I think the biggest issue here is that Uber actually has programmers on its staff who think its ok to write a program whose sole purpose is to try and break the law.
I mean, someone actually sat down and said, ok when, not if, law enforcement comes to raid one of our offices, how can we do our best to block a lawful search warrant.
most of this sounds like good practice for any company that stores large amounts of sensitive data.
perhaps the features were used inappropriately, but I would hope Uber can remote wipe a laptop, log users out of company systems, or centrally enforce encryption policies.
this line is just silly.
--"Later versions of Ripley gave Uber the ability to selectively provide information to government agencies that searched the company’s foreign offices. At the direction of company lawyers, security engineers could select which information to share with officials who had warrants to access Uber’s systems, the people say"
What is the alternative? Giving law enforcement access to all data without any discretion? Querying ride data for 1 person is technically "selectively provide information", but that seems perfectly acceptable.
A certain segment of the population - disproportionately represented on HN - strongly dislikes both Uber and cops. It's always interesting to see how people react to stories in which two groups they dislike are pitted against one another.
Yeah, this sounds like a great tool. Of course it can be used for good and bad. Hell even "cp" is a potent copyright violating tool, if used in that purpose.
I can easily see a toolkit that makes sure everything is FDE with a distributed key network, and revocation from anywhere if needed. I also see remote distributed shutdown requests, sealed storage locking, remote device nuking, and plenty of other features if a device falls into the wrong hands.... even if that is local law enforcement.
Part of this also feels like the Neuromancer universe, where companies are the state actors, and the real states have only limited jurisdiction.
(And yes, I would help build a set of tools like this. They have multiple purposes, legal and illegal. Not my fault if someone uses them illegally in a jurisdiction. )
They should have deployed this just once for a US case. I assume some of their communications travel across state lines and that would make their obstruction of justice and evidence tampering a federal crime. With our beyond vague definitions of such crimes, every Uber executive could have been in jail for decades by this point.
So prior to the next warrant served to Uber authorities will sever all communication lines ran into the suite right?
Sounds like a fun system to make, context aside.
It's there an OSS version of this somewhere: contact a server, server initiates clients on all devices to perform lockout with pre-arranged credentials. Client can clean caches, wipe partitions, etc., as required.
Like managers at Uber’s hundreds of offices abroad, they’d been trained to page a number that alerted specially trained staff at company headquarters in San Francisco
Isn’t this “tipping off”? Which is a crime in itself.
It never fucking ends with this company, does it?
> Ripley, after Sigourney Weaver’s flamethrower-wielding hero in the Alien movies.
Sounds more like Ripley's believe it or not
What the heck does that illustration even mean?
What's interesting to me is that governments are becoming less and less important in society. With Google, Facebook, Uber, and Bitcoin, we're moving closer and closer to a world where human-based systems (government) are being supplanted by computer based systems (technology).
I for one believe this can be a good thing, since humans corrupt but computers are strictly deterministic.