Skip Navigation
[1948] [resource] United Nations Universal Declaration of Human Rights
  • The irony, hypocrisy, and injustice here is that the UN’s own website itself discriminates against some demographics of people and denies access to the UDHR of 1948:

    And this same UN will be creating the Digital Global Compact.

  • Bug reports on any software @sopuli.xyz debanqued @beehaw.org
    Aria2 android app -- wtf is it? Docs are garbage

    I installed the Aria2 app from f-droid. I just want to take a list of URLs of files to download and feed it to something that does the work. That’s what Aria2c does on the PC. The phone app is a strange beast and it’s poorly described & documented. When I launch it, it requires creating a profile. This profile wants an address. It’s alienating as fuck. I have a long list of URLs to fetch, not just one. In digging around, I see sparse vague mention of an “Aria server”. I don’t have an aria server and don’t want one. Is the address it demands under the “connection” tab supposed to lead to a server?

    The readme.md is useless:

    https://github.com/devgianlu/Aria2App

    The app points to this link which has no navigation chain:

    https://github.com/devgianlu/Aria2App/wiki/Create-a-profile

    Following the link at the bottom of the page superfically seems like it could have useful info:

    “To understand how DirectDownload work and how to set it up go here.”

    but clicking /here/ leads to a dead page. I believe the correct link is this one. But on that page, this so-called “direct download” is not direct in the slightest. It talks about setting up a server and running python scripts. WTF.. why do I need a server? I don’t want a server. I want a direct download in the true sense of the word direct.

    0
    Many Lemmy instances invite you to register then tell you to fuck off after you submit your data
  • I would love to put my code where my mouth is. It’s on my long list of projects. The defects I describe in this thread probably do not justify a forking effort and I’m not enthusiastic about learning JavaScript, which is not just a shitty language but also it’s the wrong tool for the job. Although Rust is probbly a decent choice for the backend (but Ada would probably be better).

    The biggest deficiency is that there is no decent threadiverse desktop client. I am just baffled that a majority of threadiverse users are using phones. There are like a dozen different mobile clients to choose from and not a single decent client for the desktop. So if I build anything it will be a proper client for a sensibly sized screen (non-portable).

    As for fixing the defects exposed in this thread, the upstream Lemmy devs are rather stubborn but I think devs of an existing fork (Lenny?) might be more open to improvements.

    Who would use a well-designed variant? You can see from the thread that millennials & gen Zers actually expect designs that prioritise the anti-bot agenda above the needs of both the direct user (the admin) and the end user. A majority of the population does not see how Google, Spamhaus, and Microsoft have broken email. This threadiverse crowd entered after email was already ruined. The emotional attachment to gmail (calling it what it is.. there is no generic netneutral email infra anymore) trumps software that avoids the dog food problem. I might be the sole user of such software, especially if I also code it to enforce decentralisation (which would necessarily include anti-centralisation features that would be unpopular).

  • Many Lemmy instances invite you to register then tell you to fuck off after you submit your data
  • to have not actually had an account yet makes it pretty obvious when you try to login and fail that the application has not been accepted.

    That would be a blunt non-transparent/non-specific message to send. It’s not obvious /why/ the app was denied.

    If the instance admins wanted to talk about it, they’d have emailed you; or published some means of contacting them outside lemmy.

    Lemmy software is designed to make email address disclosure optional. An admin can make it mandatory, but Lemmy’s design should cater for the email-free option regardless of how an admin toggles that setting.

    I wouldn’t expect to receive the reason for refusing the application via any other means than the email I’d provided in that application.

    I get that. People are accustomed to relying on email. But this is not an excuse for software deficiencies.

    That’s the entire purpose of providing an email; so you could be contacted when/if there are updates to your applications status.

    That can be accomplished without email. Email is a convenience at best. Some users have decided email is an inconvenience and do not use it. And Lemmy supports that -- partially.

    Let’s be clear about who the software is expected to serve. The comms feature of giving feedback to users without an email account is not to directly serve the end user. Software should serve its user (the Lemmy admin in this case). A Lemmy admin does not want to take the time to express themselves on their decision only to have their msg blackholed. They don’t necessarily know that an email address is disposable. The end user benefits by extension, but it’s about creating software that serves the direct user of the s/w. If you’re an admin who makes email optional, you might still want to be able to get a msg to a user.

    The core purpose of the Lemmy platform is communication. So relying on out-of-band tech is kind of embarrassing. An in-band msg has the advantage that the admin has more control (e.g. they can edit a msg later and they can know whether the msg has been fetched).

    The only sensible concession I would see to make is that there are a hell of a lot more important things for Lemmy devs to work on because the software has a lot of relatively serious defects. I’m talking about how great software would be coded, but extra diligent handling of denials should have a low triage in the big scheme of the state of where Lemmy is right now.

  • Many Lemmy instances invite you to register then tell you to fuck off after you submit your data
  • You don’t think providing an email from a throw away service would strike the software as a malicious user/spam bot???

    You don’t think that legitimate streetwise users secure themselves by supplying disposable email addresses???

    You keep talking like you know everything

    The post intends to solicite intelligent discourse with logical reasoning, not the sort of ego-charged emotional hot-headed pissing contest you’re trying to bring.

  • Many Lemmy instances invite you to register then tell you to fuck off after you submit your data
  • I’m not seeing how this is a good justification for login refusals to lack information and transparency. When you are denied a login, a well designed system tells you why you are denied and the rationale the server gives you should either include enough info to imply a remedial course of action (e.g. “re-apply and tell us more detail about why you like our node”), or at least make it clear that the refusal is final for reasons that are non-remedial. Users should not have to guess about why they are denied a login when countless things can go wrong with email at any moment. The denial rationale should be emailed and also copied into the server records to present upon login attempts.

    The only exception to this would be if they really believe they are blocking a malicious user. Then there is some merit to being non-transparent to threat agents. But the status quo is to treat apps rejected for any arbitrary reason as they would an attacker.

  • Many Lemmy instances invite you to register then tell you to fuck off after you submit your data

    These are Lemmy instances with a “Sign Up” link which present you with a form to fill out to register. Then after you fill out the form and supply information like email address to the server, they respond with “registration closed”:

    • lemmy.escapebigtech.info (dead node now, but got instant reg. closed msg when they were alive)
    • expats.zone
    • hackertalks.com
    • lemmie.be
    • lemmy.killtime.online
    • lemmy.kmoneyserver.com
    • lemmy.sarcasticdeveloper.com
    • level-up.zone
    • zoo.splitlinux.org

    I suppose it’s unlikely to be malice considering how many there are. It’s likely a case of shitty software design. There should be a toggle for open/closed registration and when it’s closed there should be no “Sign Up” button in the first place. And if someone visits the registration URL despite a lack of Sign Up link, it should show a reg. closed announcement.

    Guess it’s worth mentioning there are some instances that accept your application for review (often with interview field) but then either let your application rot (“pending application” forever) or they silently reject it (you only discover non-acceptance when you make a login attempt and either get “login failed” or even more rudely it just re-renders the login form with no msg). These nodes fall into the selective non-acceptance category:

    • lemmy.cringecollective.io
    • lemmy.techtriage.guru
    • lemmy.hacktheplanet.be (pretends to send confirmation email then silently neglects to)
    • links.esq.social
    • dubvee.org

    To be fair, I use a disposable email address which could be a reason the 5 above to reject my application. And if they did give a reason via email, I would not see it. Not sure if that’s happening but that’s also a case of bad software. That is, when a login attempt is made, the server could present the rationale for refusal. Another software defect would be failing to instantly reject an unacceptible email address.

    9
    General Data Protection Regulation (“GDPR”) @sopuli.xyz debanqued @beehaw.org
    Legal theory that obligatory disclosure of email address violates the GDPR minimisation principle

    Utility companies, telecoms, and banks all want consumers to register on their website so they do not have to send paper invoices via snail mail. When I started the registration process, the first demand was for an e-mail address.

    Is that really necessary? They would probably argue that they need to send notifications that a new invoice has been prepared. I would argue that e-mail should be optional because:

    • They could send SMS notifications instead, if a data subject would prefer that.
    • They need not send any notification at all, in fact. Reminders is why calendars and alarm clocks exist. A consumer can login and fetch their invoice on a schedule. If a consumer neglects to login during a certain window of time, the data controller could send a paper invoice (which is what they must do for offline customers anyway).

    They might argue that they need an email for password resets. But we could argue that SMS or paper mail can serve that purpose as well.

    Does anyone see any holes in my legal theory? Any justification for obligatory email address disclosure that I am missing?

    0
    The UN plans to create a “Global Digital Compact” (the same UN that blocks Tor users from accessing the text of human rights law)
  • There is no valid reason for the United Nations blocking Tor.

    A mom & pop shop selling cupcakes would have a valid reason (lack of funding, lack of competence, no conflicting principles). Blocking Tor is a cheap and sloppy attempt at separating ham from spam which inherently entails blocking ham, ultimately against the principles the UN theoretically supports. The UN should have the funding and competence to support their own values.

    The UN probably should not be drafting rules about digital inclusion when they themselves have an embarrassing display of digital exclusion.

  • Network Neutrality and Digital Inclusion @sopuli.xyz debanqued @beehaw.org
    The UN plans to create a “Global Digital Compact” (the same UN that blocks Tor users from accessing the text of human rights law)

    Yikes. As some Tor users may know, the UN drafted the Unified Declaration of Human Rights, which in principle calls for privacy respect and inclusion. That same UN blocks the Tor community from their website. Indeed, being denied access to the text that embodies our human rights is rich in irony.

    Well that same UN plans to create a “Global Digital Compact” to protect digital human rights. It’s a good idea, but wow, they just don’t have their shit together. I have so little confidence that they can grasp the problems they are hoping to solve. Cloudflare probably isn’t the least bit worried. Competence prevailing, Cloudflare should be worried, theoretically, but the UN doesn’t have the competence to even know who Cloudflare is.

    3
    Locked
    Is Donald Trump a Narcissist?
  • I don’t want to be an enabler of the drivel, so without posting the full URL to that article that’s reachable in the open free world, I will just say that medium.com links should never be publicly shared outside of Cloudflare’s walled garden. I realise aussie.zone is also in Cloudflare’s walled garden, but please be aware that it’s federated and reaches audiences who are excluded by Cloudflare.

    The medium.com portion of the URL should be replaced by scribe.rip to make a medium article reachable to everyone. Though I must say this particular article doesn’t need any more reach than it has.

    Anyone who just wants the answer: see @souperk@reddthat.com’s comment in this thread.

  • Fritz!box -- trying to block myself from the WAN without blocking the modem itself (whitelist seems broken)

    I created a whitelist access profile. That ensures that the whole WAN is blocked except what is exceptionally whitelisted. I started with an empty whitelist. The LAN is rightfully accessible and the WAN is rightfully inaccessible.

    The router does not use DSL. Instead, it uses a USB mobile broadband LTE modem. The modem has its own website which gives SMS capability. The modem is technically upstream to the router, so it is blocked when the WAN blocking profile is enabled. I want to whitelist the modem so that when I am blocking WAN access I can still reach the web UI of the modem and monitor SMS msgs.

    Fritzbox is designed so that all attempts to directly access an IP is blocked if whitelisting is in play. IP addresses cannot be whitelisted, only URLs using FQDNs. So I did “nslookup 10.10.50.8” to get the hostname of the modem. Then I whitelisted the hostname. That does not work. The modem is still blocked.

    0
    Net neutrality is back as FCC votes to regulate internet providers
  • A website isn’t a common carrier

    We were talking about network neutrality, not just common carriers (which are only part of the netneutrality problem).

    you cannot argue that a website isn’t allowed to control who they serve their content to.

    Permission wasn’t the argument. When a website violates netneutrality principles, it’s not a problem of acting outside of authority. They are of course permitted to push access inequality assuming we are talking about the private sector where the contract permits it.

    Cloudflare is a tool websites use to exercise that right,

    One man’s freedom is another man’s oppression.

    necessitated by the ever rising prevalence of bots and DDoS attacks.

    It is /not/ necessary to use a tool as crude and reckless as Cloudflare to defend from attacks with disregard to collateral damage. There are many tools in the toolbox for that and CF is a poor choice favored by lazy admins.

    Your proposed definition of net neutrality would destroy anyone’s ability to deal with these threats.

    Only if you neglect to see admins who have found better ways to counter threats that do not make the security problem someone elses.

    Can you at least provide examples of legitimate users who are hindered by the use of Cloudflare?

    That was enumerated in a list in the linked article you replied to.

  • Net neutrality is back as FCC votes to regulate internet providers
  • Interstate commerce is governed by the federal government.

    Not exclusively. Interstate commerce implies that the feds can regulate it, not that they have exclusive power to do so. We see this with MJ laws. The fed believes it has the power to prohibit marijuana on the basis of interstate commerce, but in fact mj can be grown locally, sold locally, and consumed locally. Just like internet service can be.

    Suppose you want to buy a stun gun in New York. You can find stun guns sold via mail order from another state (thus interstate commerce), but New York still managed to ban them despite the role of interstate commerce.

    A close analog would be phone laws. The fed has the TCPA to protect you from telemarketers, but at the same time various states add additional legal protections for consumers w.r.t. telemarketing and those laws have force even if the caller is outside the country. (Collecting on the judgement is another matter).

    Schools now require the internet for kids. ISPs being allowed to be anything more than a dumb pipe means they have the control of what information is sent across their network.

    Education is specifically a duty of the state set out in the Constitution. If you can point to the statute requiring schools to provide internet for students, I believe it will be state law not federal law that you find.

    The internet is now a basic human right in the United States for numerous reasons, one of which is #2.

    I don’t quite follow. Are you saying that because education is a human right, that internet access is a human right? It doesn’t work that way. First of all, people who do not exercise their right to an education would not derive any rights implied by education. As for the students, if a state requires internet in education that does not mean that internet access becomes a human right. E.g. an Amish family might lawfully opt to homeschool their child, without internet. That would satisfy the right to education enshrined in the Unified Declaration of Human Rights (UDHR) just fine. A student attending public school in a state that mandates internet in schools would merely have the incidental privilege of internet access, not an expanded human right that students in other states and countries do not have under the same human rights convocation. If your claim were true, it would mean that California (for example) requiring internet provisions for students would then mean students in Haiti (a country that also signed the UDHR that entitles people to a right to education) or Texas would gain a right to internet access via the state of California’s internal law. A state cannot amend the UDHR willy nilly like that.

    Also, if internet could be construed as a human right by some mechanism that’s escaping me, the fed is not exclusively bound by human rights law. The fed signed the treaty, but all governments therein (state and local) are also bound to uphold human rights. Even private companies are bound to human rights law in the wording of the text, though expectation of enforcement gets shaky.

    ISPs cross state boundaries and should be governed by interstate law.

    I subscribed to internet service from a WISP at one point. A dude in my neighborhood rolled out his own ISP service. His market did not even exceed the city.

    The local ISPs have ISPs themselves and as you climb the supply chain eventually you get into the internet backbone which would be interstate, but that’s not where the netneutrality problem manifests. The netneutrality problem is at the bottom of the supply chain in the last mile of cable where the end user meets their local ISP.

    Also with MJ laws, several states have liberated the use of marijuana despite the feds using the interstate commerce act to ban it.

    An ISP being a business, especially a publicly-traded one, will sacrifice all manner of consumer/user-protection in order to maximize profit. And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

    Sure, and if the fed is relaxed because the telecoms feed the warchests of the POTUS and Congress, you have a nationwide shit-show. A progressive state can fix that by imposing netneutrality requirements. Just like many states introduce extra anti-telemarketing laws that give consumers protection above and beyond the TCPA.

    And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

    That’s a problem for the ISPs that benefits consumers. If ISPs operating in different states then have to adjust their framework for one state that mandates netneutrality, the cost of maintaining different frameworks in different states becomes a diminishing return. US consumers often benefit from EU law in this way. The EU forced PC makers to make disassembly fast and trivial, so harmful components could quickly and cheaply be removed before trashing obsolete hardware. The US did not impose this. Dell was disturbed because they had to make pro-environment adjustments as a condition to access to the EU market. They calculated that it would be more costly to sell two different versions, so the PCs they made for both the EU market and the US market become more eco-friendly. Thanks to the EU muddying the waters.

    The right to repair will have the same consequences.

  • Net neutrality is back as FCC votes to regulate internet providers
  • On a serious note, plenty of people here surely know what net neutrality is. Net neutrality is the guarantee that your ISP doesn’t (de-)prioritize traffic or outright block traffic, all packets are treated equally.

    That’s true but it’s also the common (but overly shallow) take. It’s applicable here and good enough for the thread, but it’s worth noting that netneutrality is conceptually deeper than throttling and pricing games and beyond ISP shenanigans. The meaning was coined by Tim Wu, who spoke about access equality.

    People fixate on performance which I find annoying in face of Cloudflare, who is not an ISP but who has done by far the most substantial damage to netneutrality worldwide by controlling who gets access to ~50%+ of world’s websites. The general public will never come to grasp Cloudflare’s oppression or the scale of it, much less relate it to netneutrality, for various reasons:

    • Cloudflare is invisible to those allowed inside the walled garden, so its existence is mostly unknown
    • The masses can only understand simple concepts about their speed being throttled. Understanding the nuts and bolts of discrimination based on IP address reputation is lost on most.
    • The US gov is obviously pleased that half the world’s padlocked web traffic is trivially within their unwarranted surveillance view via just one corporation in California. They don’t want people to realize the harm CF does to netneutrality and pressure lawmakers to draft netneutrality policy in a way that’s not narrowly ISP-focused.

    Which means netneutrality policy is doomed to ignore Cloudflare and focus on ISPs.

    Most people at least have some control over which ISP they select. Competition is paltry, but we all have zero control over whether a website they want to use is in Cloudflare’s exclusive walled garden.

  • Net neutrality is back as FCC votes to regulate internet providers
  • Whether the legislation is appropriate at the state or fed domain is unclear. Certainly if the orange tyrant takes power again, I would probably want state govs to be able to protect consumers from netneutrality abuses.

  • Net neutrality is back as FCC votes to regulate internet providers
  • It’s worth noting that the FCC’s so-called “Open” Internet Advisory Committee (#OIAC) tragically gives two seats on the board to:

    • Cloudflare
    • Comcast

    Both of whom are abusers of #netneutrality, especially Cloudflare. A well-informed Trump-free administration should be showing Cloudflare and Comcast the door ASAP.

    Sure, Trump would just bring them back. But it’d at least be a good symbolic move.

    Indeed, as someone else pointed out, the needed change should come from pro-netneutrality legislation. And the legislation needs to be broad enough to block Cloudflare’s broad discriminatory arbitrary attack on access equality, not just tinker with speeds at the ISP consumer level.

  • Question: Alternative tax forums?
  • It’s not a topic issue. The discussions are largely around platforms and custodians. They bring lots of ethical problems. Anything on this page is relevant to personal finance:

    https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/usa_banks.md

    If someone managing their personal finances wants to ask how to avoid the bad players and still achieve their goals, it’s relevant. But Bogleheads is not keen. I don’t recall the particulars (it was over a decade ago) but it wasn’t topic related. It was just a conservative moderator or crowd who don’t want ethics getting in their way or cluttering their view.

    Tor. I wonder if that is a more fraud or trolling concern. Or maybe for financial houses more of a US law concern.

    Certainly not a legal issue in the US. Tor works ATM on Bogleheads. Cloudflare is often chosen out of ignorance by admins who don’t even know what Tor is, or at least don’t know that most Tor traffic is legit. It’s usually a lazy move. I don’t recall the details about Boglehead’s tor hostility but they’re reachable over Tor right now.

  • Question: Alternative tax forums?
  • I used the Bogleheads forum over 15 years ago. It eventually turned sour and I left.

    One of my issues is that the banking and finance sector and consumers engaging in it are conservatives. So if you want to ask a question like “where can I find a relatively ethical bank/investment firm that does not invest in fossil fuels?” it’s alienating to right-wingers to consider ethics. They don’t see the ethical problems that plague the industry and at the same time they don’t recognize the concept of ethical consumption. They just expect everyone to look after number 1. Bogleheads had little tolerance for politics, which inherently forces a narrow discussion of what financial products bring what value to the selfish types of consumers who neglect ethics. They don’t want someone exposing JP Morgan’s investment in private prisons or fossil fuels, or even how JPM Chase has a sneaky anti-Tor policy to discover which of their customers use Tor. Bogleheads did not kill my account.. it was just that ethical topics either had crickets or hostility, and censorship. IIRC what ultimately drove me off was Bogleheads started blocking Tor or using Cloudflare or something that demonstrated disrespect for digital rights. But apparently they re-liberated their forums since it seems Tor is permitted again.

  • Question: Alternative tax forums?
  • For medical chatter I would look at mander.xyz, which is science focused.

    For law it’s a bit of a ghost town, but at least there is a ghost town ready to host interested litigants→ links.esq.social

  • Question: Alternative tax forums?
  • There is !personalfinance@sopuli.xyz, which would be somewhat related to personal tax. There is also a Lemmy instance dedicated to finance. I don’t recall it off the top of my head but the instance joined Cloudflare so I immediately abandoned it.

    For the record, lemmy.ml is a terrible place to discuss tax or personal finance. The admins of that instance treat personal finance questions as spam and even go over the heads of moderators to censor such discussion because of their political baggage. IMO sopuli.xyz might be a good place to create an account and create finance communities.

  • (US) BBC says democrats want big government

    BBC World Service was covering the US elections and gave a brief blurb to inform non-US listeners on the basic differences between republicans and democrats. They essentially said something like:

    > Democrats prefer a big government with a tax-and-spend culture while republicans favor minimal governance with running on a lean budget, less spending¹

    That’s technically accurate enough but it seemed to reflect a right-wing bias that seems inconsistent with BBC World Service. I wouldn’t be listening to BBC if they were anything like Fox News (read: faux news). The BBC could have just as well phrased it this way:

    “Democrats prefer a government that is financed well enough to ensure protection of human rights…”

    It’s the same narrative but expressed with dignity. When they are speaking on behalf of a political party it’s an attack on their dignity and character to fixate on a side-effect rather than the goal and intent. A big tax-and-spend gov is not a goal of dems, it’s a means to achieve protection of human rights. It’s a means that has no effective alternative.

    ① Paraphrasing from what I heard over the air -- it’s not an exact quote

    #BBC #BBCWorldService

    7
    Why Republicans are fighting the basic-income programs many cities and states are adopting: 'Is money a birthright now?'
  • You’re talking about Republicans but then saying “state” is a generic word.

    I’m saying when I personally used the word “state” in the bit that you quoted, I was using the generic meaning of state. It’s an overloaded word (multiple meanings). What I mean by the “generic meaning” is that I was not referring to the state level jurisdiction. E.g. if the context were Texas, my use of the word “state” was not the state of Texas in that quote. The word state can simply mean government at any level. A federal government (aka nation state) can also generically be referred to as the “state”, even though it’s not state as the jurisdictional construct that composes the United States.

    Likewise, even a local government like a city or county can be generically called the “state”. So to answer your question, the state of Texas can ban welfare checks from the state level in the whole state of Texas, but a lower (non-republican controlled) government can circumvent that by offering food and shelter instead of checks.

    Welfare can happen at any level. I went to the emergency room and racked up a 4-figure hospital bill, and said “I have no insurance or income”. It was no problem.. the county had financial aid that I qualified for. The county paid the bill for me, not the state¹ or fed.

    1. in that case, I mean state in the sense of a jurisdictional construct.
  • Need help abbreviating a very long law

    cross-posted from: https://beehaw.org/post/12271916

    > Suppose a law is named something like “The Royal Decree of June 14, 2018 regulating the Distribution of Pharmaceuticals and Vitamins”. If a document needs to refer to that law more than once, it makes a mess and causes some painful reading. How should something like that with a date be abbreviated? >

    (note that’s a fictitious law similarly named to the law I need to reference; it’s really a question of English and law and lawyers are perhaps best equipped to answer)

    0
    If Capital One merges with Discovercard, I will boycott /all/ credit cards (is that even possible?)
    prospect.org Capital One–Discover Merger Tests Bank Regulators’ Merger Approach

    Regulators have dragged their feet on new bank merger guidelines. They now have a $35 billion reason to get moving.

    Capital One–Discover Merger Tests Bank Regulators’ Merger Approach

    For the past ~15 years I have tried for the most part to boycott:

    • American Express for being an #ALEC member (which supports #climateDenial and obstructs public healthcare, public education, immigration, gun control, etc), and for participating in the #Wikileaks donation blockade
    • Visa for pushing the #warOnCash (member of #betterThanCashAlliance.org and offering huge rewards to merchants who refuse cash), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards
    • Mastercard for pushing the #warOnCash (member of betterThanCashAlliance.org), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards

    Discovercard has always been a clear lesser of evils. So Discovercard has earned the majority of my business whenever cash is not possible. But now I hear chatter that #Discovercard might merge with a shitty bank that had an embarrassing data leak by an Amazon contractor: #CapitalOne. I was disappointed when Samual Jackson promoted #CapOne. Capital One supported Trump’s Jan.6 insurrection attempt among other things.

    So what’s left? JCB (Japanese) and UnionPay (China). JCB pulled out of the US like 10 years ago. People outside the US can get a #JCB card but then IIRC it uses the Discovercard network in the US and the #AmEx network in Canada.

    I already favor cash whenever possible. In other cases it will be hard to choose the lesser of evils between CapOne and Mastercard.

    update --- Found an insightful article detailing a loophole that the fed gave to Discovercard which is why Capital One intends to buy it.

    11
    (EU+UK) Legal theory that closed-source software inherently undermines or violates the GDPR in some situations

    cross-posted from: https://beehaw.org/post/12170575

    > The GDPR has some rules that require data controllers to be fair and transparent. EDPB guidelines further clarify in detail what fairness and transparency entails. As far as I can tell, what I am reading strongly implies a need for source code to be released in situations where an application is directly executed by a data subject and the application also processes personal data. > > I might expand on this more but I’m looking for information about whether this legal theory has been analyzed or tested. If anyone knows of related court opinions rulings, or even some NGO’s analysis on this topic I would greatly appreciate a reference. > > #askFedi

    0
    General Data Protection Regulation (“GDPR”) @sopuli.xyz debanqued @beehaw.org
    (EU+UK) Legal theory that closed-source software inherently undermines or violates the GDPR in some situations

    cross-posted from: https://beehaw.org/post/12170575

    > The GDPR has some rules that require data controllers to be fair and transparent. EDPB guidelines further clarify in detail what fairness and transparency entails. As far as I can tell, what I am reading strongly implies a need for source code to be released in situations where an application is directly executed by a data subject and the application also processes personal data. > > I might expand on this more but I’m looking for information about whether this legal theory has been analyzed or tested. If anyone knows of related court opinions rulings, or even some NGO’s analysis on this topic I would greatly appreciate a reference. > > #askFedi

    0
    Removed threads should still be reachable and interactive

    I posted an apparently off-topic post to !foss@beehaw.org. The moderator removed it from the timeline because discussion about software that should be FOSS was considered irrelevant to FOSS. Perhaps fair enough, but it’s an injustice that people in a discussion were cut off. The thread should continue even if it’s not linked in the community timeline. I received a reply that I could not reply to. What’s the point in blocking a discussion that’s no longer visible from the timeline?

    It’s more than just an unwanted behavior because the UI is broken enough to render a dysfunctional reply mechanism. That is, I can click the reply button to a comment in an orphaned thread (via notifications) and the UI serves me with a blank form where I can then waste human time writing a msg, only to find that clicking submit causes it to go to lunch in an endless spinner loop. So time is wasted on the composition then time is wasted wondering what’s wrong with the network. When in fact the reply should simply go through.

    (edit) this is similar to this issue. Slight difference though: @jarfil@beehaw.org merely expects to be able to reply to lingering notifications after a mod action. That’s good but I would go further and propose that the thread should still be reachable and functional (just not linked in the timeline where it was problematic).

    11
    Votes fail to rank comment visibility

    This series of single word spam has 1 vote each:

    https://beehaw.org/comment/2351412

    Yet there are responses to the same comment with many more upvotes. Why don’t the higher valued comments rise above the comments with a score of 1?

    8
    [resolved] Finance community unreachable

    When trying to access https://beehaw.org/c/finance it gives a 502 bad gateway -- “Worker Bees are busy updating the website”.

    1
    Chrome & Firefox are a false duopoly. Do we need another option? Should there be a public option? Should it come from Italy?

    Mozilla is ~83% funded by Google. That’s right- the maker of the dominant Chrome browser is mostly behind its own noteworthy “competitor”. When Google holds that much influence over Mozilla, I call it a false duopoly because consumers are duped into thinking the two are strongly competing with each other. In Mozilla’s effort to please Google and to a lesser extent the end users, it often gets caught pulling anti-user shenanigans. Users accept it because they see Firefox as the lesser of evils.

    Even if it were a true duopoly, it would be insufficient anyway. For a tool that is so central to the UX of billions of people, there should be many more competitors.

    public option

    Every notable government has an online presence where they distribute information to the public. Yet they leave it to the public to come up with their own browser which may or may not be compatible with the public web service. In principle, if a government is going to distribute content to the public, they also have a duty to equip the public to be able to consume the content. Telling people to come up with their own private sector tools to reach the public sector is a bit off. It would be like telling citizens they can receive information about legislation that passes if they buy a private subscription to the Washington Post. The government should produce their own open source browser which adheres to open public standards and which all the gov websites are tested with.

    I propose Italy

    Italy is perhaps the only country in the world to have a “public money → public code” law, whereby any software development effort that is financed by the gov must be open source. So IMO Italy should develop a browser to be used to access websites of the Italian gov. Italy can save us from the false duopoly from Google.

    74
    Free software in education will take a step back -- republicans are going after school board positions nationwide in the US
    web.archive.org Conservative PACs inject millions into local school races

    In the run-up to the midterm elections, a growing number of conservative groups are turning their attention to often-ignored school board races.

    Since last year, republicans have launched a campaign to get conservatives on school boards. This is the political party in the US who favors privatization of everything. They are sympathetic to giant corporations and champion #citizensUnited (which elevates corporations above humans). #Ohio has a large number of extremists intending to take school board positions.

    I don’t get the impression #FOSS orgs like #FSF are paying attention. The FOSS movement stands to lose some ground here. #FreeSoftware in education is important and FSF does not even have a campaign for it on their website.

    13
    Philosophy @mander.xyz debanqued @beehaw.org
    Do orgs that receive tax-deductible donations have an obligation as a public service to promote non-discriminatory equal access?

    cross-posted from: https://beehaw.org/post/8984968

    When the FSF Free Software Directory directs people to freedom-lacking places

    > The #FSD purpose is to help people “find freedom-respecting programs”. Browsing the directory reveals copious freedom-disrespecting resources. For example: > > * projects jailed in MS #Github (amid substantial ethical issues) > * projects jailed in #Gitlab·com (amid substantial ethical issues) > * projects with resources (docs, forums, wikis, APIs, etc) that are jailed in #Cloudflare’s walled garden (amid substantial ethical issues) > > FSF has no tags for these anti-features. It suggests a problem with integrity and credibility. People expect to be able to trust FSF as an org that prioritizes user freedom. Presenting this directory with unmarked freedom pitfalls sends the wrong message & risks compromising trust and transparency. Transparency is critical to the FOSS ideology. Why not clearly mark the freedom pitfalls? > > The idea of having exclusive clubs with gatekeepers is inconsistent with FSF’s most basic principles, specifically: > > * All important site functionality that's enabled for use with that package works correctly (though it need not look as nice) in free browsers, including IceCat, without running any nonfree software sent by the site. (C0) > * Does not discriminate against classes of users, or against any country. (C2) > * Permits access via Tor (we consider this an important site function). (C3) > > Failing any of those earns an “F” grade (Github & gitlab·com both fail). > > If Cloudflare links in the #FSF FSD are replaced with archive.org mirrors, that avoids a bulk of the exclusivity. #InternetArchive’s #ALA membership automatically invokes the Library Bill of Rights (LBR), which includes: > > * V. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views. > * VI. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use. > * VII. All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information. > > The LBR is consistent with FSF’s principles so this is a naturally fitting solution. The Universal Declaration of Human Rights is also noteworthy. Even if the FSD is technically not a public service, the public uses it and FSF is an IRS-qualified 501(c)(3) public charity, making it public enough to observe these UDHR clauses: > > * art.21 ¶2. Everyone has the right of equal access to public service in his country. > * art.27 ¶1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits. > > These fundamental egalitarian principles & rights are a minimum low bar to set that cannot be construed as “unreasonable” or “purist” or “extremist”.

    Some groups of people who are excluded when resources are inside Cloudflare’s walled-garden include:

    • public library users
    • Tor users
    • CGNAT users (often poor people in impoverished regions whose ISPs have fewer IPv4 addresses to allocate than the number of users)
    • people who use scripts to access web resources (and interactive users who merely appear to be bots by using non-graphical FOSS tools, blind people IIRC as they are not loading images)
    • all people with a moral objection to exposing ~20—30% of their web traffic (metadata & payloads both) to one single centralized tech giant in a country without privacy safeguards. (29% of the 200 most popular Github projects also make use of Cloudflare)
    0
    When the FSF Free Software Directory directs people to freedom-lacking places

    cross-posted from: https://beehaw.org/post/8984968

    > The #FSD purpose is to help people “find freedom-respecting programs”. Browsing the directory reveals copious freedom-disrespecting resources. For example: > > * projects jailed in MS #Github (amid substantial ethical issues) > * projects jailed in #Gitlab·com (amid substantial ethical issues) > * projects with resources (docs, forums, wikis, APIs, etc) that are jailed in #Cloudflare’s walled garden (amid substantial ethical issues) > > FSF has no tags for these anti-features. It suggests a problem with integrity and credibility. People expect to be able to trust FSF as an org that prioritizes user freedom. Presenting this directory with unmarked freedom pitfalls sends the wrong message & risks compromising trust and transparency. Transparency is critical to the FOSS ideology. Why not clearly mark the freedom pitfalls?

    > UPDATE > > The idea of having exclusive clubs with gatekeepers is inconsistent with FSF’s most basic principles, specifically: > > * All important site functionality that's enabled for use with that package works correctly (though it need not look as nice) in free browsers, including IceCat, without running any nonfree software sent by the site. (C0) > * Does not discriminate against classes of users, or against any country. (C2) > * Permits access via Tor (we consider this an important site function). (C3) > > If Cloudflare links in the #FSF FSD are replaced with archive.org mirrors, that avoids a bulk of the exclusivity. It also automatically invokes the Library Bill of Rights (LBR) because #InternetArchive is an #ALA member: > > * V. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views. > * VI. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use. > * VII. All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information. > > The LBR is consistent with FSF’s principles so this is naturally a good solution. The Universal Declaration of Human Rights are also noteworthy. Even if the FSD is technically not a public service, the public uses it and FSF is an IRS-qualified 501(c)(3) public charity, likely making it public enough to observe these UDHR clauses: > > * art.21 ¶2. Everyone has the right of equal access to public service in his country. > * art.27 ¶1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits. > > These fundamental principles & rights are a minimum low bar to set that cannot be construed as “not reasonable” or “purist” or “extremist”.

    5
    When the FSF Free Software Directory directs people to freedom-lacking places

    The #FSD purpose is to help people “find freedom-respecting programs”. Browsing the directory reveals copious freedom-disrespecting resources. For example:

    FSF has no tags for these anti-features. It suggests a problem with integrity and credibility. People expect to be able to trust FSF as an org that prioritizes user freedom. Presenting this directory with unmarked freedom pitfalls sends the wrong message & risks compromising trust and transparency. Transparency is critical to the FOSS ideology. Why not clearly mark the freedom pitfalls?

    UPDATE

    The idea of having exclusive clubs with gatekeepers is inconsistent with FSF’s most basic principles, specifically:

    • All important site functionality that's enabled for use with that package works correctly (though it need not look as nice) in free browsers, including IceCat, without running any nonfree software sent by the site. (C0)
    • Does not discriminate against classes of users, or against any country. (C2)
    • Permits access via Tor (we consider this an important site function). (C3)

    Failing any of those earns an “F” grade (Github & gitlab·com both fail).

    If Cloudflare links in the #FSF FSD are replaced with archive.org mirrors, that avoids a bulk of the exclusivity. #InternetArchive’s #ALA membership automatically invokes the Library Bill of Rights (LBR), which includes:

    • V. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views.
    • VI. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use.
    • VII. All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information.

    The LBR is consistent with FSF’s principles so this is a naturally fitting solution. The Universal Declaration of Human Rights is also noteworthy. Even if the FSD is technically not a public service, the public uses it and FSF is an IRS-qualified 501(c)(3) public charity, making it public enough to observe these UDHR clauses:

    • art.21 ¶2. Everyone has the right of equal access to public service in his country.
    • art.27 ¶1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.

    These fundamental egalitarian principles & rights are a minimum low bar to set that cannot be construed as “unreasonable” or “purist” or “extremist”.

    37
    Some ATMs demand a PIN /before/ showing you options. Privacy issue?

    cross-posted from: https://fedia.io/m/privacy/t/346211

    > I need to check the balance of my bank card. It’s apparently becoming quite rare for ATMs to support balance inquiries. So as I try many different ATMs to check the balance, some ATMs demand PIN entry before you even see the service offers. So I enter my PIN and then it only gives a cash withdrawal option, at which point I eject. > > Couple problems here: > > * anti-fraud AI sensors can be very fragile & trigger happy. If my card is inserted into several different ATMs with & no transaction is initiated, I am of course concerned that my account will be frozen due to fraud false positive. > > * some ATMs automatically print out your balance on the receipt if you ask for a receipt. Some show it on the screen Some ATMs will only print the balance on the receipt if you specifically requested the balance in your session. Some ATMs are completely incapable of balance inquiries (at least for cards from other banks). Consumers seem to have no way of knowing what kind of ATM they are dealing with in advance, which forces us to experiment. > > Questions: > > * when an ATM demands PIN in advance, does that mean the transaction will signal the bank even if the session is terminated when the menu shows no balance inquiry option? IIUC, the PIN can be verified using the cards EMV chip without using the network - but is that necessarily the case? > > * when an ATM shows the menu options before asking for a PIN, can we count on no signal being sent to the bank? > > One of my accounts got frozen for fraud. I called the bank, complained, demanded answers. The bankers themselves are kept in the dark and left guessing about what happened. One banker said “you asked for more than the daily limit 2 or 3 times, which failed, then you went to a different ATM and tried again. Since you went to a different machine, that likely looked like fraud”. (of course I tried a different machine -- why would a legit user keep trying the same machine?)

    16
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)DE
    debanqued @beehaw.org
    Posts 22
    Comments 119