At this summer's HOPE conference, Joshua Aaron spoke about ICEBlock, his iPhone app that allows users to anonymously report ICE sightings within a 5 mile radius, and to get notifications when others report ICE sightings near them. You can see the full talk, and the lively/infuriating Q&A, here,
  • icelimit@lemmy.ml
    71·
    4 days ago

    Has anyone else already read the whole thing and could save us a little time?

    • Ulrich@feddit.orgEnglish
      30·
      4 days ago
      • The creator is not an immigrant
      • Nothing preventing malicious users from flooding the app with false reports
      • Author estimates 98% of reports are false positives, whether malicious or not
      • Dev demonstrates lack of understanding of basic privacy and security principles live at HOPE conference
      • Doesn’t distribute Android version due to previously-mentioned lack of understanding
      • Refuses open sourcing while demonstrating that he doesn’t understand how that works either
      • Overall does more harm than good
      • Otter@lemmy.caEnglish
        29·
        4 days ago

        An excerpt

        Jen asked:

        There’s a lot of secure software, that probably people in this room work on, that is developed in the open, and that is used primarily by at-risk users, including things like Tor, Signal, SecureDrop. That’s great, because it makes it easy for folks to contribute. Maybe you don’t want that, I understand that can be hard. But it also makes it easier for people to audit and gain assurance that the app is doing what you claim without having to have, you know, EFF reverse engineer it. Would you be open to making the app open source?

        His answer: “Absolutely not.”

        Why? “I don’t want anybody from the government to have their hooks in how I’m doing what I’m doing. Once you go open source, everybody has access to it. So I’m just going to keep the codebase private at this time.”

        He also claimed that the government can’t learn everything about how an app works by reverse engineering it, which isn’t true.

        I agree with Jen. His answers are very concerning.

      • unexposedhazard@discuss.tchncs.de
        7·
        4 days ago

        The first one seems irrelevant. The second is sort of inevitable without making it hard to report anything.

        Everything else is just exactly what people were saying from the start. I dont know why people keep defending this privacy nightmare of an app.