https://invidi.link for creating invidious links
Washington state governor expected to sign new bill ending prohibition on municipal broadband https://www.geekwire.com/2021/washington-state-governor-expected-sign-new-bill-ending-prohibition-municipal-broadband/
This “Why scientists don’t actually know if social media is bad for you” just came across my RSS [1]. I don’t agree with it, but its helpful to know what you are up against. It came through the Oxford International feed (Mozilla’s Mitchell Baker is an advisor to them). It was written by Oxford International researcher Prof Andrew Przybylski for BBC Science Focus.
But that doesn’t stop people claiming that cyberbullying causes suicides, even though there’s no evidence to prove it. You look at reasons why young people take their lives and it’s test scores or exams, it’s someone close to them taking their own life or it’s drug- and alcohol-related. Those are the three main attributable causes. There’s no evidence that social media is part of any of them.
Now, I can either adopt false confidence and tell you social media might be a problem (and possibly drop the word ‘might’ for greater impact – and there’s an entire cottage industry that tries to do that) or I can be honest with you and say I don’t know because scientists like us can’t see over the walls of the social media companies.
…
Whether you’re a grown up or a kid, ask yourself why you’re using social media. Is it because you want to, or because you feel you have to? It doesn’t necessarily matter how much time you spend ‘doomscrolling’ on Twitter or dancing on TikTok, but if you’re doing it because you feel you have to and it’s making you unhappy, you may want to try and stop.
The fingerprinting implications are not good no matter whether a site opts out or not. Theoretical protection against fingerprinting relies on a fairly ridiculous notion of Privacy Sandbox which seems easily skirted. Things like Trade Desk Unified ID combined with cohort ID actually makes FLoC privacy negative as it gives another data point to add to your already known identity.
The point is that the only way for a site to opt out of participating is by using this W3C ordained way. It basically useless for end users but necessary for sites who don’t want to participate in the program.
Google’s point is that all this and more is already going on with 3rd party system so why don’t we make this other crappy system which consolidates control further in their hands.
It’s not misinformation however to provide to site operators information about how to opt-out of participation.
I had a chance to read over the full article and its links. Here’s my conclusion:
However, this is not true imo:
If your website does not include JS that calls document.interestCohort(), it will not leverage Google’s FLoC. Explicitly opting out will not change this.
This will stop you from participating on the client side of FLoC, not the server-side. Server side categorization for sites with ads is where this Permissions action is aimed at. What this is saying is that if an ad tries to get a cohort id from an opted-out site, it will receive a meaningless default value. This knowledge is for the benefit of advertisers, not webmasters.
This may or may not reduce the entropy gained by a FLoC ID, depending on how well or poorly your site serves as an identifier. Given this marginal improvement, I don’t think it’s right to place a burden or blame on webmasters when the burden and blame should rightfully be directed at those responsible for rolling this antifeature out in Chromium. We shouldn’t expect webmasters to add a tag or header every time Google advances the war against its own users
However, being categorized as a frequent visitor of Free and Open Sites (think of being put in the Stallman cohort) may well be significant for advertisers, authorities, creditors and so on.
While DNT isn’t a great success, the number of companies who could face legal repercussions for ignoring this round of protections is quite small and risk could be quite large.
Agreed. This is no cause for mass hysteria, but lets get the information out there so webmasters can make informed choices (setting a Permissions Policy is the best option for those who do not want their content to included, especially as Google moves from Origin Trial into full on deployment and other browser vendors start to adopt the scheme).
It seems like there needs to be people who know how to build an instance community. It would be great to have a history, philosophy, psychology instance that someone builds into a thriving community of experts. Same for science, music, photography and a dozen things others are interested in. They don’t need to be niche or dogmatic, but there should be a reason to join.
Many people seem to think the constrained by design, under active development flagship is going to spawn reddit level communities, but the point of the whole thing is to go build or find your own. So far several of the instances have been regional or politically divisive which seems to serve a need, but online-extroverted leaders with a desire to put themselves out there seem few and far between (those can build are probably building for-profit exit strategy communities).
Anyway, if there was something missing, I would say community builders.
Good to see a lot of thought went into to this and most of those criteria look right.
A couple comments:
Is the site itself well-known and reputable or obscure and suspicious?
I don’t think well-known and reputable sites should be exempt if they fit the other patterns.
For example, if a fedora enthusiast creates an account that does nothing but post to fedoramagazine.org they should have the same consequence, especially if they don’t participate in the community otherwise.
nor is it against the rules for an organization to have an official account on Lemmy
same as above. organisations should be treated by the same rules as any other user
For me, a grey area would be if someone like logrocket got someone to join the community as an active user and posted logrocket articles as well as contributing to the community with posts to other sites, comments on other posts etc. Not ideal, but hard to say they are breaking the rules.
is blatantly “fake news”
Not a fan of this one because some people’s idea of fake news varies widely and you are stepping on slippery slopes. I understand the intent, and agree but maybe there is a less editorial way to conceive it.
Good work.
similar story for me and several fediverse instances (one peertube and another friendica). it’s somewhat disconcerting that well-funded/well-staffed instances attract more users (and tend towards centralisation).
If an undercover Jack Dorsey blueskies proxy comes in with a couple million dollars, some experienced technical and marketing staff and starts blazing high quality video and content streams, and stealth product placement ads, it’s going to be like Jupiter on the edge of the solar system grabbing all new entrants. If they adopt a closed by default federation model, they could even create something akin to blue checkmark instances.
we should do what we can to bootstrap real federation advocacies.
an interesting discussion on PaleMoon blocking AdNauseam wherever one falls on the issue. I don’t use palemoon or adnauseum but I’m not sure everybody that runs ads needs to deal with programmatic harm from visitors. if blocking ads isn’t enough, one might be hardcore enough to boycott the site altogether and add it to your hosts file.
Possibly realted: Your Smart TV is probably ignoring your PiHole https://labzilla.io/blog/force-dns-pihole
Fortunately, with a few simple firewall rules, you can intercept these hardcoded DNS queries and redirect them to your PiHole. These instructions are for pfSense, however you should be able to adapt them for Sophos XG, Ubiquiti EdgeRouter, etc
will give it a try
there is also tealdeer: https://lib.rs/crates/tealdeer
and cheat.sh e.g. curl cheat.sh/tar
If they are really running all these services, €60 a month might be pretty easy to hit.
I can’t find this public monthly financial report … does anyone have it? It would be easier to understand where costs are piling up
The usage of every euro will be made public information via monthly financial reports. As a member you get to influence how we spend these funds.
Temporary Containers:
Remove Redirect (or the original Skip Redirect):
I also use Privacy Possum (not Privacy Badger) but its not very popular with some of lemmy crowd. I see it blocking header trackers like etags (even with matrix on).
The point is that they are still going to do it anyway through things like Unified ID, Turtledove (outside scope of FLoC) so while we can object to the latest thing in the media, how would we propose they do it? If nobody cares then they have a bag of tricks full of worse measures waiting in the wings.
Just a note that this is for the android project. The original linux project is ongoing (https://github.com/Eloston/ungoogled-chromium)
That would be interesing if an ad platforms focused on site by content category, so someone selling graphics cards would buy spots from google or facebook, etc to be placed on a specific site like videogameenthusiastists dot com or more general site like gizmodo, but the dictionary site who might under 3rd party have known that a visitor is a video game enthusiast will no longer receive the ad placements.
Interesting to think about how all of this will change the web, however it works out.
This an interesting crossroads in evolution of internet business models.
Privacy advocates, EFF, DDG, and even Google saying they don’t want 3rd party scripts and cookies (hooray)
EFF etc say they also don’t want an alternative where browsers use machine learning to analyse a users browsing history and assign them a potentially invasive label.
Google says this is already happening anyway with the current 3rd party solution, they who you are, what you do online so why not try to make it reasonably private.
So what does Big Privacy want instead? No 3rd parties, no machine generated interest ids. No potential customer data?
How should businesses owners gather market intelligence on their potential customers? How should potential customers signal their interest in new products?
A couple other initiatives that are taking off are Trade Desk Unified ID 2 which attempts to combine enormous surveillance databases with 1st party scripts to achieve a similar level of intelligence collected under the 3rd party cookie model.
What is the best way for the consumer internet to interact with businesses?
Finally, if you can’t find anyone you know in the invitation tree and didn’t author something posted to the site, consider joining the community in the chat room.
It’s a difficult question in this day and age where balance of fire power between people and government is so mismatched. It might almost be more relevant to think in terms of cyber capabilities.
This passage from Georgetown professor and historian Carroll Quigley always comes to mind when people talk about the American 2nd amendment being a safeguard against totalitarianism. I don’t know the answer.
On the military level in Western Civilization in the twentieth century the chief development has been a steady increase in the complexity and the cost of weapons. When weapons are cheap to get and so easy to use that almost anvone can use them after a short period of training, armies are generally made up of large masses of amateur soldiers. Such weapons we call “amateur weapons,” and such armies we might call “mass armies of citizen-soldiers.” The Age of Pericles in Classical Greece and the nineteenth century in Western Civilization were periods of amateur weapons and citizen-soldiers. But the nineteenth century was preceded (as was the Age of Pericles also) by a period in which weapons were expensive and required long training in their use. Such weapons we call “specialist” weapons.
Periods of specialist weapons are generally periods of small armies of professional soldiers (usually mercenaries). In a period of specialist weapons the minority who have such weapons can usually force the majority who lack them to obey; thus a period of specialist weapons tends to give rise to a period of minority rule and authoritarian government. But a period of amateur weapons is a period in which all men are roughly equal in military power, a majority- can compel a minority to yield, and majority rule or even democratic government tends to rise.
This came up recently with regard to who they are testing it on:
Google have announced that they will not make their FLoC (Federated Learning of Cohorts) targeting solution available for origin testing in Europe, mooting plans to trial the technology in the region this month. The decision comes amidst concerns that the method, which forms part of the tech giant’s post-cookie Privacy Sandbox, violates GDPR and the ePrivacy Directive.
The move was announced at a meeting of the Improving Web Advertising Business Group (IWABG) at the World Wide Web Consortium yesterday (23rd March), where Google engineer Michael Kleber admitted that FLoC may be incongruent with EU privacy legislation. A lack of clarity over who will be responsible for controlling and processing data to create the cohorts, as well as the potential use of FLoC IDs and a current uncertainty over whether internet users can feasibly give explicit consent for how their information is used under the technology could put the cookie-replacement on the wrong side of Europe’s key data laws.
Kleber’s statement was later backed-up by a tweet from Chrome product manager Marshall Vale, which said that the search leader will begin a “FLoC origin trial for users in the US and select other countries, and we expect to make FLoC available for testing worldwide at a later date.” Vale was keen to emphasise that FLoC will make it to Europe eventually, writing in a follow-up tweet that Google “are 100% committed to the Privacy Sandbox in Europe.” (https://www.exchangewire.com/blog/2021/03/24/google-defer-floc-testing-in-europe-over-gdpr-fears-bytedance-acquire-moonton-for-4bn/)
Not a concrete answer, but for me and several others in this distro hopping lemmy thread, a gateway drug into adopting linux was running a VM on a traditional OS. Perhaps identify groups which promote VM trials would be one approach.
Another gateway seems to be use of linux recovery disks where users boot into linux to recover data on a broken installation.
There may or may not be opportunities to expand reach of those providing these solutions.
In the article, it mentions:
Nobody bit – but as SCO Group had extracted a $50m war chest from investors, there was everything to be gained by carrying on anyway.
This 2016 article calls out Microsoft as a SCO string puller:
SCO’s Linux lawsuit made no sense. Over time it became clear that Microsoft was using SCO as a sock puppet against Linux. Unfortunately for both, it soon became abundantly clear that SCO didn’t have a real case against Linux and its allies. (https://www.zdnet.com/article/scos-legal-war-against-ibm-and-linux-comes-to-an-end/)
with the claim pointing all the way back to 2003: Cyber Cynic: The Microsoft-SCO Connection: https://practical-tech.com/2003/05/21/cyber-cynic-the-microsoft-sco-connection/
At the end of the present article it asks:
Last time, the fear wasn’t that SCO Group had a strong case, it was that with something so odd and messy in court, anything could happen. This time, the only question is who on Earth is pumping their money into such an uninviting machine?
If its not Microsoft with their newfound love of linux, who would it be?
An idea to decentralise a bit is appealing. Not sure about formalising instance as topic ideas or adding additional plumbing for community exploration (a recommended instance list on other instances might be a good step towards some better feature?)
Another thing which might help is creating a third tier to the deny/allow list which allows solo or small instances to post on other instances without necessarily allowing all their content in. Like Deny/Allow/Participate. This would also expose these instances by dint of usernames without building out additional features at this moment. There could be unintended consequences but the current model is not encouraging small instances that don’t want to have to have a vote from the central committee to participate.
Nice ideas, good to see them being put out there.
Maybe not as a commercial product though?
I remember reading an article about this wall penetrating wifi sense a couple years ago:
And worse still, he argues, such tracking can be done surreptitiously because Wi-Fi signals can penetrate walls, don’t require light, and don’t offer any visible indicator of their presence.
Indeed. It probably wouldn’t go over very well if FF surreptitiously rolled out similar ad features through their own experiments infrastructure.
I’m still learning about Google’s federated learning and don’t understand how ad platforms will identify so called cohorts in other browsers
FLoC: for interest-based audiences. The API generates clusters of similar people, known as “cohorts”. Data is generated locally on the user’s browser, not by a third party. The browser shares the generated cohort data, …
It appears there are many working proposals, ideally we could voice an opinion of which is worst for the sake of the unconfigged web.
https://web.dev/digging-into-the-privacy-sandbox/
Additional Info:
[FLoC] addresses category, ads targeting based on someone’s general interests. For personalized advertising … please check out the TURTLEDOVE proposal.
with some bizarre features such as on-device bidding and bring your own untrusted server:
On-device bidding by buyers (DSPs or advertisers), based on interest-group metadata and on data loaded from a trusted server at the time of the on-device auction — with a temporary and untrusted “Bring Your Own Server” model, until a trusted-server framework is settled and in place.
On-device ad selection by the seller (an SSP or publisher), based on bids and metadata entered into the auction by the buyers.
Privacy Sandbox Explainer: https://github.com/bslassey/privacy-budget
Draft Spec: https://wicg.github.io/floc/
wrt to Firefox, it is interesting to a see a Mozilla rep commenting in the issues https://github.com/WICG/floc/issues/4
For example, based on Firefox telemetry data the IP addresses of a percentage of our users changes regularly over time. With FLoC those requests that would be presented to the network with different IP addresses … (by Ehsan Akhgari ehsan, Mozilla https://github.com/ehsan)
and different browser vendors in the draft spec:
The string representation of the interest cohort version is implementation-defined. It’s recommended that the browser vendor name is part of the version (e.g. “chrome.2.1”, “v21/mozilla”), so that when exposed to the Web, there won’t be naming collisions across browser vendors. As an exception, if two browsers choose to deliberately use the same cohort assignment algorithm, they should pick some other way to give it an unambiguous name and avoid collisions. (https://wicg.github.io/floc/#interest-cohort-section)
Here is another article Effects of Elevated CO2 on Nutritional Quality of Vegetables: A Review available from NIH
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6104417/
Of the many real existential dangers CO2 poses to life on earth, it doesn’t seem like plant nutrition is one of them.
yeah that’s pretty shite. this was originally posted on slashdot, but I’m going to take it down in light of this. thanks.