>If there is one rule, then it had to be the ‘safety net’ rule. It just means that everyone is safe to speak their minds during the retreat. There will be many sessions on feedback about product, company, people etc. If team members are worried about repercussions, then retreats wouldn’t work at all.
Sounds great in theory, but what do you do when someone starts sharing sexist or biased opinions. Or starts to personally degrade another employee or team?
For a responsible company, there are always repercussions, it is disingenuous to lead employees to believe otherwise.
There is strong moderation by an internal party or external consultant. If someone makes sexist, biased or racial opinions, why does it matter whether it is offsite or not?
We live in a world of freedom, but that doesn't mean you can abuse someone. It is the same in offsite too. You have safety, but not to be a jerk
So ban all types of internet-based or IP-based calls? That's an extreme solution for a limited problem.
The problem is the lack of threat validation by police. There are many options now to validate threats, we have tech that can see through walls, robotics, drones. The fact is you have a very real chance of being shot by police without a trial and based on a phone-call.. and we are considering that a problem with the phone company?
No, require companies that offer IP based calls to take the same steps any other phone company is required to undertake.
There is no requirement for a company to let anyone make a call without have some identity confirmation.
Other than that, I agree few (no?) other countries have quite the same level of murder-by-cop (with or without swatting calls) as the US does. This seems to be at least in part due to the US police forces having ensuring that police are never liable for anything, and having got legislation to ensure that any "fear" of harm to themselves warrants immediate lethal force.
What identity confirmation exists currently for phone companies? You can use a pay phone, pay cash for a prepaid wireless phone, phone in a motel room booked under a fake name, etc.
This is similar to what I'd like to see. Sharing cookies is somewhat dangerous since they could have login/user data, but it would totally work to avoid browser fingerprinting. With all the fingerprinting methods (screen resolution, GPU, HW, font-list, etc.) it's a losing proposition to attempt to remove all traces of a unique fingerprint.
Instead I'd like to see a browser that generates such a noisy fingerprint that it is useless: Each time I start an 'anonymous' session, grab a fingerprint from a pool that is sufficiently similar to mine that things render properly (matching resolution for example) but that has also been used by thousands/millions of others.
There's no reason EV policy can't be modified to also enforce uniqueness. In fact, that's what I'd expect if we're only giving EVs to household names.
Banks which have the same name as other banks should change their name, but we should tie EVs for banks to existing financial system institutions. For example, most banks in the US have an FDIC number, so our EV validators in the US can tie a bank to it's FDIC registration, and the user can cross-reference their bank with that as well. Basically if I'm a bank customer, I should have a unique identifier on my check or debit card which can be cross-referenced with the EV cert.
How do you decide which one needs to change its name? There's no objective measure for which is 'larger'.
The vast majority of consumers are not going to lookup an FDIC number, and even if they did, it is still not optimal since banks regularly merge which would cause confusion.
I don't think we really care, do we? I'm not really worried that I connected to First Bank rather than Second Bank, since both are legitimate banks; what I want is to ensure that I didn't accidentally connect to Second Bannk, the local fraud shop. "Is this site controlled by a FDIC-registered organization" is probably good enough™.
Why do EVs need to solve a problem that is already solved offline?
As you point out, there are plenty of real businesses with names similar to each other. And yet, they all manage to do business with their customers. How does it work? Because customers use more than just a name to recognize a business.
IMO this is a good example of how the goalposts have been moved on EV certs over time. They were never intended to solve name uniqueness globally, so IMO it’s silly to complain that they don’t.
Why don’t we include, in the EV cert, enough info to uniquely identify a business? E.g. the jurisdiction of business registration + the business registration number?
When issuing the EV cert, they don't actually validate any of that so it is of questionable utility.
I was surprised how easy it was to get an EV cert. The validators work from an offshore call-center and use sites like whitepages.com to lookup the business. They then call the number listed (you could have updated the listing just before). When they call you simply have to say "I am ... and my position is X at Y company. Then hand the phone to someone else who says something similar". There was no individual identity verification.
Then the problem isn’t really with the EV cert itself, no?
What if browsers were designed such that for each website, over HTTPS or not, the first X times you visit it, the browser forces you to review the relevant WHOIS and/or certificate info in a modal? And also force you to review the certificate if the certificate has been renewed/replaced?
Who are these hypothetical users who are going to conduct a thorough review of Whois/cert data the first $n times they go to a site?
I’m a security-conscious, technically savvy user of the internet, and I’m neither convinced I would put up with this for more than a day before disabling it or that it would improve my security if I were to try. I’m pretty confident my eyes would just start glazing over the 5th time I scrolled through cert metadata.
My hypothesis is that users just need to have an in-your-face reminder that they are venturing into uncharted territory whenever an unseen domain and/or certificate comes up. The "X" in my "first X times" could be as low as 1.
You also don't need to show all cert metadata; just enough to be meaningful to the user. I believe that stuff like certificate signature, public key, and hash don't need to be shown to the user in such a modal dialog; they could be automatically checked against certificate transparency logs.
What you want to show to the user in such as modal is stuff like:
- entity name
- business registration jurisdiction
- business registration number
That's the kind of info that the CA ought to validate diligently. That's also the kind of info that people use to validate the identity of businesses in the physical world.
The modal should also have clear wordings in big letters of what a certificate actually means, namely, that the communication with the server is safe against eavesdropping and forgery, but that it's the user's responsibility to make sure the server is not an imposter - e.g. similar name or same name but registered in a different jurisdiction than the legitimate entity.
It's a lot about education, awareness, and timely reminders.
The alternative, which is to hide any indication of EV from the user, seems to be throwing up our hands and just assume users are always dumb and lazy. In that case, why bother with, not just EV, but any certificate at all?
Do you look at the business license of every store you walk into? Probably not.
But you have a latent expectation that the store is known to local authorities, who will be able to investigate a crime if that business commits one.
The information in an EV is not for consumer inspection up front, it is a paper trail for investigations to follow after the fact. The optional provision of this paper trail is a signifier to the consumer that this business intends to operate responsibly. Just like going through the trouble of setting up a store front is more trustworthy than pulling a truck full of inventory up to the curb.
What browsers could do better is leverage the EV info for consumers. For example, show a "report a problem with this business" button that connects the consumer with the relevant authorities and/or Better Business Bureau in the locality where that company operates. The EV supplies the legal company name and its locality of origin.
The entire purpose of a company is to return value to shareholders. Due to our current tax law, buybacks are a much better way to do that than dividends.
Are you saying that a company should invest 100% back into itself? There are a few very successful companies that do that, but the vast majority do not. Most companies return value to shareholders regularly in the form of dividends (or buybacks).
How do you avoid creating a slum with dense low-income housing?
Seems like highly distributed low-cost, low-unit housing might work decently.