I am being monitored for using a privacy focused email address when signing up for services operated by a government entity. Yep, it happens. Their AI determined that people using particular email providers need to be watched. Not only that, I have had payments mysteriously fail with big online merchants, and after following it up through multiple layers of support I was told that particular email services are automatically flagged. You can guess which ones.
Now what do I do? Avoid privacy-focused email addresses for anything in daily life. It seems to be a battle that cannot be won.
These sound like common blacklist-style defenses. As examples, mail services use RBLs to prevent spam, Cloudflare services often require captchas from Tor exit node IP addresses, many websites decline signups from throwaway email addresses like Mailinator. Credit card companies use various indicators to prevent fraud.
I'm not saying these measures are perfect or fair, but they are not related to government (though government may also use them); they are just obvious ways to prevent unwanted activity such as spam, fraud, hacking attacks, etc.
> Their AI determined that people using particular email providers need to be watched
How do you know that government has concluded 'particular providers need to be watched', and that the decision was performed by an AI?
> for using a privacy focused email address when signing up for services operated by a government entity
The type of monitoring used was disclosed as was the "likely cause" of me being flagged. This wasn't a secretive kind of thing. Of course one can't "know" anything as it's a black-box. But it's not a stretch to see how such systems may conclude, from automated profiling, that users of privacy-centric services are more likely to be associated with fraud and hence flagged. This also represents a more general issue with the application of machine learning.
You're basically saying that you've been caught up in some surveillance dragnet/watch list, and that you have no proof but think it is for for using ProtonMail on a government website.
When your payment was declined, the company 1) had access to this watch list that you're on, 2) was able to share with you that you were on a watch list, and 3) you were able to figure out why this is. This sounds very unbelievable to me. The data that comes from programs like this isn't generally being passed around to businesses, and if it is, the support folks are not going to be in the know.
It still sounds more like you're being hit by algorithmic blacklisting than that you're on some secret not-secret blacklist. That, or you got added to a public sector blacklist, by some security company because you use ProtonMail which has issues with abuse by fraudsters.
No, you've misconstrued what I've said. I am not implying that the payment being declined by a merchant is anything related to the government. Nor am I implying that the government shared my information with any company. Nor I am on any kind of blacklist (at least that I'm aware of). Read my original post, they are two separate issues.
> The type of monitoring used was disclosed as was the "likely cause" of me being flagged
You're correct, I misremembered how you wrote that. Unfortunately, that makes it even less believable. How did you find out that you were being monitored, and why was that disclosed to you? Who disclosed this monitoring to you? Did you run some sort of FOIA request (whatever your nation's version is)? You're making a very big claim with very little to substantiate. Keep in mind ProtonMail has over 50 million users, It beggars belief that using PM is sufficient to get yourself monitored in any serious capacity.
all this nonsense would go away if we had some sort of universal identification system on the internet.
people act like anonymity is some kind of right, but it really wasn't in the past. You needed to prove who you are to get a loan, drivers license, etc.
Anonymity is the default, we don’t walk around with our names and all our interests and thoughts attached to a label to be read by anyone. If anything, internet made it go away. Eg. even if you knew a person’s name you wouldn’t be able to look up other information about them before, now you can. Previously, you’d be able to go to a store and buy a thing without giving any information, now you have to give the “email” that collects most information about you. Your examples of loan, licence etc are not like 99% of interactions, and those can be handled as special cases like before.
> Previously, you’d be able to go to a store and buy a thing without giving any information
We can still do that, it's called paying with cash. Paper money is the people's money.
> Your examples of loan, licence etc are not like 99% of interactions, and those can be handled as special cases like before
With regards to loans, it is possible for state governments to establish regional public land loan offices to issue equity loans in reference to the production and replacement cost of existent tangible personal property fixed or held on site without monitoring all of the purchases of movable personal property by the borrower to determine credit-worthiness. The borrower just has to prove there is some tangible artifact of personal property which exists, which the loan office can auction if the debt goes bad or write off if the artifact is destroyed.
We just have to mandate the loan offices don't do something stupid, like issue loans against the excess value of real estate attributable land scarcity and resell mortgages to private investors which will resell derivatives, to avoid generating a real estate bubble and the accumulation of $100+ trillion in derivatives. Additionally we'd probably need to replace many regressive taxes with distributive land taxes to ensure that households and cooperatives had cheaper access to land in order to obtain a deed or long term lease granting the security for spatially fixed personal property necessary to qualify for such loans.
I don't know where you live, but at least in North America the requirements for a loan are laughably low. I once was interested in getting a vehicle loan on a new vehicle purchase. I gave the financial guy all my information and he showed me the terms. I agreed to them and bought the vehicle.
I have no idea how, but he issued me a loan on that vehicle using incorrect information for basically everything except my address. Name, birthday, etc. did not match. Somehow the system had a completely different set of records. When I called the lender about it, they didn't even seem surprised. Just took a phone call to get everything corrected and a new set of paperwork mailed out to me.
I imagine few people doubt the practicality of trust in a transaction or application as you mention.
But we should be able to sit in a cafe and discuss our plans for cultural subversion and last night's sports event without the *till* shopping us out to the thought police.
Just make it zero-knowledge. You use the ID server to prove that you're not a sock puppet of someone already registered, but that's all the site needs to know.
> Not only that, I have had payments mysteriously fail with big online merchants, and after following it up through multiple layers of support I was told that particular email services are automatically flagged. You can guess which ones.
You don't need nefarious motives to explain that particular behavior. Operate a store or payment system without rejecting easy-to-sign-up-for-anonymously email addresses, especially ones with a free tier, and you'll find out very quickly why they downrank the trustworthiness of, or simply block, such services. Automated credit card fraud is huge and no fun at all to deal with.
Note BTC and others are pseudo-anonymous, because the whole world knows the source and destination wallet of every transaction. If someone is ever serious about finding you, they can follow the chain to wherever you cashed out and a subpoena will do the rest.
There are fully anonymous coins like Monero, ZCash, etc.
Right, but you also don't have to deal with fraudulent claw backs like with credit cards. It's not secret but it makes the integration/code easier. This is why a lot of obscure/experimental services tend to have bitcoin payment support early on and struggle with paypal/credit cards.
Right: a vendor's not forced to care whether any bitcoin they accept was stolen, but they are forced to care whether a credit card they accept was stolen. Doing a sufficiently shitty job of keeping out purchases with stolen cards can literally end a business, in a hurry. Meanwhile nothing's going to happen about stolen bitcoin you accept—probably you'll never even know—unless there's an actual police investigation you get wrapped up in. In that respect, it's more cash-like.
It got a lot easier, but mail server hosting should be done with care if you don't want it used as a relay and be put on blacklists. Still takes a while to setup.
>Any tutorials/software you can recommend for this?
Not GP, but the process is pretty simple:
You'll need to be able to send, receive, store and forward emails. A variety of resources are required to do this. Note that pretty much all of the software suggestions are available through the default software trees of just about every Linux/BSD distribution.
1. You'll need a domain;
2. You'll need DNS services to publish your MX records with DMARC/DKIM/SPF[17] and/or DANE[18] support. If you can/want to host your own (not difficult), lots of folks like Unbound[0][1]. And while some folks hate on BIND[2][3], it's always a good choice. There are many others[4] as well;
3. You'll need a Mail Transfer Agent[5] (MTA) to send and receive emails. Postfix[6][7] is very popular. Some folks use Exim[8][9]. And others use the venerable sendmail[10][11];
4. You'll also need a Mail Delivery Agent[12] to store your mailboxes and serve them via a web interface and/or your mail client. Lots of folks like Dovecot[13][14]. Others use Cyrus[15][16].
Great reply, I would say this is the way to go to learn and then if you get lazy, mailinabox https://mailinabox.email/ it combines everything above into a few hours to deploy.
But you still need to know everything above.
Then once you done this a few times, you have your own niche in tech - email is old and going no where and job security is ensured, it's funny, tech really is a circle.
>Great reply, I would say this is the way to go to learn and then if you get lazy, mailinabox https://mailinabox.email/ it combines everything above into a few hours to deploy.
Thanks!
A fair point. Although the bulk of that deployment time is, regardless of platform, going to be the configuration.
And since pretty much all the tools needed can be installed via 'apt-get'/'dnf install', etc. through default software repositories, is there any real advantage for more technical folks (as we generally see here)to use mailinabox over someone's preferred *nix configuration?
I'm not being snarky here, I'm not familiar with mailinabox and genuinely curious.
The people that run mailinabox and the subscription list/slack/chat are nice. If you know exactly what you're doing, and can put it all together in a bash script, then it's no different. Especially the later configuration part.
But having a place where to exchange (haha get it) info and see whats targeting/affecting most self hosted email users is really a time savings vs having to scope through your own logs and wonder what broke, or what's wrong.
+1 on this, I'd be very interested too. I own a domain I'd like to use, and the entity I bought it from offers prepackaged email services I can attach to it. But it's not really running my own thing.
> I am being monitored for using a privacy focused email address
How exactly did you find this out? I don't think you generally get letter mail saying "Hey, we're monitoring you now". How do you differentiate monitoring behavior from something like an individual service flagging an individual transaction because of your email and killing it?
I'm always deeply skeptical of claims like this since they're almost always unverifiable by any party (including the commenter).
By the way, your email address provider is only one metric by which you are being monitored. Everything happening online is now being monitored, stored and AI analysed, and will be for a long time in the future as technology is evolving and new meaning can emerge from everything that is recorded.
Therefore, encryption is their enemy. For now. Until they break it all. Or until we break away.
>Now you know what it is like to be a black person
What makes you think this person isn't black?
Maybe the first step we can take to ensuring all people are treated with dignity and respect is to not assume Group X is that group other there, an other. Maybe we can instead assume Group X is everywhere.
That make sense. That's why I'm using two regular service addresses redirected to my privacy focused email address, and assign different tasks to each one of them. It even help me filter out more unwanted messages and subscriptions.
I've never had this issue with a personal custom domain. Basically all businesses have custom domains so blacklisting all of them can't make sense, surely?
Using a custom domain doesn't necessarily mean using a custom mail server, they can point to a really common mail server such as gmail for instance. This is how a lot of business emails are set up.
True, but then I would assume that serious monitoring apparatus would include mail server monitoring, therefore defeating the need for a custom domain, which may contribute to identify you and/or stigmatise you further. Especially if one is accounting for other traffic carried by the said custom domain.
It’s protonmail. Using a protonmail address will automatically cause a failure flag in the MaxMind checker which a ton of merchants use for fraud screening.
Under the thin veneer of civilized society it's still the law of the jungle; while our civilization may have become advanced, our DNA hasn't caught up. We are programmed to blindly accumulate as much as possible, because for most of our evolutionary history scarcity and disaster was always just around the corner. In modern times, it translates into those who already hold positions of wealth and power going for even more, at the expensive of everyone else. This has in turn been amplified by technology and globalization.
Having said that, historically we're still at a "high point". It's a cold comfort, but still..
Seeing how wages adjusted for inflation have stagnated while productivity has nearly doubled in the past 40 years and the impending climate catastrophies, I don't see how we're at a high point.
Although, I guess if some kind of climate catastrophe occurs, we could consider ourselves in one of the luckier generations
https://www.weforum.org/agenda/2020/11/productivity-workforc....
Actually I think we peaked 10-20 years ago. My father experience most of the peak 50-odd years - thankfully he didn't live to see what the world has become.
The sobering reality once you understand things is that we are never more than 1 generation away from living in caves and losing all civilization. The delusion of durability of The Cloud (compared to physical books) is one of the saddest things.
I used to be a vendor for both Seagate and WD - and they'd regale us about how NO HDD can store data forever even if it's not running. Everything fails as long as it at 300K rather than 0K. And the lifespan of most electronics and computer is FAR shorter than most people imagine.
>while our civilization may have become advanced, our DNA hasn't caught up. We are programmed to blindly accumulate as much as possible, because for most of our evolutionary history scarcity and disaster was always just around the corner.
Yes, we'd be much better off if we'd just stop progressing at some arbitrary point, and just accepted:
- 35 years of life expectancy
- no running water
- famines every decade
- zero modern technology, like electricity or even healthcare
35 years of life expectancy was not reality. If you lived past childhood you usually lived until your 50s or 70s. There are tribal villages in africa today that barely have modern anything and have many people in their 90s. Human life expectancy decreased with the transition from hunter/gatherer/herder tribes into agriculture with a few crops, due to relative malnutrition. It's only recently in modern times that we have started matching hunter gatherer life expectancy with our knowledge of nutrition and 120 year old medical knowledge.
So? That's still the definition of life expectancy. Moreover, being able to live to 90 if everything went right doesn't mean much when you die at 20 because of a treatable illness/injury, or seeing your wife/kid die in childbirth.
> Under the thin veneer of civilized society it's still the law of the jungle
that "law of the jungle" thing is a myth. people believe it because it makes sense, but it isn't real for humans or almost any animal species.
what really exists is that people feel very good when they view themselves as superior to others, and they come up with an insane amount of mental gymnastics to justify what they do to attain that feeling.
one of the great myths of nature is that predators have some sort of instinct to screw over their social group at every opportunity. even most animals know that there is strength in numbers and in fairness. we humans have taught ourselves that fairness and consideration of others are weaknesses and that feeling like a badass at the expense of others is very positive.
humans are literally an irredeemable species at this point, because all of the evidence of what I say is available to anyone with an internet connection, but it's easier and more fun to feel like a badass occasionally than it is to change your view of society, so the facts get ignored and humanity continues to destroy itself over smaller and smaller things.
> One of the great myths of nature is that predators have some sort of instinct to screw over their social group at every opportunity.
Speaking of humans: Their social group, no. Other social groups, absolutely.
We know this as "ingroup bias".
Pre-internet, your ingroups and outgroups were largely restricted by geography. Moreover, you got this sort of "ingroup boosting" effect by being part of a town, county, state, and country, so you had a lot of overlaps with other people.
Interestingly enough, each of those geographic entities actually occupies a "slot" in your social graph -- unconsciously, you think of them as people.
Without a forcing function providing behavioral moderation through discordant groupings, ingroups and outgroups become increasingly monocultural, tribalistic, and behaviorally extreme.
>one of the great myths of nature is that predators have some sort of instinct to screw over their social group at every opportunity. even most animals know that there is strength in numbers and in fairness.
You make a good point. It's interesting how people seem to automatically equate hard work as automatically being a positive (or even as some kind of morality). In reality, without fully understanding an individual's true motivations, it's hard to make any kind of proper judgement.
> The worst thing that people can say about unions is they are bureaucratic and inconvenient.
I disagree. Unions can lead to the death of entire industries - I have seen it with my own eyes. Inefficiencies created by unions lead to jobs going to places where such unions do not exist. Personally, I do believe the workers need to be protected, but if you protect workers then you also need to protect industries, and this opens a gigantic can of worms as it runs counter to globalization and free trade.
Maybe we need to open a gigantic can of worms that “runs counter to globalization” if we’re talking about sending those jobs to countries with unethical working conditions.
There are many examples in the manufacturing industry, though unions aren't the only factor.
> Maybe we need to open a gigantic can of worms that “runs counter to globalization” if we’re talking about sending
those jobs to countries with unethical working conditions.
I couldn't agree more, the problem is there are powerful interests that will keep trying to sweep this issue under the rug.
Yes, so unions tend to kill countries where they're too strong. They tend to promote short-sighted action that save/retain existing jobs. This makes it harder for the economy to change when it is needed which in the long run leads to failed businesses, an uncompetitive work force and unemployment. Maybe unions is like democracy in that they totally suck, but the alternatives are worse. However, unions should definitely have their power checked.
The article explains it perfectly: Understandably, male names still do not spot the “woman” radical (女, nü). 女 explicitly refers to women, whereas the “man” radical (亻, ren2) is more flexible, as it refers to humans.
This is also consistent with my understanding. On a cultural note, many ppl call Westerners with PC leanings “白左” and view the PC movement as a bit ridiculous. So definitely don’t apply modern PC standards to China.
人 refers to man only in the sense of mankind. It is usually translated as person, like 中國人 (Chinese person). The character for specifically male people is 男 as in 男人 (guy).
> On a cultural note, many ppl call Westerners with PC leanings “白左” and view the PC movement as a bit ridiculous.
Putting aside whether "westerners with PC leanings" are "ridiculous" or not, it's hardly surprising that a country ruled by the CCP would have isolationist tendencies against international leftist movements that do not align with their own national interests. This power grab over language and definition is pretty evident in any "socialist" one party state that has existed.
“Westerners with PC leanings” are considered ridiculous by most every culture in the world. If there is any ideology that has a “power grab over language and definition” it is the modern, Western left.
> I feel my life outcome and success depends on emotional regulation more than anything else.
Indeed. It wouldn't surprise me that assuming a person is of at least average intelligence, emotional regulation is the greatest predictor of success. Not to be held back by one's own demons is a big step towards success.
After reading the article, it appears that this deal favors large media companies who are able to negotiate a decent deal for themselves with Facebook. It seems like that the government will also use it as an excuse to cut finding to state-funded news sources. I cannot see how the deal favors the general public at all.
Cory Doctorow had (as usual) a good write up on these happenings. He spends a good while talking about how lopsided this law is. For a start:
> But of course, this isn't a negotiation between workers and employers: it's a bargain between a cartel of news organizations and a search duopoly. That's not ideal! For starters, it means that the government gets to decide who is a "news organization."
> That's ripe for abuse. News organizations are expected to report on the government and the government gets to decide whether they are entitled to participate in collective bargaining with Googbook, which could mean the difference between financial viability and bankruptcy.
He does say that there is some public accountability & reporting that big companies like Facebook & Google will face, which should be helpful generally. But yeah, this looks like a very silly effort, alas:
> It's not wrong to say that the only reason this regulation got off the drawing-board is that [Rupert] Murdoch viewed it as a way to shift a few balance-points from Big Tech's side of the ledger to Big Media's side.
That was an interesting read which shows the original intention behind it wasn't necessarily evil, and that the media code was designed to treat the symptoms of an underlying problem (which are of course the monopolies).
I only have a superficial understanding of the legislation, but my impression is the opposite - it requires Google/Facebook to enter into good faith negotiations with news organisations that can choose to negotiate individually or collectively.
There's a Q&A from the ACCC (Australian Competition and Consumer Commission) that drafted the code:
> How would the code benefit smaller, regional and rural news media businesses?
>The bargaining power imbalance between news media businesses and the digital platforms is particularly acute for smaller, regional and rural news media businesses. The draft code would allow news media businesses to bargain with a digital platforms either individually or (more likely) as part of a collective. Bargaining as part of a collective would allow smaller news media businesses to negotiate from a stronger position than negotiating individually. Collective bargaining is likely to also reduce costs for individual news media businesses, and allow groups to pool resources and expertise during the negotiation process.
> it requires Google/Facebook to enter into good faith negotiations with news organisations
It's funny how the human mind tries to make sense out of complete nonsense. (This isn't a dig at you.) You read the act was forcing them to bargain, and you (like me as it happens) immediately assumed to bargain someone must have something to sell and the price is determined by what it is. What it is must be access to news, surely?
So with that in mind, read this direct quote from the act [0]:
> Division5—Non-differentiation 52ZC … (2) The responsible digital platform corporation must ensure that the supply of the digital service does not … (a) differentiate between registered news businesses, because of … (iii) a registered news business being paid, or not being paid, an amount of remuneration
But no, they are not bargaining over access to news. So what, precisely? Well, as far as I can tell the act doesn't say. They just, must, bargain.
I know the advice is not to watch the sausage being made, but geeze ...
Because the media code set by the government should, in an overall sense, benefit the people of the nation. Clearly it's not the case, and the government deserves to be called out for it.
All I can find is that it was tabled by the Australian Competition and Consumer Commission at the request of the federal government. But if I was to take a wild guess, I'd say that Murdoch was somehow behind it.
> Could one make the argument that entities with an interest in destabilizing our democracy should not be able to inject propaganda into our discourse because “free speech”?
One could also argue that censoring one side of politics deepens divisions and drives people to polical extremes. I would rephrase "democracy can’t survive without free speech" as "democracy can’t survive without free political speech"
I can't even understand why there's an ideological battle. If you take a perfectly healthy person and put them into solitary confinement, there's a good chance they'll become depressed. It's an extreme example, but my point is that for most people depression is very much circumstantial. If the circumstances can be corrected and no serious trauma was experienced, the depression will probably go away. When cirsumstances cannot be changed or there's lasting trauma, medications are an option but outcomes are mixed..
There's a minority of people whom regardless of their circumstances will be depressed. In this case, the argument that a person's monoamine neurotransmitters levels (e.g. serotonin, dopamine, norepinephrine) are just naturally out of whack makes sense and medications might be the best option.
Your comment hits the nail on the head. It's anticompetitive behaviour, and in the end consumers don't have a choice because competitors have gone out of business. If it's a valuable product or service (e.g. lifetime memories), consumers are then held to ransom. It has been going on for years, and it will continue to get worse until we rearch some kind of tipping point where people start to really care.
Now what do I do? Avoid privacy-focused email addresses for anything in daily life. It seems to be a battle that cannot be won.