freedomPusher

joined 4 years ago
MODERATOR OF
bugs
netneutrality
cyber_activism
gdpr
right_to_unplug
bugs_in_services
personalfinance
paperless
collaboration
sorted by: new top controversial old
Unemployment rate in Belgium (2020) in c/[email protected]
[–] [email protected] 1 points 1 year ago

Wish I could see it. www.onem.be seems to be dropping my packets.

3
wanted: a lemmy community that analyzes your post’s URL for inclusivity - robotic and manual (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

The problem:

Most #fedi authors post links with no idea if the hosting server discriminates against people, or who. The consequence is that the fedi is muddied with references to exclusive venues that do not treat people equally, which wastes the time of readers who are impacted by discrimination. A variety of walled gardens pollute our threadiverse experience. So how can we remedy this?

Proposed fix:

Suppose we create a community and designate it as a testing area which welcomes bots. So e.g. I post something in the test community, and a bot that is paywall-aware replies yes or no whether the link is paywall-free. A bot that is Cloudflare-aware does the same. A regional bot, such as a bot in Poland can check that Polish IP addresses can reach the URL and make noise if the website blocks Poland. Etc. It need not be just bots.. someone in some oppressed region might manually attempt to visit links and report access problems. We would certainly like a bot in a GDPR region to test whether access is refused on the basis of a data controller’s unwillingness to respect GDPR rules. The OONI project could have a bot that reports anything interesting in their database.

There could also be anti-enshitification bots, which point out things like cookie walls.

There are bots that find better links to replace Cloudflare links. Those bots could help direct authors to better URLs to share.

There could be a TL-DR bot that replies with a summary or even the full text, so an author can decide before posting in the target community whether to omit a shitty link and just post the content.

(update) It’s worth noting that for Mastodon there an ad hoc tool. If you follow @[email protected], that bot will follow you back and analyze every URL you share for whether it is Cloudflared. If yes, it will DM you with alternative URLs.

Note that the mitigator bot is quite loose it its judgement. If the host is not Cloudflared but another host on the same domain is Cloudflared, it is treated as a positive because it’s assumed that when you visit the host it will link to other hosts on the same domain.

You have ZERO financial privacy in c/[email protected]
[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (3 children)

“One more step…”

Nothing like a privacy abusing Cloudflare site to expose privacy abuse. If anyone has openly accessible Cloudflare-free links, or can post the info for the excluded people, plz post.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 1 points 1 year ago

eclic.ro is an exclusive Cloudflare site just like change.org is. Exclusivity is obviously quite lousy for democracy. Better alternatives are here:

https://codeberg.org/swiso/website/issues/140

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

privacytools.io always was shit show even before the infighting. They put their own endorsement site on Cloudflare. Despite a collossal pile of dirt emerging on #Signal:

https://github.com/privacytools/privacytools.io/issues/779

PTIO continued endorsing Signal non-stop, refusing to disclose the issues. That was also before the breakup. Dirt was routinely exposed on PTIO endorsements and it never changed their endorsement nor did they reveal the findings on their website.

Now both factions are hypocrits just as they were when they were united. The original PTIO site is back to being Cloudflared (nothing like tossing people coming to you for privacy advice into the walled garden of one of the most harmful privacy offenders), and Privacy Guides has setup on a CF’d Lemmy node. The hypocrisy has no end with these people.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 2 points 1 year ago (1 children)

Interesting, but that does not help because Mint jails all their docs in Cloudflare.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (2 children)

Also worth noting that #Ubuntu and #Mint both moved substantial amounts of documentation into Cloudflare (the antithisis of the values swiso claims to support). I have been moving people off those platforms.

BTW, prism-break is a disasterous project too. You know they don’t have a clue when they moved their repo from Github.com to Gitlab.com, an access-restricted Cloudflare site. There are tens if not hundreds of decent forges to choose from and PRISM Break moved from the 2nd worst to the one that most defeats the purpose of their constitution.

It might be useful to find dirt on various tech at prism-break, but none of these sites can be trusted for endorsements.

The prism-break website is timing out for me right now. I would not be surprised if they were dropping Tor packets since they have a history of hypocrisy.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 2 points 1 year ago

If you look in their bug tracker, it actually reveals that they ignore dirt that has been dug up on their suggestions.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

As others have mentioned there is little in the way of justification for these suggestions, and while I happen to agree with plenty of them, I’d personally like to see more reasoning, if not to appease people that already have opinions then to help newer users understand their options.

Indeed. In fact it’s actually worse than you realise. Swiso witholds negative information in order to steer people. They don’t want to inform people. They want to steer people. For example, swiso’s endorsements for donation platforms have some quite serious problems:

https://codeberg.org/swiso/website/issues/141

And swiso is aware because that’s their bug tracker. Yet they are content to praise their endorsements without exposing the problems.

Ethical, easy-to-use and privacy-conscious alternatives to well-known software in c/[email protected]
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

There are a few good alternatives and swiso has been aware of them for ~4+ years:

https://codeberg.org/swiso/website/issues/140

1
PSA: When your personal data is published, people are not free to use it (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

People are often told if their data is published, they have no expectation of privacy. But I found an interesting gem in the EDPB Guidelines of 04/2019 which counters that to some degree:

  1. Even in the event that personal data is made available publicly with the permission and understanding of a data subject, it does not mean that any other controller with access to the personal data may freely process it themselves for their own purposes – they must have their own legal basis.²⁰

²⁰See Case of Satakunnan Markkinapörssi Oy and Satamedia Oy v. Finland no. 931/13.

IMO, that means #AI bots cannot exploit openly public data if it’s data that’s personal to a European or someone residing in Europe.

1
(Snikket) no way to control where images get stored and no way to discover where they are (sopuli.xyz)
 

If you long-tap an image that someone sent, options are:

  • share with…
  • copy original URL
  • delete image

The URL is not the local URL, it’s the network URL for fetching the image again. When you send outbound images, Snikket stores them in one place, but it’s nowhere near the place where it stores inbound images. I found it once after a lengthy hunt but did not take notes. I cannot find it now. I think it’s well buried somewhere. What a piece of shit.

(mbin) mechanism needed for users to block whole instances, not just magazines in c/[email protected]
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

I can see that you’re upset about cloudfare being forced on anyone using the large instances.

This implies some kind of emotional drive and disregards the nuts and bolts of the actual problem. The breakage that manifests makes the fedi less usable and more exclusive, which the design rightfully tries to avoid but falls short. CF being pushed on ppl using large instances is not at all the issue. That’s self-inflicted harm. Cloudflare and big instances both independently pose a centralization problem which can easily be condemned together. Neither form of centralisation benefits the fedi. The fact that CF-centralised nodes and disproportionately large nodes tend to be the same nodes is the universe organising the garbage together -- like when Bayar and Monsanto merged. Easier to deal with the baddies when they are consolidated.

lemmy.ml less trivialThe lemmy.ml instance is less trivial because it’s disproportionately large, but they shrunk a bit and ditched Cloudflare. They bring a lot of political baggage, but they are also said to be less tyrannical than they were in the past. So what how to treat lemmy.ml is questionable and messy.

You’re right that the large instances are not democratically governed,

Yes but to be clear, governance is your focus not mine. I’m saying centralized instances are detrimental no matter how they are governed. If they are well-governed then you might say they are more likely to be decentralized, but then of course users could decide to unblock them if they achieve that.

But more importantly, most people just aren’t going to do that.

This is more of the “people don’t boycott” logic. First of all, the perception that people do not boycott does not justify stripping people of their power to boycott. The feature I propose gives people boycott power. And not only that, it gives them a way to function -- a way to get the exclusive junk and broken images off their screen.

how my Twitter boycott paid offI was on Twitter long before elon took it, and before phone numbers were required. When Twitter started demanding a mobile phone number from me, I walked. Boycotted. Not long after that I got news that Twitter was caught selling users’ personal data which was inconsistent with the privacy policy. Then shortly after that announcement, it was announced that cybercriminals breached Twitter and stole people’s personal info anyway. My boycott was not emotion driven. It was me making a calculated decision not to trust Twitter with my profitable data, and me deciding not to help Twitter profit from their policy of exclusion (people denied access who do not have mobile phones). And it was the right move. It paid off in the form of not being a victim. I’m grateful that I had boycott power. If boycott power is available but underutilized, the idiots who don’t use it can blame themselves.

The solution should be addressed at a system and process level, not by relying on people making personal choices.

This is a bit false dichotomy-ish. People should be empowered with agency to control their own interactions. That empowerment does not obviate system-wide improvements. It complements them.

But again, what I’m driving at is let’s get big, but do so democratically.

It’s defeatist. To grow disproportionately is to be centralised. Good governance is useless if it fails to prevent centralization. Maybe good governance can lead to a detrimentally centralised instance splitting into many decentralised instances, at which point those nodes are participating in the free world.

If some giant node organises a democratic process, it’s not for me or anyone to stop them. The feature I propose does not interfere with that in the slightest.

::: spoiler A democratic process still produces shitty results & cannot be relied on Everyone might decide to save money and use Cloudflare anyway. It’s shocking how many people see no problem with Cloudflare. And it’s mind-boggling how selfish people can be in large numbers. Xenophobic Trump supporters shows at what great scale it can happen on. Another example: a majority of the population has a mobile phone subscription, and a majority is also not ethically opposed to tax-funded public services that exclude non-mobile subscribers (e.g. like a public library requiring SMS confirmation to use wifi). They will vote for what benefits them personally at the detriment of the minority. So if a democratically controlled service opts for Cloudflare anyway, it’s the same problem. People marginalised by Cloudflare still need tools to tailor their view to show venues where they are included.

It’s great to have our little corner of the world that’s sun and roses, but as long as there are giants roaming around we’re at their whim and will eventually get stepped on.

You are literally advocating for the status quo that causes the giants to step on the rest. My searches are clobbered to a dysfunctional extent because these shitty exclusive nodes fill the top results (that’s another bug I already exposed in this community).

Sure, we can boycott mcdonalds, but we’re essentially begging them to make a change.

Not at all. Begging them to change is the position you take when you neglect to boycott -- begging is the shitty option you have. I’m not begging. I walk. McDs can fuck right off. They get zero begging from me. To keep feeding McDs is to be in that disempowered defeatist position of weakness. In the case at hand, enough people made the right decision to put McDs in the begging position; begging for customers to return.

community.xmpp.net dead or tor-hostile? in c/[email protected]
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

wintermute announced this instance when it came into existence ~2 or so years ago. So they might be interested and might have some information about it.

Notice the cross-post. Funny how that works.. I did not cross-post this, but because I linked the URL to community.xmpp.net the cross-post link was autogenerated.

(mbin) mechanism needed for users to block whole instances, not just magazines in c/[email protected]
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

What would be an acceptable outcome for you?

You seem to be asking for a book here. The requested feature is just one facet of a multifaceted problem -- to diminish the centralisation problem. One specific benefit we get from this one feature is the ability to get rid of the exclusive content that pollutes the timeline. Part of living in the free world is getting the non-free world out of the way. I need a view of the free world showing only venues where I am not excluded.

Instances close because people stop running them, not because other larger instances exist.

These two reasons are intertwined in a causal relationship.

Ultimately people vote with their feet, so if you want to see more smaller instances they need to become more appealing than large ones.

That’s not the only way. The small instances are buried in litter. Clearing the litter out of the way is a much simpler and much more effective way to see the smaller instances.

Also not sure what you mean by seven instances under one corporation? Are you talking about cloudflare or are you saying they’re all run by the same entity?

All seven instances are Cloudflare-centralised. They all give CF a view of all traffic (public and private) and they all arbitrarily discriminate against the same demographics of people. If you are denied access to one of them, you are denied access to all of them. Exceptionally, programming .dev has whitelisted Tor. But that’s just one demographic; that instance still blocks all the other demographics excluded by Cloudflare’s blockade. So users are all being controlled by the same entity.

I don’t like Amazon. Why do people use it? Because it’s convenient, it has the stuff they’re looking for, and it has that stuff at low prices. If we want people to use an alternative, we won’t do it by trying to guilt them to use a more expensive and inconvenient option.

You seem to be claiming boycotts do not work, IIUC. When it became widely known that McDonalds was giving free meals to Israeli soldiers, high numbers of people gave up the convenience and pricing that attracted them to McDs. McDs is a franchise, so different shops have different owners. McDs was forced to directly buy all the shops owned by the Israli who was giving away free meals, just to cancel that policy, just to protect the McDs brand.

Of course there are always unethical consumers. Some consumers continued eating McDs non-stop. Ethical consumers have integrity, a spine/constitution, and they practice it. They should be equipped to empower their ethical choices.

consider LidlLidl was caught relabeling their Israel-sourced produce with the name of a different country in order to deceive consumers who boycott Israel. The feature I’m requesting would be hypothetically comparable to a single button robot.. a “hide Israeli produce” button. If I press it, the Israel sourced food is robotically covered to make it easier for me to find the products I’m interested in. Or along the same lines, a vegan shopper with a “hide all animal-based products” button. Ethical consumers exist and they need to be empowered with good tools.

To change the status quo Amazon can get hit with antitrust law and prosocial regulation

I could write a book on all the reasons to boycott Amazon. Amazon exploits legal loopholes. They are organise their business to get away with murder (legally, or without detection). If you wait for regulators to find some cause to slap them on the wrist, it’d be a pitiful demonstration of non-activism. The very first best move to make is to stop being a part of the problem yourself by not feeding Amazon. From there, there are countless other activist actions you can take without just waiting for them to somehow shoot themselves in the foot.

Be the change you want to see.

The per user cost goes down the more users there are, and the network effect means more users will go towards bigger instances. So fine, let an instance get big, but let it be democratically controlled and funded.

The best thing you can do is walk away from the instance, not feed it or participate in any way. AFAIK, none of the seven have this democratic structure. But if they did, it’s still a harmful force because you still have a centralised policy that affects a disproportionate number of people and which also keeps smaller instances small.

5
A national central bank is using Cloudflare -- risks? (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

A national central bank that keeps track of bank accounts, credit records, delinquency, etc for everyone in the country has their website on Cloudflare. People are instructed to check their credit records on that site.

The question is: suppose you don’t use the site. Suppose you only request your records offline. What are the chances that Cloudflare handles your sensitive records?

I guess this might be hard to answer. I assume it comes down to whether to central bank itself uses their own website to print records to satisfy an offline request. And I assume it’s also a question of whether the commercial banks use the website of the central bank to feed it. Correct?

7
community.xmpp.net dead or tor-hostile? (community.xmpp.net)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
3 comments fedilink
 

I’m just noticing this instance for the first time. Judging by the hostname, it’s a node that’s devoted to #XMPP chatter. But I cannot reach it. Getting timeouts from Tor. This could mean that they are down, or it could be that they block Tor in the rudest possible way (dropping packets).

To me, it’s a ghost node because I can reach a tiny cache of posts from [email protected] locally:

https://sopuli.xyz/c/[email protected]

cc: @[email protected]

5
Underwood onion mail has vanished. What email address can be distributed to Google/MS recipients now? (sopuli.xyz)
 

cross-posted from: https://sopuli.xyz/post/13489053

In the onion v2 days we had underwood2hj3pwd.onion. There were half a dozen other onion email providers but Underwood was the only one that did not have a clearnet email alias (IIRC). That was a useful feature because you could distribute an onion address to a MS Outlook or Gmail user and they could not use it to share their correspondence to you with Google or MS in the loop. They had just two options: step off the ad surveillance platform or not contact you at all. That option died with Underwood.

The other onion email services all have a clearnet translation. So if (for example) I give a gmail user this address:

foo@yllvy3mhtamstbqzm4wucfwab57ap6zraxqvkjn2iobmrtxdsnb37dqd.onion

and they are motivated to reach me, they can figure out that the corresponding clearnet alias is foo(/at/)onionmail.info and then they can use that address to send me a msg that is then shared with their surveillance advertiser. And worse, that’s less effort for them than obtaining an onion email account.

So what I do now is give an XMPP account. Since Google has abandoned jabber and MS never partook, XMPP avoids Google and MS. But XMPP is not a drop-in replacement for email. OMEMO is glitchy/buggy with pitfalls.

I would like to offer an email option. Ideally, an onion email service would offer a clearnet alias that cannot be determined from the onion address, which implies a different userid string.

1
(mbin) mechanism needed for users to block whole instances, not just magazines (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
9 comments fedilink
 

Those who condemn centralised social media naturally block these nodes:

  • #LemmyWorld
  • #shItjustWorks
  • #LemmyCA
  • #programmingDev
  • #LemmyOne
  • #LemmEE
  • #LemmyZip

The global timeline is the landing page on Mbin nodes. It’s swamped with posts from communities hosted in the above shitty centralised nodes, which break interoperability for all demographics that Cloudflare Inc. marginalises.

Mbin gives a way for users to block specific magazines (Lemmy communities), but no way to block a whole node. So users face this this very tedious task of blocking hundreds of magazines which is effectively like a game of whack-a-mole. Whenever someone else on the Mbin node subscribes to a CF/centralised node, the global timeline gets polluted with exclusive content and potentially many other users have to find the block button.

Secondary problem: (unblocking)
My blocked list now contains hundreds of magazines spanning several pages. What if LemmEE decides one day to join the decentralised free world? I would likely want to stop blocking all communities on that node. But unblocking is also very tedious because you have to visit every blocked magazine and click “unblock”.

the fix

① Nix the global timeline. Lemmy also lacks whole-node blocking at the user level, but Lemmy avoids this problem by not even having a global timeline. Logged-in users see a timeline that’s populated only with communities they subscribe to.

«OR»

② Enable users to specify a list of nodes for which they want filtered out of their view of the global timeline.

1
onionmail POP3 server continues accepting creds after accounts are deleted (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

The “disobey”¹ onionmail server has been accepting my POP3 logins without issue for months/years. There has been “no new messages” for as long as I can remember and I have also not sent mail for a long time. Then I tried sending myself a message and I get “500 Mailbox full”. Yet my inbox is empty.

It’s quite disturbing because I have no idea when the admin apparently decided out of the blue to delete my account. It might have an automated removal, perhaps due to such sparse/rare traffic. But regardless, it makes it hard to trust any #onionmail server because they all run the same code. This same scenario occurred on another onionmail server as well.

Does anyone here use onionmail?

¹ a5dkbvgakon2lxmauleiizkv6i3s36wp6w3i32a3buc4xmtdnbttmryd.onion

3
(Lemmy) Gemini links break post submissions. Lemmy web client goes to lunch. (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

While composing this post the Lemmy web client went to lunch. This is the classic behaviour of Lemmy when it has a problem. No error, just infinite spinner. After experimentation, it turns out that it tries to be smart but fails when treating URLs written with the gemini:// scheme.

(edit) It’s probably trying to visit the link for that convenience feature of pre-filling the title. If it does not recognise the scheme, it should just accept it without trying to be fancy. It likely screws up on other schemes as well, like dict, ftp, news, etc.

The workaround is to embed the #Gemini link in the body of the post.

1
How the Belgian ecolo party (French green) supports digital inclusion, free software, public $ → public code & right to repair (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

The linked¹ #gemini article is the political platform of the French green party in Belguim w.r.t. digital rights. It was translated from French.

I’m overall impressed enough to vote for them. But I do have some concerns:

“At the Belgian level, we propose to establish a legal guarantee of 5 years for new electronic devices.”

Yikes, waaay too short. Needs to be at least 10 years. But it helps that they advocate FOSS:

“Generalize the ability to use free software on all devices to decrease software obsolescence.”

Though this statement is far too vague. If a maker of hardware with proprietary non-free software only gives 5 years of support, there needs to be a legal obligation that they port FOSS to the device at the end of the warranty. This is missing in the green party’s plan.

A lot of other things are missing in their plan, but generally their principles are sensible.

¹ (edit) actually it cannot be linked using the URL field due to a #LemmyBug. But at least it was linkable in the msg body.

-5
Cancelling Belgian candidates who overtly use exclusive forms of social media (sopuli.xyz)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
3 comments fedilink
 

Belgian elections are today. Mailbox flyers for political candidates often show profiles in exclusive walled gardens (Facebook, TikTok, LinkedIn, Twitter, Instagram). And they often have email addresses at hotmail, gmail, or outlook. They are betting on #digitalExclusion. I am cancelling all of them regardless of party.

nuancesAll policians likely have a Facebook acct. That’s a sad state of affairs, but merely having an account does not get them cancelled. A cancellable offense is public displays that flaunt their digital exclusion. It’s despicable when their flyer pushes people into US walled gardens with no way to reach them in the free world.

I am also cancelling five whole parties for undermining democracy via digital exclusion by using Cloudflare for the party’s own website. Digital rights are important in 2024, particularly for democracy, as we are increasingly being disempowered by power abuses through forced use of oppressive technology. Direct Tor blocking? Also cancelled.

I am also cancelling all extreme right parties on general principle. And even slightly right if “immigratie stoppen” is something they are misfocused on.

Who’s left? I think I’ll be voting none of the above on a lot of positions because they don’t clear my basic bare minimum bar of digital decency.

(edit) maybe ecolo has a chanceNo one represents me, apart possibibly from Ecolo. But superficially, it seems contradictory that a “green” party proposes making energy cheaper for a broader demographic of people. That obviously removes pressure to conserve energy.
(update) ecolo looks like a winner

4
(mbin) no warning if you close a window with the editor open (sopuli.xyz)
 

I think the stock Lemmy client stops you from closing a browser tab if you have an editor open on a message, to protect you from accidental data loss.

Mbin does not.

view more: ‹ prev next ›