> I'm surprised how few competitors there are in the Dropbox space.
There used to be many more - Sugarsync, AeroFS, Syncplicity, just to name a few - all bit the dust. Box.com found a niche serving business document flows; Gdrive, iCloud, OneDrive, all survived thanks to being features in a broader Big Tech suite. Everybody else? Outcompeted, plain and simple. Dropbox was just a cut above.
(I used to work at one of the companies named above, so although it's just one person's opinion, it's at least as informed as anyone else's here :) )
Right! Naturally, our Congress is full of technical and administrative expertise and totally has the time, patience, and will to cleanly and carefully craft the wide body of regulation we've grown to require for a smooth and healthy and productive society. No reason for those awful technocrats to usurp such authority when we've got a capable and knowledgable legislative branch capable of doing the work just as well.
> the wide body of regulation we've grown to require for a smooth and healthy and productive society.
If you actually believe this is true, I have some sad news for you. Does the term "regulatory capture" mean anything to you?
> those awful technocrats
If you actually believe the "technocrats" have the knowledge required to craft regulations that actually are a net benefit, again, I have some sad news for you.
There is no magic solution to the "problem" of "how to dictate rules to a large society that will keep things smooth and productive". The problem is fundamentally intractable if you insist on looking at it that way.
There is another option, which is to not dictate rules at all, unless you absolutely have to in order to have a civil society in the first place. For example, we have laws against things like murder and theft and fraud, because you can't have a civil society if those things aren't deterred and punished.
But the vast majority of the laws and regulations we have in place now are not doing that. They're attempts to micromanage from the top something that fundamentally cannot be micromanaged from the top. Nobody has enough knowledge to do that. So we should stop doing it.
Giving up is not a strategy.
Regulations are painful in that they obviously reduce economic productivity, but not having any at all is pretty much guaranteed to be a disaster.
For example, allowing poisonous chemicals in your food supply or drinking water is insane. Unless you are OK with the free market sorting all that out (after your family dies horribly).
> Regulations are painful in that they obviously reduce economic productivity
That's usually true, but it's not the main problem. The main problem is that the regulations don't actually regulate, in the sense they need to. All they do is entrench the incumbent corporations that paid good money for them, by making it harder for competitors to enter their markets.
> allowing poisonous chemicals in your food supply or drinking water is insane.
Sure. And humans somehow managed to obtain food and water that didn't have those things for thousands of years, even though there were no government regulations prohibiting them. How do you suppose that happened?
> Unless you are OK with the free market sorting all that out (after your family dies horribly).
You're assuming that food and water providers would be able to do such things in a "free market". But doing such things is obviously bad for business, so providers would have a strong incentive not to do it in a free market, since in a free market, doing things that are bad for business makes you go out of business.
In our current regulatory environment, however, large corporations can do many things that are bad for business, as long as they can get government regulators to agree to let them. For an example from a few years ago, a major aicraft manufacturer got the FAA to approve a change to one of its oldest aircraft types that ended up killing two airplanes full of people. How? Because the FAA didn't even look at the change: the "regulation" had evolved to the point where the FAA just took the manufacturer's word for it that everything was OK.
In a free market, such an aircraft manufacturer would be out of business. But of course in our current regulatory environment that can't happen, because regulation has forced aircraft manufacturers to amalgamate to the point that neither of the two biggest ones can ever be allowed to go out of business--too many long chains of dominoes, including much of the US's military capability (and not just in airplanes), depend on them.
> > allowing poisonous chemicals in your food supply or drinking water is insane.
> humans somehow managed to obtain food and water that didn't have those things for thousands of years
You really can't compare pre and post industrial revolution like that. Large scale synthesis of toxic chemicals as a byproduct of some unrelated industry just wasn't a thing previously.
> In a free market, such an aircraft manufacturer would be out of business.
Extremely doubtful. Air travel has been intentionally pushed to a ridiculously high level of assurance by regulation. I don't think the free market would have selected for the current cost vs safety balance on its own.
I appreciate where you're coming from, that a large portion of existing regulation is gratuitous, being structured the way it is primarily for the benefit of the incumbent. But that doesn't mean that such regulation isn't doing anything useful at the same time.
> I don't think the free market would have selected for the current cost vs safety balance on its own.
Possibly not. Possibly in a free market people still would fly on an aircraft type that was known to have had two recent crashes that killed everyone on board. I wouldn't, but perhaps I'm an outlier.
But if people would be willing to fly on such an aircraft in a free market (which means that the value of flying on it, to them, is greater than the cost, even including the expected cost of the risk of a fatal crash), then the logical consequence is not that our air travel regulations are doing good; it's that our air travel regulations are overestimating (possibly drastically) the value we actually put on human life, and therefore are diverting large amounts of resources to things that actually are worth less to us than they cost. That's not a net benefit.
Some people are willing to be drive drunk. This doesn't mean that taking into account the views of people who don't want to be killed by drunk people when determining who gets to use the roads is "overestimating the value we actually put on human life"
(also, without the safety reporting infrastructure and mandatory disclosures the average person would have absolutely no ability to learn whether the crashes said anything about the safety of the aircraft as a whole. You'd have never known about the 737 Max crashes otherwise, just like if you've ever flown before you evidently didn't know about the last couple of crashes that aircraft type had that killed everyone on board...)
In addition to all the other things I pointed out, there's a very simple and obvious difference between this and the airplane case: a person choosing to drive drunk imposes some risk on everyone else who uses the same road they do. But a person choosing to fly on an unsafe airplane imposes no risk on anyone but themselves; their choice doesn't force anyone else to fly on the same airplane.
> In addition to all the other things I pointed out, there's a very simple and obvious difference between this and the airplane case: a person choosing to drive drunk imposes some risk on everyone else who uses the same road they do. But a person choosing to fly on an unsafe airplane imposes no risk on anyone but themselves; their choice doesn't force anyone else to fly on the same airplane.
There is a very simple and very obvious similarity which is that people do not consent to be hit by drunk drivers or poorly maintained aeroplanes. Hence we regulate.
Honestly, I find it unfathomable that you could write so many words across two comments trying to reinvent aviation safety from first principles and not grasp this.
> people do not consent to be hit by drunk drivers
True.
> or poorly maintained aeroplanes
But that's not something a person can affect by their choice of whether to fly on such an airplane, which is what we've been talking about, assuming the airplane is already in operation. That risk is being imposed by the airline that's skimping on the maintenance.
People can affect this indirectly, by choosing not to fly on unsafe airplanes, which will cause airlines that try to operate such airplanes to go out of business (as well as manufacturers who try to build them). Indeed, that's what I was describing when I described how a free market would result in unsafe airplanes not being flown.
Your position, in the other subthread where I responded to you a little bit ago, appears to be that people are too stupid (excuse me, "unworldly") to be trusted to regulate such things as I've described in a free market, so governments have to regulate instead. Have I got that right?
> But that's not something a person can affect by their choice of whether to fly on such an airplane, which is what we've been talking about
No, that's something you are talking about as you avoid the actual argument that badly flown and maintained aircraft represent a threat to people that didn't make an informed choice to fly on them.
One could also argue that drink driving regulation is unnecessary because in a free market nobody will choose to drive drunk, and this would be somewhat less stupid than arguing that it's unnecessary to regulate aviation safety because it would be impossible to operate an airline without equivalent or better safety records in a free market.
> Your position, in the other subthread where I responded to you a little bit ago, appears to be that people are too stupid (excuse me, "unworldly") to be trusted to regulate such things as I've described in a free market, so governments have to regulate instead. Have I got that right?
My actual argument is that badly flown and maintained aircraft represent a threat to people that didn't make an informed choice to fly on them
But yes, governments also protect people whose confidence they know better than the stupid experts is exceeded only by their ignorance.
There is indeed no common ground to be reached with somebody who is not only unable to grasp a concept as simple as regulations simultaneously protecting more than one group of people, but thinks repeatedly failing to understand something so basic is an actual gotcha...
I'd say it was like arguing with a toddler, but that's unfair because I'd expect many toddlers to understand "even if people want to fly really dangerous aeroplanes, that might not be fair on who they crash into".
> Some people are willing to be drive drunk. This doesn't mean that taking into account the views of people who don't want to be killed by drunk people when determining who gets to use the roads is "overestimating the value we actually put on human life"
You're assuming there is just one such value. There isn't. People who are willing to drive drunk put less value on human life than people who aren't. We deal with that by penalizing people for driving drunk, to give them another incentive not to do it. And, as you say, we do that because people who drive drunk are doing it on the same roads as everyone else, and many if not most people have to use the roads as part of their daily lives, and they value their lives more than the people who choose to drive drunk do.
Also, the person who drives drunk bears risk--they can get injured or killed themselves. They can control that risk
Air travel is not like that. Most people do not have to travel by air as part of their daily lives. Plus, the people who design, build, and maintain the airplanes are not the ones who bear the risks of a crash: the crews and passengers do. So the incentives involved are different.
But there's another aspect to this as well. An airline is not going to operate an airplane unless they can sell enough seats to make it profitable, and not just for one flight, for the expected lifetime of the airplane. So we're not talking about one person choosing to drive drunk. We're talking about enough people choosing to fly on an airplane type that's known to have had fatal crashes due to a design flaw, for a long enough time to make it profitable for an airline to operate that airplane. That is the hypothetical I was responding to, and in that hypothetical, you can't make the kind of argument you're making, that it's a small minority of obvious outliers who are making what you consider to be the "bad" choice.
And it wasn't my hypothetical, I was just responding to it. I actually don't agree with its premise: I don't think that in a free market enough people would choose to fly on such an airplane to make it profitable for an airline to operate it. And at least one reason why I believe that is the differences between that hypothetical scenario, and the current reality of some people choosing to drive drunk, which I've just described.
> without the safety reporting infrastructure and mandatory disclosures the average person would have absolutely no ability to learn whether the crashes said anything about the safety of the aircraft as a whole
Straw man. In a free market where people knew they could not depend on the government to "regulate" (and, as I've pointed out, it didn't in this case), people would refuse to fly on airplanes whose safety records were not well-documented and attested public knowledge. To do otherwise would be obviously foolish. The only reason people don't seek out more such information now is that they believe the government has their back so they don't have to. And that belief, as we've seen, is not justified. In a free market, indeed, a safety reporting infrastructure not very different from what we have now would be expected to evolve--but because it was not run by a government and could not take advantage of the free pass the government gets to skimp on regulations, it would have to build and maintain a justified track record of accuracy.
> You'd have never known about the 737 Max crashes otherwise
You must be joking. They were worldwide news. We didn't need government safety reporting to tell us that two 737 Max aircraft crashed killing everyone on board. Which all by itself would make any sane person not want to fly on a 737 Max aircraft until they understood what had happened and were convinced the root cause had been fixed.
Indeed, the safety reporting system, if anything, contributed to facilitating the crashes--by not bringing to light the many instances of reports by pilots of US flag air carriers about odd behavior of 737 Max aircraft in exactly the same conditions that led to the two crashes. The existence of those reports only came to light, as far as the public was concerned, after the fact, when it was too late.
> Straw man. In a free market where people knew they could not depend on the government to "regulate" (and, as I've pointed out, it didn't in this case), people would refuse to fly on airplanes whose safety records were not well-documented and attested public knowledge. To do otherwise would be obviously foolish. The only reason people don't seek out more such information now is that they believe the government has their back so they don't have to. And that belief, as we've seen, is not justified. In a free market, indeed, a safety reporting infrastructure not very different from what we have now would be expected to evolve--but because it was not run by a government and could not take advantage of the free pass the government gets to skimp on regulations, it would have to build and maintain a justified track record of accuracy.
LMAO. Perhaps leave lecturing what transport looks like in the absence of regulation to people who've actually seen what transport looks like in the absence of any effective regulation (hint: the public does not rely on independent safety reports or indeed have access to much accident reporting at all, the transport is usually [over]full, and yes it kills a lot more people than commercial aircraft, sometimes including people that didn't consent to use the transport). Even specifically within the sphere of aviation there's this not-that-little country called Indonesia whose airlines were banned from operating in the West for a long time because of an extremely well known lack of adequate safety standards, and an accompanying tendency to plunge passengers to a fiery death. It was one of the fastest growing air transport markets in the world.
People whose extreme ignorance of transport safety is exceeded only by their overconfidence they'd do a better job than the regulators are of course precisely the people such regulation aims to protect.
> You must be joking. They were worldwide news
They were worldwide news because of mandatory disclosures and independent safety regulation which in unregulated transport environments simply do not exist. If these did not exist, you would have no reason to assume that aircraft crashes in Ethiopia and Indonesia have any bearing on the safety of your flight in the USA. (You're evidently not aware of the other six serious crashes involving Lion Air, the operator of the first Boeing 737 Max across its first two decades of operation, and certainly won't have boycotted the aircraft types involved as a result). If you wanted to get a bus or ferry in Indonesia, you wouldn't have the first clue which ones operated to adequate safety standards or not. This is not because Indonesians trust their government; it is because the libertarian fantasy of independent third parties seamlessly filling in the knowledge gaps is not a reality. Take it from someone that actually spent the first part of their career working for a company that collected data on the aviation sector...
> there's this not-that-little country called Indonesia whose airlines were banned from operating in the West for a long time because of an extremely well known lack of adequate safety standards, and an accompanying tendency to plunge passengers to a fiery death. It was one of the fastest growing air transport markets in the world.
So why is that? Because Indonesians don't value human life the way people in the US do? Maybe that's true. Maybe there's a much wider variation in the world as far as how humans value human life, than we Westerners assume. And if that's the case, then maybe Indonesia's unsafe airlines are fine for Indonesians. But that doesn't mean that the same sort of thing would happen in the US if people in the US understood that government regulation could not be relied on to protect them from unsafe airplanes.
Or do Indonesians want safer airplanes, but can't get them? Why not? And if they want safer airplanes but can't get them, why do they fly on the unsafe ones?
> it is because the libertarian fantasy of independent third parties seamlessly filling in the knowledge gaps is not a reality.
Why doesn't this happen in Indonesia? Because the Indonesian government keeps it from happening? Historically that's the reason: governments can't regulate, but also can't allow third parties to provide the information the government can't, because that would undermine their power.
Maybe it's just because the libertarian fantasy that if the government doesn't regulate something the private sector will do a much better job is slightly less plausible and well evidenced than the average story involving wizards and magic.
Honestly, if you're so naive about how the adult world works that you think the most likely reason why unconnected third parties don't get access to all the information required to properly audit an airline's safety practices (even if they've somehow found a B2C business model to conduct such audits) is that the government stops them, you're precisely the sort of uworldly person such regulation is intended to protect. Well, you and the people that don't trust in unregulated airlines but run the risk of being hit by their aircraft anyway....
> the libertarian fantasy that if the government doesn't regulate something the private sector will do a much better job
I have never claimed "much better". But given the overall track record of government regulation in actually protecting people from the harmful things it's supposed to protect them from, it would be hard for any private effort to do worse. If you disagree with that, evidently we don't live on the same planet and there's not enough common ground between us for a useful discussion.
That said, perhaps it might help if I rephrase things somewhat. I'm accepting, at least for the sake of argument, your claim that, for example, Indonesians have no way of getting any reliable information about which buses, ferries, etc. are safe (and that the same was true of airplanes for many years, but perhaps that's changing now).
And that makes me wonder: why do people even use these things, if they have no information about their safety? Or why don't they find some way of getting the information? Why can't someone start a business that provides it? Would people just not pay for it because they think such information should be free? What's the mindset here? Am I really that much of an outlier, that it seems obviously foolish to me to be using these things if you have no way of getting reliable information about their safety? Is Indonesia, for example, really full of such "unworldly" people who need to be protected from their own unworldliness?
You call such ideas as starting a business to provide people with such information a "libertarian fantasy". To me the fantasy is the idea that government regulation can be depended on to "protect" the "unworldly" people who otherwise will happily do unsafe things. As I said above, the overall track record of government regulation gives no basis for any such belief.
> you're precisely the sort of uworldly person such regulation is intended to protect
I don't know where you're getting this from, since I've already said elsewhere in this thread that I personally would not fly on an airplane whose safety record I have no reliable information about. It's quite true that my current best source of such information is the US government. But that doesn't mean that situation is the best that can be done.
> the people that don't trust in unregulated airlines but run the risk of being hit by their aircraft anyway
> But given the overall track record of government regulation in actually protecting people from the harmful things it's supposed to protect them from, it would be hard for any private effort to do worse. If you disagree with that, evidently we don't live on the same planet and there's not enough common ground between us for a useful discussion.
Yes, evidently we don't. On the one hand, I live in a world in which regulation has ensured that a thin aluminium tube fuel of highly flammable fuel which takes off and lands at several hundred mph and is the paradigm example of "how metal fatigue causes things to break in unexpected ways" on engineering courses is actually the safest form of transport by some margin, with aviation safety records being strongly correlated with levels of regulation. On the other hand you think the Wild West and Somalia represent safety models it should move towards.
Honestly, if you have so little grasp of how the world of business works that you think the biggest obstacle to some random third party conducting an audit of an airline's operations, maintenance and safety practices to share with consumers is the government (you honestly can't grasp that the airline needs to cooperate and almost certainly doesn't want to?!?!) maybe it's for the best we don't take your advice on how to improve the industry...
> I don't know what you mean by this.
I can see how the concept that unregulated airlines' planes can crash into people who didn't choose to fly with them is very difficult to understand if you are either four years old or four comments deep into insisting that poorly maintained aircraft crashing isn't a problem because the people on the plane made rational and informed choices to be there
I agree entirely with the sibling comment. Put another way, just because the layman majority would accept something under a given set of conditions that doesn't make it right or ideal or something to strive for.
Even given the current environment Boeing still tried to (unsuccessfully) shift blame away from themselves. Imagine how that might have gone differently in a "free market" where "unencumbered" by regulation there wasn't even proper investigation or disclosure.
More generally, you seem to be approaching this with the a priori assumption that whatever the free market would arrive at is the correct result. Given that we're considering the merits of various regulations it seem to me that begs the question.
> a "free market" where "unencumbered" by regulation there wasn't even proper investigation or disclosure.
Straw man. As I pointed out in another post upthread, in a free market, nobody would fly on Boeing aircraft (or anyone's aircraft) if they did not have a well documented and attested safety record, and independent parties would be in the business of documenting and attesting to such things. And since those independent parties would not be able to get the free pass the government gets to skimp on regulations as they did with Boeing, they would have to build and maintain a track record of accuracy.
The only reason people don't seek out such information independently now is that they believe the government has their back so they don't need to. Which, of course, is an unjustified belief.
> you seem to be approaching this with the a priori assumption that whatever the free market would arrive at is the correct result.
I have made no such assumption. There is no single "correct result", and people like me who favor free markets don't do so because we think they can produce any such thing. We favor free markets not because we think they are perfect, but because the alternatives are even worse.
The history of government regulation bears this out. Sure, when everything is going nicely, regulation looks good, and it's easy to talk about how a "free market" (which actually just means "if this particular regulation were to suddenly go away without anything else changing", which is a straw man) would be worse.
But the failure modes of government regulation are worse than those of a free market. The failure mode of a free market is that transactions that could create value don't happen--people don't fly because they can't get reliable information about aircraft safety, for example, so airlines go out of business and a lot of potentially valuable things can't happen because they would need air travel as an enabler. The failure mode of government regulation, as we've seen, is that people are killed out of the blue because the government they thought was protecting them, wasn't.
The idea that being "bad for business" is a sufficient disincentive to dissuade commercial entities in a free market from harming and killing people is risible.
Even if you eliminated the immunity shield for corporate leadership so they couldn't skate after their company goes bankrupt, there would still be innumerable risk-takers willing to gamble with human lives to make more money.
I expect the argument you want to make is that having people harmed and killed is an acceptable sacrifice for greater economic efficiency, but you're aware that it doesn't play well — especially when the benefits of economic efficiency tend to flow to the people doing the killing rather than the people being killed.
Don't put words in my mouth. I have never said that people being harmed and killed is acceptable. My disagreement is about whether government regulations, on net, actually result in fewer people being harmed and killed, or more. That's a factual disagreement, not a disagreement about values. If I believed, factually, that government regulations actually did result in fewer people being harmed, on net, I would be in favor of them, no matter what libertarian beliefs I might have in the abstract. But my factual belief is the opposite.
To the extent it's true that being "bad for business" is no longer enough of a disincentive for corporations, as I've already said, one key reason is that the corporations have bought regulations that favor them and disfavor potential competitors.
It's true that that's not the only factor involved. Corporate governance is broken. A big part of that is also government regulation, which does to some extent prevent outright fraud (for example, the S&L debacle in the 1980s), but is perfectly fine with other practices, like golden parachutes for executives and corporate takeovers in which the buyer gets the assets but offloads the liabilities on the taxpayers, that do just as much damage, if not more. All of these things are regulated--but the regulations don't stop harm from being done.
There is one other factor that works against corporate governance which is not, in itself, a product of government regulation: the fact that most share ownership now is not individual stockholders but mutual funds. That means most people don't even know what corporations they own even small pieces of. But mutual funds are a big advantage for most people investing for their retirement, because they're an obvious hedge against risk, so they would exist even in a true free market without any government regulation. The problem is that, as far as the individual corporations are concerned, their time horizon is now much shorter. The mutual fund has to care about providing returns over a long time horizon, because it's holding people's retirement accounts, which might not be drawn on for decades. But the corporations only see short term trades being made, many of them by those same mutual funds, trying to increase their returns. So corporations have to focus much more on short term returns instead of long term planning.
That would be one area where a government ought to be able to improve things, because a government's time horizon ought to be long-term. But it isn't. Government's time horizon is the next election. So even in this area, governments are actually worse than corporations.
This argument is on the level of anti vaxxers questioning vaccines when they dont see those diseases anymore. One can only make such an argument by being offensively ignorant of history.
> This argument is on the level of anti vaxxers questioning vaccines when they dont see those diseases anymore.
I have no idea where you're getting this from; the argument I'm making is nothing at all like this. Indeed, I have pointed out many bad things that still exist even in the presence of massive government regulation, and are not stopped by such regulation even though they are exactly the kinds of things the regulation was supposed to stop. That is the opposite of what you are claiming my argument is.
> One can only make such an argument by being offensively ignorant of history.
I pointed out elsewhere in the thread who I think is ignorant of history, and it isn't me.
Regulation didn't cause mergers. Non-enforcement of anti-trust law did. M&A's simply should not have been approved over the last few decades the way they were. You're trying to say it was the regulations that were the problem, but it is unironically the size of the regulated compared to manpower of the regulator that was the problem, which becomes a non-issue when you don't keep allowing mergers and acquisitions. Many small redundant competitors is manageable and a veritable incubator for innovation. One massive Leviathan conglomerate is a vehicle for regulatory capture and public abuse. You complain about the FAA, when the true culprit was the FTC approving mergers time after time freeing up capital that'd otherwise have needed to be put to use gaining competitive advantage and innovating for use to muck with the political landscape. Get where you're coming from, but you're blind as to the cure. A regulation could 100% have avoided the MAX situation. That regulation had nothing to do with airplanes, but maintaining a healthy and competitive domestic civil air transport industry, rather than a massively conglomerated one. We know corporate hierarchies attract psychopaths. The aim is to have as many slots at the top so that enough of them can be filled with the non-psychopathic so that society isn't held hostage by a handful of TBTF's all governed by psychopaths. If it is in threat of being TBTF, it should unironically be priority 1 to split, subdivide, and duplicate until redundancy allows part of it to be able to safely fail. Only then can it safely managed.
Indeed, I’m not sure what compels people to compare real regulatory systems from now or history to some imaginary free market where producers always act in their long-term interest and consumers always have perfect information.
Every functioning society on earth regulates food drugs and infrastructure. We lived through the unregulated version for centuries, and it took mountains of dead children and poisoned workers to win the rules we have now; tearing them down just means ordinary people will pay the price all over again.
Capture is a failure mode of every institution humans have ever built, including the courts we presumably still want. The answer is to design better institutions, not to get rid of them and hope things work out.
> We lived through the unregulated version for centuries
In the sense that we didn't have, say, the FDA, yes, that's true. But that doesn't mean food production, for example, was unregulated. It means it was regulated by the voluntary choices of people producing and consuming food. That system did not produce "mountains of dead children and poisoned workers". Those things happened after food production became a mass industry, not before.
There was a difference, before food production became a mass industry: most people knew the people who were producing their food, personally. That does change the incentives involved. One could make a case that, now that food production is a mass industry, and people don't for the most part know personally anyone who is involved with producing their food, we need regulations that we didn't need before. But that's a different argument than the one you're making.
One could also make a case the opposite way, that governments already had the tools in place to regulate food production as a mass industry--for example, by stopping large food corporations from using mafia-like methods to bully their supply chains--and failed to use them, which resulted in a bigger government--the Federal government--stepping in and stomping on them. And that the result of that, now, as I pointed out in another post elsewhere in this thread, has not been "safe food" that we didn't have before: we have meat full of antibiotics, vegetables full of pesticides, ethanol from corn in our gasoline while other food crops are crowded out, etc.
> The answer is to design better institutions
That effort has been going on for millennia. As Dr. Phil likes to say, how's that workin' out for ya?
Or, if you want another common saying, isn't the standard definition of insanity doing the same thing over and over again but expecting different results this time?
> Getting rid of government regulations in their entirety just cedes all the decision making power to corporations.
The massive power that corporations have, as compared to individuals, is itself a product of the fact that our society has evolved now for well over a century to have government regulations that are bought by corporations to favor them. So you are correct that we can't just instantly scrap every government regulation, but not change anything else.
That does not mean that the regulations, on net, are doing more good than harm. It just means we've gotten ourselves into a very deep hole, which we can't climb out of in a short time. But at the very least we could try to stop digging.
How do you suppose the conditions in the Chicago meat packing industry that Upton Sinclair wrote about, or those that produced superfund sites, came about? If you think it was a "free market" that did it, you are the one who doesn't know history.
The Chicago meat packing industry, for example, did much the same kind of bullying of their supply chains that Amazon and Walmart are now infamous for. And governments that were supposed to be preventing that sort of thing (since much of it was illegal even then--the tactics are basically the same ones organized crime has used for centuries, after all) did absolutely nothing to stop it. The Federal government finally stepping in and passing laws and regulations was not a case of government reining in a free market; it was a case of a bigger government stomping on a smaller government.
It did improve things, at least for a time, but what's the condition of the Chicago meat packing industry now? Or for that matter our food supply chain in general in the US, which has been regulated up one side and down the other for more than a century? We have beef full of antibiotics, vegetables full of pesticides, ethanol from corn in our gasoline while other food crops can't be grown profitably because the government doesn't subsidize them the same way, and a massive epidemic of obesity. So how is government regulation helping, exactly?
Accurate. I was simplifying since the person I was responding to seemed historically ignorant when they were implying that people were able to safely acquire food in the past as well as post regulations.
The federal bureaucracy is dictating[1] a lot of minutia on the square centimeter level that should be getting done at the square kilometer level. We could probably give up on a lot of detailed stuff without any negative effect.
Like for example the amount of water a toilet flush can has been federally regulated since the 90s. Sure, that might be important if you need to keep some schmucks in the desert from bickering over aquifer depletion and whatnot. But the majority of jurisdictions in the east "we take surface water and give it back to the same watershed" jurisdictions who can use all the water they want and only impact the required size of the hardware at the treatment plant. So why are we even regulating this? And any issue you look into there's a plethora of stuff like that. Theoretically it's all justifiable in abstract but that's like littering, it doesn't scale.
[1] via "states shall adopt in order to qualify for this grant" type rules which the states then roll downhill
Align congressional incentives with reduction in the size of the US code and regulations.
The current US code, printed as a book, could not be read in five lifetimes of daily 9-5 reading. Make reading the law aloud a requirement of their job -- they're not permitted to stop until they've completed it, except they may sleep at night and they may assemble to vote to remove laws which are no longer needed. Failure to read the laws at the start of their tenure results in being held in federal court for the duration of their time in office.
Don't worry, we're going to enjoy the fruits of your thought process real well and good -- the very last guy left in the House with any constitutional focus just got blasted out with the most expensive outside funding campaign against a rep in the entire history of the USA. It looks like the bureaucratic state is just getting on its next level roll, so enjoy the ride. A few of you may even realize in the coming years why the 10th amendment wasn't meant to just be an inconvenience to ignore.
But I'm not dumb enough to think you'll believe my words, you'll only learn by experience.
I've been where you are. In your coming years you will realize that the bureaucracy had at least brought us stability, prosperity, and a modicum of protection against abuse from big business, the rough edges for small businesses and individuals near the edge of the law notwithstanding. Characterizing Massie's loss as an aspect of that bureaucracy is a mistake - Trumpism is a repudiation of the bureaucracy in favor of autocracy, while the all of the authoritarianism sticks around (or even grows!). Expect those rough edges to become much more arbitrary and capricious. And no, accelerationism or "I told you so" won't save you.
Yes and no. They paid what everyone else pays for those gpus. NVIDIA make the profit and leaves crumbs for the rest. For other components they paid less, but since the gpus are the majority of the cost…
Warp was always an AI thing, as I recall - the seem much heavier on AI bandwagon nowadays, but their whole thing was a terminal for teams where you could share knowledge and command palettes and generate stuff.
Gotcha, I must have encountered them later on then - thanks for posting the receipts!
I was a happy user for a while, but eventually some bugs drove me back to iTerm2 (in my case, hanging forever after certain terraform commands finished). Ghostty has filled my need for a better terminal since then.
Log4Shell was hardly a supply-chain attack - just a latent bug in a widely-used library. That can happen anywhere.
Maven to this day represents my ideal of package distribution. Immutable versions save so much trouble and I really don't understand why, in the age of left-pad, other people looked at that and said, "nah, I'm good with this."
Completely agree. NPM has the only registry where massive supply chain attacks happen several times a year. Mainly the fault lies with NPM itself, but much of it is just a terrible opsec culture in the community.
Most package.jsons I see have semver operators on every dependency, so patches spread incredibly quickly. Package namespacing is not enforced, so there is no way of knowing who the maintainer is without looking it up on the registry first; for this reason many of the most popular packages are basically side projects maintained by a single developer*. Post-install scripts are enabled by default unless you use pnpm or bun.
When you combine all these factors, you get the absolute disaster of an ecosystem that NPM is.
*Not really the case for Axios as they are at least somewhat organized and financed via sponsors.
The semantics are irrelevant. The effect is what's important: Hijacking widely used software to exploit systems. The OC is somehow under the illusion that avoiding JS altogether is a silver bullet for avoiding this.
The semantics are very relevant, since you presented it as a supply-chain attack. If you call a library vulnerability a supply-chain attack, then your argument has lost coherence.
> The OC is somehow under the illusion...
Avoiding package managers with shitty policies is the silver bullet for this attack vector. I get that it can be useful in the moment to retract published artifacts, or update them in-place, or run some code after your artifact is downloaded, but all of these are false economies in our hostile environment.
Comparing windows to an OS I don’t use isn’t a fair comparison unless my work machine stops being windows. I assume Apple are a slightly less variant of bad though
My iCloud is full. Every once in a while my iPhone nags me to upgrade for a few days in a row and I tell it no and it goes away for 6 months or so. My Mac has never once nagged me about iCloud storage.
I have been on a MacBook Pro exclusively for the past 3 years and I do not ever see anything about iCloud. I also never signed up so may be that is why?
> while ignoring the fact that these laws provide tools allowing parents to do just that
These tools are called "parental controls" and already exist - we don't need laws to compel their production.
...unless, of course, the true aim is to use this as a beachhead for further expansion of privacy-violating requirements.
You write this off as a "slippery-slope" argument, but given that there are already quite a few tools that do what this law aims for, what's the point?
Because the tools don't work, and are too fragmentary and burdensome.
Would you prefer to inform each movie theater in town which movies your child is permitted to watch? Or just rely on the rating system that applies to most movies and is honored by most theatres?
Parents want one setting that says "this is a child" and then expect online platforms to respond appropriately. As we expect and mostly have in the real world.
> Parents want one setting that says "this is a child" and then expect online platforms to respond appropriately.
This law does not do that. It breaks the age of children into several buckets so that platforms, websites, and advertisers can target specific demographics. They won't "respond appropriately" they'll just use this data point as another way to improve how they exploit children online. Now every pedo with a website can tell how old the kid is so they can better adjust their grooming for that age bracket.
"If parents want drug stores to not sell liquor to their kids, then the proper thing is for someone to build that solution and make a fortune selling it, IMO." See how that makes zero sense in the context of a society?
Content providers are not incentivized to care about the problem, and will serve any content with ads next to it that they can unless they are forced not to. Ad-hoc solutions attempting to paper over that behavior on the consumer end are not adequate or effective. That's why they have a rationale at all for the laws here.
I don't see the incongruity. It's one thing to mandate that retailers not sell alcohol to children, but it's quite another to require that all computers must report on the identities of their users just so that children don't see porn. The proper analogy would be require verification on the part of the porn sellers.
> all computers must report on the identities of their users
Literally not what's happening with these bills. There is no identity, you would only have to type in a valid date (and nobody's forcing you at gunpoint to make it your actual birth date).
> The proper analogy would be require verification on the part of the porn sellers.
Red states tried that first, and it was very poorly received by the left and the porn industry, among other parties. Asking anonymously at the device level and leaving it to parents to enforce it is more privacy-respecting and less of a burden to adults. Which is exactly why blue states are now trying to do it this way (and is one of the reasons why Aylo & others have been asking for it to be done this way, with the other reason being it's also easier & cheaper on their end).
This bill doesn't require reporting identities. It requires that computers be able to communicate "this is a child" to websites, social media platforms, and apps.
Sometimes it's good to standardize things. Existing parental controls are a hot mess and they mostly work by completely blocking sites/apps, not giving them an age category.
You might think you can keep 16 year olds from looking at porn, if they want to. You can't. You have never been able to. All you can do is teach them that the law is stupid and pointless, and they should treat rules with contempt. But they'll still be able to look at porn.
What you can do is allow the government and private companies to track everyone, everywhere, all the time. And you can create more gatekeepers that hold personal identity data, misuse it, and leak it.
Yeah, I agree with this. I think age-related content moderation is a losing fight and one that will create more contempt for laws, more surveillance, and much more PII surface area that will be exploited.
There are really two "core" issues at play:
1. The prudish nature of US society
2. The fact that we don't have data privacy laws and restrictions on digital surveillance by private companies
Sixteen year olds? Sure, mysterious Forest Porn and the older brother who'd give you skin mags have always existed. And Cinemax at night, catching the odd frame that somehow gets thought the scrambler. Whatever.
But we can't realize all the supposed glorious promise of all this tech bullcrap for education and free exploration of younger kids if we can't at least come pretty damn close to guaranteeing that an eight-year-old won't stumble on Rotten.com or hardcore porn if an adult isn't looking over their shoulder constantly. And whatever that solution is needs to work for parents who don't have the know-how or time to be sysadmins for their household.
I'm not overly concerned with 16 year olds. But the tools for protecting younger children suck. A consistent account setting and header would do a lot to improve parental controls.
> What you can do is allow the government and private companies to track everyone, everywhere, all the time. And you can create more gatekeepers that hold personal identity data, misuse it, and leak it.
This is already happening. A central setting would improve privacy over the way things are right now.
> A central setting would improve privacy over the way things are right now.
What? How? What improvement are you seeing that I'm not?
Putting all our PII into one huge repository and then letting corps and govts access it sounds like a dystopian nightmare. This is why we don't like Palantir.
What happens if a bad guy steals that data and your identity? They go and look at CSAM using your ID? The police turn up at your door and cart you off to prison? Are you really going to be able to argue that it wasn't you? If so, what is the point of the system? If we're relying on IP addresses and other evidence for access (so you can fight these charges) can't we just use them in the first place?
I don't know what you're talking about, but it's not what this kind of bill is about.
This kind of bill is about the OS telling things whether you're: 0-12, 13-15, 16-17, 18+
No databases, no stealable identity, only the barest sliver of 2 bits of PII.
As for how it's an improvement, we already have sites asking to see your driver's license or pictures of your face for much worse age verification paradigms. If most of those changed to a local age setting, privacy would go up.
How does the OS know that you moved from the "13-15" bracket to the "16-17" bracket without knowing your DoB?
And this is the thin edge. Because in a few years there'll be a bill saying something like "too many children are lying about their age online. We need to verify their age" and then we're capturing IDs and storing them somewhere.
> The OS could require the parent to manually update it.
How is their age verified?
At some point one of two things is required:
1) A promise that the user is a certain age
- Which puts us exactly where we are
2) Official identification is used to verify age
- Which creates a PII nightmare
That's it. There's only those two options. You may not believe #2 is going to be a privacy nightmare but we're already seeing it happen with Discord/OpenAI/LinkedIn and everyone else that uses Persona[1]. They aren't doing the minimal security things and already aren't doing what they claimed (processed on device, then deleted). This "hack" couldn't happen if that was true
The difference here is it can be set by the parent on the OS and locked. Requiring sudo equivalent to change.
The way it is now, there's nothing stopping a (18-) user from logging out of a 'parental control enabled' account and making a new account without those controls on any service from Facebook to Steam. So the only effective option at that point is to entirely block that app or service.
This gives more power to parental control software. And yeah moves the responsibility from the service to the parents, which is what the services want cuz COPPA and other similar laws.
But you do bring up another issue people aren't discussing. That the default setting is under 18.
So we protect the children from adults by... having no way to actually verify someone is a child?
The problem is less kids getting access to porn and more pedos getting accounts to spaces designed for children. Places like Club Penguin or very famously Roblox.
Here's the problem, you can't verify children. They don't have identification in the same way adults do. And worse, if we gave them that then it only makes them more vulnerable!
Then we have the whole problem of a global internet. VPN usage is already skyrocketing to circumvent these policies.
So the only real "solution" to this is global identification systems where essentially everyone is carrying around some dystopian FIDO key (definitely your phone) that has all your personal information on it and you sign every device you touch. Because everything from your fridge to your car is connected to the Internet.
But that's a cure worse than the poison. I mean what the fuck happens to IOT devices? Do we just not allow them on the internet? That they're assumed 18+? So all kids need to do is get a raspberry pi? All they need to do is install a VM on their phone? On their computer? You might think that kids won't do this but when I was in high school 20 years ago we all knew how to set up proxies. That information spread like wildfire and you bet it got easier as the smarter kids put in the legwork.
This is a losing battle. It's not a cat and mouse game it's While E Coyote vs Road Runner.
We're on HN FFS. If there's anywhere on the Internet that the average user is going to understand how impossible this is it should be here. We haven't even talked about hacking! And yes, teenage script kiddies do exist.
These policies don't protect kids, they endanger them. On top of that they endanger the rest of us. Seriously, just try to work it out. Try to create a solution and then actually try to defeat your solution. Don't be fucking Don Quixote.
> But you do bring up another issue people aren't discussing. That the default setting is under 18.
Some things do that. This law doesn't have a default. If the admin sets all the user accounts to 18+, then the users are stuck with the setting being 18+.
> I mean what the fuck happens to IOT devices? Do we just not allow them on the internet?
Sounds pretty good to me.
But yeah they need a different handling of some manner. Maybe a "give no access to anything age-gated" category, though is that really different from under-13 in practice?
> So all kids need to do is get a raspberry pi? All they need to do is install a VM on their phone? On their computer? You might think that kids won't do this but when I was in high school 20 years ago we all knew how to set up proxies.
Just delaying unrestricted access to high school would already solve most of the problem.
> These policies don't protect kids, they endanger them. On top of that they endanger the rest of us.
They do not. Some totally different system could endanger people, but this one doesn't.
Really? Be a bit more serious now. There are a lot of things that connect to the internet, and not just for stupid data harvesting reasons. I gave other examples. I think you can understand that this gets pretty hairy pretty quickly. If you don't, then dig in deeper to how the networking is done. You're an older account so I'm assuming you actually understand computers.
> They do not.
They definitely do. I explicitly stated how that happens too. If you want me to take you seriously you have to respond with something better than "trust me bro".
There is no evidence that these companies are actually handling that data properly. There is a lot of evidence that they are handling it improperly. That data being leaked does in fact, endanger kids.
I'm also unconvinced these things even achieve the goals they claim to be after. Which is keeping pedos away from kids. i.e. the reason I said you're missing the point. So either it is not achieving that goal, or lulling people into a false sense of security. Imagine if Roblox was saying "we don't allow adults on the platform" and so now all the tech illiterate parents and kids think their kids are exclusively talking to other kids. That's just a worse situation than now.
> They definitely do. I explicitly stated how that happens too. [...] data being leaked
Again "Some totally different system could endanger people, but this one doesn't."
Any system that has companies handling personal data and able to leak it is not the system this kind of law talks about.
> false sense of security. Imagine if Roblox was saying
In that situation, Roblox is the problem, not the law.
> So what do these laws even solve?! I'm serious
If widely implemented, a parent can set a single toggle and then the accounts their kids make will all be appropriately restricted.
It wouldn't replace direct checks from the parent on what their kids are doing, but it would greatly reduce the risk profile. And making it simple and built-in means that non-tech-expert parents can set it.
>> Be a bit more serious now.
> The serious answer is in the next line.
> ...
> Again "Some totally different system could endanger people, but this one doesn't."
>> If you want me to take you seriously you have to respond with something better than "trust me bro".
I do have a hard time taking you seriously
> If widely implemented, a parent can set a single toggle and then the accounts their kids make will all be appropriately restricted.
People keep telling you option 1 is the correct one, and that it's not actually useless.
You keep describing privacy problems that only exist with option 2.
This law is not option 2. Stop interpreting people as if they're badly defending option 2. They're not.
> HOW
They take an OS where only admins can change the age setting. They set the age on a non-admin account, which they give their child access to. The OS passes the age setting along to programs, which pass it along to services that need to restrict behavior.
This is not the same as how it works today. It's impossible for a parent to do this today. The best they can do is try to keep track of every account their child has and dig through the settings manually.
Heard exactly the same thing about VPN use (kids won't know how to set up a VPN). Then Australia age verification kicked in, and VPN use went through the roof [0]
And, of course, the response so far has included similar thoughts as the UK about banning VPNs [1]
> How does the OS know that you moved from the "13-15" bracket to the "16-17" bracket without knowing your DoB?
The OS has the birth date. Of probably 1-5 people.
> And this is the thin edge. Because in a few years there'll be a bill saying something like "too many children are lying about their age online. We need to verify their age" and then we're capturing IDs and storing them somewhere.
Those things are already happening. I see this kind of mechanism as significantly more of an alternative to privacy invasion than an enabler of privacy invasion.
The political establishment used to be able to control what you read, through control of the media. Then 1995 happened and everyone got access to anything they wanted. The establishment have wanted to put that genie back in the bottle ever since. This is part of that effort.
> Requiring the central database is the scary part.
Yes, agreed.
And this type of proposal has no central database, so it removes the scary part.
(Unless you're talking about the local accounts on each computer storing dates of birth for a single household as a "central database" in which case you're being ridiculous and please stop doing that.)
A), which is the status quo. I don't see any other option as realistic.
B) makes things worse in several ways, but primarily by stifling innovation. Only large incumbents will have no trouble paying for the measures required to ensure compliance.
There's also the cost of enforcement, which will likely have to be borne by the taxpayers. I don't think this is a good thing to spend money on.
C) cannot be enforced, and any good faith attempts will cost more than the damage from harm they're supposed to prevent.
Option A isn't really the status quo. The status quo has a bunch of sites doing invasive checks and other sites region blocking users.
> Only large incumbents will have no trouble paying for the measures required to ensure compliance.
Oh my gawwwwwd. People trot this out any time any regulation is mentioned. Option B is a single easily accessible age category value. It's simpler than the status quo.
I'm not really focused on the exact wording of this bill. But mandating distros have a useradd and glibc with an extra couple functions is not a significant burden.
I mean, how is the OS going to actually verify the age of the operator?
I see how this helps Facebook - if you lie to the OS, and the OS tells Facebook that you're over 18, then it's not Facebook's fault if they provide you an 18+ service.
It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site.
That's the difference between a parental control and a pinky swear.
The thing we want (well, that other people want, I have other views) is that large tech companies are not able to brainwash kids.
The thing this creates is liability on parents, or schools, or anyone who provides computer access to children. And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
> The thing we want (well, that other people want, I have other views) is that large tech companies are not able to brainwash kids.
That has little connection with this law.
And having no age settings at all is where you'll have the most brainwashing.
> The thing this creates is liability on parents, or schools, or anyone who provides computer access to children. And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
They're already responsible for controlling that. I think they should have more tools to help.
> And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
Did you look at the law(s)? They get one of four age ranges.
> It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site.
You are assuming the parent is the administrator of the computer.
I hope the number of downvotes you’re receiving makes you consider the absurdity of your suggestion.
Have you seen distrowatch? Are you going to go track down maintainers from every distro - many of whom live outside of the U.S. - and demand they implement this? The smaller ones would probably ignore you or tell you to get fucked, the larger ones with funding might decide to drag you into court.
Does "the government doesn't get to decide what people can look at on the internet" count as C or D to you? It is the situation we've been in technically for 20 years now anyway; the world hasn't ended and it generally seems to be pretty workable. The status quo isn't an especially radical one.
20 years ago was only 2006. The internet has been around for much longer. The first consumer focused ISPs launched in the early 90’s, 35 years ago, but CompuServe and others were providing access to chat and BBS’s in the 80s.
I’d say nearly 50 years is precedent enough that government intervention is unnecessary.
What about every other system where we rely on parents to parent?
Kids can turn apple juice into wine in their closet
they can drive their bicycle to a drug dealer
they can rub a butter knife against the sidewalk until it's pointy
Do we need govt AI cameras in kids closets and on their bicycles? How do we verify they're cycling somewhere safe? How do we make sure they're not getting shitfaced on bootleg hooch they made with bakers yeast and a latex glove?
This is more like a store being able to see their age just by looking at them, and make restrictions because of that. We don't rely on parents to prevent a 10 year old from going into a bar.
Which, unlike this, does not create issues, since the bar is a place staffed by people, employed to serve drinks, who can reasonably be required to look at their customers, while an operating system is some software, perhaps written by an enthusiast, which cannot reasonably be required to inspect its users.
C and D, combined. New internet for kids-only. This internet would be WHITELIST only. We would not be wack-a-mole trying to catch porn sites (sigh...)
Rather, companies would have to submit a formal proposal to get their website listed on Kid Internet. This inverts the responsibility. It's not my cost, or your cost, it's their cost now. If they want kids, they better prove it.
Then, you can trivially configure your router or any computer, with any operating system, to use the Kid Internet DNS. It's now completely operating system and device agnostic. It can be organizational wide with the flick of a switch. It can be global, if we want.
The proposal we're seeing here is bad, bad, bad. Not just for privacy reasons, but because it will not work. Not might, will. This will not work. For many reasons:
1. Most operating systems are not going to implement some stupid ass bullshit.
2. Most websites do not give a single fuck. Porn websites will not care. Trying to play wack-a-mole is ALWAYS a losing game, no exceptions.
3. This is trivial to bypass.
4. If it's not trivial to bypass, it still will not work, but it will now be the end of computing as we know it.
So we have some kind of control to stop your router from connecting to Adult Internet DNS? Because the difficult bit here is not allowing connections to the Kid Internet, but stopping connections to the Adult Internet.
How do we decide what sites resolve as part of the Kid Internet? Is there some process where a site submits itself for approval to be part of the Adult Internet?
How do we stop the government from using this to stop access to parts of the internet it doesn't like?
> So we have some kind of control to stop your router from connecting to Adult Internet DNS?
Yes, all routers currently have this built-in. Most software outside of routers does, too.
Will it be perfect? No. But, for example, this is how content filters work at schools and just about every workplace. And it seems to be good enough for them.
And, this will work better than that. Because the key point is we're not blacklisting anything. Nobody has to maintain a list of banned websites.
> How do we decide what sites resolve as part of the Kid Internet?
Companies or people send an application. The website is reviewed by a human, and they get approved or denied. If you don't care to target kids, which most people don't, you do nothing.
So I don't have to do anything, nor do you. But Meta does. Google does. I'm fine with that.
And, this "board" or whatever who hands out Kid-Friendly certificates can also take complaints. Why not?
> Is there some process where a site submits itself for approval to be part of the Adult Internet?
No, this it the beauty of it. If you want to be a part of adult internet, you do nothing. You already are.
Every website is implicitly adult internet, and it naturally completely subsumes kid internet. So, if you're just making a blog or whatever, nothing changes. In fact, you don't have to update anything from right now. It will all still work. Because Kid Internet is new thing, and it's whitelist only.
> How do we stop the government from using this to stop access to parts of the internet it doesn't like?
Related to above, adult internet is what we currently have. Nothing changes. You and I won't notice, and we can't notice. There will be the free-range internet, and then the subset of the internet approved for kids.
Yes, they are more sophisticated, or at least I'm assuming from how pi-hole and my workplace blocking works. Meaning, it works.
But those are not the best solutions, because of blacklisting. There are basically infinite porn websites. So, if you're going to try to block every porn website, you will lose, point blank.
So, even considering that, they do quite good. So if we just take the principle and invert it, it will be very good.
I mean, whitelisting vs blacklisting is why I am able to open my computer up to the internet via SSH. I'm not out here blocking 1 billion sites. No, I'm just allowing my laptop. And that gives me a lot of confidence, and it works.
And, I agree with culture change. But, culture change is very hard and I don't think it's something we can rely on.
So, you whitelist Kid Internet sites, and you have a DNS server that handles Kid Internet.
And everything else is Adult Internet, and there are many DNS servers that serve Adult Internet.
You sign your household router up for Kid Internet, and it ignores Adult DNS servers, and only routes according to Kid DNS, is that right?
I can think of about 50 ways around this already, but let's assume we're not talking about anyone with any knowledge of how the internet works. So the entire household is signed up for Kid Internet, and there's no way an adult can view an Adult Internet site from this household, is that right?
Well most DNS can be done per-device, just like in an IT setting. For example look at iOS. The device controls DNS, so set up little Timmy's iPhone to do Kid DNS.
That sounds an awful lot like this proposal, right? Well yes and no. No because this would actually work. Just letting the iPhone say "im a kid" does fuck all, because all the websites we're targeting with that will just ignore it.
And of course there are ways around this. Wanting a solution with no ways around it is dystopian. But is it a better solution than this? I think yes, it is.
If Little Timmy signs in then OS chooses the Kids DNS, but if Uncle Bob signs in then it chooses the Adult DNS?
As you say, I can see a few ways around this ;)
Again, this feels like it just moves the responsibility for everything onto the parents, without meaningfully giving them any control. If something screws up and Little Timmy gets to see some boobies, who gets blamed? Is it the OS provider, the hardware provider, or the parents? Did the parents actually configure this themselves? If so, who taught them how to do that? Or did they buy the machine pre-configured? So does the vendor take responsibility?
Sure, or per-device, or per-network, or per-organization. It depends on how each particular person wants to implement it.
> As you say, I can see a few ways around this ;)
Yes, notably less than the current proposal. Which, again, will just straight-up not work.
> f something screws up and Little Timmy gets to see some boobies, who gets blamed?
I think this really hit the nail on the head. None of this is about solving problems or helping little Timmy. It's about accountability management.
If we implement the OS syscall, then Meta gets to point their grimey finger at someone else while they continue to fuel genocide in Myanmar.
> Did the parents actually configure this themselves? If so, who taught them how to do that? Or did they buy the machine pre-configured? So does the vendor take responsibility?
Well, um, both. You can configure your router, sure, or your Linux computer. But I imagine a new iPhone would just come with a checkbox you can check at account creation time. Again, very similar to this proposal, except it works.
Yes, parental controls already exist. You’re up and down this thread advocating for this particular bill, but what does the technical solution actually look like to you beyond the controls already available? And with regards to account creation specifically, what do you see as a workable solution that isn’t defeated by a “pinky swear”?
Can you name a piece of parental control software that tells relevant apps and sites whether I'm above 13/18?
I'm sure there's plenty of software that can block sites entirely, but that's a lot less useful.
And how much should I trust the popular products on a scale of 1-10? An OS setting doesn't need much trust.
> And with regards to account creation specifically, what do you see as a workable solution that isn’t defeated by a “pinky swear”?
I'll copy a different reply: "It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site. That's the difference between a parental control and a pinky swear."
The idea of something like this isn't to replace parents, it's to give them a simple centralized tool. The parent has the admin account.
E. Platforms that want to serve violent, sexual, predatory, scammy, snake oil content in the most addictive way possible to exploit minors and other vulnerable populations for profit should save some of their revenue for lawsuits when they hurt people. Hold products that cause harm responsible.
The Illinois bill is not about 18+ content. It's about controlling who your children can talk to on social media. The OS age check is just a means to that end. The end is blatantly unconstitutional. The bill of rights doesn't mention age limits. Freedom of assosiation applies to kids just as much as it does to adults. If the bill passes, then any racist parent could block all comms from kids of a different color for example.
I get what you’re saying but it’s a false premise. In today’s era, racist parents already block their children from even attending school with someone of a different color. Merely blocking comms would be a step before that in severity of control.
Parents have always had the ability (though maybe not explicitly the right to) control their children’s environment for the purposes of teaching personal beliefs. So long as the belief itself wasn’t deemed harmful to the child, society would allow it to continue propagate that way. Racism unfortunately has never been seen as innately harmful. It’s looked down on, yes, but not to the point of making it illegal to enforce in family life.
To be fair, as a parent I don’t want my under age children hooking up with literal nazis on social platforms, whoever that might be. The current tools and controls are lacking. A lot.
The spin control on this story is intense. Saying that it's "just parental controls" when we've had fscking parental controls since the 1990s is disingenuous as hell. Obviously it's something new, but that's really all they have got to try to spin it back into their favor.
Once you force OS to communicate data about the user, here we’re talking age, is it a slippery slope? Once the architecture is created, why not put other things about you in there?
I'm reminded of a video essay I watched about AI once, which took a side tangent into surveillance capitalism:
"Google's data harvesting operation became a load bearing piece of the Internet before the public understood digital privacy. And now we can't get rid of it."
The public has been conditioned to expect web services free at point of use. Legitimately it's hard to monetize things like YouTube without ads, and I get that. But turning our entire ecosystem of tech into a massive surveillance mini-state seems like an astonishingly shitty idea compared to just... finding a way to do advertising that DOESN'T involve 30 shadowy ad companies knowing your resting blood pressure. My otherwise creative and amazing industry seems utterly unwilling to confront this.
Edit: Like, I don't know, am I crazy for thinking that simply because we can target ads this granularity, that it simply must be that? I get that the ad-tech companies do not want to go back to blind-firing ads into the digital ether on the hope that they'll be seen, but that's also plus or minus the entirety of the history of advertising as an industry, with the last 20 or so years being a weird blip where you could show your add to INCREDIBLY specific demographics. And I wouldn't give a shit except the tech permitting those functions seems to be socially corrosive and is requiring even further erosion of already pretty porous user privacy to keep being legally tenable.
Society won’t delay reward now for future good on its own. Even if one person will, there’s a line of people who will step in to pollute the lake or kill the whales for a bag of money.
It will just decay until it’s a short squeeze into oligarchy or worse (the corrupt will be forced into an arms race of accelerating corruption as opportunity becomes scarce). Then some other country who isn’t leaving it up to their society to do the right thing will be in charge. Until the same happens to them.
This is the value of religion historically, one of the few ways of coercing a population into doing the right thing for their own good. But every group can be spoiled or hijacked by a small handful of bad actors who are willing to do what others are not.
Reminds me of the story of one of my favorite pieces of classical music, 'Scarbo' by Maurice Ravel. It's one of the most technically difficult pieces played today. Ravel wrote it because he 'wanted to make a caricature of romanticism. Perhaps it got the better of me.'.
Android folks have good reason to have anti-Java bias. Their bias, as it happens, is against old Java, which they are constrained to use as fallout from the Oracle lawsuits of yore. Kotlin breathed new life into Android in a meaningful way.
On backend teams, I've not personally encountered much anti-JVM bias - people seem to love the platform, but not necessarily the language.
(yes I know there's desugaring that brings a little bit of contemporary Java to Android by compiling new constructs into older bytecode, but it's piecemeal and not a general solution)
They cherry pick whatever they feel like from OpenJDK.
And even though Oracle was right, given that Android is Google's J++, in this case they had better luck than Microsoft.
They don't take more from OpenJDK because then their anti-Java narrative doesn't work out.
But there is some schadenfreund, to keep Kotlin compatibility story relevant they are nonetheless obligated to keep up with is mostly used on Maven Central, thus the updates up to Java 17 subset.
Maybe I'm wrong about the state of Java in Android today - it's been a few years since I did that work full-time. But I do remember when Kotlin broke on to the scene in 2015, and most of us were thrilled to finally move beyond Java 7! The embrace of a non-Java language was grassroots and genuine; Google's adoption came several years later.
J++ though, now that is a blast from the past! I think I still have a J# book from my student days, somewhere :)
ART is updatable via PlayStore since Android 12, however in 2026 the latest is a Java 17 subset, while the latest LTS is Java 25.
Kotlin only worked properly on Android after some folks pushed it from inside, and then they used Java 6 vs Kotlin samples to advocate for it.
In 2015 the latest Java version was 8, which never was properly supported on Android, the community had to come up with RetroLambda, before Google created desugaring support, think Babel but for Java.
Naturally it also meant that the performance of Java 8 features wasn't the same, e.g. lambdas make use of invokedynamic on the JVM, on Android they used to be rewriten into nested classes.
Even today, although Android documentation has Java and Kotlin tabs for code snippets, the Java ones are hardly taking advantage of modern features.
Naturally who learns Java on Android gets an adulterated view on the matter.
> But I do remember when Kotlin broke on to the scene in 2015, and most of us were thrilled to finally move beyond Java 7!
n=1 but i was there with android studio v0.01 (or thereabouts) using kotlin for a production app cause i was so sick of old-java + eclipse... google was asleep at the wheele imo and android development would be nowhere near where it is today without jetbrains
Compared to Apple and Microsoft, Android development is mostly outsourced.
None of the development environments is from Google, none of the languages as well, or the build tools for app developers (Internally they use Bazel and Soong).
Naturally having gone into bed with JetBrains for the IDE, after leaving NDK users without IDE tooling for almost two years during the IDE transition, the deal was in place to push Kotlin as well.
I am surprised Google hasn't yet bought JetBrains.
There used to be many more - Sugarsync, AeroFS, Syncplicity, just to name a few - all bit the dust. Box.com found a niche serving business document flows; Gdrive, iCloud, OneDrive, all survived thanks to being features in a broader Big Tech suite. Everybody else? Outcompeted, plain and simple. Dropbox was just a cut above.
(I used to work at one of the companies named above, so although it's just one person's opinion, it's at least as informed as anyone else's here :) )
reply