The whole argument was about blocking search only, considering the damages suddenly completely blocking google would do. Yes, you can block google data centers completely, but dude, would that cause chaos.
A better approach though is to fine Google,
I said that multiple times already.
What? What do you mean “DNS space”? Classic DNS does not have any security, no encryption and no signatures.
DNSSEC, which adds signatures, is based on TLDs, not any geography or country. And it is not yet enabled for most domains, though I guess it would be for google. But obviously EU does not control .com.
And if you mean TLS certificates, those are a bit complicated and I already explained why forging those would be problematic and not work on Chrome, though it could be done.
Yes, I mentioned that in a comment deeper down. And even before that, just fine them. Chances are they will pay and if not, you can probably seize some bank accounts.
I am not trying to say Google can afford to completely defy the EU, just found it interesting how hard it is to block just google search specifically.
PS: Also mentioned in a burried comment, there actually is a way for ISPs to block google, since DNS over HTTPS is not enabled by default yet in browsers I think. I forgot this since I enabled encrypted DNS like 8+ years ago for myself and just assumed people also have it by now.
Maybe for some rando site, Google and any half competent site has HSTS enabled, meaning a browser won’t even try to connect with insecure HTTP, nor allow user to bypass the security error, as long as the HSTS header is remembered by the browser (the site was visited recently, set to 1 year for google).
In addition, google will also be on HSTS preload lists, so it won’t work even if you never visited the site.
They probably also could just prevent EU companies and branches from buying google ads directly. Vast majority of ads is geo-located, so there would be almost no ads to show in the EU.
Demanding the ISPs to block traffic to Google domains would be quite effective.
Filter it based on what? Between ESNI and DNS over HTTPS, it shouldn’t be possible to know, which domain the traffic belongs to. Am I missing something?
Edit: Ah, I guess DNS over HTTPS isn’t enabled by default yet.
The backup is usually a different server from the same DNS provider. E.g. google has 8.8.8.8 as primary and 8.8.4.4 as secondary. Plus the backup doesn’t even always work on Windows.
Also note, it is not browsers but operating systems that do primary DNS. Browsers may use DNS over HTTPS for security and privacy instead of the one in the OS, but that usually requires the OS DNS to resolve the address of the DNS over HTTPS server, since it is considered a security feature built on top of classic DNS instead of replacement.
PS: Don’t get me wrong, EU could definitely block google.com sooner or later. It just wouldn’t be as easy as usual. The real risk is if Alphabet stops offering all of its services, chaos ensues. Companies unable to access their google spreadsheets. Services and data hosted on google cloud lost. People protesting lack of youtube…
And even if Alphabet doesn’t do that, I expect a lot of issues just with google being unavailable and most people not even knowing there are other search engines. It’s really going to be last resort to try blocking google, I expect fines or some such.
It would likely be impossible to redirect google.com without either sparking a cyberwar or building something like the great firewall of China, quite possibly both.
Blocking is somewhat possible, but to redirect, they would have to forge google certificates and possibly also fork Chrome and convince users to replace their browser, since last I checked, google hard-coded it’s own public keys into Chrome.
I say blocking in somewhat possible, because governments can usually just ask DNS providers to not resolve a domain or internet providers to block IPs.
The issue is, google runs one of the largest DNS services in the world, so what happens if google says no? The block would at best be partial, at worst it could cause instability in the DNS system itself.
What about blocking IPs? Well, google data centers run a good portion of the internet, likely including critical services. Companies use google services for important systems. Block google data centers and you will have outages that will make crowd-strike look like a tiny glitch and last for months.
Could we redirect the google DNS IPs to a different, EU controlled server? Yes, but such attempts has cause issues beyond the borders of the country attempting it in the past. It would at least require careful preparations.
As for forging certificates, EU does control multiple Certificate authorities. But forging a certificate breaks the cardinal rule for being a trusted CA. Such CA would likely be immediately distrusted by all browsers. And foreig governments couldn’t ignore this either. After all, googles domains are not just used for search. Countless google services that need to remain secure could potentially be compromised by the forged certificate. In addition, as I mentioned, google added hard-coded checks into Chrome to prevent a forged certificate from working for it’s domains.
Good for where you live I guess?
Most states don’t require assessments: https://hslda.org/legal/
Yeah, because we don’t have enough socioeconomic inequalities in the world, let’s create more borderline (or outright) illiterate people.
And this right here is how you convince people to home-school after the first few fines.
My response to “capitalism is terrorism” was “Go move to Cuba then”.
I don’t know if this exists in different cultures, but in Czechia we often respond to stupid things with something equally or more stupid to show we don’t take it seriously.
It has 88 down votes.
The graphical proof is really nice :)
1±2±3±...±n =(1+n)*n/2
plugging that into the right side of the equation to transform it:
((1+n)*n/2)^2 = (1+n)^2*n^2/4=n^2(n^2+2n+1)/4 = (n^4 + 2n^3 +n^2)/4
If this holds for n:
1^3 + 2^3 +3^3 + ... + n^3 = (n^4 + 2n^3 +n^2)/4
Then for n+1:
(n^4 + 2n^3 +n^2)/4 + (n+1)^3 =? (1+n + 1)^2*(n+1)^2/4
(n^4 + 2n^3 +n^2)/4 + (n+1)^3 =? (n^2+4n + 4)(n^2 +2n + 1)/4
(n^4 + 2n^3 +n^2)/4 + (n+1)^3 =? (n^4 + 4n^3 + 4n^2 + 2n^3 + 8n^2 + 8n + n^2 + 4n + 4)/4
(n^4 + 2n^3 +n^2)/4 + (n+1)^3 =? (n^4 + 2n^3 + n^2)/4 + (4n^3 + 12n^2 + 12n + 4)/4
(n+1)(n^2 +2n + 1) =? n^3 + 3n^2 + 3n + 1
n^3 + 2n^2 + n + n^2 + 2n + 1 =? n^3 + 3n^2 + 3n + 1
n^3 + 3n^2 + 3n + 1 =? n^3 + 3n^2 + 3n + 1
Which is obviously true.
So yes, it holds forever.
I didn’t say they don’t, but again, that is the same for US based social media and even more so for traditional media. Almost everyone is pushing an agenda these days.
Most people believe that they are smart enough to not fall for propaganda. Unfortunately, most, if not all of them are wrong.
I think both. I imagine I would do a lot of good on global level, but probably abuse it on personal level.
Although the specifics also matter, e.g. will there be a way to steal it from me, forcing me into paranoia?
And if you believe in yourself, how would you try to convince an hypotetical entity to give you this wealth?
It can’t end worse than the direction we are going, and will very likely end much better overall.
Yeah, this
For me, the lesson needs to be to seek depth where something seems disagreeable but has vagueness, especially ideological labeling. I wish that was a realistic ask for all people. It has made me change my opinions a lot over the years as I’ve learned more—not necessarily dramatically, but it has tempered them with nuance.
This indeed is a really good takeaway, but I think we also need to at least try and make messaging clearer for those that are not going to. For example, many companies have statements of commitment to DEI on their webpages, but rarely what it does and more importantly doesn’t include.
Then I guess the issue is we need more granular names for various DEI policies, because it is impossible to discuss any merits or demerits of something this vague and broad.
This vagueness then makes the issue far more divisive as proponents pick best policies to defend and detractors pick the worst examples to criticize.
No. At the end of the day, I control which certificates I consider valid. Browsers just choose the defaults. There is no way I quietly let some government usurp that power, considering how easy to abuse it is.
No they don’t. That is not what TLS really does. But I guess close enough.