Comment by keeda
8 days ago
>We've established nothing of the sort.
Oh no we have. Your original these was based on the premise that "just copying numbers" is not "victimless". So now why is there even a concern that money is being transferred out of bank accounts or data being decrypted without consent? Aren't they "just numbers"?
>The effort invested into creation of value is often completely irrelevant, even in copyright law. Many countries do not subscribe to the "sweat of the brow" doctrine, USA included. The ones that do seem to reserve its application for specific contexts.
I know. But even if you had inherited the money in your bank account through no effort of your own, you would prefer to not share your credentials.
So maybe you want to think about why you're OK with others' "numbers" being copied around but why you're so concerned about your numbers being copied around. I mean, "just numbers," right? :-)
You also seem to be misunderstanding what "publish" means. I hate that it has come down to dictionary meanings, but here's what https://www.dictionary.com/browse/publish says:
"1. to issue (printed or otherwise reproduced textual or graphic material, computer software, etc.) for sale or distribution to the public."
Note the bit about "for sale". Just because it's made available does not mean it's available for free.
There are no contradictions.
I don't think of passwords as my personal private property. They are merely secrets that I keep. I don't have a monopoly on them. Any number of people could have the same password as I do and I wouldn't even know or care. They are just random numbers of no particular value whatsoever.
The copying of passwords does not cause direct harm. If it did, then the publishing of common password lists would be harmful and criminal. The real crime is the act of breaking into someone's bank accounts and draining their money which actually deprives them of real scarce resources. In other words, theft.
The copying of a password alone is likely insufficient to cause real harm due to numerous layers of security such as multifactor authentication.
The usage of passwords is well aligned with reality. People don't deliberately publish their passwords and then act surprised when others use them. That pathology is exclusive to copyright monopolists.
Exercising control over cryptographic keys is realistic. Ideally, only a single copy will ever exist in the entire universe. I have purpose built cryptoprocessors which help ensure that. In the event they are leaked, they are merely discarded and new ones are issued.
Cryptography is fundamentally built on math. At no point do they deny reality. Cryptographers know that numbers are trivially copied, that's why keys are supposed to be kept secret, not published far and wide. They don't impose laws prohibiting others from copying or deriving the numbers, they know such things are unenforceable. Instead, they design their systems so that such things are not an issue. The whole point of cryptographic keys is that they are secret and cosmologically impossible to brute force. They went beyond making it illegal, they made it mathematically impossible.
Meanwhile, exercising control over copyrighted works requires that corporations control every single one of our computers, lest some user order them to make unauthorized copies. In the event that even a single copy escapes their closed system, there's no stopping it anymore and it's all over for them. They still try to stop it by doubling down on monopolies, passing unenforceable laws, trying to usurp control of our computers and generally increasing the overall tyranny of our society. A heavy cost, and they still fail due to the basic fact that they are trying to control public information.
So even after careful consideration I conclude these things are not even remotely analogous to each other at all.
> The copying of passwords does not cause direct harm. If it did, then the publishing of common password lists would be harmful and criminal. The real crime is the act of breaking into someone's bank accounts and draining their money which actually deprives them of real scarce resources. In other words, theft.
1. So now passwords (just numbers) and 2FA (just numbers) are "protecting" money (even more just numbers in a database) or your private data (yet more just numbers), the loss of control over which you clearly consider harmful.
2. When a bank account is drained, no "tangible good" is being "taken" but somehow NOW it is theft? ;-)
I think the key disagreement is the unwillingness to accept that numbers can have economic value because that undermines the premise that "just numbers being copied is victimless". Without that there will never be a resolution to this thread ¯\_(ツ)_/¯