Any device that requires someone to install and app and register to make it work should have a prominent label on the box.
There should be a labelling standard for this where the manufacturer must disclose if any registration is required to operate the device to its full potential, if any app or special software is needed other than a system driver, if any phone-home data is being sent, and what data is actually sent, when and why.
"Buyer beware" but most of the time you have no idea what the experience will be like. It's usually not disclosed on the box, reviews rarely mention it and I'd like to have a sure way of being informed before I make my purchase.
It's a similar thing with software, software and apps that require registration for no other reason than add you to their marketing list, but it's particularly egregious with physical items.
Then every printer would just have the warning, making it useless like the California Prop 65 warning label. Seems like everything is labeled with a prop 65 warning, and I for one completely ignore it because it doesn’t provide useful information (beyond ‘everything will kill you, good luck’). The printer manufacturers would say that the registration is super important and it’s critical to get their spammy low ink level warnings or something.
I won't say so. I own two Brother printers; both worked with standard Windows or Linux printing systems (with a simple driver because they talk PostScript), and did not require me to install any special apps. They of course asked to install things like toner monitoring utilities, etc, but I politely declined, and everything just works anyway.
Once advantage is that it leaves the door open for a company to market printers against the label. It could be similar to a 'GMO free' type premium. It seems there are many here who would pay extra for that.
I shopped specifically for one that didn’t do this. They are around my, canon G6020 does not require me to use an app and I never registered anything. It’s internet connected, so I’m sure it’s sending them info, but no GPS and no app.
One can create such a labelling standard by starting or partnering with a standards organization.
"This device certified not to compromise your privacy" could be a good selling point for a printer, especially if half of the printers have it and half don't.
Because that is good advice for want of a better workaround. You act like that is a huge burden, it's typically very easy to do! Searching for a model number and 'manual' will get you to a manual, most manuals are very short and quick to parse especially if all you are looking for is 'will this require an app' or similar.
So, yeah, it is good advice if the outcome is important to you and you dont know a better way to protect yourself from accidentally buying something like that. Unless you know a better way and are holding out on everyone?
I regularly download the manual prior to making large purchase, such as appliances, home control systems, etc. Checking out the app itself is good too.
For printers, I also recommend pricing out five years of supplies. I bought a printer that cost 5x as much as one with similar specs, but ends up costing less in supplies.
If you don't want to install the app or create an account you can return the device at no cost. I don't think most box stores will fight you on this. Online sellers usually will, return shipping can be very expensive.
No monetary cost, but there's definitely a cost. If a product blatantly disguises the fact that it spies on your location, then that's a form of deceit. As a result of their attempted deception, I have lost out on the time spent comparing the product against others, the time spent acquiring it, the time spent setting it up, and any opportunity cost of that time.
Not everything is measured in dollars, and getting back the dollars spent as a result of deceitful advertising does not undo the damage caused by the deceit.
I never disagreed with this. My point is, performing a return is a strong signal of dislike. Box stores hate returns as do online sellers. Failing anything else (because face it, ranting about it on the internet and pointing out the moral failures of a business model is not doing it) returning it is the best you can do.
People are also unlikely to return because they don't realize tracking exists. The iPhone permissions is a perfect example of this. People "knew" these apps were tracking them but didn't internalize them. When the UI changed to better highlight the tracking people did internalize it and denied it.
At the end of the day it's a team of psychologists, computer scientists, and super computers against one human. It's not a fair fight. There are plenty of dark patterns to make you not internalize the tracking. So while you're technically right, no one expects to see this happen in practice because your model isn't accounting for this.
You can actually measure time in dollars pretty often. And with all the time spent you mentioned for returning an item like this that time is likely as expensive as the printer itself.
Are you suggesting that an app that is purported to help you interact with your printer, but does not do that very well, but does track literally everything it can about you instead so that the parent company can sell that information, is not spying?
That is deceptive.
I think people are conflating my interpretation of personal agency with agreeing with the practice; I don't buy products that do these things, I'm merely explaining that by using this item and agreeing to their terms, it is in fact not spying, because you're informed ahead of time what will happen. Someone not reading the contracts they sign does not void the terms of the contracts.
> Someone not reading the contracts they sign does not void the terms of the contracts.
In some cases, it does. In medical trials, you need "informed consent", and not just regular consent. It doesn't matter what papers are signed, if a patient isn't informed what the trial is testing, what known side effects there are, and what alternatives there are, it doesn't count.
More relevant to this issue, GDPR also uses the concept of informed consent. Under GDPR, tracking is legal only if consent is informed and freely given. The example printer fails both these conditions. It is not informed consent, because the tracking is not prominently disclosed to the user, and merely mentioning it in the fine print is insufficiently prominent. It is not freely-given consent, because a service being conditional on acceptance of tracking means that there is coercion to accept the tracking.
My viewpoint on the ethics tends to follow somewhat close to the GDPR's requirements. Even if somebody clicked through a 50-page EULA, that does not give informed permission to track somebody, and so it is still spying.
The time spent trying to set it up is worth requiring a label on the box. I sort of assume it is already required. You need to agree to conditions to create an account anywhere, surely a product needs to tell you about it's data vacuum before you spend hundreds of dollars on it.
Permission to access location on Android is needed to scan for wireless networks (because such a scan allows to find your location from the networks in range).
It doesn't necessarily mean that the app accessed your GPS location.
Depending on your device, actual access might be shown, I recently installed an Epson printer and while the app needed location permission, it did not access might coordinates, it only scanned for wifi networks.
It still means it accessed location though; the scan for a printer to set it up on your wifi also collects the information about other APs visible, and that information is equivalent to location.
This is why a wifi scan requires location permission.
Scanning networks in range does actually reveal your location, if you know where those access points are. There's public databases and I wouldn't be surprised if printer companies have a more complete/accurate list. So while you're right that people are confusing the two I'm not sure it is meaningfully different in terms of potential outcome (i.e. can you determine my GPS coordinates).
people are ridicously paranoid with the "gps permission", when usually just connecting a device to the internet is likely to allow it to obtain its location with more accuracy than gps for over 50% of homes.
To be fair Android could be way clearer about this. Instead of "App wants to access your location [allow] [deny]" which is clearly confusing even for highly technical HN readers, why doesn't it say "App wants to access WiFi. This may reveal your location. [allow] [deny]" or something like that?
I had no idea that it worked like this either; if an app asks for "GPS permission" then I assume it wants to know my actual physical location. For something like Tinder or sharing your location on WhatsApp this of course makes sense. For something like a printer app much less so, and I'd be suspicious as well. I don't think that's especially paranoid.
There's a difference between being paranoid and not willing to risk it. You don't actually know which it was asking for, being that the access controls aren't fine grained enough is the problem here.
It's the same permission because WiFi networks are basically landmarks. If you see the Eiffel tower, you know you're in Paris. Similarly, if you see network id X, you know you're near location Y.
One day, the camera permission will probably have the same problem. The time of day and position of the sun can give a coarse location, and perhaps future algorithms will be able to search Google Street View to find your exact location.
> perhaps future algorithms will be able to search Google Street View to find your exact location.
So actually intelligence organizations already do this. If they have a mundane picture of an adversary they will try to pinpoint where the picture was taken. Of course there's more clues that they have because they know things about the target, but I guess I'm saying it's not unreasonable to believe such a thing could exist today.
It's not an issue of the granularity (which I agree with), the problem is that giving the program access to the internet _at all_ (which does not require any permission) already gives the program more information about your geographical position than GPS, in most situations people care about.
That makes me wonder: wouldn't there be a market for a printer that clearly doesn't leak any information? Say one with open firmware that parses PCL5 or Postscript or whatever the modern analog is.
"Keep your secrets safe with Printer X".
Or would the state come down hard on any such manufacturer?
Just one major telecommunications company refused to participate in a legally dubious NSA surveillance program in 2001. A few years later, its CEO was indicted by federal prosecutors. He was convicted, served four and a half years of his sentence and was released this month.
I'm not sure that's the case. Things do need to be printed because of arcane situations where paper still reigns supreme. Copy centers are not always accessible and sometimes are more costly in terms of travel and cost than the cost of ownership of a printer. Plus the yellow dots are not as ubiquitously known as I take your post to indicate.
It's hard to really buy with your wallet when you don't even know you have a reason to be cautious. Similarly, it's been suggested that boycotts and "vote with your wallet" are woefully ineffectual nowadays.
It's not that consumers don't care, it's that most don't have a choice or aren't even aware of such a need
It isn't the role of the public to regulate business. It is literally the role of the government to regulate business. Blaming your fellows for failing to stop multinational corporations in their endless search for more dollars is short sighted and as we have seen doomed.
While some market is there, making such a printer (hardware and firmware) would be non-trivial. Manufacturers did a lot of research to print well, and making even black and white printer of comparable quality may be very hard.
Most inkjet printers are cheap nasty bits of plastic - which is why the paper path works so badly and either jams or doesn't grab sheets reliably. It wouldn't require much engineering to build something better.
Print heads are a more of a challenge, but you can buy manufacturer originals and build a printer around them.
The firmware is a big problem, but there's a lot of research in the public domain that could be repurposed.
After all of that, you need compatible ink. You'd be reliant on third party ink clones and cartridge systems.
It wouldn't necessarily be harder than a 3D printer project, but it's not trivial, and it would be hard to make it work financially.
Given a choice between an official printer that costs $35 to buy and $60 for replacement inks, and an OpenPrinter that costs $60 to buy and $35 for inks, most people will buy the former.
that's terrible advertising I'd expect the secret service to come just to mock our pretensions
our biggest client just wants a offline ios printer driver for bouncing previews to Acrobat via the share option. ios so far off our path.. this client would talk about any OSS driver deal for commercial rates in fact they definitely don't want any unique driver to profile... we're totally lost to find resources we can understand or resources at all. for a business to thrive with critical necessities hobbled I think there's always a central crime like how drugs and spectacles frames prices shown constant price for 30 plus years.. something artificial is happening with pressure applied.
I have a Samsung printer, but support for that also switched to HP a number of years ago.
I would really like to know if there's a good printer manufacturer that makes simple, high quality printers that just work, don't require all these needless hoops, and respect the customer. Sounds like there should be a market for that, and yet somehow all printer manufacturers seem to suck.
I have a $100 brother laser printer, and it's not too bad. It took me a while to get it working on arch Linux reliably over wifi, but that was more of an arch issue.
Specifically, arch wasn't running any zero-conf services out of the box. CUPS would auto-detect the printer just fine, but then try to connect to it via an mDNS hostname, and the connection would fail. Once I figured that out and got mDNS working, it's been reliable.
A lot of wifi problems are due to bad/flaky access point hardware. Notably, a lot of the internet recommended "good" consumer wifi gear actually sucks from a reliability point of view. It took me months to get my home setup reliable enough to take it for granted.
Brother is pretty much the only printer brand I hear good stuff about anymore. I have no experience with them yet, but when I get sick of my Samsung, I'll probably check out Brother.
Using an Open Source OS helps with malware hidden into drivers or the related installed junk, but unfortunately most network printers phone home, officially to download updates, as soon as they detect a network connection, and there's no way to know or control what they'll do with that connection, short of putting them behind a dedicated firewall.
We have approached the era in which all networked devices should be considered as potentially harmful and dealt appropriately. From TVs to household appliances, home automation systems etc, everything could be used to grab personal information. Hiding a mic or a micro camera into a printer, or any other device, as of today is cheap and trivial. We should consider an untrusted separated network path for all these devices in the home network, so that they can't access our files and their connection attempts would be actively monitored and controlled.
We have approached the era in which all networked devices should be considered as potentially harmful and dealt appropriately.
We're well into that era, but neither the technological protections nor the legal ones have kept up.
Tech laws are still barely on the level of requiring manufacturers of network devices not to use the same default password every time and manufacturers of kitchen appliances to accept some basic "right to repair" provisions. These are steps in the right direction of course but they are small steps at the start of a marathon.
I think a lot of political leaders fail to appreciate the danger here. This has somehow remained true even as tech crime is rocketing. We are seeing more and more headlines about how some aspect of critical infrastructure has been brought down due to some form of technological attack, businesses have lost money due to data losses, people have had their identities stolen after data breaches, etc.
Meanwhile, the tech firms best placed to defend ordinary people and businesses against these kinds of attack are often the ones carrying out the attacks. The fox is guarding the hen house.
Just yesterday, there was a news story in the UK[1] about some home car charging stations being vulnerable to simple attacks. These devices get connected to both home networks and electricity grids. The specific models in question were government-approved too.
I think typical open-by-default networking is fundamentally broken today. It's like software for non-experts that doesn't have the option to install security updates automatically, or a browser or mobile OS that doesn't sandbox web pages or apps individually. Professionals use many tools to lock down organisational networks, audit and manage connected devices, and deal with modern challenges like bring-your-own-device, and they still get hit from time to time. Meanwhile home users are basically expected to install a new Trojan every time they buy a new device. This is not going to end well.
Consider using VLAN for your home network. You can put devices into a separate VLAN without Internet access. This is easy to setup and does not require expensive equipment.
Should use one VLAN per device. I think manufacturers will start using their own mesh networks. If your neighbors have a Vizio TV, your vizio TV will use their connection, same for Samsung, etc. If you have an open guest network, these devices will use it automatically.
The Brother printer I have attempts to hit some static IP in Japan for firmware updates, unencrypted http. So while on some OSes, you can use it without installing a drive, on MacOS, your desktop will automatically download the vendor's software indirectly from Apple. That is why installing printers is a separate permission as it updates system level components.
The only immediate solution I see to this is to have a protocol level firewall say running on an RPi that firewalls the printer off and intermediates all communication between the devices on the local network and the printer.
I need affordable latest WLAN AP with VLAN. Most consumer WLAN APs don't support so we need to buy enterprise or some enthusiast gear.
It seems that on some Xiaomi models, VLAN can't be configured but its firmware is based on OpenWRT, so it can be enabled by hidden API. So maybe SoC itself supports it but manufacturer disable/don't enable it.
I have a HL-1440 that is old enough to still have a Centronics connector (in addition to USB1) and it's a tank. I had to take it apart once between 2008, when I got it from a university that was throwing it out, and today. It prints all my shipping labels.
If you follow the link in the article to the EFF site, they basically warn that they no longer maintain a list of printers that have these dots, because every modern printer has these. Basically there are no options if you don’t want these dots.
I remember the advice to buy a brother circa 2015-2017. Apparently it has changed? Personally unsure, I just bought one, as I worked backwards from "which printer has the cheapest toner" and it is still brother.
There is no way to force the business models to keep printing on a full cartridge that has met its page limit(per reviews on Amazon), and the salesman at a store told me brothers have replaceable parts in them now besides the toner carts that they force you to replace.
Brother software has always been the worst experience for me. Its like some ancient Windows XP setup that you have to download from a 2003 website that sometimes gives errors and isnt very helpful. Uninstalling feels like Norton, where you probably need extra software to remove the crud it left behind.
Why do people waste time on any "bonus software" they found in the box with their printer?
This is why I love Brother printers: I've never had to touch their software. Ever. Been buying their printers for over a decade. You pipe postscript to them on port 9100, they print it. Done. Their software could be 100% refined APT-malware, and I'm totally okay with that.
Brother software? I bought a Brother a few months ago, no software install on any device required. I just plugged it in, and it worked. Hell I can even print from my phone to it.
The Brother software I have on Windows 10 opens an application window (as seen on the taskbar as a running app, not the system tray) that is trying to ask me to update, but there is no visible application window. I have to right click the icon and choose Exit to get rid of it.
I just recently set up one of those printers. They have a lot of dark patterns trying to steer you towards the app (and the "instant ink" junk), but it was still possible to skip over that and do all the setup on the printer itself, at which point it became a normal discoverable network printer.
I assume you're talking about WiFi setup? Ethernet to your switch or USB to a RPi should be a lot more reliable and works without an app. Then again, I haven't set up a printer in a decade.
Good luck finding a company that does things much differently. There is a printer cartel, and they want every penny they can squeeze out of those things.
It's the size of the market. The startup cost of making a competitively cheap printer is much larger than the expected revenue. Would you pay $2000 for a whitebox printer? Would anyone? It'd be a cool passion project, but making a legitimate business out of it would be hard.
One big question I have: "is it legal to sell a printer that requires the use of someone else's toner?". If so, then the concern about sourcing toner after the whitebox company fails can be addressed in the design stage.
What I really want to know is why there is no BYOPK whitebox TPM product. That should be easy to make and could dominate the market.
I recently got a HP LaserJet Pro M15W Printer and I didn't need to install an app... But I don't use it's wifi capabilities and plug it in with a USB cable.
What you want is a printer bought at goodwill/recycling center with cash or from hamfest free trash pile. Those dots made sense when printers were $500-1000 in ~1995.
I wonder if changing the background of your printout to 100% yellow would defeat this. The BBC article insinuates there are other schemes that are lesser-known than the dots, though.
Agreed on the B/W laser printer suggestion, The Giver is just HP propaganda. I ditched their color printer after a few months and bought a Cannon B/W printer[0] for ~$75.
It's been a few years now and while I don't print enormous amounts, I regularly do need to print out forms or documents. I still haven't used up the original ink cartridge it came with.
There's also a Linux driver provided by the company for this model.
There's also a Linux driver provided by the company for this model.
Are Linux drivers still a thing? Both our current and previous printers could be used without setting up any drivers through AirPrint. The new printer also scans without any drivers through AirPrint. I'd assume that Linux can also print driverless through AirPrint?
Exactly. The rare occasion I really need to print something I do it in the library or in even rarer cases at work. (My previous employer was stricty paperless and the printer was only accessible for legal and marketing documents.)
I wonder whether it would be possible to just build your own printer. That is, rip out the electronics from some common model and replace with an Arduino that just sends the correct signals to the hardware to print.
It's just that this stops being funny when the printer firmware is is hell bent on keeping the printer offline until all the cartridges are back over minimum levels. I own an older Lexmark printer that still works like a charm. But it shuts down completely if it runs low on any color. This is especially aggravating if you need to print s single page urgently and you don't have a cartridge in reserve.
Reminds me of the scene in The Life of Others (2006) where the Stasi has samples from every registered typewriter in East Germany, so they have to smuggle a special typewriter.
When my last printer died I switched to the Ecotank series from Epson. It's a good printer and it has a better business model; you own the printer and you do not have to buy expensive ink from Epson as you already bought the printer (not like all the other printers out there)
I suspect smartphone cameras may add a similar type of tracking mark to photos taken with the phone. I assume the NSA would be able to determine which phone a photo came from based on something like this. I don't have anything more than rumors, but if anyone has a link about this, it would be interesting!
I believe these dots are only printed by color printers, ostensibly to help catch currency counterfeiters. So the simplest countermeasure is use monochrome printers for daily stuff and for anything sensitive. I guess sometimes you'll NEED color, but very often you can probably do without it.
I've always wondered if jpeg encoders added something like this to screenshots. Should be possible to add a compression-resilient pattern that encodes the screenshotter's host details.
Blizzard watermarks screenshots produced by World of Warcraft find and track users of emulated servers by embedding user account info and server IP all across the image.
I am, yes. But this was not the case when I played WoW 15 years ago. I mean, I knew that I was playing on a server, and of course they are tracking everything on a server. But for some reason this steganography in the screenshots just gets under my skin.
With current games I go in with the assumption that I'm in a public place, and act accordingly. But back then I really counted on my Personal Computer being personal, so this feels like a breach of trust.
I'm much less bothered by the idea of developers having access to things like aggregated anonymous heat maps, and more worried by the amount of individual details required to generate such a heat map.
I'm not sure about jpeg, but with an algorithm like 'deflate' the encoder is constantly making decisions about whether it's more efficient to represent a series of bytes as a literal or as a reference to a previous series. I think a steganographer could take advantage of that by encoding something like a tracking number in the form of the occasional less efficient decision.
But what's the incentive for printer manufacturers to do it at all? It isn't mandated by any law. Some three letter agency comes to them with offer they can't refuse? Or they give them bazillions of dollars in exchange?
The incentive is that they'd rather do it on their own, than be forced into doing it. Adding the fingerprinting dots on their own gives the manufacturers control over how the fingerprinting works, lets them do it in the most inexpensive way, and means they don't need to submit proof of the fingerprinting feature.
Things like this are revealed all the time, half the public doesn't care and the other half already know we are living in a surveilance dystopia and are not surprised about it.
To _force_ a U.S. company to do something like this would be a behavior on the level of an autocratic nation like China. Yes, I think it would be a very huge deal. I imagine somehow the government sweetens the pot for big printer manufacturers.
The NSA did not need these dots to track Reality Winner. Even a ordinarily secured corporate environment will record an audit log of anything written to outputs, on the service side (so the print server will effectively print a second copy to disk with all information about who printed it, mail server will record all outgoing messages even if deleted from user’s Sent folder, etc).
Yup, the FBI arrest affidavit didn't mention the dots. There could have been some parallel construction to avoid testifying about secret printer dots in court, but on the face of it it appears that the government found out who it was in more conventional ways:
>The U.S. Government Agency conducted an internal audit to determine who
accessed the intelligence reporting since its publication. The U.S. Government Agency
determined that six individuals printed this reporting. WINNER was one of these six individuals.
A further audit of the six individuals' desk computers revealed that WINNER had e-mail contact
with the News Outlet. The audit did not reveal that any of the other individuals had e-mail
contact with the News Outlet.
>On June 3, 2017, your affiant spoke to WINNER at her home in Augusta, Georgia.
During that conversation, WINNER admitted intentionally identifying and printing the classified
intelligence reporting at issue [...] WINNER further admitted removing the classified
intelligence reporting from her office space, retaining it, and mailing it [...]
WINNER further acknowledged that she was aware of the contents of the intelligence reporting
and that she knew the contents of the reporting could be used to the injury of the United States
and to the advantage of a foreign nation.
Their way sounds much easier than using dots on a page to try to trace it back to a specific printer... especially because they already knew it came out of the NSA... the question was which person who had access to the doc and a printer in the org did it.
I'm aware of that.
I'm not saying it's not known by the public; I'm saying it's not officially acknowledged by the US government as being part of their own mass-spying programs.
In other words, it's still officially a government secret, even though everyone knows about it.
Prosecuting someone for a crime based on yellow-dot evidence could force the government to testify under oath about the yellow dots and what they mean... which could force them to answer some uncomfortable questions about how the dots got there... maybe officially admit ownership of the program... and I imagine that could open a whole legal can of worms they'd rather avoid.
The dots were used afterwards to see what happened to the document. By showing that the document she had printed was given to the press, they are able to take her in. Otherwise if multiple people had printed the same document in the past several weeks, you need to investigate each of them.
There’s no indication that happened either. The court docs say an investigator went to her house and questioned her, and she admitted to printing the doc and sending it to the press. That’s how 99% of police work is done in the real world.
Of course, but the NSA doesn’t need Microdots to track their own leaks even if the suspect doesn’t confess. They need Microdots to track YOUR printing which is why it is an affront to privacy.
At somewhere like NSA the print server can introduce small variations into the printing like margins and whitespace that can be used to make each print unique.
The Intercept knows all of this, which is why I suspect that for whatever reasons they had, they intentionally threw her to the wolves. The Intercept is not run by dummies.
A more foolproof way to track this would be to slightly change the wording of important sections in each copy handed out. This would allow them to track down even copies of confidential documents that were simply transcribed or where the press used excerpts.
Those documents may probably have legal value, and could be legitimately handled by dozens or hundreds of people. And we are talking about millions of pages. That could only work with an intentional trap when you know someone leaks but not who.
With five variations of ten sentences ("We now have", "Now we have", "Right now we have", etc., you can probably come up with this many in under five minutes), one combination randomly assigned to a user accessing the document, you get 5^10=9.8M variations. That should narrow it down.
Not that I necessarily think doing this is a good thing, for the record.
You can go to anywhere right now and buy a b&w only laser printer and it won't have the dots. The secret tracking dots thing only works if you have yellow ink on white paper- it's hard to see. If your printer attempts to "secretly" add black dots to white paper everyone will notice.
Im not sure when it started, but I do know back in the early 90's copiers and printers were already currency aware. The copier in my elementary school wouldn't copy a dollar bill at anything close to full size, had to be at least either 75%/125%
If you don't know by now, printing has changed. It's no longer just about what happens in the office. Now, people want to print from where they want, when they want. And that means a lot more printing is happening on devices not managed by IT departments. This means printers are more susceptible to malware since their regular security updates aren't coming from IT — they're coming from manufacturers of the printer or operating systems or third party apps used on them. https://www.braindumps4it.com/braindumps-HP2-I06.html
That’s why the end-user should maintain separate firewalled subnet (DMZ) networks for their unique grouping of IoT, cable settops, PC/Mac, mobile devices and in-house servers.
Only problem i’ve had with this setup is during the configuration of IoT where mobile device must be on same subnet as IoT devices, that is all.
I remember finding out about printer tracking dots while checking if there is any way police could find me for mildly vandalising a neighbor's business sign.
Ballots are tricky. In the US, You want to ensure anonymity while also ensuring the voters franchise is not threatened.
If we want them to be uniquely identifiable, then we don’t need to hide the identifier. If we don’t want them to be uniquely identifiable, then hiding the identifiable ID becomes a violation of the voters privacy.
This begs the question of how the secret dots aren't a blanket violation of the 4th amendment.
Also IANAL but I feel like there must be some law about deception of this kind. Selling a product that does something you don't expect it to, were never told about, and would not reasonably even observe feels somehow like fraud.
You can register as a Democrat and participate in the primaries for the Democratic candidate but (thanks to the secret ballot) vote for Republicans in the final election. Or vice-versa. And nobody other than you will ever know how you (as an individual) actually voted.
Or you can register as an independent if you prefer. The rules vary by state, but the worst that happens is you can't participate in the primaries (but can absolutely vote in the final election). Who you, as an individual, voted for is still not traceable back to you.
In other words, it's your right, thanks to the secret ballot, to vote completely differently from the party you registered under or even differently from how everyone in your life perceives you, and nobody will ever know.
There are people who changed their mind years ago about what party they support and have been voting that way ever since, but just haven't gotten around to (or don't care enough to) update the party they listed on their voter registration.
Some states, such as Georgia, don't have party registration at all. You're not a "registered Republican/Democract," just "registered."
Any registered voter can choose to vote in either the Republican or Democratic primary (unsurprisingly, this "open primary" system was originally implemented in order to supress the Black vote).
Ballots typically do have unique IDs usually on some part that is removed by the voter. The problem is that isn't linked to anything because we don't want it linked to anything. This form of auditing isn't compatible with ballot secrecy. US elections do undergo rigorous process audits but the electorial process presents challenges to results audits.
Yes, it would be very convenient and maybe make it easier to catch voter fraud. But the voters couldn't have any trust that their vote was being counted separately from their actual identity.
If the government mails me a ballot with ID #1234 on it at my home address, then they have a way of knowing that Ballot #1234 belongs to me in particular when they're tabulating the votes, which means they can find out exactly how I voted. Now we don't have a secret ballot anymore, and the secret ballot is a fundamental part of our democratic voting system; a secret ballot prevents the government from rewarding people or doling out punishment based on how they voted. It's a safeguard against authoritarianism.
(I think some US states put identifying info on the outer envelope or sleeve that the ballot is returned in, but there's a strict system to keep the envelope-opening step separate from the ballot-tabulation step, so people's votes cannot be personally linked to them as long as the system is followed. And these days there are usually cameras watching to make sure it is followed, and the footage is public.)
If you do get rid of the secret ballot then there's not much of a reason to hide the ballot ID via yellow dots. Just put "Ballot #1234" all over it and/or print a unique barcode. But regardless of whether the ballot ID is displayed or hidden, if you happen to get a dictatorial maniac into power (whatever you personally envision that person to look like) then you would be one step closer to letting that leader use personally-identifiable voting records to punish the people who voted the way he (probably a he) didn't like and/or give the people who voted the way he did like rewards or unfair advantages.
You could also determine that person X voted for an unpopular politician and ruin their life online. The reason why voting is anonymous is the realization that an election should not degenerate entirely into a popularity contest driven by peer pressure.
If you want to audit mailed out ballots, use two envelopes instead. The outer one will carry a unique id, the inner one will be completely anonymous and contain the actual ballot. All the auditing can be done on the outer, unopened envelopes. Then they are stripped off, all the inner envelopes are thrown on a heap and only then opened and counted.
Of course, even then, the paper ballots contain traces of the voter's DNA, so the truly paranoid will not be happy either.
No, it's so people can't sell their votes, or be told by their parents/employer/local gangs that if they don't verify they voted correctly, they will be hurt. It's not cancel culture or popularity contests or whatever. Voting is definitely supposed to be a popularity contest based on peer pressure.
At least for where I am in the US, that's basically how my mail-in ballot worked for last fall's election.
The completed ballot goes into an opaque sleeve devoid of identifying information, which then goes inside of an envelope. The envelope has an extra "flap" where you put your information and signature, and then it seals onto the envelope.
When processed, the flaps have perforations that can be physically separated from the rest of the envelope and validated and retained for audit purposes, and later on the collection of sealed envelopes can be opened and the ballots counted without having any attached personal information.
Couldn't you give a unique prime number to each person each election (untracked) and use that to calculate a final product of a particular election, and then people could independently validate their vote went where it should?
There are complicated schemes that can work, but if voters are able to prove the content of their vote to another person, they will be able to sell their vote or be extorted for it.
Most countries have a secret ballot. In the UK all ballots are linked to the voter with an intermediate table effectively, which is then destroyed after a certain time.
More generally, for ballots you don't need to hide this, you could just have a number on them.
That assumes that the Japanese version of democracy works similar to the ones we live in. Which it doesn't, at all.
It's more of an authoritarian system with a friendly, democratic facade put in front when the US pressured Japan to modernize after WW2.
A very interesting topic, I've recommended this book on HN before: Karel Van Wolferen - "The Enigma of Japanese power". Basically what we think of the system of modern Japan in the West are carefully doctored fairy-tales and mythology.
How are they dissimilar to the western ones? Who participates in them? Can't the parties candidating in the election nominate their representatives into the committees?
A third world country whose offshoring programmers are regularly mocked by the ivory tower SV elites can do voter id but not the world's richest country
Printers: a completely destroyed product. I gave up on printers over 20 years ago. They are shitty ruined products I do not waste any time on anymore. It's far easier to just have more screens than deal with the shit show called printers attached to computer networks failing to be a useful utility.
I've known about the yellow dot patterns on color printers for a long time. If you've ever wondered why the yellow ink on your printer goes down faster than you think it should, now you know.
But this article seems to imply that the yellow dots also occur on black-and-white printers. How is that possible?
They give an explicit example of a HP Laserjet. The image is B&W under white light and my experience with Laserjets is that they're B&W printers. I know they make color versions, but that's not how it's presented in the article.
On that page you can see that on the caption of the same image the printer is identified as an "HP Color Laserjet 3700". The BBC journalist or whoever wrote the captions simply wasn't very precise and probably didn't mean to imply that the yellow dots are produced by black-and-white printers.
A lot of printers will just refuse to work without one of the cartridges fitted... Hell, some refuse to print even if one does still have some have ink in it but the printer thinks it should have run out at the time...
Guess an answer would be inject some black or some type of bright ink into the yellow cartridge so the dots show up easily then hole punch those spots out.
The yellow dot codes are repeated across the page and the Wikipedia article on them says there can be about 150 of the codes on an A4 page. Your document would probably look like Swiss cheese by the time you were done with the hole punch!
I did think of this. The whole punch needs to be big enough to obscure the exact location of the dot but not so big all the information trying pass gets lost. My solution was to repeat whatever message or image multiple times on a single page in different locations. That way if the message gets whole punched it shows up in another location so everything is still readable.
That's just the price of avoiding tracking. Do the procedure, create the hole-punched document and complain to the printer manufacturer about the result :)
Well you would need the whole punch big enough that the exact location of a dot would be obscured. Like, every hole would be not perfectly centred over a dot. If it was centred you could essentially establish what the dot location was prior to cutting and give away what you are trying to not do. So what you suggest would show an approximate location of a dot but not reveal the details.
- Required me to install an app
- Required me to enable gps on my device (and allow app to access)
- Printer phoned home after / during setup (as did the app)
They really don’t need the dots any more when they know the gps coordinates and have the ability to send anything they want to and from the device.
I personally spoofed the gps, ran a vpn and blocked the device from phoning home (after setup). Had me saying “what the f**!?” a couple of times.