Respectfully to the American "this isn't that big a deal crowd": you're looking at it from the perspective that this is a commonplace occurrence in your country.
IANAL but I have filed privacy complaints in the past at both the federal and provincial level. For the last 26 years in Canada it has been illegal for personal information to be bought and sold on a whim; the person to whom the information applies is considered to be the owner and is entitled to be in control of how their information is used, and may revoke consent.
You have an entire country where institutions operate under the expectation that personally identifiable information isn't easily available like this (sans the usual data breaches). Those institutions are probably less prepared to deal with this data floating around everywhere than in a society where it is essentially a free-for-all.
In Canada, for most of the 20th century until maybe 15 years ago, your PII was in a big book that lived at everybody's house and the library unless you specifically opted out.
When did you last try with the OPC? I also have experience (a few) and noted a sharp decline post covid. My first go was for Freedom Mobile (success) but the representative from the OPC was borderline harassing me to accept the currently (STILL) completely broken authentication. When I tried again it was 'out of jurisdiction' and no sort of appeal process.
Calling it functional is not something I would do. Judges are also extremely critical of the compensation process a have essentially been forced to take it over. It's also still too new and risky so lawyers are reluctant unless it's paid up front.
If anyone with any say is reading this, I can still break into any Freedom Mobile account in under a minute, including the admin ones.
My understanding is that voter registration data is a matter of public record in most (all?) states so the idea that it wouldn’t be a matter of public record north of the border is itself odd to me.
Being on the list makes it a bit more convenient when you go to vote. Since you're on the list, you only need one other piece of photo ID if I recall correctly.
If you're not on the list, the process is a bit longer, requires filling out an attestation and requires more ID. But even so, probably doesn't take more than an extra 5 minutes or so. But if everyone had to do it this way, would certainly slow things down.
So by doing it this way, it makes it fast for folks that aren't jeopardizing their safety by being on an electors list (whose distribution is supposed to be controlled, but I wouldn't count on it being fully confidential); while allowing folks that do need more confidentiality to not be on the list and still be able to vote without undue hassle.
> You have an entire country where institutions operate under the expectation that personally identifiable information isn't easily available like this
I actually look like this as the opposite—SSNs, emails, phone numbers, and credit card numbers are more or less public, or at least relatively easy to guess, buy, or find online, and addresses are quite easy to find if you don't hide behind an LLC. I treat all as if they're public information and I assume our institutions do as well.
> I treat all as if they're public information and I assume our institutions do as well.
lolnope, at least not banks. Unlike here in the EU, where you need to provide some sort of physical ID to even open a bank account, much less get a line of credit...
I mean, it's not really optional for Canadians _not_ to sign up for the list. It's the official list of electors. If you're a citizen, you're going to end up on the voter list one way or another.
It actually is optional. You should always be able to opt out of registering for it, and if you are registered and don't want to be, there's an official form that you can fill out to get removed. See my other comment [0] for a few more details.
The data sharing between the CRA and Elections Canada is optional, but if you want to vote, you've got to be registered - whether via the CRA or otherwise.
> but if you want to vote, you've got to be registered - whether via the CRA or otherwise
Technically true, but you can register at the polling booth on the day of the election, and there's a checkbox that lets you opt out of saving your data in the database. [0]
I don't know whether is still does this, but 8-9 years ago I discovered that Acrobat overwrites the COM registry entries for Microsoft Active Accessibility (oleacc.dll) such that any application attempting to instantiate MSAA gets the Adobe DLL instead of the system DLL. This actually broke the stuff I was working on and had to override it in my app manifest to forcibly use the system version.
I inquired about it and got some BS about how they absolutely _had_ to do this to intercept MSAA instantiations across the system, when in reality they were using a global solution to solve a local problem.
I too learned this the hard way, via a supposedly concurrent priority queue that did quadratic-time work while holding a lock over the entire thing. I was told that "premature optimization is the root of all evil."
Sorry, folks, but that's just an excuse to make dumb choices. Premature _micro_optimization is the root of all evil.
EDIT: It was great training for when I started working on browser performance, though!
Agreed. Nitpicking about indirection is definitely a "premature micro-optimization is the root of all evil" moment.
When I worked on Firefox, we eventually had to remove a bunch of indirection (the interested can actually search bugzilla.mozilla.org for deCOMtamination for some instances of this), but that project wasn't a thing until there was clear evidence that there were problems with virtual function calls on hot paths.
Thats actually a good way to split a project up into closed/open imho. Open the functional part so people can see you're not sending data to hq behind their backs and make the boring time consuming ui closed. I like it. Then make money out of a service rather than the software. As we all know, tech people will see a piece if challenging software and go out of their way to replicate it and release it for free, for whatever reasons. So open sourcing that part takes the challenge away.
Although, the problem is not so single-layered. Do I understand the situation correctly, in case of iOS, to not be subject to additional limitations of the platform that restricts the distribution of your products to the extents that the laws of the countries where your business is registered require, all the user has to do is to fork the main repo (which is, thankfully, BSD), build a minimally acceptable GUI, pass Apple certification, publish the app in the app store, and Bob's your uncle?
can you say more about this. I've been considering adding tailscale to some products but if my (nerd) perspective is to survive corporate realism I need more than a 1-liner to justify. seriously curious. Also how would I pitch it to a EU based crowd that wants increasingly less to do with US based tech?
Heh, that's my PR. Initially I thought it would be a trivial change, but then I realized I hadn't considered how it should interact with MDM / device posture functionality - these aren't features I'm personally using with the Android client, but are understandably important to enterprises.
I still hope to get back to that and try to get it to a state where it can be merged, but I need to figure out how to test the MDM parts of it properly, and ideally get a bit of guidance from the tailscale team on how it should work/is my implementation on the right track (think I had some open questions around the UI as well)
Let's stop moving the goalposts. Open source has a specific definition, and "they merge whatever code I want them to" isn't part of it. Just fork the client, compile it, and run it yourself.
This is a terrible idea! _Maybe_, _maybe_ using only the documented APIs with only the documented parameters.
Unfortunately it makes too many false assumptions about interoperability between Win32 and the underlying native API that aren't true.
For example (and the Go runtime does this, much to my chagrin), querying the OS version via the native API always gives you "accurate" version information without needing to link a manifest into your application. Unfortunately that lack of manifest will still cause many Win32 APIs above the native layer to drop into a compatibility mode, creating a fundamental inconsistency between what the application thinks the OS capabilities are versus which Win32 subsystem behaviours the OS thinks it should be offering.
That pref is there for the Tor Browser.
reply