"The biggest problem of course is who decides what misinformation is." I agree. From a fairness standpoint, it should be done by consensus, but few people have both the time and the information required to effectively participate in consensus. It's a hard problem, which is why I suggest that the only realistic solution is to let evolution take its course on those who don't do their homework. But in no event does it make sense to have fact checkers looking up outdated news or research in order to assess the veracity of today's new claims, especially if those fact checkers come from the same organization as the one hosting the social media platform itself. No small cadre of people deserves such power over the legions of information consumers, however intelligent or well intentioned they may be. This is why we invented blockchains, but they won't help us in this case. What we need to do is push critical thinking and forensic data analysis skills, rather than fighting an endless battle against disinformation. Did we learn nothing from decades of fighting illicit drugs, only to see prices rise and addiction continue unabated? Let fools be fools.

The false dichotomy is that we can choose between clamping down on the spread of misinformation, or just not and suffering the consequences. The reality is that the more a given platform censors, the more people reject it. So the real choice is between misinformation in daylight and misinformation under the rug. In other words, better the devil you know than the devil you don't.

As to the specific population in question, the people of Myanmar are broadly and indefatigably ignorant. They cling to comforting or empowering beliefs, regardless of contradictory information. You can call that racist, but it's actually just the biproduct of decades of rule by kleptocrats. I'm slightly more optimistic for the younger urbanites who, until the February coup, were much better informed. And for the record, most of them are the nicest folks you'll ever meet.

Moreover the mere fact that someone is engaging with Facebook on a regular basis suggests that they have poor critical thinking skills anyway. They probably have low intelligence, or simply suffer from gross ignorance of how to advance themselves or even survive in life. I realize that there are some outliers, but as a general commentary, this seems to be true.

Let Darwin out of his cage. Let the morons drink the KoolAid and follow each other over a cliff of social implosion. At least, if we don't censor, we'll be able to point future generations to the misinformation streams that caused them to do so. The lemmings won't listen to reason anyway, so the best we can do is ensure that we have an enduring fossil record of their errors and the inspiration for them.

And by the way, I love the Rohingya virtue signalling. This is clearly written by someone who wants to wear the "defend the innocent" badge in order to build street cred for the cause of censoring disinformation (a spin on the old "think of the children" hook for breaking encryption). Anyone who has studied the Rohingya conflict knows that among them are both victims and perpetrators of atrocity, depending on the individual in question (and yes, _most_ are victims). The same could be said of the Buddhists fighting with them, some of whom have suffered from Rohnigya violence. There are no monolithically peaceful tribes in Myanmar, but the junta that rules the place is by any humane standards purely evil. But more to the point, the country is rife with religious fervor and scientific ignorance, which in part explains the success of disinformation campaigns. Stop trying to fix it, or you'll just drive the lemmings to even more delusional conclusions.

You want to help educate them? Good, then stop virtue signalling and actually spend a whopping $20 for a VPN account and ship the credentials to a random student in Myanmar. That way, perhaps they'll be able to combat the junta with better and more qualified information.

...but isn't that the whole point? What failed here was the process between this guy's BS factory and the act of publication. That specific instance of the peer review process has been debunked by this revelation, not ivermectin (whether or not it's useful), and certainly not all peer review in general.

Well said, and so easily ignored. Perhaps one day the social media masters will finally realize that censoring absurd or unfounded claims (or, rarely, politically inconvenient truths) is guaranteed to fuel the flames of the very conspiracy theories which they seek to extinguish (because, in some sense, censorship is conspiracy, to say nothing of more paranoid implications). Better to let the record stand, and to address nonsense with data, logic, and statistics, than to just delete the nonsense and thereby reinforce said conspiracy theories. Better still to dispassionately improve the quality of evidence with more review or experimentation. That's what science is supposed to be, but we're drunk with the passion of politics, while objectivity and nuance have gone to the dogs.

That makes logical sense, except that zinc absorption doesn't work in a linear way. Not even close. It's just extremely difficult to get it across the lipid bilayer in virologically relevant concentrations (if that's even achievable at all) without a molecular escort, i.e. an ionophore. HCQ is by no means the only one. Quercetin works as well, in addition to others. It's all about the usual tradeoffs: cost, side effects, effectiveness, bioavailability of the ionophore itself, etc. But whether or not HCQ can be used to achieve a compelling tradeoff in these regards wasn't my point. It was just to make an analogy with more recent studies on ivermectin, as I explained to the thegarbz a couple messages above.

I don't know what claim you think I'm making here by way of HCQ. It's an analogy. I was referring to the early (yes, dated) studies which claimed to debunk HCQ as being useful with respect to COVID, when in fact they didn't test it in the most obvious theoretically motivated way, which is as an ionophore to get zinc into the cell so as to inhibit viral transcription during the early symptomatic phase. But look, forget HCQ. The point is that ivermectin is being investigated in the same way (by some but not all studies to date): pick any random experiment you want in which you use it in a manner that isn't motivated by what is actually known about its behavior in the cell, observe that it doesn't do anything for COVID, and, voila, you've debunked it! But this news report is even worse because it implies that ivermectin has been debunked by some guy who made up the data. Ah ha! There's a liar involved here! All the other ivermectin studies must be fraud!

Here we go again. We have on the one hand an apparently fraudulent study "proving" the utility of ivermectin, and on the other, a metaanalysis that shows that the drug is useless. But suggesting that these studies debunk ivermectin is as good as saying that you invested with Madoff and lost all your money, so all investment companies are fraudulent; and furthermore most participants don't beat the market, so therefore it's impossible. It's little wonder that the metaanalysis had such low quality of evidence (QoE) by their own admission: they poured all the data from many different studies into the same bucket.

Look, I'm not sure whether ivermectin is effective or not, but from a theoretical perspective, I see no reason for effectiveness except when administered in the early phase of symptoms. If I had COVID, personally, I would take it early on in the disease course. To each his own, and yes, I've read about the side effects and their rates of incidence. I just hope it doesn't get banned due to sloppy debunking like this. (To be fair, debunking might not have been the intent, but I think a lot of readers will take it that way because they're tired of the pseudoscience on the political right. That's fine, but it doesn't dismiss the need for rigorousness and precision in the quest to debunk.)

And I hate to even mention it, but all this reminds me of HCQ. Numerous studies "proved" that it didn't work by (1) administering it in severe disease, well beyond the viral load expansion stage and (2) administering it without zinc or without enough zinc, which should have helped to impede viral transcription. HCQ, like quercetin, is an ionophore which increases zinc delivery across cells' lipid bilayers. But testing it in completely the wrong way doesn't disprove its utility. And yes, perhaps it still doesn't work and there's proof of that somewhere, but those early studies, like these ivermeticin studies, don't successfully falsify the hypothesis. Perhaps such sloppiness was politically motivated because, indeed, Trump and Bolsonaro were wrong: HCQ alone doesn't do anything, unless you're trying to prevent malaria. That doesn't mean that there is no context in which it works, let alone a context more directly motivated by what is already known on an isolated cellular level. And if there is, doing a metaanalysis which mixes all kinds of irrelevant or badly designed studies with a few good ones is a great way to prevent yourself from discovering the latter.

By the way, there's an outstanding, science-based YouTube channel called Med Cram which discusses both of these and many others in terms of cellular physiology. No politics, no miracle cures, and no bleach injections, just biochemistry. Pubmed is better still, but better YouTube science than no science for those of us who don't have the time to read.

If Biden wants Trump to win in 2024, then blocking or editing SMS messages would be the way to do it. I guess the door-to-door vax campaign idea just wasn't politically counterproductive enough for him.

I fully support the right of individuals not only to avoid vaccination of any kind, but also to make entertaining claims about how a globalist cabal controls the virus via 5G so they can modify our DNA. Because if the vaccine works then the rest of us have little to fear from them. (It won't eliminate the virus, though, which the Chinese and the Kiwis have proven, perhaps courtesy of the food importation cold chain. In any case, the third world will be a variant factory for a long time to come. Local herd immunity is therefore fragile, as the Irealis have recently demonstrated, so let's stop beating up on tinfoil hatters.)

Besides, one day, the antivaxxers may well be correct: there's nothing impossible or even unprecedented about gene editing, slow poisoning, or latent infection delivered via needle, and nothing trustworthy about authoritarian governments. For that matter, optoactive neural implants are already a thing, so wireless activation of some sort isn't physically untenable. So perhaps the antivaxxers have a point, but one which will first be realized in places like China or Iran a few decades down the road. And it will be done for the "personal safety" of whoever the current rulers wish to modify or eliminate.

If you want to know exactly how harmful the mRNA vaccines against SARS-CoV-2 are, see the work of Dr. Bruce Patterson on long hauler's, which can be induced by vaccination alone because it has everything to do with the spike protein. Spoiler alert (as though you should just trust my opinion): I've studied this virus extensively and concluded long ago that mRNA vaccines are worth the risk. (I've also concluded that WHO is at best months behind the learning curve.) But, trust me, I won't be showing up at your door to convince you of that. And, no, I don't automatically trust that the foregoing will never happen in America, so I'll be greatly relieved when the nutcases start abandoning the social media titans in droves and head for the evolving social media blockchain. Once in a while, they actually have something insightful to offer.

So now that these particular models have been cleared of any suspected security vulnerabilities, it's time for DJI to replace the firmware with malware (and probably not bother to change the version number) in future production runs. If they know what they're doing (or have some "assistance" from Beijing), they'll insert some code to poll the wifi (or Bluetooth) environment and perform slow password attacks distributed across all SSIDs in range, so that they gradually find ways to phone home often enough to be useful but not often enough to register excessive bandwidth consumption. Maybe these designs don't come with generic wifi connectivity as a feature, but it would be easy to insert it surreptitiously with a relative handful of extra transistors.

But to be objective, just because the CCP is evil and DJI is their doggie does not mean that the latter are necessarily doing anything wrong. Maybe they really do make "dumb" drones. But how hard would it be to insert a conditionally activated vulnerability in software, such as a buffer overflow? Or in hardware, considering that the drone's chips are likely made in China? Then it would become a passive video recording and storage system waiting to be pwned by a port scanner if and when internet connectivity were made available (and perhaps indirectly via their controller app).

The overriding answer is that US needs to create its own vertically integrated hardware and software industry. Welcoming Taiwanese TMSC to construct semiconductor factories on US soil to employ people from both countries would be a good start.

Meanwhile, if you need to use a CCP drone, don't even think about connecting it to anything. (If you have to use their app, disable connectivity on your phone, use it once, then perform a factory reset.) And if possible, keep the drone permanently out of range of wifi connections with weak passwords. Also be leery of the possibility that it may embed GPS data into images (which is common behavior even for "nice" devices) and potentially video. A good scam would be to do so using stenography, wherein GPS location is embedded into the compression stream in a manner indetectable to the eye. Then after publication on social media, it could be downloaded by Baidu, Alibaba, or others, which would allow the CCP to expand its database matching images to locations. This is a relatively low bar by state standards. It could even be implemented in a heavily redundant manner which would survive destructive transcoding. While it probably isn't actually happening with this or other CCP proxy products, we should assume otherwise.

I meant to say "Censoring crazy people is worse than hosting them." My mistake.

To limit the spread of disinformation is to limit the accountability of individual users for applying standards of critical thinking based on evidence, and more accurately, a probabilistic model of the relative credibility of evidence. Please do not protect me from disinformation. Rather, protect me from those who would remove the volumes of information, disinformation, and misinformation (jointly, "alleged information") upon which I seek to train myself, just as AI trains itself. I alone am responsible for how much faith I choose to place in any given piece of alleged information, and the actions that I may take as a result. I would rather make mistakes and learn from them than to be "shielded" from "disinformation" or "unproven claims" which, on rare occasion, prove both true and valuable.

Too many times in recent history, we have treated "unproven" as equivalent to "false". And "fact checkers" test the veracity of claims against "established facts" which, given the abundancy of nonreproducible "science", are often wrong. What they generally don't do, in any event, is analyze the totality of evidence available and weigh it by credibility in order to obtain the most likely of a multitude of unlikely explanations, to be compared against the claim or assertion in question. AI does do that with varying degrees of competency, which is why it often "miraculously" makes more progress faster than the scientific method would usually afford, with respect to the optimization of a certain target parameter.

I don't need to you to check Wikipedia, PubMed, or Nature for me in order to "fact check" someone's outlandish claims because you're afraid to be sued. To the contrary, I need to ensure that you are vulnerable to lawsuits for deleting alleged information, especially if known to have originated with a human as opposed to a bot.

The case could be made that humans cannot possibly replicate the evidence-weighting process of AI, especially within narrow domains where the latter excels. That's certainly true, but the most productive claims analysis process necessarily leverage AI (and to an extent which is sure to increase as AI becomes more sophisticated) because, in our dynamic world, we often need to make an assessment and decide on courses of action before the scientific method can settle on a rigorous conclusion. The default action is simply inaction, which is a choice in itself and usually not the optimal one. None of that works if social media platforms are compelled to delete alleged information because they fear liability arising from the subset of it which turns out to be false, or worse, merely unproven.

Yes, perhaps such liability protections for hosting disinformation don't belong in a trade deal, but they belong somewhere in the laws of a country which claims to support freedom of expression and thought.

Stupid people on both political extremes may act on a whim, avoiding the mental tax of critical thinking. There is no cure for such laziness other than evolution itself. We cannot afford to embolden the thought police in order to save those fools from themselves.

User fingerprinting, which is really what browser fingerprinting is attempting to do, is quite difficult to thwart. After all, even the grammar I'm using in this post is extremely helpful in identifying me. You might not know who I am, but even without a panopticon at your disposal, you could do automated searches for pieces of my text and perhaps conclude that I must be the same user as "that guy on that website over there". If I were daft enough to use the same ID on that other site, then your search would be even easier. Or if not, but you could somehow hack the site and conclude that I used the same signup email, then all the moreso.

The point is that app fingerprints, while useful and easy to automate, are just the tip of the iceberg when it comes to identifying people (at least to the extent that "this guy and that guy are the same person"), whether by name or simply by connection to other online personas with a suspiciously similar fingerprint.

Even how you respond to browser permission requests (and what level of permission you choose), what screen resolution you use, how long it takes you to click on cookie acceptance dialogs, etc. can fingerprint you, as can the apps that you use to avoid fingerprinting. It's probably not all that difficult to write a server-side script which attempts to tweak certain attributes on the browser side, then determines which of those attempts succeeded, in order to determine which antifingerprinting apps you're running, thereby creating a fingerprint! Likewise for all your browser settings, which don't even require plugins to have an effect on your fingerprint.

Anonymity is more about randomizing all of the above (including grammar and spelling errors), at least per-account, than it is about downloading and maintaining all the latest privacy plugins (whose version numbers provide yet a deeper level of potential fingerprinting). (Those version numbers are probably knowable due to the domains you're downloading them from and the ensuing file transfer block counts). And whatever you do, don't post any photos, which contain camera fingerprints (both metadata in the image header and pixel statistical behavior), above and beyond whatever residual information might be in the picture itself. (You can launder pictures, to some extent, by postprocessing them through blurring etc., but it's harder than you think to do that anonymously, because laundering methods are also fingerprints, and it's not simple to know how much of the original pixel information remains.) Anyways, even timing matters, both with respect to browser behavior and user response latency. Go forth and randomize! (But don't use insecure interfaces just because you're trying to look like someone else.)

I'm sympathetic to your more coordinated approach, but unfortunately it seems clear that the maintainers would never have allowed it to happen. For all practical purposes, it was hopeless to try to obtain permission, and even asking would have defeated the experiment. Granted, their efforts were incompetent in numerous regards, but as a Linux enthusiast, I'm thankful to them for at least trying. We could do worse than to have the kernel team "waste" half their time thinking of more automated ways to prevent flaws from even reaching their eyeballs in the first place.

"If you want high security look elsewhere. Linux will never be that. The quicker you come to this realization the better off you will be." OK, fair point. I guess I'm something of an optimist, though, in that I believe in the power of AI, for better or worse. In this case, the "better" would be to invest extensively in smarter linters build expressly for the kernel, even if it comes at the expense of nice-to-have enhancements for a year. The point is, sooner or later, the kernel source is likely to suffer a broad-based and sophisticated attack. And yeah, it doesn't even matter if it doesn't, because as you said, there's a constant, largely accidental low-level attack occurring daily. The answer isn't more eyeballs. It's more silicon and smarter software. I don't pretend that engineering a more abstract, yet kernel-focussed linter is somehow straightforward, but it's certainly worth a lot of time and resources to improve. The kernel, ideally, should be in at a point where human review literally never happens until the AI gives up on trying to find holes in your code (in the context of lots of different builds -- not just in isolation), but any progress in this vein would be welcome. (Their slow migration to Rust is a good start, BTW.) Hard problem. Worth effort.

You're right about the "many eyes" myth being over sold as some sort of security guarantee. But things get easier when we invest in smarter linters. Artificial eyes bring a lot to the party. If that means I need to wait another year to get a lower-latency kernel, so be it.