, that sort of
| collision just never happens.
| tyingq wrote:
| Update: It has now flagged the file with "0\n" in it.
|
| So it's official, Both 0 and 1 are copyrighted :)
|
| https://imgur.com/a/xMgh6Xn
| Crosseye_Jack wrote:
| Well that MP3 the RIAA flagged was FULL of ones and zeros, so
| it only makes sense they would get flagged ;-)
| blibble wrote:
| I hope you did that from a burner account!
| bl4ckneon wrote:
| Does that mean someone copyrighted binary? :p I guess that
| mean that this comment and everything digital is copyrighted.
| jrockway wrote:
| Technically any creative work you author is copyrighted, so
| your comment was copyrighted anyway.
|
| Whether or not large tech companies will punish people for
| infringing upon your copyright is yet to be determined.
| johannes1234321 wrote:
| I don't know about US lawy but in German law there is a
| requirement on some originality. ("Schopfungshohe") The
| barrier is low, but a 1 certainly doesn't receive the
| protection.
| teachrdan wrote:
| Relevant Onion article here:
| https://www.theonion.com/microsoft-patents-ones-
| zeroes-18195...
| meshaneian wrote:
| I believe 0 and 1 belong in the public domain, at least under
| US copyright law - there appears to be a significant amount
| of prior art.
| lostcolony wrote:
| Not sure if prior art is relevant, per se (usually quoted
| in the context of patent law but IANAL), but, certainly,
| any copyright has expired by this point.
| judge2020 wrote:
| FYI while Drive and YouTube's Content ID systems operate
| based on copyright, they are not entirely bound to it since
| they only actually have to comply with DMCA requests
| (barring any lawsuits that claim Google has the resources
| to create automated copyright detection systems[0]). Even
| when claiming copyright, they can remove and block access
| to content for any reason they want legally.
|
| 0:
| https://www.nytimes.com/2014/03/19/business/media/viacom-
| and...
| melissalobos wrote:
| It may take some time for it to index and check the file,
| youtube for example takes ages to process video, I would
| imagine google drive is lower priority. Check back in a week or
| two and see if it changes.
| mooman219 wrote:
| It looks like those files are marked as public. Does it trigger
| for you on files not being shared?
| tyingq wrote:
| I didn't try that. I marked them public because I assumed
| that's what triggers the scan.
| reincarnate0x14 wrote:
| AFAIK the copyright scan only happens on files shared from
| certain types of Drive accounts, the assumption presumably
| being that while Google doesn't know or care if you have
| rights to possess data, they can be reasonably sure you
| wouldn't be using Drive links as the means of distributing
| many well-known files (video, music, software, mostly) if
| you had rights to do so.
|
| How far Artificial Stupidity runs into the weeds from that
| basically sound beginning appears to be "still farther."
|
| FYI Drive also does scans (configurable on business
| accounts) for data such as likely accidental PII
| disclosures on shared data, and anti-malware checks on at
| least Windows and Mac executables, installers, and dmgs.
| radicaldreamer wrote:
| What is the best in class cloud drive software which
| doesn't do this? I feel like Dropbox is a bit more
| selective, but without going into the Megas of the world,
| there doesn't seem to be a good file share with solid
| end-user desktop sync.
| reincarnate0x14 wrote:
| Maybe B2? It's not something I have to looked into
| extensively. My needs for sharing data from GDrive are
| limited and if there is data I don't feel like google
| automation getting at I have it encrypted via rclone
| mounts.
| obmelvin wrote:
| Does it just prevent you from sharing the files or does it
| prevent you from accessing the file as well?
| tyingq wrote:
| Just tried that, and I get a "request a review" link.
| Interesting.
|
| _" Unable to share This item may violate our Terms of
| Service - Request a review"_
|
| Clicking on it, though, gives no joy:
|
| _" 451. Sorry, Google is unable to process your request.
| This item was taken down for legal reasons and cannot be
| appealed. Please visit the Legal Removals Requests page
| for more information."_
|
| https://imgur.com/a/5YHQtLi
| lhorie wrote:
| I have a pet theory that all of these recent Google bloopers
| could be explained easily if you start from the assumption that
| Google internal incentives promote efforts to cut costs such as
| storage.
|
| "Garbage" docs, inactive email accounts, less search results etc
| can all be reasonably explained by a desire to not spend money on
| storage for "low value" data (i.e. data that is unlikely to be
| accessed in a way that translates to profit for Google). Users,
| having been trained to rely on free services and the magic of
| search to summon stuff, have zero incentives to clean up their
| digital "pollution", and at some point, something's gotta give.
| withinboredom wrote:
| > explained by a desire to not spend money on storage for "low
| value" data
|
| I think this "just happens" when you reach a certain scale. For
| example, I was looking at our reporting at my job the other day
| and realized for 10k people a day, something wasn't working
| with our emails. We decided it was a "low priority" because
| it's "only" 10k people when we send over 30 million emails a
| day. I'm sure those 10,000 people (a small city's worth!) don't
| feel that way.
| munificent wrote:
| I don't think there's anything specific to Google. I think the
| chain of events was basically:
|
| 1. Storage is expensive, so software designers and users build
| tools and habits that are parsimonious with it. Programs would
| store files in carefully designed binary formats to save space
| because space was expensive. Users would periodically go
| through directories on our computers and manually delete old
| stuff. Apps required users to explicitly choose what to save.
|
| 2. Storage gets much cheaper.
|
| 3. Seeing that, companies like Google and others offer
| "unlimited storage" by projecting the observed user behavior
| from (1) onto the storage costs of (2).
|
| 4. But now users and app developers change their behavior since
| the incentive environment is now (3). Camera apps automatically
| save every photo you take. Phones record higher and higher
| resolution video. Users stop deleting anything and rely on
| search to wade through their sea of bits.
|
| 5. Companies how have to adapt to the reality of (4).
|
| I don't think there was anything particularly nefarious or
| shitty on the part of any participant. It's just the nature of
| big complex iterated systems with emergent properties.
| lhorie wrote:
| > I don't think there was anything particularly nefarious or
| shitty on the part of any participant. It's just the nature
| of big complex iterated systems with emergent properties.
|
| I find it interesting that one can draw some parallels to
| physical consumerism and its impact of ecology. We don't
| generally consider buying day-to-day stuff as nefarious
| either, until we pay attention to the aggregate impact of the
| entire supply chain machine, and then it's "80% less
| polinators" this, and "donated clothes landfills" that. The
| big difference is that Google as an organization _can_ make
| the call to - and follow through on - telling users directly
| to back off if users ' consumption patterns themselves become
| a significant enough liability on the sheets.
| mbfg wrote:
| i remember BlackDuck flagging a one pixel (white) image as a
| copyright infringement in our product.
| TedShiller wrote:
| Maybe but anyone can claim that on Twitter
| zydex wrote:
| It's been reproduced by other users, see below comment in this
| topic.
|
| https://news.ycombinator.com/item?id=30061080
| TedShiller wrote:
| Interesting, you're right then.
|
| The thing with Twitter posters is they often don't understand
| what they're doing.
| luckystarr wrote:
| Could this be a rare case of a SHA-whatever collision? Or do they
| use MD5 to identify these files.
| version_five wrote:
| "A review cannot be requested for this restriction"
|
| ML enforcing rules is bad enough, but not allowing false
| positives to be corrected is ridiculous. This is why I would
| never consider g-suite for any business application.
|
| Otoh, I think there is a legitimate business to be made helping
| small businesses and individuals secure themselves against
| arbitrary behavior from big tech. This kind of thing can have
| serious consequences (imagine if it was something of real
| substance that got restricted without recourse) and people need
| to consider hardening their activities against google et al
| pdonis wrote:
| _> people need to consider hardening their activities against
| google et al_
|
| Isn't your own solution--that you would never consider g-suite
| for any business application--the obvious simplest way to
| "harden" against Google?
| hetspookjee wrote:
| I think the most likely outcome is much like the services they
| offer to help with settling airplane ticket compensation. I
| presume most of them are actually in service of the airplane
| operators.
|
| Imagine a device that indeed offers to help small time
| companies in resolving the issues with big tech. The business
| case will eventually come up to just buy them up and slowly
| drain their effectivity, while upping the rate tremendously and
| being able to - if any - strike up the compensation dishes out
| by big tech. Pardon my cynism but I sometimes look at the
| airflight industry as the equilibrium of a race to the bottom.
| With big tech we're not there yet
| Volker_W wrote:
| > I presume most of them are actually in service of the
| airplane operators.
|
| why?
| robbedpeter wrote:
| Automated tools that overwhelm these triggers should be
| deployed. Get everything flagged and force them to put a human
| in the loop and fix the system. Make it technically impossible
| to appease the entertainment mafia and batshit regulations.
| karsinkk wrote:
| I've noticed the same behavior with the recommendation engine
| from Reddit and Instagram as well. While they don't totally
| block providing feedback on recommended posts that I'm actually
| not interested in, the UI flow to submit the feedback is
| difficult/confusing enough that I've just stopped doing it
| altogether. Could this be because retraining whatever model
| that they've built is difficult/expensive with new feedback?
| wolpoli wrote:
| A benign explaination would be that the feedback feature is
| really designed as a relief valve for the most frustrated
| users to feel better. Moderately frustrated users will find
| it takes too many clicks to provide feedback and just scroll
| to the next item.
| friedman23 wrote:
| "The trial" by Kafka needs to be required reading for everyone
| involved in implementing systems like this.
| capableweb wrote:
| Most likely the people actually implementing this system did
| raise potential issues to their supervisors. It's not the
| implementer that needs more education, it is the people who
| drive the implementer that needs better education in how to
| design systems.
|
| But since it probably doesn't affect the bottom-line, it's
| unlikely to actually happen.
| miohtama wrote:
| There probably was risk discussion involved in some point
| of feature implementation. Lawyers got involved and the
| discussion likely went like this
|
| 1) DMCA Safe Harbor gives us, Google, unlimited protection
|
| 2) What are the users going to do any case? Sue us? Migrate
| to Microsoft Office 365? The minuscule amount of issues
| caused on 0.1% users is not going to hit our bottom line
| and the users cannot damage us.
|
| 3) We offer key account manager services for organizations
| large enough that could cause stir (Spotify size)
| forgotmypw17 wrote:
| 4) We have 1 billion users and 1 million reports of
| copyright infringement per day, which we have to address
| according to the DMCA somehow.
| kevin_thibedeau wrote:
| If the full DMCA process was implemented, takedowns could
| be immediately reverted and then the trolls would have to
| use the court system as intended. Abusive behavior from
| bad actors could then be addressed.
| IshKebab wrote:
| This isn't a DMCA takedown.
| miohtama wrote:
| This is actually a fair point. Thus, this should limit
| Google's escape intoany safe harbour. Though still leaves
| the problem who is going to go after Google for them
| locking users out from their own files.
| tinus_hn wrote:
| Really? They don't need any more ideas!
| newsbinator wrote:
| Or "Catch-22" by Heller:
| https://en.wikipedia.org/wiki/Catch-22
| robocat wrote:
| A wonderful comedy. I presumed it was American literature,
| so I had avoided reading it because that isn't a category
| that interests me by default, but decided to read it and I
| had a good laugh. Easy to pick up cheaply second hand.
|
| I don't really think the book is relevant to this
| discussion though.
| kwhitefoot wrote:
| And RMS' Right to Read: https://www.gnu.org/philosophy/right-
| to-read.en.html
| jrockway wrote:
| How long until cloud providers are forced to scan block
| devices, so you can't even self-host a file erroneously flagged
| by the ML? (Actually, how long until this is integrated with
| the "security engine" in CPUs, so you can't even hide with
| encryption? Everyone is talking about on-device voice-
| recognition and CSAM recognition, but no doubt the copyright
| lobby is going to push hard for this as well.)
| matheusmoreira wrote:
| It hurts me to even think about this. We're headed towards
| such a bleak future. The only solution I can think of is to
| kill copyright in order to save computing freedom. Otherwise
| our computers will eventually no longer be ours.
| josephcsible wrote:
| Do we need to kill copyright? Couldn't we just kill
| vigilante enforcement of it? Maybe we should make it the
| law that if you see a copyright violation, your only legal
| options are (1) nicely ask the infringer to stop
| voluntarily, or (2) sue.
| matheusmoreira wrote:
| Copyright is fundamentally a monopoly on data. The very
| name implies that you can restrict who can copy data, how
| many copies can be made. Copying data is among the most
| basic, fundamental computer operations. Therefore all
| computers are inherently capable of violating copyright,
| they merely need to be instructed to do so. It's the 21st
| century and copyright is absolute nonsense. Computers
| make it seem absurd by trivializing copying to the point
| artificial scarcity is exposed for the illusion it always
| was.
|
| So in order for copyright to exist in the 21st century,
| it must be impossible for us to instruct computers to do
| anything. They must own our computers. They must ensure
| computers obey them so that they can make it refuse to
| copy data without approval. We cannot be allowed any
| control because we can easily subvert their business
| model.
|
| So in this matter it really is us or them. Either the
| copyright industry loses, or we lose computing freedom
| and everything hackers stand for will be history. There's
| also the looming threat of government encryption
| regulation which faces the exact same problem. I say
| computers and the internet are jewels of humanity and too
| important to be compromised by these governments and
| stakeholders, and I'd sacrifice a thousand copyright
| industries to keep them alive and free.
| simonh wrote:
| Cameras made it easy to copy things, so did printing
| presses, photocopiers and now computers. None of them
| have killed copyright, which is still functioning just
| fine. Musicians still sell music, directors still make
| films, the apocalypse simply isn't happening.
|
| Yes there are occasional abuses, unfair YouTube takedowns
| and crap like this from Google. They must be fought, no
| argument there. Life will go on.
| matheusmoreira wrote:
| > Cameras made it easy to copy things, so did printing
| presses, photocopiers
|
| Not at massive global scales. Not at negligible costs.
| Not with complete impunity. Not in a way that was
| accessible to everyone.
| SR2Z wrote:
| > It's the 21st century and copyright is absolute
| nonsense.
|
| This is an awful, terrible take. We know that
| intellectual property is much more artificial than pretty
| much every other type of property right, but we still
| want governments to enforce copyright and other IP law
| because it's a good way to make sure that people have a
| financial incentive to be creative or do R&D.
|
| Copyright needs reform (and many types of DRM need to be
| banned), but just because you'd gladly sacrifice
| thousands of industries (how many jobs is that?
| millions?) to have some ideological purity, it doesn't
| mean that such a decision would be broadly supported or
| even in the best interest of society as a whole.
|
| Source: work in copyright, have seen firsthand how shitty
| IP protections can destroy businesses that produce
| excellent content.
| ncmncm wrote:
| Copyright is spelled out in the US Constitution as
| distinct from property, for clear and well-justified
| reasons.
|
| Every move to make copyright more like property makes
| copyright less useful for its designated purposes, and
| more a drain on the public interest. But copyright
| holders are continually pressing courts and legislators
| to try make copyright law subservient to property law,
| and succeeding, incrementally, so case law on copyright
| has become hard to distinguish from property law.
| Nowadays copyright lawyers even call themselves
| "Intellectual Property" lawyers, deliberately trying to
| obscure the difference.
|
| The consequence is that Copyright, which was once a
| benefit for the public interest, is now a benefit only
| for entrenched media companies. Eliminating it would once
| have been taking away from the public. Now, eliminating
| it would benefit the public. But, since copyright is now
| a matter of international treaty, we no longer have, even
| in principle, the power to eliminate it: treaties
| override the Constitution.
| matheusmoreira wrote:
| > we still want governments to enforce copyright and
| other IP law because it's a good way to make sure that
| people have a financial incentive to be creative or do
| R&D.
|
| I have to believe that there must be alternatives. We
| need better post-copyright business models. This
| artificial scarcity thing is simply not going to work
| anymore. At least not without sacrificing everything
| about computers that make them special.
|
| Maybe crowdfunding where creation is treated as an
| investment. Maybe patronage where it's treated as a
| subscription. I really don't know for sure. I just know
| it can't go on like this.
| snowwrestler wrote:
| Without copyright you cannot write contracts about
| creative works, because there is no value to exchange.
| Creative works without legal protection are free and
| therefore cannot be investments or subscriptions. Just
| like I can't get people to invest in or subscribe to the
| air in front of my house.
|
| I think you are headed down the wrong path here. You
| don't need to eliminate intellectual property to preserve
| general purpose computing. You just have to change the
| guardrails on how IP enforcement works.
|
| They've changed many times and they can change again. And
| it's way more achievable than ripping copyright out of
| society entirely.
| matheusmoreira wrote:
| > Without copyright you cannot write contracts about
| creative works, because there is no value to exchange.
|
| There is no value even with copyright. Its value is made
| up, created via artificial scarcity whose days became
| numbered the minute computers were invented. There's no
| point in perpetuating this system.
|
| The _true_ value is the labor of creators. Data is
| abundant. Creators are rare. They need to somehow get
| paid for the labor of creating rather than copies of the
| finished product.
|
| > Creative works without legal protection are free and
| therefore cannot be investments or subscriptions.
|
| We can invest in the creator. Paying them up front like
| investments, or continuously every month like patronage.
|
| > You don't need to eliminate intellectual property to
| preserve general purpose computing. You just have to
| change the guardrails on how IP enforcement works.
|
| I'm not convinced the copyright industry will ever stop.
| The situation gets worse every year. How is this supposed
| to change with copyright holders still around? Their
| lobbying power is immense.
|
| > They've changed many times and they can change again.
|
| They've changed for the worse. How many times has
| copyright duration been extended? How many of our rights
| eroded? Fair use rights? Public domain rights? They mean
| nothing anymore. When was the last time some work entered
| the public domain?
| scrollaway wrote:
| Since you work in copyright, you've probably also seen
| firsthand how overzealous copyright enforcement can
| destroy businesses that produce excellent content.
|
| Frankly, your bias shows and you might have a case of
| EverythingLooksLikeANailitis. The copyright industry may
| be "protecting" jobs in some ways, but it's also
| destroying jobs in others. It's halting progress in so
| many cases.
|
| You also need to look at who, _in practice_ , is
| protected by copyright. The grand majority of the money
| being protected is that of big, rich industries. Even
| when the Little Guys are protected, it's usually by a
| bigger company that gets the way bigger cut from it (eg.
| stock photo and music artists).
|
| A world without copyright is a different one. IP lawyers
| and copyright enforcers might be out of a job, but it
| doesn't mean it'd be one without music or art. We'd find
| a different way to make it work, hopefully a way that
| doesn't drive the next Aaron Swartz to suicide.
| AnthonyMouse wrote:
| > So in order for copyright to exist in the 21st century,
| it must be impossible for us to instruct computers to do
| anything.
|
| This is not true. It could be enforced by courts and not
| by computers.
|
| Courts are slower and more expensive, so they'll only be
| used for the most egregious violations. But that's fine.
| Those are the high value ones. You wrote some code or
| made a movie, Netflix wants to use it, Netflix has to pay
| you for it. Because Netflix is big and you can sue them.
|
| > We cannot be allowed any control because we can easily
| subvert their business model.
|
| The assumption here is that everybody wants to subvert
| their business model. For the RIAA that might be true,
| but we don't need the RIAA. They can lose. Specifically
| because they're crooks and nobody respects them.
|
| But already right now I can find basically the entire
| Netflix catalog on BitTorrent sites, and still I pay
| them.
|
| And look at Substack. You have people making content, the
| readers respect the writers, so they pay. In many cases
| even when the articles are available without paying or
| after only a short delay. Because the readers know they
| won't be created if the creator has to go dig ditches
| instead for money.
|
| We should get rid of DMCA 1201 (prohibiting circumvention
| of DRM). We don't need to get rid of the law that
| prevents Google News from hosting the full articles on
| their own servers while stripping out the subscription
| links.
| rcoveson wrote:
| > This is not true. It could be enforced by courts and
| not by computers.
|
| No, this doesn't get you through the century with
| copyright intact. Bandwidth and storage only get cheaper,
| and copyright-able files are not getting proportionally
| larger.
|
| Eventually--and the 21st century does seem like a
| reasonable timeframe--something like Google Glass is
| going to become the norm, for all people, all of the
| time. Somehow or other we will patch the imperfections of
| memory and information exchange; think of it like
| recording everything you see and hear and being able to
| instantly share those recordings with those around you.
| We can already do this with a sentence or two of text or
| the gist of a melody! In the future it'll be a full book,
| or a song. It's no different from inventing vehicles that
| allow us to travel at hundreds of miles per hour.
|
| What does copyright look like as the ease of recording
| and repeating an experience increases at the rate of the
| past few decades? If technology is in reach that would
| blur the line between "recording" and "remembering", and
| "recounting" and "copying", are we going to just say "no"
| to it? Allow our memories and communication skills to
| remain in their ancestral, imperfect state just because
| it is imperative that those who "own" certain bitstreams
| be paid whenever they reach a new consciousness?
|
| Human courts can't enforce copyright when faced 2050's
| technology. Not when we can "memorize" and "repeat"
| everything we hear with the same ease that we memorize or
| repeat a haiku today.
| kmeisthax wrote:
| Well, the problem is that all this "vigilante[0]
| enforcement" was there to enable online services to work
| at all; and it has been further extended by private
| business agreements to give copyright owners powers above
| what the law requires.
|
| Any tort in law also has secondary liability attached to
| it, and it's generally accepted caselaw that online
| service providers get secondary liability if someone uses
| them to infringe. Congress decided that said providers
| should be able to disclaim that liability if they
| participate in a notice-and-takedown process; and the EU
| has gone further and replaced that with a very context-
| sensitive "best practices" approach that almost certainly
| will be interpreted as "video sites must have an
| equivalent to YouTube Content ID".
|
| From an old media perspective, this is crazy. If CBS
| licenses a TV show that infringes upon a third-party
| copyright, they cannot disclaim liability by saying it's
| the licensee's problem. If they could, then you could
| construct a bunch of LLCs to separate the infringement
| from the liability. And this is effectively what online
| services have done: YouTube, for example, gets to
| automatically[1] recommend you infringing content, and
| those who have been infringed _only_ have the legal
| recourse of sending takedown notices.
|
| Getting rid of the takedown system would mean that
| copyright owners would have to go back to suing
| individual users, which is both expensive and, IMO,
| wrong. YouTube gets to own online video and infringe
| copyright with impunity, because they passed the buck
| onto individuals that largely cannot afford to pay
| damages on infringement. If you're a legitimate[2] user
| of copyright, you can't economically get the infringement
| to stop or go underground. Furthermore, if you are a
| copyright troll, this does nothing to stop you; you will
| still be able to sue individuals and coerce them into
| settling baseless claims.
|
| The underlying problem is that online platforms want to
| half-ass copyright. You can decide whether this is
| because they understand the draw that infringing content
| provides to them, or if proper enforcement interferes
| with the FAANG business model of "own the platform and
| take 30%". Either way, it's a compliance cost. We don't
| want people just suing individuals, and we don't want
| people suing online services to the point where any
| amount of third-party content is too legally perilous to
| touch. The answer was supposed to be notice-and-takedown,
| which is designed basically as a way for online service
| providers to push papers around between copyright owners
| and users without having to resort to an expensive
| lawsuit.
|
| However, nobody likes this. Online service providers that
| try to do things "by the book" wind up with all sorts of
| legal pitfalls for both themselves and their users. So
| even the current notice-and-takedown regime in the US has
| been subverted by private agreement. For example, DMCA
| 512 requires copyright owners to actively monitor
| infringements of your work; but YouTube Content ID
| instead provides a turn-key solution to find infringing
| work on that platform. It also lets you just monetize the
| infringements instead of taking them down, which is also
| a sort of backdoor license for Google. I suspect some
| sort of similar arrangement is involved with Google
| Drive, where you can't share files that trip whatever
| content ID system is involved here.
|
| So even "killing vigilante enforcement" would not be good
| enough, because Google has already found it lucrative to
| privilege copyright owners over regular users. You need
| to specifically regulate these takedown alternatives
| rather than just getting rid of takedowns.
|
| [0] Technically speaking, a DMCA takedown notice from
| someone who does not own the copyright to the work in
| question is legally deficient and can be safely ignored
| by Google. However, most online service providers do not
| do a good job of checking.
|
| [1] As per Mavrix v. LiveJournal, the process _has_ to be
| automatic. Human curation takes you out of your DMCA 512
| safe harbor. This is effectively a "willful blindness"
| requirement, IMO, which is also bad.
|
| [2] As in, you're interested in preventing sharing of
| newly-published works for a reasonable time frame, rather
| than keeping an ironclad grip on Steamboat Willie or
| Super Mario Bros forever.
| version_five wrote:
| I think there needs to be more work on open source hardware
| (and the associated fab capabilities to make what people
| want) in order to preserve computing freedom. I have no
| idea how to actually do this, but it feels like it should
| be prioritized
| idiotsecant wrote:
| There are people trying to make hardware more open source
| and user friendly for the average user right now. The
| Framework laptop, for example, is not a perfect product
| with DIY silicon but it's well on it's way to open,
| repairable hardware, open bare iron code, and other user-
| friendly attributes.
|
| It's also quite expensive because by definition such
| things will always be more expensive. Vote with your
| wallet and not just your HN post and you'll push the
| world just the tiniest bit in the direction you want.
| matheusmoreira wrote:
| I agree. The only reason these "stakeholders" have any
| leverage at all with which to push this is the fact
| semiconductor fabrication currently costs billions of
| dollars. So while it is possible for us to make our own
| freedom-respecting software, freedom-respecting hardware
| is out of our reach. Hardware manufacturing is
| concentrated in the hands of few corporations and those
| are friendly towards the copyright industry and good
| targets for government regulation and intervention.
|
| Some kind of innovation that lets people fabricate at
| home is necessary. Just like the free software compiler
| changed the software world, the free as in freedom fab
| must do the same for computer hardware. Access to
| fabrication must somehow be democratized or we'll never
| be free.
| foxfluff wrote:
| Making fabrication accessible would definitely be nice.
|
| In the meanwhile, I'd be interested in finding a
| community that puts "relatively open" hardware to good
| use. That includes old computers that won't grow
| antifeatures on their own, but also e.g.
| microcontrollers. I believe the dual-core 125MHz $1
| Raspberry RP2040 is more powerful than my first PC was
| (although it might have less RAM and unfortunately can't
| be transparently expanded as far as I know). It's not
| exactly open hardware but it's well documented, and even
| the boot rom is open source (that is _rare_ ). You don't
| exactly have lots of integrated peripherals (e.g.
| ethernet) so it'd be very difficult for them to have some
| kind of remote backdoor. It's also quite simple to
| program; a hacker scale operating system is entirely
| feasible.
|
| And that is of course just one of many choices out there.
| There are far more powerful microcontrollers out there.
| And by their nature, it's not going to be very easy for
| the copyright mafia to get their slimy tentacles between
| you and the core.
|
| You'd give up a lot of power but on the other hand, I
| could buy 500 of them for the price of my laptop. I don't
| know, maybe we don't need to run everything on a single
| high performance CPU and could instead have a small
| cluster; perhaps each chip running its own application?
|
| It's definitely not a "ready world" but I see lots of
| possibilities and am excited for the future of
| microcontrollers. But I'm also seeing the line between
| microcontrollers and processors getting blurred.
| voldacar wrote:
| You could just use FPGAs. They aren't fast, but your
| homegrown chips won't be either.
| matheusmoreira wrote:
| Those are also fabricated by huge corporations. No
| guarantee they won't be compromised by industry or
| government interests.
| version_five wrote:
| It does seem to some extend the higher the level of
| abstraction, the more potential for inappropriate
| controls or restrictions. More restrictions exist in apps
| vs OS vs cpu, or in cloud services like gdrive vs an EBS
| volume on AWS. So FPGAs are at least a step closer to
| free (or harder to secure). Even if they are under
| control of the manufacturer, there is a lot more
| flexibility and less potential for "oversight" at the
| gate level.
|
| There is still the question of all the peripherals, I'd
| be worried about internet and video and other i/o
| adapters only being compatible with proprietary hardware,
| and impossible to use with a home programmed fpga
| foxfluff wrote:
| Depending on what your performance target is, you might
| do without adapters. Low speed USB can be bitbanged even
| with 8-bit attiny. RP2040 with PIO can run DVI, 720p@30Hz
| (though you do need to overclock the chip heavily). I
| don't know how to implement Ethernet with digital logic
| (it uses pulse amplitude modulation) but bandwidth-wise
| it's not too challenging. Gigabit signals to PHY are
| 125MHz using RGMII. I think 100Mbit Ethernet would use
| 25MHz but I'm not actually sure. All doable using
| commodity microcontrollers _without_ an FPGA.
|
| I could see a long road to a dystopia where these legacy
| protocols are deprecated and they push out devices that
| only speak new protocols that won't let unapproved
| devices talk.. but I'm not that pessimistic. I can't see
| the copyright mafia chasing things down so far, and
| they'd rail up against all the industrial users.
| foxfluff wrote:
| True, but it's harder to compromise a fully programmable
| device. In essence, you'd have to somehow prevent certain
| kinds of programming while still permitting all the rest.
| How is the device to know that flipping pin 121 and 122
| in a specific pattern is actually clocking bits from a
| storage device?
|
| I think the web is broken (user-hostile) for the same
| reason. It's been made to support arbitrary programming,
| and now you have to play this weird cat and mouse game of
| trying to prevent a particular kind of programming --
| that can be used against you -- without breaking all the
| rest of the web. Google can block your browser because
| they can run code in your browser.
| https://news.ycombinator.com/item?id=30051512
| babycake wrote:
| For sure, but companies didn't win by building a better
| product. They won because of copyright laws that helped
| them to enforce their goal of profits.
|
| If we want computing freedom, or in other words: consumer
| rights, then we need to enact laws that are pro-consumer
| to ensure an open future. Things like being able to
| repair our devices were taken away (Apple) and brought
| semi-back with right-to-repair laws (albeit only proposed
| atm), ownership of software and your data taken away by
| online services (Adobe, etc), and lots others.
|
| Having open source hardware won't stop companies trying
| to take control away. We already see Microsoft and their
| SecureBoot problems with Linux. Or maybe they just won't
| support those open source machines by refusing to deploy
| their OS or whatever. Then what audience are you gonna
| have to make that product successful to become the new
| standard?
|
| Laws are the only way to force everyone to play nice. We
| can have the nicest open source stack, but that's nothing
| if companies can just seize them with their own laws.
| matheusmoreira wrote:
| > Having open source hardware won't stop companies trying
| to take control away. We already see Microsoft and their
| SecureBoot problems with Linux. Or maybe they just won't
| support those open source machines by refusing to deploy
| their OS or whatever. Then what audience are you gonna
| have to make that product successful to become the new
| standard?
|
| We need to get rid of those products and replace them
| with free software instead. It doesn't even matter if
| it's better or worse, as long as it's ours. This is the
| most sensible long term investment since it's the only
| thing that will truly benefit humanity forever.
| landemva wrote:
| The surface is larger than just copyright and includes
| anything the government can enforce in the name of
| protecting or preventing ... [children, terrorists, money
| laundering].
|
| Lobbyists wondering why not slip this into appropriations
| bill and make MS put this in desktop.
| foxfluff wrote:
| It's also larger than that; I believe one of the biggest
| threats to freedom today is complexity. That's why people
| are so bitter at Mozilla for example, and perhaps to a
| lesser degree systemd. But it applies to a lot of stuff,
| for example everyone who complains about GPU drivers on
| Linux (or "Linux is not there yet" in general) complains
| because they feel powerless to fix the issues. I'm glad
| AMD is doing their part but I'd be happier if we didn't
| need them to.
|
| If things weren't so complex, a small group of hackers
| would "shut up and hack" and fix their grievances and
| give the community something new to play with. Instead,
| we've gotten to the point where most people realize that
| they are too small in face of all the complexity. Then
| what choices do you have left? Give up, or get bitter and
| angry because those who have the resources to maintain a
| browser or Linux distro aren't doing what you want (and
| eventually you give up anyway because shouting into the
| void doesn't fix anything). One can go against the grain
| but they will be left in the dust; I saw lots of bitter
| Palemoon users who were ignored as the web moved on and
| sites started breaking on their increasingly outdated
| Firefox fork. I can't blame those users.
|
| It's this same complexity that enables e.g. Google to
| just block your browser:
| https://news.ycombinator.com/item?id=30051512
|
| Open standards mean nothing if only one company on earth
| has the resources to implement them (and they
| deliberately push out others). Open standards mean
| nothing if they require you to implement user-hostile,
| freedom-disrespecting features that enable behavior like
| above.
| easrng wrote:
| Google blocking browsers is understandable, they're
| trying to stop apps from implementing Sign In with Google
| in a webview because that's a security issue. (Apps could
| steal passwords or non-oauth session information) Some
| actual browsers (mostly built around those same webview
| tools) got caught up in the blocks too. If they were
| blocking everything except Chrome, that'd be a different
| story, but they're not.
| foxfluff wrote:
| My take on this is that you always have plausible
| deniability when you deny freedoms "for security." I
| don't like it.
|
| Blocking everything except Chrome would immediately raise
| way too many eyebrows, but allowing the few big (non-)
| competitors while making life hard for any potential
| rising stars has value if you want to maintain the status
| quo (near monopoly on browser market).
|
| In any case, I don't really even care about Google's
| motivations here. I have a problem with the fact that
| they can do this at all. Open technology should not
| enable overriding user control and arbitrarily blocking
| clients based on prejudice.
| matheusmoreira wrote:
| I agree. Attempts to regulate cryptography, to force
| computers to police and snitch on their own users... It's
| all deeply concerning and all of it depends on their
| covert ownership of our computers.
| [deleted]
| bostik wrote:
| I don't think we need to _kill_ copyright, but we sure as
| hell need to control how it 's used. To start with, we need
| to spay and neuter the out of control copyright enforcers,
| and especially every form of copyfraud.
|
| My previous take on the subject:
| https://news.ycombinator.com/item?id=22488496
| kbrannigan wrote:
| Load up on usb drives. I mean really when did we suddenly
| become dependent on cloud services? It's phenomenon that's
| less than 15 years old.
| matheusmoreira wrote:
| Won't help me when my computer starts refusing to read
| copyrighted files because it has decided its real masters
| are the copyright holders.
| vorpalhex wrote:
| Buy hardware you can own. Stop buying Apple products.
| belter wrote:
| We are in the middle of the hostilities, and we can always
| appreciate if more young idealists, as well as practical
| and hands-on militias want to join the revolution:
|
| "The Coming War on General Computation":
|
| http://opentranscripts.org/transcript/coming-war-general-
| com...
| matheusmoreira wrote:
| I remember that article. Deeply influenced my views on
| this matter. It's so good to read it once more. So many
| examples I'd totally forgotten about.
| narrator wrote:
| Gab.com is how to run a service that gets kicked off all
| cloud providers. They had to build their own bare metal
| infrastructure. That's right! They use zero cloud
| infrastructure. No AWS, etc. They even have release
| announcements about how they've upgraded or bought more
| servers so things should go faster and they can enable more
| features and so forth.
| Johnny555 wrote:
| If Amazon didn't offer EBS block device encryption (with a
| key that's ostensibly only accessible to the customer), then
| customers would just use full disk encryption instead.
| rsync wrote:
| "How long until cloud providers are forced to scan block
| devices, so you can't even self-host a file erroneously
| flagged by the ML?"
|
| If you are using a cloud provider you are not self-hosting.
|
| Self hosting means you own the machine.
| withinboredom wrote:
| I have an email from myself to myself sent in 2007 in GMail.
| I can't open the attachment because "it is malicious." It
| doesn't, just a schematic, but there's no way to tell GMail
| to let me download it anyway.
| vidarh wrote:
| Have you tried downloading it via IMAP?
| withinboredom wrote:
| No actually. That's a good idea!
| ehnto wrote:
| Reminds me of that 70s IBM presentation quote that surfaced
| recently, "A computer can never be held accountable, therefore
| a computer must never make a management decision".
|
| It's one thing to have a computer flag issues, another to make
| it responsible for taking action and in this case, making a
| decision final. Google continues to set poor examples with
| irresponsible implementations of machine learning. With no
| accountability, no recourse, no humans to talk to.
| LudwigNagasena wrote:
| A program can never be held accountable, but the person (or
| the whole company, or both) who decided that it should make
| management decisions can.
| ehnto wrote:
| It's possible to read the original quote was as a warning
| of exactly that. We should all be very wary of letting our
| code do the walking because the fault should realistically
| lie with us, but it's as if the software industry feels
| invincible, and it's not hard to see why.
| mywittyname wrote:
| Yeah, that's basically how I read into it. Or, more
| specifically, if the computer can't be held accountable,
| then those doing the holding get to decide who they think
| is responsible, and that might not end in your favor. In
| pithy terms, computers make poor scape-goats.
|
| Given the context IBM operates in, that's probably what
| they are getting at.
|
| Bill Gates tried this argument and lost.
|
| Lawyer during deposition: "So who sent that email?"
|
| BG: "A computer."
| sb057 wrote:
| I think that quote should be flipped.
|
| "A computer can never be held accountable, therefore a
| computer must always make management decisions."
| queuebert wrote:
| That misunderstanding could explain the last several
| decades of corporate management.
| sandworm101 wrote:
| Or..
|
| "A computer can never be held accountable for decisions,
| therefore all computer decisions are management decisions."
| beebeepka wrote:
| I thought the same as that's our current reality. "It
| wasn't us, it was the computer!" Things are only going to
| get worse
| Croftengea wrote:
| "Computer says No!"
| withinboredom wrote:
| No? Why is this computer talking about Norwegian?
| bobm_kite9 wrote:
| Yes! This is one thing humans are still much better at than
| AI: taking blame.
| giaour wrote:
| The best of both worlds is when you have a human supervise
| a fully automated process. You can pay them peanuts and
| still use them as liability sponges.
|
| (The term "liability sponge" is shamelessly stolen from
| https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2757236
| .)
| nefitty wrote:
| AI-aided management decisions can't come soon enough.
| Decision Model and Notation made big headway on this, but I
| don't see it discussed. They're fancy decision trees but
| can handle complex factors and are designed to be intuitive
| to reason about.
| Retric wrote:
| That's begging for some leaky abstraction to absolutely
| ruin your business.
| nefitty wrote:
| Management is made of leaky abstractions. I think of
| course that humans should still be the accountable party,
| but AI can guide baser decisions so that more time can be
| spent on the hard problems.
|
| Imagine how many thousands of hours managers have wasted
| at this point discussing WFH. They should have been
| figuring out their supply chain and labor strategy.
| ska wrote:
| This argument would be more compelling if companies were
| in general better at driving management decisions using
| all of the many data analysis techniques already
| available. Making something lower effort but also harder
| to understand and more error prone doesn't seem like an
| obvious win....
| nefitty wrote:
| I agree! I think management processes need more open
| experimentation, though. Documenting and creating
| decision trees makes those decisions more transparent
| overall. It also aids in transfer learning, something
| which, from first hand experience, is lacking on ground-
| scale. Meaning, there's a lot of management knowledge in
| people's head's that increases bus factor risk. That can
| be mitigated, whether through my proposed method or
| otherwise.
| Volker_W wrote:
| What do you mean with "leaky abstraction" here?
| dylan604 wrote:
| Computer: "It's not my fault". The sunspots made me do it.
|
| Sunspots are computers' devil.
| [deleted]
| nervlord wrote:
| tempodox wrote:
| Given that going viral on Twitter is the only functional help
| desk for such situations, "Tweet storm as a service" would be a
| promising proposition.
| ThrustVectoring wrote:
| Companies can _say_ that they won 't have an actual human
| look into your issues, but there's a person that handles
| letters that might turn into lawsuits and other legal issues,
| and you can always ensure that they get contacted instead.
| Certified mail is pretty quick to write and costs like $3 to
| send, and you can look up the company's agent for service of
| process.
|
| It might not _do_ anything - writing a letter that
| sufficiently implies that you are actually collecting
| documentation and preparing for a lawsuit is an actual skill,
| and your demands may be unreasonable for them to handle - but
| you _will_ get an actual factual human being to at least
| start reading what you 've written. And as a bonus, their KPI
| is in terms of "number of incidents per year" rather than
| "number of resolved tickets per day".
| klyrs wrote:
| You don't think that would automatically get shut down for
| spam-like activity?
| kadoban wrote:
| Most of the spam bots don't, they'd have a good shot if
| they don't put all their eggs in one basket.
| pokot0 wrote:
| I agree with you and in general the move from owning software
| to accessing a service has been detrimental for the end user
| (more costs, more problems, less control).
|
| But the restriction here is most likely just the inability to
| share (I would guess publicly). I don't believe it prevents you
| from accessing your file.
| gopher_space wrote:
| A public share might be the entire point of using a service.
| dane-pgp wrote:
| > ML enforcing rules is bad enough, not allowing false
| positives to be corrected is ridiculous.
|
| And potentially illegal. According to Article 22 of the GDPR:
|
| "The data subject shall have the right not to be subject to a
| decision based solely on automated processing, including
| profiling, which produces legal effects concerning him or her
| or similarly significantly affects him or her."
|
| I think that being accused of copyright infringement (and
| having your free speech rights curtailed) should count as
| "similarly significant" to a legal effect on someone.
| bryanrasmussen wrote:
| Free speech does not exist in the same way in the EU, where
| the GDPR exists, as it does in the U.S
|
| on edit: clarification as I seem to have offended some
| people, there is no right to free speech in Europe similar to
| the right in the U.S Bill of Rights, the closest is the
| following https://fra.europa.eu/en/eu-
| charter/article/11-freedom-expre...
|
| hope this clarifies it for people.
|
| on edit 2: here you can get a country by country overview htt
| ps://en.wikipedia.org/wiki/Freedom_of_speech_by_country#E...
| [deleted]
| jjcon wrote:
| I really don't think their copyright checks are run by anything
| in the ML domain.
| diogenesjunior wrote:
| I feel bad for the new hire who wasn't entirely sure what he was
| doing. Something similar happened at reddit[0], wouldn't put it
| past google.
|
| 0: https://redd.it/m0rmux
| reaperducer wrote:
| I've said it before, Google is trying to be the new Microsoft.
|
| https://www.theonion.com/microsoft-patents-ones-zeroes-18195...
| iameli wrote:
| All software has bugs; I'm not mad at all that this silly test
| case was flagged incorrectly. The truly infuriating part is "A
| review cannot be requested for this restriction."
|
| Translation: "We have no idea if you actually own this content or
| not, but it would be _way too expensive_ for us to find out for
| sure! So you're out of luck, but don't worry -- it's all worth it
| so we can make sure children can't stream Marvel movies from
| Google Drive! Thank you for your contributions to Disney+'s
| bottom line."
| vidarh wrote:
| A legal requirement to provide an appeals process for automated
| decisions would be a good step.
|
| Many places have restrictions like that for limited things like
| loan decisions, but it's about time to start forcing companies
| to provide a manual appeals process for other types of
| decisions that can significantly affect people.
| JamesBarney wrote:
| It'd be nice if the law had a escrow appeal process. Alleged
| violator now posts a $100 escrow, now accuser has to do the
| same. Then Google reviews it, makes a decision, and loser has
| to pay for it.
| withinboredom wrote:
| Sounds like some shenanigans you'd see on a blockchain.
| Though, if a blockchain did something like that to reverse a
| transaction, that'd be amazing.
| jacquesm wrote:
| Pretty weird that Google would be scanning files for copyright
| infringement in the first place, it's supposed to be a _Drive_
| not the enforcement arm of the copyright mafia.
| nocturnial wrote:
| Just call google support... oh... wait... right...
|
| I wonder how many ads we need to watch before google implements
| something even remotely similar to user support? How many
| billions are enough before we get support?
|
| I know I'm overreacting but I'm getting tired of these articles.
| We all know that google is messed up (to put it lightly). Some
| people here don't think that's the case and that's fine. Other
| people, including me, don't find it surprising at all.
|
| Post something about google killing cute kittens.
|
| I wouldn't be surprised but I would be interested in that story.
| blunte wrote:
| Ironically, it may end up being one of these "tiny" scenarios
| which finally does Google in.
|
| When trying to illustrate a problem or bug, one of the typically
| time consuming challenges is reducing the scenario to the minimal
| case which illustrates the problem. So thank you, @emilyldolson!
|
| Aside from an empty file, you cannot reduce this any further. It
| brings to light in simple terms that non-techies can understand
| how absurd the "ML to solve everything" promise is -- and even
| moreso how wilfully negligent companies are by providing NO human
| intervention or support when the machines break down.
| quickthrower2 wrote:
| It's a real motivator to leave Google and the MAG cloud in
| general. It has at least reminded me again to do regular Google
| takeouts.
| trhway wrote:
| > "tiny" scenarios which finally does Google in
|
| Danger of tiny scenarios - I expect that Google like any BigCo
| will try files containing only 2, 3, 7 - no bug, ok, and then
| push the fix like this
|
| if (l = read(file) ; l == "1") ... else
| cgrealy wrote:
| Given it's almost certainly a ruleset generated by an ml
| agent, it's more likely to be a change in the training data.
| bonzini wrote:
| Or just don't flag any file below 100 bytes.
| leokennis wrote:
| 15 years ago the first word that came to mind when thinking of
| Google was "magic".
|
| 10 years ago "useful".
|
| These days it's just "dread".
| bxparks wrote:
| Maybe not "dread", but distrust with a tinge of sadness. It is
| surprising to see how much their executives are willing to
| destroy Google's reputation, in search of.. I don't know..
| their next bonus and promotion? Seven to eight years ago, I was
| using probably 30-40 Google products and services. I used to
| recommend Google products to my friends and family without
| reservation. But over time, I have whittled down my dependency
| to Google to maybe 7-9 products/services. With the killing of
| Legacy GSuite, I'll be migrating to FastMail or something
| similar, and I'll be down to only a handful of Google products
| in a few months. I never thought that I would stop using Google
| Search and Chrome, but DDG and Firefox have been perfectly fine
| for me for several years now.
| notyourwork wrote:
| I think dread is a bit over dramatic. I still find utility in
| Google Maps and GMail. Some products in the Google domain are
| heading that way but I don't dread Google I treat them as a
| business with respect to my coupling to them on a case by case
| basis.
|
| I used to be a Google first, now I am one to look at all
| options and decide if its worth coupling something else in my
| life to Google. In many cases its not worth it or even
| required.
| fsflover wrote:
| > I still find utility in Google Maps and GMail.
|
| Concerning the maps, try https://openstreetmap.org
|
| Concerning the GMail, see
| this:https://news.ycombinator.com/item?id=30051054
| notyourwork wrote:
| Thanks for sharing but I wasn't really trying to debate
| whether I do or do not find utility in these. I do and I'm
| fine using them. I'm also aware of the alternatives, I use
| Apple maps from time to time, I use DDG on occasion.
| Neither is of consequence to the premise in my original
| post.
| matheweis wrote:
| > I still find utility in Google Maps and GMail.
|
| Give it time... There are a lot of people feeling that dread
| about "gmail" now. Have you seen the recent threads about
| GSuite Legacy? Small businesses and families suddenly need to
| cough up hundreds of dollars per year or figure out how to
| migrate away from a product that originally marketed itself
| as free forever.
| notyourwork wrote:
| Sure, maybe they will and maybe they won't. Personally,
| I'll be happy to pay for it and have considered over the
| last few months a migration plan away to a paid
| subscription. It's just not on top of my todo list. If
| Google started asking me to pay, I'd pay because they have
| provided this service and its pretty darn good if you ask
| me. How much I'd pay is an open question.
| aendruk wrote:
| Google Maps may not have progressed to "dread" yet, but it's
| solidly at frustration/wariness as a result of its incessant
| attempts to manipulate me. It used to be just a tool, but
| it's become an adversary.
| verytrivial wrote:
| A quick note to anyone working to reproduce this: the automated
| stupidity that caused this is of the same variety that will
| CANCEL YOUR GOOGLE ACCOUNT without recourse if your stats lean a
| certain way. Tread carefully.
| superkuh wrote:
| Play stupid games, win stupid prizes. Putting your data in a
| megacorp basket means it'll be treated primarily with
| consideration towards their legal liability first, other
| megacorps second, and you third or fourth.
| xiphias2 wrote:
| If the megacorps buy up the best competitors, there's not much
| chance left for people, just use them.
| gruez wrote:
| It's true to some extent, but in the file storage space it's
| not really applicable. There are hundreds of competitors, and
| I'm not even sure if any file storage providers got bought up
| by "megacorps".
| xiphias2 wrote:
| Not really. I'm using all parts of Google suite together as
| they are well integrated with every device I have and
| eachother. I am using Adobe cloud for photos instead of
| Google photos for example, and even there I quite often
| feel the difference in integration with the Android
| operating system.
| asdff wrote:
| Adobe software is especially annoying. There are probably
| five or six adobe launch daemons running in the shadows
| on my Mac as we speak and it's unclear if when I want to
| uninstall that their uninstaller will actually purge them
| all (in my experience, no), or I'm going to have to write
| a script to collect anything with adobe in the name and
| rm -rf. Microsoft is bad with this too on Mac at least. I
| tried killing a microsoft autoupdate daemon and I ended
| up getting a system notification like three times a day
| about it until I relented and reinstalled it.
| dmitrygr wrote:
| "A review cannot be requested for this restriction"
|
| I always did say that Franz Kafka never died. He is semi-retired
| working in google's PM org, occasionally consulting for the UX
| teams as well.
| shmerl wrote:
| Copyright was always bizarre in the sense that any information
| can be expressed as numbers. So why are some numbers more
| copyrightable?
|
| Also reminds me this ("Microsoft Patents Ones, Zeroes"):
| https://web.archive.org/web/20100607151726/http://www.theoni...
| otterley wrote:
| Any novel can be expressed as a sequence of alphabetical
| characters. So why are these copyrightable?
| shmerl wrote:
| Exactly the question you should wonder about. So translating
| in to abstract form, different numbers have different legal
| application :)
|
| Illegal numbers anyone?
| newhotelowner wrote:
| I am a small business owners. I pay for google one so that all my
| files are backed up and sync across devices. I also pay for
| backblaze to backup all my files (Just in the case google screws
| me).
|
| Is there an alternative for encrypted backup & sync between
| different computers?
| Filligree wrote:
| Plenty. One of the easiest to use is probably Syncthing, if
| you're thinking of self-hosting.
| kbumsik wrote:
| I use Dropbox for almost 10 years and I have been using it well
| so far!
|
| Dropbox offers great file history and restoration support. One
| day I deleted files permanently then the team kindly supported
| my case to restore the files within a day.
| manquer wrote:
| Depending on how technically inclined you are something like
| Tarsnap might be a good fit. [1]
|
| [1] https://www.tarsnap.com/
| hyperdimension wrote:
| You're talking about their subscription, Google [Removed for
| DMCA Violation]?
| jpambrun wrote:
| Google's bots are crazy. Thank god they sold Boston Dynamics...
| choward wrote:
| The fact that Google is scanning your files for "copyright
| infringement" is bad enough. They have no way of knowing that you
| don't legitimately own something. Then pair that with this
| example and if that isn't enough of a deal breaker for using
| Google drive I don't know what is.
| Qub3d wrote:
| Always operate under the assumption that iCloud (Apple),
| Microsoft and Google will delete any/all of your data, with no
| notice, and for no reason.
|
| Because they explicitly reserve the right to do so in their
| TOSes.
|
| Not your computer, not your data etc.
|
| (https://www.quentb.com/posts/diy-cloud-backup/)
| quickthrower2 wrote:
| Cloud drives are a cache. (Actually treat all storage as a
| cache, i.e. the data will be lost, it's just a matter of
| when.).
| Qub3d wrote:
| Good advice. This is why I encourage anyone with sensitive
| digital data (photos, important receipts, etc) to set up a
| 3-2-1 backup:
|
| _3_ copies of the data,
|
| _2_ of which are on different, local mediums (i.e. hard
| drive and a thumb drive)
|
| _1_ of which is offsite (cloud storage, safe deposit box,
| salt mine, etc)
| panarky wrote:
| _> they explicitly reserve the right to do so in their TOSes_
|
| Do you have an example of Google explicitly reserving the right
| to delete any/all data with no notice and for no reason?
| Qub3d wrote:
| https://edit.tosdr.org/points/14762
|
| Note the wording "we reasonably believe". There is nothing
| objective about this.
|
| Additionally: https://policies.google.com/terms#toc-removing
|
| > Removing your content
|
| > If any of your content (1) breaches these terms, service-
| specific additional terms or policies, (2) violates
| applicable law, or (3) could harm our users, third parties,
| or Google, then we reserve the right to take down some or all
| of that content in accordance with applicable law.
|
| Finally, buried 3 links deep in the Terms[0], we can find a
| list of some of what Google considers valid under this
| clause. A lot of it makes sense (clearly illegal things) some
| of it is subjective ("misleading content"). If you feel
| comfortable all of your data could never be interpreted by
| anyone as falling under any of these categories, be my guest,
| use GDrive.
|
| [0]: https://support.google.com/docs/answer/148505
| PaulHoule wrote:
| Must have infringed on Metallica.
| gpderetta wrote:
| Must be google's new Easter egg...
| iszomer wrote:
| "it's not a bug, it's a feature!"
| itronitron wrote:
| I guess the moral of the story is, never do business with a
| company that doesn't provide a mailing address to which you can
| mail a turd (at book rate.)
| olliej wrote:
| 1 is the loneliest IP :D
| spaniard_dev wrote:
| Who said that "Don't be evil" thing?
| fortran77 wrote:
| Ar least it wasn't flagged for illegal porn, too.
| TT-392 wrote:
| "Thanks for helping google keep the web safe"
|
| Interesting thing to add in there, how on earth does copyright
| stuff have anything to do with safety?
| mminer237 wrote:
| I assume that message is used for both trojans and copyrighted
| content and that there's quite the overlap there.
| j0ba wrote:
| Because they're doing God's work, and how dare you question
| their motives?
| tyingq wrote:
| Not that I agree with it, but here's the FBI view:
|
| _" Not only can the violation of intellectual property rights
| damage the economy, it also poses serious health and safety
| risks to consumers, and often times, it fuels global organized
| crime."_
|
| https://www.fbi.gov/investigate/white-collar-crime/piracy-ip...
|
| No helpful detail on why it's not safe.
| thomond wrote:
| That's the FBI's general view on IP rights infringement and
| covers more physical products. You can apply of that to file
| sharing.
| EdwardDiego wrote:
| Because the FBI might ask your government to enforce US
| copyright law and your overly enthusiastic leader sends
| helicopters filled with heavily armed Police officers to raid
| your house at dawn, perhaps?
|
| https://www.nzherald.co.nz/nz/dotcom-wins-settlement-from-
| po...
| zerocrates wrote:
| Since they went wide with "intellectual property rights"
| there, the references to health and safety are probably more
| in the realm of trademark and maybe patent... think
| counterfeit drugs.
|
| You can probably gin up a copyright example from, I dunno,
| the DRM system on some medical device or something, though
| that's obviously not the real focus of their copyright
| enforcement work.
| coliveira wrote:
| But drug safety is not an issue of copyright, but of
| physical control of medications. You don't need to break
| the copyright of a drug to create and distribute fake
| medication.
| dane-pgp wrote:
| But you might be able to trick more people to buy your
| fake medication if you put another company's logo on it.
| I'd hate to think that a country's procedures for
| stopping copyright infringement are so efficient that
| they are the optimal route for preventing the
| distribution of fake medication (even making trademark
| law pointless), but I must admit that comparing two
| images is simpler than comparing the composition of two
| medications. Corporate needs you to find the difference
| between these two approaches.
| onion2k wrote:
| If Google has the copyright on "1", they only need to get "0" as
| well and they'll have everything.
| vmception wrote:
| Here is a joke that relies on the assumption that the platform
| is suggesting they own the copyright, instead of someone else
| that isn't the user.
| misnome wrote:
| All copyright-infringing files are ~50% 1's, therefore there is
| a 50% chance of every file with a 1 in being copyright-
| infringing!
|
| Statistics don't lie, which is presumably why google employs so
| many of them, to calculate these efficiencies.
| denton-scratch wrote:
| > Statistics don't lie
|
| However statistics can be used to confuse.
|
| If a file is 50% 1's, then a 1-digit file has a 50% chance of
| infringing. More than that, the chance of infringement grows
| pretty fast.
|
| Also, if "1" is copyright, then a file with a "1" in it is
| infringing; there's no chance there. It's certainty.
| tyingq wrote:
| Already there, I made some test files. The ones with "1",
| "1\n", and "0\n" are all now flagged.
| https://news.ycombinator.com/item?id=30063319
|
| So, "someone" has them copyrighted.
| gvb wrote:
| 0 = 1 - 1 so they have everything already!
| smnrchrds wrote:
| Only if they have patented -
| gvb wrote:
| Point of order: you've changed the method of restriction
| from copyright to patent.
| wlesieutre wrote:
| Not - as an abstract concept, but perhaps "a method and
| apparatus for subtracting numbers"
| tragomaskhalos wrote:
| There must be some internet law that states something
| like "no flippant comment about the absurdities of
| copyright law is so crazy that a patent troll won't be
| inspired by it"
| version_five wrote:
| Or XOR
| bluecheese33 wrote:
| https://www.smbc-comics.com/comic/2012-08-29
| Animats wrote:
| File a DMCA counter-notice, of course.[1]
|
| You may have to do this the hard way, via Google's address for
| service of process.[2] Use registered mail or FedEx.
|
| There's also the option of taking Google to arbitration. Legal
| advice from one of those "free quick consult" services may be
| helpful.
|
| [1] https://www.nolo.com/legal-encyclopedia/responding-dmca-
| take...
|
| [2] https://support.google.com/faqs/answer/6151275
| watusername wrote:
| Can you file a counter-notice _in absence of_ a DMCA notice?
| The problem at hand is not DMCA.
| Animats wrote:
| Google claimed a copyright violation and did a takedown.
| That's what DMCA counter-notices are for. They phrased it in
| other terms, but ask a lawyer if that matters.
| manquer wrote:
| It matters for counter notice that they didn't issue a DMCA
| notice, you can always sue them of course, but since the
| first action is not under framework of DMCA, you cannot
| issue a counter notice to what is not a DMCA notice.
|
| The lawsuit is not strong either because their ToS says
| they can delete your all your data for any and no reason at
| all.
| ccbccccbbcccbb wrote:
| No surprise here. One World Corporation is going to reserve 1 for
| itself. This tweet is just a test drive.
| marivilla wrote:
| Google Drive also offers client side encryption, which would make
| this scanning ineffectual:
| https://flowcrypt.com/blog/article/2021-06-14-google-workspa...
|
| So as long as you have a ton of money and are a corporation your
| privacy should be just fine
| Devasta wrote:
| No pity, if you are using Google products for anything important
| you only have yourself to blame.
| ChicagoBoy11 wrote:
| I experienced something similar building an internal tool on
| GSuite. I had a large file with sequences of 9 digit numbers
| specific to our use-case, all tied to names of people
| (employees). Whelp, at one point the tool I was working on
| stopped working, and it was flagged as apparently containing
| social security numbers (which I suppose matched the character
| length).
|
| Whelp, on the admin panel, you can get a report of those files,
| and then mark it as a false positive. Which I did. But then
| nothing happened, and nothing changed. It was no use.
|
| The hilarious bit: It did, of course, allow me to make a copy of
| the file in question, and then just point the resource I was
| building to the new file, which was exactly the same. Weeks
| later... so far, so good.
| slig wrote:
| Google is working very hard to make everyone drop their shitty
| services.
| Arnavion wrote:
| This is another case for only pushing encrypted files to
| storage hosts, unless it's against Google Drive's TOS or
| something. Has anyone tried it? Did Google complain?
| stevens37 wrote:
| yes
|
| openssl enc -e -aes-128-cbc -in ${1} -out ${1}.cr -iter
| +123456 -k <password>
| aspenmayer wrote:
| If you don't know about this feature of rclone, you're in for
| a treat! Combined with unionfs or mergerfs, or the builtin
| union function, you can have cached local decrypted mounts of
| locally encrypted remote mounted directories on gdrive,
| mirrored to a local folder.
|
| https://rclone.org/crypt/
|
| https://rclone.org/union/
|
| Edit: there is also the (sorta abandoned, or
| finished/complete depending on your pov) plexdrive project,
| which does a bit of Plex server specific opinionated stuff
| and mounts gdrive read only, but which may help with reducing
| API quota usage according to some reports. I've never had any
| issues with the quotas that I'm aware of, but I did have to
| tune my settings a fair bit to get it dialed in on a somewhat
| memory constrained vps.
|
| https://github.com/plexdrive/plexdrive
| anon9001 wrote:
| Tarsnap is entirely encrypted and the service provider can't
| see the keys. They run it on EC2 and S3:
| https://www.tarsnap.com/infrastructure.html
| xcjs wrote:
| I have an Enterprise Gsuite account with 50 TB of encrypted
| data for around 5 years (this was of course prior to the
| rebranding). I've had no complaints from Google so far.
| aspenmayer wrote:
| You use rclone, or another stack? I'm always trying new
| tools in this space.
| Kim_Bruning wrote:
| This is why running filters on automated data is never a good
| idea, and should never be accepted (at least for enterprise
| applications, but really for anything) .
| spicybright wrote:
| That's ridiculous. Storing social security numbers is necessary
| for lots of businesses.
|
| Imagine your filing cabinet not letting you file employment
| forms with a SS# on them.
|
| It's the sticky note password problem all over again...
| 015a wrote:
| This isn't some default thing on G-Suite; its the DLP setting
| which enterprises can elect to toggle on, if they pay for the
| most expensive G-Suite plan. It also, afaik, only applies to
| shared files.
|
| It does not work, in such a myriad of ways that I'd be blown
| away if it wasn't just some summer intern's project three
| years ago and it hasn't been touched since. But it does check
| boxes for audits. And enterprises don't care about actual
| security, they just want to check boxes for audits.
| driverdan wrote:
| > That's ridiculous. Storing social security numbers is
| necessary for lots of businesses.
|
| They should absolutely not be stored in a GSuite document.
| SSNs should be treated more securely than credit card
| numbers.
| jsymolon wrote:
| > SSNs should be treated ...
|
| As someone who dealt with identity theft, SSN should only
| be collected if contact with the SSA is needed. I.E.
| payment of social security benefits.
|
| Any and ALL other "ID", nope. Use some other number.
| spicybright wrote:
| I definitely agree, but in america it's impossible to be
| legally employed without your employer having your SS# on
| record.
| inetknght wrote:
| Well, yes. Employers need to talk to the Social Security
| Administration regarding your social security
| withholdings...
| AnthonyMouse wrote:
| You say things that are true, and yet they are
| inconsistent with existing practice. Is there a word for
| this?
| aspenmayer wrote:
| Not even wrong.
|
| https://en.wikipedia.org/wiki/Not_even_wrong
| ldoughty wrote:
| "I'm sorry, we can't put you in the system without it..
| it wont let us"....
|
| I always omit SSN, but often can't get away with it.
| panarky wrote:
| My dentist said I couldn't leave the SSN field blank so I
| filled in 867-53-0909.
| inetknght wrote:
| > _As someone who dealt with identity theft, SSN should
| only be collected if contact with the SSA is needed._
|
| You wanna tell that to phone carriers, internet service
| providers, electricity providers, and even water
| providers?
| bob1029 wrote:
| > SSNs should be treated more securely than credit card
| numbers.
|
| I disagree. Both SSNs and credit card numbers should be
| treated with equal consideration.
|
| Establishing arbitrary classes of PII protection based upon
| perceived severity of compromise is a bad strategy. In the
| market we work in, you either get this 100% right or you
| don't get it right at all. There is no happy middle-ground
| when you are selling software to banks or other such
| organizations. No one is interested in "mostly" correct
| when it comes to PII they are responsible for protecting.
| bonzini wrote:
| Which is a problem of its own, since they're effectively
| usernames.
|
| Secure usernames that have no corresponding password is
| already an oxymoron; that's what credit card numbers used
| to be, hence the introduction of the CVV, 3DSecure and so
| on; but at least a credit card can be blocked with relative
| ease. But SSNs are secure _unchangeable_ usernames, which
| makes even less sense.
|
| Do any countries other than the US have such an
| abomination, where you can figure out the SSN of someone
| and ruin their life?
| C19is20 wrote:
| Italy: https://ilmiocf.it lets you generate your
| equivalent of an ssn (fiscal code). And, yes...if you
| know someone's very basic details you have the number.
|
| For US viewers, enter 'stati uniti' as 'comune di
| nascita'.
|
| Use deepl.com for the bit at the bottom.
| spicybright wrote:
| Not that I know of. It really is a horrible system. But
| it's not one I want Google trying to solve.
| AnthonyMouse wrote:
| You can actually change your social security number in
| the circumstance of "victim of identity theft continues
| to be disadvantaged by using the original number":
|
| https://faq.ssa.gov/en-us/Topic/article/KA-02220
|
| It's a huge pain, obviously. Especially when you get to
| all the systems which blindly assume it isn't possible.
| But you can do it.
|
| They ought to just open it up and let anyone who requests
| to change it once a year no questions asked.
| spicybright wrote:
| Should, yes, but in practice not really. I'm talking more
| about employee information.
|
| You need it for tax forms, background checks, citizenship
| queries, sometimes bank information, etc.
|
| So your options are:
|
| 1. Store them locally on a computer. Typically on some old
| windows 7 machine in the corner that hasn't been updated in
| some time.
|
| 2. Store documents physically. Which will either be scanned
| onto random computers belonging to whoever needs them to be
| sent through probably insecure mail servers.
|
| Or worse, your boss taking a picture of your form and
| sending it to people that way, leaving the form on their
| phone.
|
| 3. Some other online storage like whatever M$ is offering
|
| 4. Use google and somehow store SS#'s somewhere less
| secure, or obfuscate them in a way no one but a few people
| will understand and hope they don't block any other files
| you upload.
|
| Businesses have been deciding how to manage these things
| since the start that work best for them. Having google
| force you into procedures that might not work for your use
| case is annoying at best. And they obviously don't know
| best if they have issues like in OP's post.
|
| It's like they take away your gun so you can't shoot
| yourself in the foot, then fires it at things it thinks are
| problems hoping not to hit your feet.
|
| And what's a few toes to a company the size of google?
| nathanaldensr wrote:
| Thanks to Equifax, SSNs are effectively public anyway.
| madaxe_again wrote:
| Why? You can figure out someone's SSN if you know where
| they're from and what their birthday is. They're highly
| predictable - particularly given that you'll often see the
| last four digits as the "obfuscated" version in lists etc,
| and the first three are state, and the next two are based
| on when they were born. Put the two together, and job done.
| They're effectively public data. The fact that they're used
| as a magic security number/identifier is frankly mind-
| boggling.
|
| Citation: https://www.pnas.org/content/106/27/10975
| vidarh wrote:
| Not just that, but official US government websites publish
| plenty of data with SSNs of dead people in them. For my
| genealogy research I have plenty of SSNs sitting around for
| relatives to emigrated to the US because they've happened to
| show up in searches.
|
| E.g. here[1] is one of Ancestry's many catalogs based on US
| government data dumps that even allows you to explicitly
| search by SSN.
|
| So even if one were to argue that SSNs of living people
| shouldn't be in GSuite, and there may be many good arguments
| for that, there are vast quantities of SSNs out there that
| are explicitly and openly shared by the government. If Google
| starts blocking me from accessing any of my files with notes
| about family history, I'll be pissed off.
|
| I guess it's time to move off Google Docs too (I've largely
| left Gmail)
|
| [1] https://www.ancestry.com/search/collections/60901/
| kwhitefoot wrote:
| Is this a tool that you pay money for? Sounds like it fails the
| 'fitness for purpose' test.
| wanderingmind wrote:
| Maybe just use rclone or other tools to store encrypted files at
| rest in drive.
| everyone wrote:
| It's so dystopian / Kafkaesque it's like a parody.
|
| "Thankyou for helping google keep the web safe"
|
| followed by...
|
| "A review cannot be requested for this restriction"
| slig wrote:
| Computer says no.
___________________________________________________________________
(page generated 2022-01-24 23:02 UTC)