• 1 Post
  • 20 Comments
Joined 1 year ago
cake
Cake day: May 31st, 2023

help-circle

  • 133arc585@lemmy.mltoPrivacy@lemmy.mlPrivacy Search Engines
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    1 year ago

    It’s interesting how you went from “it’s not relevant at all” to “it’s relevant in general but not in this case” after I gave you a reply.

    If you have found a new security or privacy flaw, I would love to hear about it. But pushing your irrelevant opinions on others who are not interested, is unpleasant for us, and a waste of time for you.

    My opinions are not irrelevant, as I laid out in my previous comment that you just agreed with. Others are obviously interested, and it’s not “unpleasant” for them, as people responded and upvoted (and no downvotes)–indicating it’s relevant. It’s not a waste of time for me, because not only did it take me negligible time to type literally three sentences (actually, I copy-and-pasted the comment from one I made earlier, I didn’t even write it fresh here), but it has value to others and as such is not a waste of time for me.

    So whether he agrees with you that guys can become girls or vice versa, or whether he believes the same narrative that you do regarding corona is simply irrelevant.

    The strawman construction was a nice little touch. Completely ignoring the part where I laid out that my personal stance and agreement or disagreement with the CEO is irrelevant, you act as if I personally disagree with the CEO and then use that to dismiss me.

    You obviously have an agenda. So be it. But this conversation is truly a waste of time: you were obviously wrong and as soon as that was pointed out you shift goalposts.


  • 133arc585@lemmy.mltoPrivacy@lemmy.mlPrivacy Search Engines
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    If you think the two are unrelated you’re oblivious to the considerations that must be taken into account when discussing potential privacy concerns in software. It’s not ad hominem to acknowledge that the personal convictions and values of the CEO (and indeed other employees) can potentially decrease the sense of privacy of a product.

    If the CEO is so adamant in his anti-X stance that he decides it’s acceptable to censor access to materials about X, or perhaps worse that he decides to expose anyone using his software that discusses or supports X, would not consider those valid concerns?

    Companies are made of people, and software is made by people. Since people are not neutral, companies and software are also not neutral. The stances of a company or software on privacy, freedoms, etc are all influenced by the stances on those exact issues by the constituent people of the company and developers of the software.

    Consider Elon Musk and Twitter. Given Elon’s personal beliefs and how adamant he is to enact and enforce those beliefs, do you consider him a neutral influence on the privacy of Twitter as a product? There is no way to see him as a neutral influence; he has direct influence by his ideological stance on the software. As such, if you have enough distrust in him or his ideological stance, that can transfer to distrust in Twitter as software.

    In fact, it’s not even about whether I support the CEO or whether I think his stance is “right” or “wrong” as you imply. It’s entirely about how the CEO sees his beliefs in relation to the company and product he’s overseeing. I could entirely agree with the CEO and still consider their influence to be a detriment to the product if he puts his ideology ahead of pragmatism, for example.


  • It depends on how Google wants to play this. If they require website operators to use WEI in order to serve ads from Google’s ad network (a real possibility), then suddenly 98.8% of websites that have advertising, and 49.5% of all websites would be unusable unless you’re using Chrome. It’s probably safe to assume they’d also apply this to their own products, which means YouTube, Gmail, Drive/Docs, all of which have large userbases. The spec allows denying attestation if they don’t like your browser, but also if they don’t like your OS. They could effectively disallow LineageOS and all Android derivatives, not just browser alternatives.


  • A fork like Vivaldi, Brave or Opera could opt not to implement these changes

    It doesn’t quite work like that. They wouldn’t choose to not implement the change, because the change comes from upstream via Chromium. They would have to choose to remove the feature which, depending on how it’s integrated, could be just as much work as implementing it (or more, if Google wants to be difficult on purpose). Not implementing the change is zero effort; removing the upstream code is a lot of effort.


  • Within the context of Chrome and other Chromium based web browsers, this means that Google will be able to monitor your web browsing in a new way any time you’re using a browser based on Chrome/Chromium.

    With only slight hyperbole, we can say that Google can do this monitoring already.

    What’s worse, is now they can:

    • Refuse you access to information by refusing to attest your environment.
    • Restrict your browser, extensions, and operating system setup by refusing attestation.
    • Potentially bring litigation against you for attempting to circumvent DRM (in the USA it’s illegal to bypass DRM).
    • Leverage their ad network to require web site operators to use attestation if they wish to serve ads via Google. AKA force you to use Chrome to use big websites.
    • Derank search results for sites that are not using attestation.

    In my opinion, the least harmful part of this is the ability to monitor page access, because they can more or less do this for Chrome users anyway. What’s really harmful here is the potential to restrict access to and destroy practically the entirety of the internet.


  • What a weird take. You’re allowed to pay for whatever you’d like. Personally, I can’t afford to pay for any JetBrains product, even if I wanted to.

    Not only are there alternatives which may be better overall or better suited to someone’s needs, that wasn’t even my point. My point was more that it is only temporarily free, and so the parent commenter’s comment of “it’s free” should be taken with a grain of salt if you’re considering the product.

    Moreover, we’re in the Open Source community: Fleet is neither free nor open source, and pointing that out here is relevant.



  • 133arc585@lemmy.mltoPrivacy@lemmy.mlSignal. Privacy.
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    Ok, two things are happening here.

    they offer no reasonable basis for distrusting Signal, the tech that they attempt to vilify.

    One, is that they did provide what they considered reasonable basis for distrusting Signal. Given that they thought Signal should not be trusted, the quote you posted is pretty obviously to be interpreted as: thankfully China hasn’t naively adopted a compromised communications platform with a USA intelligence backdoor. Now, if you want to say their basis for distrust is not reasonable, or is false, that’s completely fine. But in doing so it doesn’t change the author’s intent behind the quote which you posted.

    Given said dev’s past comments, it is reasonable to infer that the reference to China presents them as an example to be followed here.

    Two, is that it should be pretty clear they are saying China should be followed here in a very specific and explicit way: they aren’t saying follow China in every way under the sun. It’s very obvious from context and from what is explicitly said that they mean: China’s distrust and refusal to adopt (what they consider) a platform with USA backdoors should be followed. And I think that’s an entirely reasonable statement to make. No one should naively adopt compromised communications platforms.

    There is no honest reading of the quote (especially given the rest of the context of the essay leading up to the quote) that could lead someone to conclude that this particular essay is (1) advocating for and supporting China spying on its citizens and (2) advocating for other countries following China in spying on citizens. It’s pretty obvious the only honest reading of this is: “I believe Signal has USA backdoors. Given that, I’m glad China hasn’t adopted its use heavily. I also think other countries should follow China in not naively accepting such technologies”.

    Again, you can disagree with the foundational reasons for distrust, and that could be very useful. But painting the essay and quote the way you (and others here) are is just intellectually dishonest. Disagree with what is actually said, not with what you imagine (or wish) was said.



  • Edit: My comment below was originally based on a faulty understanding of how EDDM mailers worked and a faulty assumption I based on that ignorance. What they did in reality is little more than sending out spam mail, it was not a privacy violation. I’ve removed the mention of the EDDM mailers since they aren’t relevant given this.

    I’d take a peek at the wikipedia entry about their business model, which mentions some stuff that isn’t the most savory:

    … Brave earns revenue from ads by taking a 15% cut of publisher ads and a 30% cut of user ads. User ads are notification-style pop-ups, while publisher ads are viewed on or in association with publisher content.

    On 6 June 2020, a Twitter user pointed out that Brave inserts affiliate referral codes when users navigate to Binance

    With regards to the CEO, he made a donation to an anti-LGBT cause when he was CEO of Mozilla in 2008. He lost his job at Mozilla due to his anti-LGBT stance. He also spreads COVID misinformation.

    As others have pointed out, it’s also Chromium based, and so it is just helping Google destroy the web more than they already have.


  • 133arc585@lemmy.mltoPrivacy@lemmy.mlSignal. Privacy.
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    1 year ago

    “Signal’s use luckily never caught on by the general public of China (or the Hong Kong Administrative region), whose government prefers autonomy, rather than letting US tech control its communication platforms, as most of the rest of the world naively allows.”

    When you’re holding up China as an example for the world to follow for privacy

    I interpret that quote to say that China doesn’t trust US tech like the rest of the world does. It’s not saying that China has more privacy and the rest of the world should follow, it’s saying that the rest of the world also shouldn’t be so naively trustworthy of US tech either.




  • 133arc585@lemmy.mltoLinux@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    2
    ·
    edit-2
    1 year ago

    For the “schedule expression” (the * * * * * part), try https://crontab.guru/. Some distributions have shortcut expressions like @hourly or @daily so you don’t have to type * */1 * * * etc.

    The crontab generally has a header that shows the columns, but if not, they’re: m h dom mon dow command.

    From * * * * * /usr/bin/sct 2750 I’m guessing you want to run every minute. If that’s the case, as another commented pointed out, try */1 * * * * /usr/bin/sct 2750, meaning every 1 minute.




  • My statement above was not meant to come across as xenophobic, but wary considering, historically, how involved China’s government is with local tech companies and entities that would contribute to a project like this.

    This right here is where the problem is though. Simply being associated with the Chinese governement is not sufficient to assume malfeasance. Just as any of the large USA tech giants that take various forms of government funding aren’t automatically assumed to be malicious simply by being associated with a “malicious” government. Hell, the Linux Foundation (Linus’ employer) is almost entirely funded by really creepy USA-based tech companies that themselves receive government money for various projects or products. I don’t assume baselessly that Linus would make the distribution insecure simply because he’s funded by people who might want that.

    Obviously, more data needs to be evaluated, but I think it’s fair to be cautious.

    It is only fair to be exactly as cautious as you would be to run any other random Linux distribution: say, some random person’s fork of Debian. Again, unless you have actual reason to treat it differently, doing so baselessly is rather lame and doesn’t serve anyone. Of course it’s fair to be catious of something as critical as an operating system; but viewing it through a biased lens doesn’t make you more secure.

    SIGs (special interest groups)

    I’m not sure the precise definition for what counts as an SIG here, but it could mean something analagous to the Linux Foundation. It isn’t necessarily suspicious. I think, from context, it’s used in contrast to “enterprises”; that is, I take it to include any volunteer or not-for-profit contributions.