Melody Fwygon
- 0 Posts
- 20 Comments
No; it’s not inarguable.
I do feel that some minor limitations around social media should exist; such as hours of the day you may not be allowed to read or post; but they should be simple age-gates created to privately verify a person’s age via a simple SSO/OAuth style token. If you can’t authenticate against some privacy respecting identity proving entity you probably aren’t old enough and any account(s) you create would be limited.
Not all social media needs to be age-gated either; but social networks could be forced by law to avoid monetizing your account or habits at all if you don’t willingly identify. (and by doing so; also CONSENT TO THIS MONETIZATION) In short; if you are not verified they’re required to assume you are a child and handle your data as such…with utmost respect to your privacy.
It is not only true; it is required by the WMF. Wikipedia and Wikimedia will go dark before it compromises those values.
Wikipedia can always be revived by it’s massive worldwide community; on Tor even. Trump taking down the WMF servers won’t help; the databases probably get backed up daily and would likely end up on torrents within moments of it being taken down.
As an editor with advanced rollback rights on Wikipedia; I can agree with the above statement.
It is Extremely Difficult; even with slighly escalated rollback rights such as mine; to push an agenda on Wikipedia.
WP:NPOV is a good read and the editing community and contribution culture on Wikipedia enforces it strongly.
EnWiki itself for certain has some very strong Page Protection policies that prevent just any editor from munging up the encyclopedia or changing history.
It’s safe to say that Wikimedia cannot be bent or broken easily by special interest groups…Vandalism and PoV pushing is quickly quelled by sysops on Wikipedia. There are more of us editors than Elon could ever possibly hope to take on.
Not even Elon Musk gets to ignore Wikimedia policies. That will never change. They are written in blood and sweat and cannot be manipulated. The entire foundation is set up in a way that it always, eventually, cracks down on corruption and greed. Not even a cabal of admins, bureaucrats and Wikimedia Stewards can help you.
It’s because ANY COMMERCIAL TRACKING AT ALL is unacceptable!
Chrome is trying to have it’s cake and eat it too by removing 3rd party cookies and baking in another tracking methodology anyways.
The User Has Spoken and we DEMAND that there be NO TRACKING! The browser devs are complying with that demand in various ways to various degrees.
Firefox complies with this demand openly and honestly. Third party cookies are not a thing much anymore and the browser actively tries to punish companies who try to do it anyways; while also allowing us to turn to other plugin developers to further punish companies who try to aggressively invade our privacy.
Google Chrome, on the other hand, complies very maliciously because it’s made by one of those companies who are trying to track us anyways. It removes third party cookies on the one hand and on the other hand tries to introduce other tracking technologies and WebDRM while also trying to severely curtail browser plugins that we choose to install to assert our rights to privacy our way.
You can’t tell me that’s not an evil dick move on the part of Google and the Chrome team. Chrome needs to clean up it’s act and the development team of Chromium needs to forcefully eject it’s Google developers and find new ones to retake the internet.
Google developers cannot be trusted not to put the interests of Google first; it’s literally what they’re paid to do.
I was similarly not particularly concerned by this breach; my iterations value was set much higher a long time ago, my master password was bordering on insane; as in greater than 16 characters, Mixed Case, includes symbols, has XKCD-Style word patterns and contained non-english/unexpected words/patterns.
I also had migrated away from lastpass and prior to the breach had Deleted my account.
Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry
Seems they only targeted potentially accounts that might’ve contained some MONEY (Cryptocurrency)
Then on Aug. 28, Monahan said she’d concluded that the common thread among nearly every victim was that they’d previously used LastPass to store their “seed phrase,” the private key needed to unlock access to their cryptocurrency investments.
It seems that in particular “Secure Notes” containing crypto seed phrases seem to have been compromised. It’s pretty silly to have not migrated your old crypto wallets by now though.
In a December 2022 blog post, Palant explained that the crackability of the LastPass master passwords depends largely on two things: The complexity of the master password, and the default settings for LastPass users, which appear to have varied quite a bit based on when those users began patronizing the service.
…If you have/had an older account with potentially a very weak Master Password… Your password would be considered Weak if it was Less than 12 characters & did not not contain Uppercase, Lowercase and Symbols & was not an XKCD style password that *isn’t * “Correct Horse Battery Staple” or some other combination of those exact four words…
But Palant said while LastPass indeed improved its master password defaults in 2018, it did not force all existing customers who had master passwords of lesser lengths to pick new credentials that would satisfy the 12-character minimum.
…Older than 2018…
Palant noted last year that for many older LastPass users, the initial default setting for iterations was anywhere from “1” to “500.” By 2013, new LastPass customers were given 5,000 iterations by default. In February 2018, LastPass changed the default to 100,100 iterations. And very recently, it upped that again to 600,000.
…Or worse yet, 2013…and you didn’t change the iterations setting(s), which most people probably did not.
I don’t use Brave, won’t use Brave, and have my reasons for it.
- Brave is Chromium based; a project which is slave to the whim of Google.
- Brave integrates an unnecessary cryptocurrency.
I hate shitcoins
I don’t trust small crypto projects, and I doubly do not want this to be integrated into my browser. It’s a good way to lose your stable crypto-holdings if you have them. (I don’t; but I’ve seen lots of anecdotes about catching malware that subsequently stole their crypto wallets, including any BAT tokens they owned)
- Brave does not block ads! It does not ‘enhance’ your privacy. It just absorbs some ads, replaces some, and blatantly lets first-party advertisements through the filter. That’s not ad-blocking
- Brave does not protect your privacy. As per my previous point; it does not block ads, it injects it’s own right into browser chrome! That’s worse than plain Chrome! Your privacy is automatically violated when you watch/view even a single ad.
- Brave does not have many benefits above “Ungoogled Chromium” or other competing projects. It just doesn’t. Unless you like marketing fluff.
- Brave is NOT BETTER THAN Firefox. It’s worse; because it’s Chromium; which is enslaved to Google whims. Don’t believe me? Try to contribute something to Chromium that goes contrary to Google’s stated goals and watch how fast you get shot down.
But sometimes...
Yes, Sometimes a programmer does succeed. But only sometimes; and this is usually because they have the clout, coding skills, chops and public reach to embarrass the fuck out of the Google PMs. This will never be you, unless you put an extraordinary amount of effort into becoming a very well known and respected contributor in the OSS space. If you already are a respected contributor in the OSS space, Congrats! You’re still likely to be forced to fight a long and protracted battle against the Google nerds to get “Google-Hostile” code changes approved.
A spokesperson for the supermarket said they were disappointed to see “a small minority have tried to use the tool inappropriately and not for its intended purpose”. In a statement, they said that the supermarket would “keep fine tuning our controls” of the bot to ensure it was safe and useful, and noted that the bot has terms and conditions stating that users should be over 18.
In a warning notice appended to the meal-planner, it warns that the recipes “are not reviewed by a human being” and that the company does not guarantee “that any recipe will be a complete or balanced meal, or suitable for consumption”.
“You must use your own judgement before relying on or making any recipe produced by Savey Meal-bot,” it said.
Just another bit of proof that humans are not ready for AI. This AI needs to be deleted. This is not simply operator error; this is an administrative error, and an error of good common sense on the part of many many people involved with creating this tool.
You cannot always trust that an end user will not be silly, malicious, or otherwise plainly predictable in how they use software.
WEI’s goal is to make the web more private and safe
Bull. Fucking. Shit. You do not get to pick and choose who you treat differently based on software level indications. You absolutely cannot justify this technology with fraud-prevention; as your fraud prevention should be baked in elsewhere in your logic chain and service delivery anyways. Developers do not need yet another magic number. Your typical fraudster is going to be an Authenticated Human anyways; and will easily bypass this attestation if this is actually implemented as intended. Because of that fact; this will drive desperate developers to implement this in consumer-hostile and privacy-hostile manners. You cannot simply say “That’s not how it’s intended to be used” and expect those devs to play along with it!
TL;DR: We must not give developers tools that can be abused in ways that run counter to the open internet
WEI is not designed to single out browsers or extensions
Wrong!
You absolutely ARE singling out browsers; particularly ones that may be older or “Un-attestable” for other arbitrary reasons. This will impact a large number of people in the disabled community who may use specific, webpage modifying extensions in order to make the web more usable for themselves.
WEI prevents ecosystem lock-in through hold-backs
This won’t work; your devs will just write other server backend code that is forked off of yours that won’t “hold back”. This is a ridiculously tiny band-aid for a gaping wound that needs stitches;
WEI does not disadvantage browsers that spoof their identity
Wrong again! You cannot trust developers and companies with financial motivations and interests to not mark spoofed browsers as fraudulent; nor can you obligate them to treat them exactly the same as a properly attested browser agent.
Let’s work together on finding the right path
This proposal is not working together! This is a blatant attempt by Google and Alphabet to further bully it’s dominance over standards for the financial gain of itself and it’s partners. Please don’t pretend otherwise.
12 years here.
It was evident that Reddit was not going to play nice the moment Mr. Huffman opened his big trap on network television. Fuck /u/spez, and Fuck Reddit
Lemmy is so much better and it reminds me of what was long lost back in the earliest days of reddit. It’s so much nicer here on Lemmy in general.
Initially; I intended to stay in line with the protest and only close for the 2 days initially proposed.
This time they’ve learned that sacrificing a CEO on the Altar of Public Opinion is too costly; so this time they are just doing it to a pathetic Junior Executive who they probably only gave a slight pay bump and hired from a pool of internal candidates that were leaving the company anyways…
README.TXT
Please Note, the above statement is satire only; but it wouldn’t surprise me if it were true.
TL;DR: It suggests several methods and makes a few mistakes which he had to point out to which it suggests even more absurd solutions to.
The AI recommends doing things in long and hard ways and does not conceive of new or novel technologies; it just mashes together existing ones despite their implementation being difficult or impossible by simply waving away these issues by saying things like “Much research and development would be needed but…”
As a former tech associate at Staples; I can easily attest to how annoyed my bosses were that I always pushed people to buy laser printers.
Their reasoning was simple; the bosses hated the volume at which we sold toner; and literally nothing else…once I had paired all of their problem customers with drama-free laser printers that would stay in operation for at least 5 years.
Nobody who bothered to ask my professional opinion on printers and actually took it seriously bought anything but a Laser Printer. Many of the shitty DRM riddled Inkjets actually collected dust on those shelves unless they were sold by someone more clueless than I.
- 100% backpedal on all controversial changes announced within the previous 6 months; including any changes announced at the same time as said controversial changes.
- Form a task force of admins and developers to backport all; critical moderation tools and changes introduced since the new.reddit launch; to old.reddit. (Complete this task within 1-2 years.)
- Irrevocably Hard remove with no severance /u/spez from his CEO position and any position of power at reddit.
- Hire a new CEO from the pool of the community team(s).
- Cease all Dickery at once
- CANCEL THE IPO!!! This shit needs to wait until reddit gets it’s act together.
- Prioritize hiring humans to run reddit AEO; choose them from your MASSIVE FUCKING POOL OF SUBREDDIT MODERATORS! DO NOT USE AI OR HIRE ANYONE WHO HASN’T MANAGED AT LEAST 25K USER SUBS
- Ban all forms of facism; this is including forms of EXTREME viewpoints that grossly exceed reasonable discourse, peaceful free speech, advocate for extremist governmental regulation, violence or oppression of any kind against any group or subset of people.
- fuck /u/spez - Just make sure he never gets a C-Level job again please.
- continue to build reddit out in a way that allows for fair and ethically priced services from reddit (Ads, unlimited API access, rev sharing, premium features that are cosmetic items only, etc)
- Pick up the same “Do No Evil” ethos that Google abandoned; prioritize your users and revenue equally and balance the obligations better.
Given the absurd number of sites that require a login for no discernible security reason at all whatsoever; I get it.
A “Common” password makes sense. This password should never be used to log into or protect anything secure however.
Similarly a “Common” password might be used to enable login more easily from certain devices; but ideally this “temporary” password should probably be something that is, yet again, different from the first “Common” password you use.
It boggles my mind that someone like this isn’t at least using a specific passphrase for secure work accounts only.
While I can personally understand a need for some password reuse across multiple domains; at least there should be some separation of larger “superdomains” such as “work”, “personal” and “throwaway” so that breaches don’t have such a catastrophic impact.
A system of generating secure, unrelated but memorable phrases (for you) for those times you can’t carry or use a password manager is frequently essential. That way you can recall the password on the fly when it is asked of you; all you need to do is think about the unrelated thing you attached that information to.