LWD

@LWD@lemm.ee

This profile is from a federated server and may be incomplete. Browse more on the original instance.

LWD,

I have little love for celebrities, but if any company needs to be held accountable for disinformation, it’s the huge ones. Even 4chan kicked out QAnon conspiracy theorists in lightning speed compared to Facebook, and it’s 4chan.

to me, it's very sad that firefox tracks search data

If I want to opt out, I can only opt out by disabling all usage telemetry according to the official doc …mozilla.org/…/share-data-mozilla-help-improve-fi… . That means that my usage habits and the usage habit of all people that do not want to share their search terms with firefox, i.e. all somewhat privacy interested...

LWD, (edited )

Can you upload and share a copy of your telemetry data or at least a copy of the search topics that have been associated with your Firefox browser?

I’m interested in perusing what kind of topics are collected.

Mozillas Telemetry docs and Privacy Notice

These both appear to be the same link, and neither of them mention “topics” or “search” as far as I can tell.

LWD,

The biggest criticism I have seen of announcements-only signal groups is that every member can see every other member. This might be inconvenient for members who use their single phone number for purposes outside of activism.

LWD,

Did the CEO put out this Frankenstein hitpiece because of the news of Telegram leaking location data, or the news of Telegram censoring queer groups?

Regardless, the evidence “Signal refused to” do anything is not very good. Telegram fans might be less upset (at Signal) if they could (or did) actually read the linked GitHub page.

And for no reason at all, I wonder what Telegram fans would think of when it comes to being treated like this by the company: tsf.telegram.org/manuals/e2ee-simple

LWD,

You’ve got two options:

  • Fight back with ad blockers. Tubular or ReVanced on Android, uBlock Origin on PCs.
  • Pay up. (This is the unethical option.)
LWD,

Live streams will stutter badly when a game is going on, something I have experienced in Firefox but not Chrome.

And of course Chromium has billions of dollars at its disposal while Mozilla can’t even accept donations from users for Firefox so it’s not exactly surprising that the browser with worse funding and management doesn’t run as well.

LWD,

What’s the best browser to recommend to people who want to dump Brave but either can’t or won’t switch to Firefox, due to things like unoptimal behavior of sites like YouTube while playing games, for example?

The best I’ve come up with is Thorium, a de-Googled Chromium fork, optimized for speed.

LWD,

To paraphrase Louis Rossman, he doesn’t need the fraction of a penny he’d get from you wasting your time, and if YouTube wants your money then they should earn it.

LWD,

Any idea why pravda(.)me, with 33 users, is listed as the 4th biggest Mastodon server when I sort by users on that site?

LWD,

You’re right, it was a mobile UI issue with the columns/column labels. It’s showing the active number, but with the “users” header. It works all right in desktop mode.

Firefox version 126 introduces search data telemetry collection and enhanced copy without site tracking option (blog.mozilla.org)

With the latest version of Firefox for U.S. desktop users, we’re introducing a new way to measure search activity broken down into high level categories. This measure is not linked with specific individuals and is further anonymized using a technology called OHTTP to ensure it can’t be connected with user IP addresses....

LWD,

It looks like they’re just searching for people who will respond positively to their foregone decision to add the Shopping tool. I don’t know how else to read that post, especially with how the team is interacting with the responses.

(Is that AI-generated spam in the replies too?)

LWD,

Tor is Firefox, why are you calling it “a shit-quality browser” while defending Mozilla so hard

LWD,

I hate to break it to you, but right now, AI is being pushed by Tesla, Microsoft, Apple, Google. Pretty much every major megacorporation.

The environmental impacts are staggeringly horrible.

But sure, AI good.

LWD,

I’m not really a fan of “clean” and “minimalist” launchers when they get to the point of impeding my productivity. And keeping a curated list can tap into muscle memory, improving speed further.

For example:

I’ve got 13 apps I can launch with a single tap, 13 more one extra swipe away (unless you count the swipe into my app drawer, which would bring it up to ~32 more).

Just something to keep in mind when looking for a launcher: you might want to find your definition of fast. If KISS works for you, all the more power to you. But I lament the lack of FOSS launchers that are more Nova-esque.

LWD,

I can’t type right to save my life. If I want Boost it’ll either come up “Voist” or “Boat” depending on whether I tap or glide. (And switching to a private keyboard has made this more of an uphill battle for me.)

You’ve got me dead to rights about forgetting where things are (besides the home screen), which is why I’m glad my launcher of choice has things organized not just in the Apps drawer, but in folders within them.

I appreciate the insight though. Not everybody’s workflow is going to be the same, and needing X apps at a certain distance will affect different people different ways.

LWD, (edited )

…And attitudes like this towards privacy will keep Lemmy from progressing to a point where those issues will be fixed.

I have a fundamental problem with giant corporations scraping user data without user consent. That’s a system-level issue. It doesn’t become “good” just because they get to scrape without consent for free.

LWD,

I have a few suggestions for development concerns off the top of my head:

  • Scrub post metadata* after users request its deletion
  • Auto-purge deleted content* rather than letting it sit behind a “deleted” flag (something Facebook got a ton of flak for doing)
  • Auto-purge deleted media*
  • Consider seriously limiting opening data wide for scraping, since the problem is non-consensual scraping, not payment for non-consensual scraping
  • either immediately or, to prevent spam, after some time
LWD,

Lemmy has quite a few unfortunately invasive qualities of its own, including generally needing an email address from you (Reddit does not), having poor privacy and data retention practices, and generally being very messy with who gets to decide what happens with your data and how easily it can be scraped.

Sure, Reddit sells it… But Lemmy gives it to any web scraper for free.

LWD,

If we take “unlimited unauthenticated API access shouldn’t be possible” for granted, I’m unfortunately not all that technically competent about what can be done next.

The first thing that comes to mind is treating website access and app access differently, maybe limiting app API access by default for people who haven’t logged in.

Or creating a separate bot API that’s rolled out across all servers at some point in the future… And I know federation could pose some serious chokepoints here so that’s where my speculation ends.

LWD,

Pretty much any email masking tool that gives you more than 5 domains for free, especially considering several do this for free (Addy, DDG, Ironvest).

LWD,

You can multi-select regular tabs to add them to a collection, but not private ones. And even if you did add each private tabs to a collection one at a time, the “open tabs” option only opens them as regular tabs, not private ones.

Instead of private tabs, have you considered

  • using the “delete browsing data on quit” option in Firefox, or
  • downloading a second browser like Mull with that option enabled for your “private tabs” instead of Firefox?
LWD, (edited )

Update: Apple’s role in adding extra location data to your request has been added to this post

Apple and a couple other providers have been experimenting with a multi-hop system of making your connections private.

Here’s what Cloudflare says.

https://blog.cloudflare.com/content/images/2022/03/image1.png

Here’s what a competitor, Invisiv, says.

https://invisv.com/img/relay.png

Both pages are pretty hard to parse (IMO Cloudflare uses more jargony language: “ingress”/“egress server” - really?) but they get to the same point.

https://i.imgur.com/n1BcDtt.jpegf

Your data takes a path like this

  1. Your computer, your IP address, your message to a destination gets encrypted in a couple layers and passed on.
  2. Your ISP knows exactly who you are and that you’re reaching out to server 1. They can’t see your data but to them, you’re using a VPN probably.
  3. The first server also necessarily knows who you are, unpacks one layer of your request and sends it on to a second server (in Invisiv’s case, Fastly; in Apple’s, Cloudflare).
  4. The second server now knows that data was requested from the first server, and it can see the name of the domain you’re requesting (YouTube, for example) but because the request came from the first server, it theoretically won’t know it’s you making that request
  5. The data moves on from the second server to the destination, with the destination only knowing it’s receiving data from the second server, and not knowing about the first server.

The obvious issues here:

  • Do you trust the people providing the multi-hop VPN-like service?
  • Do you trust the two servers, which have necessarily entered into an agreement of some sort, to not collaborate regarding transmitting data?
  • How easy is it to audit the code we can see?
  • What else is going on with your data?

In the case of Apple/Cloudflare, reputation is rather poor. From PRISM to false advertising to notification telemetry, Apple hasn’t exactly delivered on their promise. In terms of Invisiv, the company has some big names on board but Fastly and Cloudflare both have a rather significant grip on the internet (with Cloudflare’s being bigger) but any CDN gets a good view into personal data most of the time.

Update: in the case of Cloudflare/Apple, Apple adds additional location data to your request, making its “private” relay leak approximate location data the same way your IP address could leak it. To wit:

Apple relays geolocate user IP addresses and translate them into a “geohash”. Geohashes are compact representations of latitude and longitude.

But on the bright side: a VPN has far more issues than either of these, as it’s basically #4 above except the same service also has your identity by necessity. An untrustworthy VPN is as harmful as an untrustworthy ISP, with very little separating them.

LWD,

I really wish Signal still had SMS support because the network effect was a lot more powerful, and it was easier to “sell” to my friends, back when it was that way.

LWD,

It’s not unreasonable to think a person would want to offer some kind of live location sharing to friends. Including situations like “what if my tinder date goes horribly wrong”

Location tracking can be used maliciously, but a private app is hardly going to be a hidden app. And OP didn’t ask to obscure the intent of it.

LWD,

ICYMI: All the cool kids are using LocalCDN instead of DecentralEyes now.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • modclub
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • GTA5RPClips
  • tacticalgear
  • normalnudes
  • tester
  • osvaldo12
  • everett
  • cubers
  • ethstaker
  • anitta
  • provamag3
  • Leos
  • cisconetworking
  • lostlight
  • All magazines
    •