> But companies prefer to put in that effort and annoy their users so they can have that tracking.

This is making the assumption that the company has already paid the significant legal fees to see if they need the banner or not. Or ignoring the companies that think it is easier to add the banner than pay a law firm to review it's data usage.

It's like 'Hey, I make T-shirts. I want to sell them to anyone who visits my website. Do I need a cookie banner? I don't know. I do collect personal information to facilitate the transaction. I do retain the information for refund purposes. I do log IP addresses. Is this covered without a banner? Am I 'safer' to just make a banner saying we are saving their data and using it? I can't afford a lawyer to review everything we do, but I can afford a developer to make a banner like they did on other sites. Even if they implement it incorrectly, I think it's worth the cost to have the banner because I probably won't be liable if I attempted to follow the law. And maybe I'm wrong there because again, I have no idea what the letter of the law requires. I just make t-shirts and want to sell them.'

Tossing up a banner doesn't really help. You're required to allow users to opt out of anything that's not essential to the service being requested by the user. So regardless of whether you're going to have a banner or not, you have to identify what's essential. And once you've done that, you could stop there and not have anything non-essential.

> I also recognize that websites don't need the banner if they aren't trying to track me

And I recognize that there is a non-trivial cost to knowing if you need the banner or not, and people are likely to ask their web designer/dev "Hey, where's the cookie banner?" and then pay for the subsequent cost of implementing that because it's cheaper than expensive lawyers.

> The bigger problem is the unbanning

The was my first thought as well. Yes, using the Safe Browsing list feels wrong, but I don't know enough to speak definitively in that regards. However wouldn't a relatively simple solution be that if a registrar is choosing to use some third party's list of banned DNS entries that the registrar then also implement sufficient unblocked components that will allow people to be unbanned from that third party?

> Add a DNS TXT or a CNAME record.

I haven't had a use-case for a TXT record come up yet, but isn't it low risk enough to allow domain owners to continue to configure TXT records even if the registrar wants to ban configuring other record types? Then the person in the article could prove ownership and could then get off of the third party ban list that the registrar was utilizing.

DNS can be thought of as a distributed KV store with built in caching suitable for low write high read use cases, so TXT makes sense for that. e.g. basic feature flagging can be accomplished that way with basically no work to set it up assuming you were already using DNS.

The registry cannot ban individual record types. That is not how DNS works.

The registry only maintains a list of NameServers associated with the domain (and records for DNSSEC zone signing). Registries have nothing to do with regular records. They only record who defines those records.

TXT can't be banned. There are several RFCs that require TXT records, such as DKIM configuration, DMARC configuration, and it is extensively used for verification by things like AWS SES, Microsoft Office, and all kinds of things. It's built into many standards and used by all kinds of other entities for all kinds of perfectly legitimate things.

yes, but in that cases we are on the "this (should) involve a criminal investigation" level not on a "Google Safe Search" doesn't trust you level

My only concern here is that it's using ex post facto information to try to dispute earlier assessments.

If I 'moved' some AI 'patents' to another country 5 years ago and stated they were worth $x using some formula and now some years later the government steps in and says 'No no no, you earned $x + $y and lied on the original value which should have represented the discounted future income!' that's not disputing the formula used in the original point. It's just that 5 years ago people underestimated how far and how valuable AI would be.

Sure but if that’s the case there should be some tax on the mark to market difference. If not it’s just straight up tax fraud (which I suspect is often actually the case).

Both Google and Facebook have enforced real identity and its not improved the state of peoples comments at all. I don't think anonymity particular changes what many people are willing to say or how they say it, people are just the creature you see and anonymity simple protects them it doesn't change their behaviour all that much.

I think opt-in ID is great. Services like Discord can require ID because they are private services*. Furthermore, I think that in the future, a majority of people will stay on services with some form of verification, because the anonymous internet is noisy and scary.

The underlying internet should remain anonymous. People should remain able to communicate anonymously with consenting parties, send private DMs and create private group chats, and create their own service with their own form of identity verification.

* All big services are unlikely to require ID without laws, because any that does not will get refugees, or if all big services collaborate, a new service will get all refugees.

The problem is this is only true for values of "reasonable" that are "unlikely to be viewed in a negative light by my government, job, or family; either now or at any time in the future". The chilling effect is insane. There was a time in living memory when saying "women should be able to vote" was not a popular thing.

I mean, this is _literally the only thing needed_ for the Trump admin to tie real names to people criticizing $whatever. Does anyone want that? Replace "Trump" with "Biden", "AOC", "Newsom", etc. if they're the ones you disagree with.

> I think people will be more reasonable if they weren't anonymous.

I've seen people post appalling shit on fuckin LinkedIn under their own names.

Strong moderation keeps Internet spaces from devolving into cesspools. People themselves have no shame.

Same. Also on Facebook and Nextdoor (with real names and addresses).

Real name moderator is a fallacy.

Internet anonymity is FAR from something new.

> it’s prudent to assume that they’ll shift to a “merit based”

There is already a "Merit based" system that supports the arts. It's called the private market.

My initial gut reaction was akin to many responses here but a post that detailed the implementation mitigates many concerns I'd have if I were an Irish citizen. As long as the system has some required 'buy-in' from applicants to prove they are working towards being an artist, and the distribution is random so it's not a guaranteed payout, and possibly the odds of being selected are driven by the number of applicants and so no one could do a cost-benefit analysis of submitting the 'buy-in' purely with hope of receiving a payout, then this seems to be a more fair way of supporting up and coming 'arts' than the government paying some already established artist for a mural or to design a park or to create a sculpture.

> What part of your idea was supposed to stop that happening

The part where people see their money burning away paying maintenance and tax on deteriorating assets.

Why are people holding assets unused?

Because they don't believe that the city will allow sufficient development to allow them to purchase like-assets in the future if they chose to reinvest and the carrying cost is minimal because council taxes are trivial relative to the value of the asset. If my research is correct, Kensington council taxes are under 10k USD per year.

> A server like Marvel Rivals has literally millions of users. Players join that discord to socialize with all of those players and build a community around the game.

Going back to something you said earlier:

> Rocket chat is a Slack alternative for people wanting to host a server for a community. It's not a platform, you need to register and login to each server manually.

So the primary thing is that there is no SSO for each server? No centralized auth system? Because everyone I know that uses discord 'found' the discord via some official means of those million person discord's like the official Marvel Rivals one. If the only purpose of the centralized system is not requiring a new login for every server, then a centralized auth system could be implemented by relying on people's other social media accounts. Login with Google/Facebook/Apple etc.

you could sign into A and your friend could sign into B using the single sign in, but you wouldn't be able to message each other is the problem, there is no platform bridging the logic gap, so you would both need to have A and B open. (afaik. didn't read about Rocket yet)

> many telecoms are reluctant to do it.

This really buries the lede. Telecoms are reluctant to do it because 'doing' it isn't aligned with their priorities.

Why would a telecom risk bankruptcy by investing heavily into a system that their competitors aren't?

If you want a back-door to exist (questionable) then the government either needs to have strong regulatory compliance where poor implementations receive a heavy fine such that telecoms who don't invest into a secure implementation get fined in excess of the investment cost or the government needs to fund the implementation itself.

Yes, telecoms should be forced to invest in their own security if they're not doing it. But the focus on the back door misses the point in my opinion. Even if the back door wasn't there, you wouldn't want nation state hackers anywhere near telecoms since they're critical infrastructure.

> Even if the back door wasn't there, you wouldn't want nation state hackers anywhere near telecoms since they're critical infrastructure.

This is only because of the design defect that "lawful intercept" requires.

Telecoms should be completely untrusted because everything is end-to-end encrypted. Compromising a telecom shouldn't allow you to do anything other than bring about a denial of service, and even that would only be effective against anyone who didn't have a redundant link with a different provider, which all actually critical infrastructure should. And a denial of service is conspicuous, as opposed to spying on required-to-be-unencrypted traffic which can continue undetected indefinitely and is a significant national security risk.

Our need to not be spied on is greater than our need to spy on ourselves and requiring designs that assume the opposite of that is a major self-imposed security vulnerability.

Even if let's say lawful intercept is done away with and calls are end-to-end encrypted, the telco would still be in control of key management and distribution... and if those clowns can't secure lawful intercept, why do you think the key distribution infrastructure would fare any better?

Why should they be in charge of key management? They should be in charge of physical plant and leave all of that to someone else. We should be discontinuing the legacy PSTN and making "phone" an IETF protocol where your "phone number" is user@domain.

> They are specifically making it as engaging as possible because that's [how they make money.] ... what people want.

Fixed that for you.

Your argument is basically the same as saying that Banana Ball should be banned because they are intentionally making the experience as fun as possible, because that's how they make money.

You're suggesting that it doesn't matter what children are exposed to / become addicted to because companies should be able to sell what children want? So there's no limits to that in your mind? Should every child be given cocaine because they ask for it? They're certainly given candy, right? You must believe there's no difference between cocaine and candy, I can assure you there is a difference and show you evidence to the contrary, if you're that dense.

sigh... he is saying that addictiveness itself is not a justification to ban something. exercising is addictive to some people, sex is addictive, reading is addictive for some people. everything worth doing in life is addicting.

what matters is the negative consequences of doing something. so the justification for banning tiktok is that it destroys childrens attention spans for life and lets them get propagandized by a hostile foreign government, NOT that its addictive.

Tiktok hasn't been around long enough for the claim that it "destroys childrens attention spans for life" to make any sense.

And children get propagandized by hostile foreign governments everywhere online. And by their own government. The premise that TikTok was somehow more dangerous in this regard than Facebook or Twitter or even Discord is based entirely on sinophobia.

i thought we were done with all the phobia shit. these scare words have absolutely zero power

Yeah! Or cigarettes!