Hacker News

It also looks like they've used leaked old credentials that weren't updated in years: https://x.com/i/status/2068635848786972863

The 4G/5G Public Warning System is fundamentally designed for instantaneous earthquake and tsunami response.

It's a bit like modern day equivalent of air raid sirens, or incoming nuke alerts, even. And as such, it's just unfit for things that don't require immediate and full alert. AMBER alerts are just not good use of it.

While I understand how we arrived at this point I find these centralized systems with special privileges frustrating. That they have repeatedly exhibited severe vulnerabilities and mismanagement is just the cherry on top.

There ought to be a specification of an open protocol that includes certificate based authentication. I should be able to have my pick of which app to use and then subscribe to whatever feeds I'm interested in from anywhere in the world. In addition the local network operator should advertise various local feeds.

What I'm describing is about as technically complicated as RSS plus public keys but as usual even moderate technical competency is a bridge too far for the government.

We, tourists, were driving in one helluva rainstorm in Texas back in 2017. It was all I could do to focus on the road. (And yes, we found a spot and pulled over. A Denny's, IIRC.)

Anyway, midway through this hellish journey, the car was filled with terror. What the hell? Just pure raw audio chaos. Neither of us knew what was going on.

It was my phone, of course. Helpfully telling me that it was raining, via some absurd bust-through-my-DND 'alert'.

Not helpful.

> Disabling alerts is the second thing I do to a new handset

Except you can't in Canada. The Canadian government has made the alerts mandatory. The option to disable alerts in not present in settings menu (at least on iPhones).

You can disable alerts in Brazil. So in one sense, Brazil is more free than Canada.

This is the way! One jurisdiction where I resided for a while loved these alerts. A rain cloud, warm weather, too cold, too warm, the phone was beeping at least 1 or 2 times a month. Fortunately my trusty chinese produced Nokia allowed me to turn all of it off to get some peace.

Here in Spain the alerts completely ignore my settings. They sound even when I turn them off on my Samsung. And they send them way too frequently, since the floods in Valencia last year they are constantly bothering us with minor weather issues, afraid they'll get blamed.

We don't have presidents here but they mark everything at the highest alert level.

That's all well and good when you dont live in an earthquake or tsunami area I guess

(which is California, the world's 3rd largest economy)

You cannot disable maximum severity cell broadcast alerts on the iPhone.

>even if they were closer - say only 25 mi away, I'm still not going to be any help.

Even if you help the cops locate the kidnapping victim, they might just murder her.

https://en.wikipedia.org/wiki/Killing_of_Savannah_Graziano

The biggest issue is that Amber alerts are abused for both kidnappings and abductions. In a lot of jurisdictions, the term "abduction" is used for cases of domestic disputes e.g the divorced mom left the state with the kid when she wasn't supposed to etc.

I really disagree with Amber alerts being issued in cases where there's no immediate risk of harm to the child, and especially if the child is a teenager. They can damn well decide who they want to be with themselves. The type of stuff that's better off being handled in family courts with contempt of court orders shouldn't be aired out like dirty laundry and domestic disputes should not wake up the entire city. It sucks for the parties involved but there are much bigger fish to fry and actual kidnappings and human trafficking to worry about than to cry wolf across the mobile network every time kids get caught in the crosshairs of a bad relationship.

Next time when you get an Amber alert actually read and check up on the background story.

A) How is it related? B) I cannot just in my phone select caller ID I want, "phones in Poland allow to call you 'from'" is not true. It's just spoofing as in anywhere else and requires non-trivial technical knowledge.

This works in many countries, since the signalling protocols historically assumed a trusted small set of participants, not unlike email – with similar consequences once those assumptions became less and less true.

I constantly get scam calls from numbers that are very similar to my own in Canada. I assume this is an attempt to look like a normal trustworthy number.

it’s common for cheap esim providers to route data etc through cheaper data exits, i imagine this is partly why.

(I recently purchased an esim and was surprised to see it exiting poland instead of the country the mobile provider (Bell) resides in)

I've worked a bit on the app which calls major telco provider directly. It was a basic web service call, and sender could be entered as anything. This is basic property of cellular networks, no more safety than say standard email.

lets play a game HN, what would be the best alert to send?

mine would be something scifi, like "ALIENS HAVE LANDED" or "PLUTO DECLARES WAR"

At least it wasn't a crypto scam.

It might have been the Ringworld

"Well?"Nessus began to pace the floor. "Many disqualify themselves by obvious bad luck. Of the rest, none seem to be available. When we call, they are out. When we call back, the phone computer gives us a bad connection. When we ask for any member of the Brandt family, every phone in South America rings. There have been complaints. It is very frustrating."

https://www.naneahoffman.com/the-blog/shelf-care-alien-archi...

Ringworld. https://sciencemeetsfiction.com/2021/06/20/ringworld-theory-...

    “When we call, they are out. When we call back, the phone computer gives us a bad connection. When we ask for any member of the Brandt family, every phone in South America rings.”

As programmers in programming culture, we have a distinction between hacker and, potentially, cracker that no ordinary person has. ESR’s prescriptivism is pretty much worthless in this respect: words mean what people think they mean and what people use them for, and programmers do not have a monopoly on how people use the term.

OED has the “computer intruder” sense first cited in 1963, and the “enthusiastic programmer” sense first in 1969 (“now much less common than sense 3a”). Cracker first appears in 1968.

Besides, it is easy to disambiguate which meaning people mean. “Hacker attack” can only refer to the common usage of the term, not programming-culture usage.

At this point, it’s just you misusing the word. You WERE correct; it did mean the builders rather than the breakers. But to greater society outside of the tech industry, hacking is hacking, they don’t need a word to describe builders, and crackers sounds dumb and no one outside the tech industry would know what you were talking about. A cracker is a snack and a dated slang word to refer to white people.

No one has used the word “hacker” with this esoteric / old school context in over 30 years.

Cracker News was taken

This is so lame. It's not up to you to define what's a "real hacker". Building and breaking are not exclusive to each other.

https://en.wikipedia.org/wiki/No_true_Scotsman

I didn’t realise that people still fought this fight. it’s time to drop it, dude. It’s truly blatant language prescriptivism at this point.

Surely you're not quoting Eric Raymond with a straight face?

And remember, kids, knowing how to program or wanting really badly to figure out how things work inside doesn't make you a hacker! Hacking boxes makes you a "hacker" ! That's right! Write your local representatives at Wikipedia/urbandictionary/OED and let them know that hackers are people that gain unauthorized access/privileges to computerized systems! Linus Torvalds isn't a hacker! Richard Stallman isn't a hacker! Niels Provos isn't a hacker! Fat/ugly, maybe! Hackers, no! And what is up with the use of the term "cracker"? As far as I'm concerned, that term applies to people that bypass copyright protection mechanisms. Vladimir Levin? HACKER. phiber optik? HACKER. Kevin Mitnick? OK, maybe a gay/bad one, but still WAS a "hacker." Hope that's clear.

-- The UNIX Terrorist

This is like a new philosophy student objecting to someone saying, “This begs the question of whether…” It’s essentially a category error, an incorrect application of context.

You - and Eric Raymond, who believes he’s an incarnation of the god Pan - are both using a meaning of the word that has only ever been used in a relatively tiny subculture. That meaning has no bearing on its broader use.

I'd just like to interject for a moment. What you're refering to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Linux, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called Linux distributions are really distributions of GNU/Linux!

My state introduced Blue Alerts for crimes against police. I’ve been woken up at 0200 for an officer shot 200 miles away, as if I’m going to gather up a posse and ride on the scallywags responsible.

Suddenly "caralho"!

porra

This implies that governments didn’t already have this ability, which appears to be largely untrue? To my understanding, many countries already had emergency messaging systems, and mobile integrations are just a way of modernizing them.

(It seems exceedingly good that the government can warn every civilian about natural disasters, etc.)

These aren't from Google or Apple, they're from the wireless providers: https://en.wikipedia.org/wiki/Cell_Broadcast

This is not related to Google or Apple. And this extreme alert, it's sent even to cable TV automatically. In a few countries, it's sent even on Fax lines.

If you say so. In the meantime I’ll continue to appreciate the occasional tornado warning.

Where do AI-based military target selection systems fit in your ranking?