Hacker News new | ask | show | jobs
by floatingatoll 2326 days ago
"It's impossible to stop a truly determined attacker, so we'd better not take any steps to fend off the less-determined attackers" is a terrible approach to building safe spaces. Some applications of that logic:

- We shouldn't bother checking for characteristics of credit card fraud at transaction time, because a determined attacker might get a fraudulent card through.

- We shouldn't bother checking IDs at bars, because a determined attacker might get a fake ID through.

- We shouldn't bother trying to prevent email spam, because a determined attacker might get a spam message through.

- We shouldn't bother making laws against recording people without their consent, because a determined attacker might do so anyways.

Please construct a more plausible argument than "it's ultimately hopeless". I'm willing to consider alternatives, but I'm not willing to consider fatalism.
3 comments
Yen 2326 days ago
I apologize, I may have made my point a bit unclearly.

I don't argue that "it's ultimately hopeless". I think, with effort, it's quite possible to create a pseudo-private safe space online.

I just think that the bulk of your benefit comes from vetting the intentions and judgement of your participants, and not from technological means like removing search.

If you're able to trust your participants, technological means can be like a simple fence/lock, keeping honest people honest, but don't otherwise add a ton of extra benefit.

If you're not able to trust your participants, removing search will help _some_, but it might not be enough.

link
marcinzm 2326 days ago
Three of the four items you list work because the government will use force against those who break the rule which prevents rampant abuse. If you want a government run and legally protected safe space then sure. I suspect most people talking about them don't actually want that.
link
floatingatoll 2326 days ago
As noted above, fatalism is an uninspiring argument here. "This won't work because you can't use force against those who break the rules" is framing-by-assumption that success is either all or nothing. Success is not all-or-nothing when it comes to creating safe spaces. If you take steps and someone works very hard to break through your steps, they will probably succeed. That does not implicitly guarantee failure, especially if success is defined as "safety improved" rather than "safety guaranteed".
link
marcinzm 2326 days ago
The illusion of safety is dangerous because it makes people act in ways that ultimately make them even less safe once the illusion is broken. The current issues with social media posts coming back to bite people after years is a perfect example. It works until it doesn't and then you're in the deep end of the pool realizing you don't know how to swim.
link
Dylan16807 2326 days ago
The damage done by the items on your list is mostly limited to the single attacker.

If it was just "determined attacker can do a search, and use the results privately" it wouldn't be a big deal. But they can then spread the result to everyone else in the world in a way that almost negates the barriers.

The recording option is closer, but search can be done retroactively, which makes a huge difference.

link