It means you have the option to not save transcripts in the first place, or have a deletion schedule. There's no tampering because there was no evidence to tamper with. Authorities show up after the fact.
In theory you can have the same on incognito sessions (never stored, that's part of what Italian privacy regulator forced on OpenAI to do) and same for right to deletion as per GDPR.
This is like cutting off your nose to spite your face.
"Meta bad, so government good" is an oversimplified model that will cause you to wake up and suddenly realize everything has changed for the worse anyway.
Most hackers actually keep their promises if paid the ransom, nowadays.
It sounds perverse but the incentives require it: if payment didn't bring resolution, no one would pay. As a result, all of the big gangs avoid scamming.
That was the state of play in 2015 as well. In the absence of a claim from the group otherwise, I wouldn't be surprised if they simply couldn't get it to stop (on a technical level.)
Way back when, it was a pretty common screwup to accidentally saturate the nodes you were packeting from. So then your C&C couldn't get them to respond, either. Oops.
Seems like there is an achilles heel for this business model: A "good guy" could start hacking companies, demand ransom while pretending to be one of the gangs, and then deliberately continuing the attack after the ransom is paid. Precisely to destroy this business model. The gangs would be fuming but there would be nothing they could do? Apart from trying to track down the "good guy" or introducing some sort of (cryptography based or whatever) proof-system that a hack was made by them?
"Chaotic good" guy, yes, but it's easy to know what groups hacked a company because the groups have their own blogs with known addresses and published victim lists.
If someone claiming to be LockBit hacked you, and you're not on the LockBit blog within a week, it's probably not really LockBit.
>Most hackers actually keep their promises if paid the ransom, nowadays.
I don't think that's actually true, or at least is certainly cannot be taken for granted. Instead, it appears ransom has followed more of the path of Silicon Valley VCs:
.It sounds perverse but the incentives require it: if payment didn't bring resolution, no one would pay. As a result, all of the big gangs avoid scamming.
What you're describing is the expected Game Theory outcome over long periods in an iterated game. This works as long as the payment amount is towards the <salary> side of the potential payment spectrum, where each payment may well be decent money for the work the ransomers put in but not so much that they don't need new ransoms. The problem comes if/when the absolute amount of payment moves from "salary" to the "Exit"/"Retirement" side of the spectrum, ie, heads into what VC would call "Unicorn" status. At some level of money it reaches the point where the ransomers need never work again in their lives, it's enough money to get out of the risky business and live off of it indefinitely. It's now no longer an iterated game but a single game, and in single games defection can be rewarded. It no longer matters if reputation is burned, on the contrary it might be the moment to cash all accumulated rep in.
I think in general, both on the bright and dark sides, this sort of "phase change" in a given market space is worth trying to keep an eye out for because it can result in significantly changed behavior "out of nowhere" that can head in ugly directions very fast.
The only thing that falls apart is the IP address identification, which is only a very small signal for identifying an internet user. X/Twitter undoubtedly has more identity information than just an IP address.
Doesn't matter if the device you used phoned home with your IP address and any kind of identifier. Your OS that sends telemetry every 7 seconds, a windows update check, another tab with a social media account open. It's easy to cross reference that stuff and figure out what a person's regular ISP is. Almost nobody uses a VPN 100% of the time and at the router (because your OS will phone home before you desktop finishes loading).
Twitter won't have your various device IDs and VPN IPs are typically shared among many clients simultaneously. You could certainly generate a suspect list but I don't think you'll get conclusive evidence.
That said I don't know how much browser fingerprinting Twitter might be doing and if fingerprints from other services might be possible to crossreference. Much higher risk is probably visiting other sites both with and without the VPN using the same browser without thinking about it and thus leaking your fingerprint or even account cookies that way. Or if you don't run a filter then visiting a site without the VPN that embeds Twitter tracking assets would leak to them directly.
You're right that you can end up with a suspect list instead of a direct answer, but it shouldn't be hard to narrow it down from there, especially in a case like this where most people wouldn't have access to privileged info about unaired shows to start with. It also helps if you have more than one IP address to start with. You can end up with multiple suspect lists, but only one or two people who show up on all of them.
At which point twitter will probably yell at you to "verify" with a phone number or something else tied to your government name. Yes you could probably go get a prepaid SIM for cash (depending on your country, many now ban this though America doesn't) but very few people bother with it. Or they just lock your account and demand your ID which I think they now sometimes do.
There are so many more ways one could screw up, and you only need to screw up once. For example, does X do browser fingerprinting and did you ever use similar setup to use a more identifiable Twitter account? Are you using unique phrasings or behavioral patterns? These things can be solved to a satisfactory degree, but I don't think "it's not hard" captures it - for an average user it _is_ hard.
> Are you using unique phrasings or behavioral patterns?
Why would Twitter voluntarily run that sort of query to satisfy a subpoena?
Whether it's difficult and risky for the average user depends on the threat model. "Twitter doesn't directly have my name, address, or phone number sitting in their database next to my account" is easy. Other things are more difficult.
Phrasing idiosyncrasies are publicly observable and anyone can note - as external observers did in Kaczynski or Hanssen cases - that a particular phrasing is quaint. It is probably true that Twitter is unlikely to run a browser fingerprinting query to de-anonymize someone tweeting spoilers from a softcore porn show. But a potential leaker has to ask: "how sure am I of that?"
> “The lesson from today’s downtime isn’t that it was caused by vibe coding…” Bluesky user Dalton Deschain wrote. “It’s that if you use AI you will no longer get the benefit of the doubt and everyone will mock you for laziness regardless of the cause.”
Does it really matter? People may whine, but the reality is Bluesky users aren't going anywhere regardless. They already left X-Twitter and clearly don't view Mastodon as a viable alternative.
I've found that once I'm nomadic I'm more likely to stay nomadic. One friend of mine we went through 3 other platforms in maybe 2 years before settling down on our current comms platform. So once you've gathered you're group of people you told you're leaving Twitter, it's not much more to tell them you're leaving again
reply