https://invidi.link for creating invidious links

  • 46 Posts
  • 366 Comments
Joined 2Y ago
cake
Cake day: May 17, 2020

help-circle
rss

yeah that’s pretty shite. this was originally posted on slashdot, but I’m going to take it down in light of this. thanks.


Without guessing who is most responsible, it seems like a logical conclusion of internet tracking capabilities is for it to be taken to the extreme before realising something profound like total surveillance is no surveillance or whatever the enlightenment is.



This “Why scientists don’t actually know if social media is bad for you” just came across my RSS [1]. I don’t agree with it, but its helpful to know what you are up against. It came through the Oxford International feed (Mozilla’s Mitchell Baker is an advisor to them). It was written by Oxford International researcher Prof Andrew Przybylski for BBC Science Focus.

There’s no evidence that social media is part of any of them. Now I can either adopt false confidence and tell you social media might be a problem (and possibly drop the word ‘might’ for greater impact and there’s an entire cottage industry that tries to do that) or I can be honest with you and say I don’t know because scientists like us can’t see over the walls of the social media companies. The danger for policymakers or parents is that if you pretend that social media is a problem without having evidence and you take steps to regulate it the intervention could end up being really bad for young people.

Whether you’re a grown up or a kid, ask yourself why you’re using social media. Is it because you want to, or because you feel you have to? It doesn’t necessarily matter how much time you spend ‘doomscrolling’ on Twitter or dancing on TikTok, but if you’re doing it because you feel you have to and it’s making you unhappy, you may want to try and stop.

  1. Why scientists don’t actually know if social media is bad for you: https://www.sciencefocus.com/future-technology/why-scientists-dont-actually-know-if-social-media-is-bad-for-you/

The fingerprinting implications are not good no matter whether a site opts out or not. Theoretical protection against fingerprinting relies on a fairly ridiculous notion of Privacy Sandbox which seems easily skirted. Things like Trade Desk Unified ID combined with cohort ID actually makes FLoC privacy negative as it gives another data point to add to your already known identity.

The point is that the only way for a site to opt out of participating is by using this W3C ordained way. It basically useless for end users but necessary for sites who don’t want to participate in the program.

Google’s point is that all this and more is already going on with 3rd party system so why don’t we make this other crappy system which consolidates control further in their hands.

It’s not misinformation however to provide to site operators information about how to opt-out of participation.


I had a chance to read over the full article and its links. Here’s my conclusion:

  1. As stated in your piece, during the “Origin Trial” Google will use those who have enabled ads on their site.

However, this is not true imo:

If your website does not include JS that calls document.interestCohort(), it will not leverage Google’s FLoC. Explicitly opting out will not change this.

This will stop you from participating on the client side of FLoC, not the server-side. Server side categorization for sites with ads is where this Permissions action is aimed at. What this is saying is that if an ad tries to get a cohort id from an opted-out site, it will receive a meaningless default value. This knowledge is for the benefit of advertisers, not webmasters.

  1. The article basically says, it doesn’t matter anyway because the impact is judged by the author to be insignificant:

This may or may not reduce the entropy gained by a FLoC ID, depending on how well or poorly your site serves as an identifier. Given this marginal improvement, I don’t think it’s right to place a burden or blame on webmasters when the burden and blame should rightfully be directed at those responsible for rolling this antifeature out in Chromium. We shouldn’t expect webmasters to add a tag or header every time Google advances the war against its own users

However, being categorized as a frequent visitor of Free and Open Source Software (think of being put in the Stallman cohort) may well be significant for advertisers, authorities, creditors and so on.

  1. This has happened before (DNT)

While DNT isn’t a great success, the number of companies who could face legal repercussions for ignoring this round of protections is quite small and risk could be quite large.

  1. Breathe

Agreed. This is no cause for mass hysteria, but lets get the information out there so webmasters can make informed choices (setting a Permissions Policy is the best option for those who do not want their content to included, especially as Google moves from Origin Trial into full on deployment and other browser vendors start to adopt the scheme).


It seems like there needs to be people who know how to build an instance community. It would be great to have a history, philosophy, psychology instance that someone builds into a thriving community of experts. Same for science, music, photography and a dozen things others are interested in. They don’t need to be niche or dogmatic, but there should be a reason to join.

Many people seem to think the constrained by design, under active development flagship is going to spawn reddit level communities, but the point of the whole thing is to go build or find your own. So far several of the instances have been regional or politically divisive which seems to serve a need, but online-extroverted leaders with a desire to put themselves out there seem few and far between (those can build are probably building for-profit exit strategy communities).

Anyway, if there was something missing, I would say community builders.


Thanks I am out and about now, will read it.


Are you sure this issue is not about webmaster excluding their content from floc categorisation vs tracking their users via the cohort script? I will look at it later but it seems like two different though related issues.


Good to see a lot of thought went into to this and most of those criteria look right.

A couple comments:

Is the site itself well-known and reputable or obscure and suspicious?

I don’t think well-known and reputable sites should be exempt if they fit the other patterns.

For example, if a fedora enthusiast creates an account that does nothing but post to fedoramagazine.org they should have the same consequence, especially if they don’t participate in the community otherwise.

nor is it against the rules for an organization to have an official account on Lemmy

same as above. organisations should be treated by the same rules as any other user

For me, a grey area would be if someone like logrocket got someone to join the community as an active user and posted logrocket articles as well as contributing to the community with posts to other sites, comments on other posts etc. Not ideal, but hard to say they are breaking the rules.

is blatantly “fake news”

Not a fan of this one because some people’s idea of fake news varies widely and you are stepping on slippery slopes. I understand the intent, and agree but maybe there is a less editorial way to conceive it.

Good work.


similar story for me and several fediverse instances (one peertube and another friendica). it’s somewhat disconcerting that well-funded/well-staffed instances attract more users (and tend towards centralisation).

If an undercover Jack Dorsey blueskies proxy comes in with a couple million dollars, some experienced technical and marketing staff and starts blazing high quality video and content streams, and stealth product placement ads, it’s going to be like Jupiter on the edge of the solar system grabbing all new entrants. If they adopt a closed by default federation model, they could even create something akin to blue checkmark instances.

we should do what we can to bootstrap real federation advocacies.


Have you checked your bios settings for boot options? On mine I have 3 different options: fast boot, thorough and auto along with a couple for delays.


an interesting discussion on PaleMoon blocking AdNauseam wherever one falls on the issue. I don’t use palemoon or adnauseum but I’m not sure everybody that runs ads needs to deal with programmatic harm from visitors. if blocking ads isn’t enough, one might be hardcore enough to boycott the site altogether and add it to your hosts file.

https://forum.palemoon.org/viewtopic.php?t=16504


Possibly realted: Your Smart TV is probably ignoring your PiHole https://labzilla.io/blog/force-dns-pihole

Fortunately, with a few simple firewall rules, you can intercept these hardcoded DNS queries and redirect them to your PiHole. These instructions are for pfSense, however you should be able to adapt them for Sophos XG, Ubiquiti EdgeRouter, etc


Wish were that true, but they provide a fair amount of exclusive content and follow-up commentary (not to say it is good or bad but often impactful)



If they are really running all these services, €60 a month might be pretty easy to hit.

I can’t find this public monthly financial report … does anyone have it? It would be easier to understand where costs are piling up

The usage of every euro will be made public information via monthly financial reports. As a member you get to influence how we spend these funds.



maybe you could find a more popular version of something like this “The impact of technologies on the environment” [1] which includes technology specific concerns like:

  • Electrical Energy production
  • Digital coin mining
  • Electronic devices production and its impact
  • Renewable energies
  1. https://www.bi4all.pt/en/news/en-blog/the-impact-of-technologies-on-the-environment/

Just so you know, I (not one of your harassers) am downvoting this because I think the topic is too narrow for this community.


Google Accused of Secret Program Giving Them an Unfair Advantage in Ad-Buying
What better to name a scam than Bernanke > The initiative — dubbed "Project Bernanke" in an apparent reference to former Federal Reserve chairman Ben Bernanke — was detailed in court filings in an ongoing Texas-led antitrust suit, This old gem still kicking around too: > Separately, the filings reveal more details about Jedi Blue — an alleged hush-hush deal in which Google allegedly guaranteed that Facebook would win a fixed percentage of advertising deals in which the social media giant bid... Google also admitted that the deal required Facebook to spend $500 million or more in Google's Ad Manager or AdMob bids in the pact's fourth year, and that Facebook agreed to make efforts to win 10 percent of the auctions in which it competed, the WSJ said.
fedilink

> White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks
fedilink

> According to a Check Point Research analysis released on Wednesday the malware masqueraded as an app called “FlixOnline” which advertised via WhatsApp messages promising “2 Months of Netflix Premium Free Anywhere in the World for 60 days.” But once installed the malware sets about stealing data and credentials. ... > However instead of allowing the mobile user to view Netflix content the application is actually designed to monitor users WhatsApp notifications sending automatic replies to a users incoming messages using content that it receives from a remote server ... > After the permissions are granted the malware displays a landing page it receives from the command and control server (C2) and it deletes its icon off the home screen. From there it periodically pings the C2 for configuration updates. “The service can achieve these goals by using multiple methods” according to the analysis.
fedilink

Good, if somewhat idealistic, overview of ActivityPub capabilities across the fediverse.
fedilink

> These S-Poles are expected to improve urban landscapes and enhance the safety, welfare and convenience for our Seoul citizens. They will also serve as charging stations for drones and electric vehicles, bringing the city one step closer to becoming a smart city.”
fedilink

Google Is Testing Its Controversial New Ad Targeting Tech in Millions
Hopefully nobody here is still using chrome on personal machines, but good to know > Google’s launch of this trial—without notice to the individuals who will be part of the test, much less their consent—is a concrete breach of user trust in service of a technology that should not exist.
fedilink

The m&a march goes on ... > I’m excited to share Unsplash is being acquired by Getty Images today. > The reason I’m excited about this acquisition is because it’s not goodbye, it’s about acceleration. > This is not one of those tech acquisitions where the company is bought to be shut down ... so on and so forth
fedilink

What is a good email provider for a custom domain?
What I have found so far: - posteo looks good, but does not support custom domains - tutanota can support it though I somewhat doubt their survivability long-term - proton mail also supports it, but not a huge fan - zoho: tried it years ago and it was ok, [subprocesor list](https://www.zoho.com/privacy/sub-processors.html) has aws and google on the periphery but not core - ghandi.net: ? - fastmail: ? - kolab: ? - Mailfence Are there any others to look at? I am not looking to self-host.
fedilink

Instead of regulating tech giants, the idea here is to create regulation which benefits companies who have spend hundreds of millions on content regulation and puts an onus on small players to match up. > The vague and ill defined proposal calls for lawmakers to condition Section 230’s legal protections on whether services can show “that they have systems in place for identifying unlawful content and removing it.” According to Zuckerberg this revised law would not create liability if a particular piece of unlawful content fell through the cracks. > Instead the law would impose a duty of care on platforms to have adequate “systems in place” with respect to how they review moderate and remove user generated content.
fedilink

This Music Video Does Not Exist
The natural evolution of https://thispersondoesnotexist.com > This music video does not exist. > GANs (generative adversarial networks) produced this video. > Built with OpenAI's Jukebox and NVIDIA's StyleGAN2.
fedilink

> Two sources familiar with the matter said that Discord is exploring its options for a sale in the wake of interest from multiple parties that want to buy the company. > And one source said the company has signed an exclusive acquisition discussion with one party meaning it is in final negotiations about a sale. > "It is hard to tell the difference between a serious acquisition attempt and a fishing expedition" > Any potential buyer with more than $10 billion on hand to buy Discord is likely to be a really large game company, but more likely the suitor would be a platform owner like Microsoft, Amazon, Twitter, or Google. Some game companies are bound to be worried that Discord, which serves critical roles in connecting game studios and publishers with their communities, could be acquired by a party that would only be interested in one of those communities. Microsoft did not respond to a request for comment.
fedilink

An interesting take on browser extensions which hope to prevent fingerprinting With respect to native browser functionality: > Browser vendors have already invested a considerable amount of work into anti-fingerprinting. However, they usually limited themselves to measures which wouldn’t break existing websites... And extensions: > Privacy protection extensions on the other hand aren’t showing as much concern. So they will typically do something like: ``` screen.width = 1280; screen.height = 1024; ``` > There you go, the website will now see the same display resolution for everybody, right? Well, that’s unless the website does this: delete screen.width; delete screen.height; And suddenly screen.width and screen.height are restored to their original values...
fedilink

Zuckerberg: Facebook could benefit from Apple changes if businesses sell goods directly through Facebook, Instagram
Main points: > Zuckerberg said Thursday that his social media company will be “in a good position” when Apple enforces the rules. > What Happened In a clubhouse meeting on Thursday Zuckerberg said the privacy changes could benefit Facebook if more businesses decide to sell goods directly through Facebook and Instagram according to a report by CNBC. > Apple’s privacy changes could make it harder for business to use their data to find customers who would want to use their products outside of Facebook’s platforms the social media company CEO added. > Earlier this month Zuckerberg noted that the privacy changes would make it harder for small businesses to reach customers using targeted advertising. > Facebook said in August last year that Apple’s privacy changes will impact targeted advertising on its platform and it observed a 50% drop in Audience Network publisher revenue in its testing. Facebook is the second largest recipient of advertisement revenues after Alphabet Inc `http://feeds.benzinga.com/~r/benzinga/~3/1eqqApqbKdI/after-months-of-bitter-fighting-zuckerberg-now-sees-facebook-benefiting-from-apples-privacy-rule-cha`
fedilink


Evil genius gains Stripe payment data for 24k customers by registering an expired domain ... “Long story short: FBI let one of weleakinfo’s domains expire that they used for the emails/payments,” pompompurin wrote. “I registered that domain, & was able to [password] reset the stripe.com account & get all the Data. [It’s] only from people that used stripe.com to checkout. If you used paypal or [bitcoin] ur all good.”
fedilink

NYT says data collection by tech cos should be opt-in
On the heels of Apple’s opt-in tracking policy, NYT is calling for some drastic changes to app defaults. America, Your Privacy Settings Are All Wrong https://www.nytimes.com/2021/03/06/opinion/data-tech-privacy-opt-in.html Some highlights: > Despite what corporations profess, much of this personal data is used not to improve products themselves, but to make those products more attractive to advertisers. > Corporations say opt-out provisions put control into the hands of consumers. But users are no more likely to switch off data collection than they are to read through the onerous and lengthy terms and conditions policies that litter the web. Many companies bury their data collection controls deep within their websites. Even if consumers can find them, their choices most likely don’t apply to a company’s subsidiaries or affiliates. > It should not be the role of consumers to make marketers’ jobs easier. Furthermore, there is evidence that such highly targeted advertising isn’t really necessary to support the free web, as technology companies that are against opt-in provisions often argue. > With more people spending time at home, tied to devices that relentlessly track their every keystroke, click and streaming show selection, granting users some semblance of control over their own data is more urgent than ever.
fedilink

Cuil Theory https://knowyourmeme.com/memes/cuil-theory
fedilink

Accidental Wiretaps: The Implications of False Positives By Always-Listening Devices For Privacy Law & Policy by Lindsey Barrett, Ilaria Liccardi :: SSRN (PDF)
Many details in here about nuts-and-bolts operations of digital assistants, companies and contractors that process the data, and legal frameworks surrounding their use. Unfortuanately, much of content is explanation of what is possible vs actual privacy violation cases which have occurred (you may find them in the footnotes which I didn't have time to fully read). They do cover specific cases of contractors reviewing conversation recorded by assistants and being able to identify the speaker. It might be a good reference to have in your back pocket if you ever need to have a debate with others about smart assistants and the attention paid to "The Role of Consent and Reasonable Expectations of Privacy" is particularly relevant as the notion of contact sharing without consent becomes a larger part of the collective consciousness (e.g. Clubhouse invites, etc).
fedilink

Somehow WeWork Is on the Cusp of Going Public
> WeWork eyeing public SPAC debut in deal that could be worth $10 ... New Window Jan 28, 2021 ... 28, 2021, 09:57 PM. wework A man walks past the logo of WeWork in ... Nearly $75 billion was raised by 219 SPAC IPOs in 2020, and 2021 https://www.businessinsider.com/wework-public-spac-ipo-debut-10-billion-deal-worth-2021-1 > Adam Neumann was said to be selling $480 million of his shares to the Japanese conglomerate, which aims to take WeWork public https://www.nytimes.com/2021/02/26/business/wework-softbank-settlement.html
fedilink

Right to repair: Apple posts repairability scores per French law
The posting (in French) was covered in several places including https://www.theverge.com/2021/2/26/22302664/apple-france-repairability-scores-index-law-right-to-repair > Apple has added iPhone and MacBook repairability scores to its online store in France to comply with a new French law that came into effect this year. MacGeneration reports that the rating takes into account features like how easily a device can be disassembled and the availability of repair manuals and spare parts. Links to each product’s final score, with details for how they were calculated, are available on this support page. https://m.slashdot.org/story/382322 > Apple has added iPhone and MacBook repairability scores to its online store in France to comply with a new French law that came into effect this year. From a report:
fedilink