Just have people opt in for NSFW content on their accounts. Leave them opted out by default (or public).

There is no reason it shouldn't be a human controlled flag.

Yeah, this is why I had the caveat:

> At least imho, given my time constraints/budget.

The "best" long term path is to have larger security budgets that allow for the objective you and the other folks who dislike my response want. The problem, frankly, is we just aren't there yet.

For instance, our budget for maintaining security is ~5% of the IT budget. A large portion of that goes to perimeter defense appliances (firewalls, barracuda antispam/antivirus filters, etc.) as well as making sure ublock, anti-malware, etc are installed on every machine. The other major chunk ends up in securing WAN-facing services that can be exploited remotely. The last major chunk is user training to get them to stop doing things like pay bills for services we never purchased, clicking on strange links, running strange attachments, etc.

After that, we have no resources to do more than run apt-get update && apt-get upgrade -y for protecting the attack surface once an account is breached. We've got a few things we had to re-compile ourselves manually and break with that process so we moved them out of the package manager for the OS. Our actual applications we build internally also likely have exploitable vulnerabilities if attacked from a local account. Those items never have the budget to be maintained and we certainly wouldn't survive someone taking over a local shell account.

I suspect given this is (roughly) the situation every place I've worked at, its simply too common to be an issue.

Anyone with sigint capability is going to figure out who you are with a VPN. (i.e. Government agents)

I just need another $10,000 :p

Its honestly the only way to be "sure" if worry about a manufacturer doing that sort of thing. It won't be perfect but the odds of someone targeting you for hardware spyware is prettttttttty low. And most manufacturers of comp enthusiast parts know its suicide to do it mass-market like that.

[Core Services] + SSH is generally something you can harden effectively against attacks.

[2903429034902323094230 binaries] is something you generally struggle to maintain security patches/etc on.

The simple fact is, there is just too much attack surface on a vanilla Linux box once you have an account that you can reliably do EVERYTHING you need to do to secure it 24/7/365.

At least imho, given my time constraints/budget.

Then they aren't paranoid but normal folks, eh?

https://github.com/HainaLi/horcrux_password_manager

It is in JS at least. Underhanded C is likely an easier trick to manage.

Idk about other people but I find anything I don't find security holes in myself "as good" as anything I've written. I've got the same set of assumptions/blinders/competence either way.

Let us just say there are certain things that can cause legal complications merely accessing it and not reporting it is technically still a crime.

Its too dangerous to be honest under you real name and has been for years.

Its alot like Roko's basilisk that way. Once you know the capability exists, you have to destroy it or help it. There isn't really any middle ground.

Its quite possible many features simply would raise their costs by .X% and therefore were impossible for that reason.

So they are in the clear legally, but morally, its still dubious to do that given its effectively disclosing what is often a substantial portion of the conversation.

Comments URL: https://news.ycombinator.com/item?id=14553078

Points: 2

# Comments: 0

Comments URL: https://news.ycombinator.com/item?id=14524861

Points: 16

# Comments: 1

Snoopy relatives of women I have dated a couple times, a couple times by PIs paid to track me down, and a stalker once.

So...yeah. It's a real problem and none of these people had a legitimate cause to do so. Even beyond FB, etc. I don't post my face online because of shit like that.

Other people have stopped posting pics of me as well, a couple people have been called based on my name being tagged to things on social media.