• 0 Posts
  • 34 Comments
Joined 4 years ago
cake
Cake day: February 15th, 2021

help-circle
  • Is “intent” what makes all the difference? I think doing something bad unintentionally does not make it good, right?

    Otherwise, all I need to do something bad is have no bad intentions. I’m sure you can find good intentions for almost any action, but generally, the end does not justify the means.

    I’m not saying that those who act unintentionally should be given the same kind of punishment as those who do it with premeditation… what I’m saying is that if something is bad we should try to prevent it in the same level, as opposed to simply allowing it or sometimes even encourage it. And this can be done in the same way regardless of what tools are used. I think we just need to define more clearly what separates “bad” from “good” specifically based on the action taken (as opposed to the tools the actor used).


  • I think that’s the difference right there.

    One is up for debate, the other one is already heavily regulated currently. Libraries are generally required to have consent if they are making straight copies of copyrighted works. Whether we like it or not.

    What AI does is not really a straight up copy, which is why it’s fuzzy, and much harder to regulate without stepping in our own toes, specially as tech advances and the difference between a human reading something and a machine doing it becomes harder and harder to detect.


  • Content curated by “the core geeks and nerds” might appeal to “geeks and nerds”, not to those consumers.

    They want “consumer” content. And if one day they get tired of it then I doubt any amount of “steak” would have stopped them leaving anyway, since that was never what they were looking for. It’s not like reddit has to be the only place they visit in the internet, nor is the internet their only source of consumption. Just because you go to a snack bar does not mean that’s the only place you go for meals.


  • Saying that I dont trust a homophobe is not “sharing my political opinions”

    That’s true.

    However, you did not just say that. You mentioned how he supports some homophobic politics (ie. regulation against gay marriage), which you (and I’m sure a lot of people, me included) disagree with. That’s politics.

    You also shared your opinion about why you think privacy is important for our society. That’s also politics.

    I’m not saying that what you said is wrong… I’m saying that what you said is political. Sharing political opinions is ok. It’s not like talking about politics is somehow a bad thing. At least not in this context. A lot of what surrounds the choice of a web browser like this is political.


  • If they really think there’s no reason to hide anything, why are they prosecuting Snowden for exposing something that was hidden?

    Before having surveillance on people, they should have it on themselves.

    Imagine how many corruption cases could have been prevented if the government was publicly monitored, with live streams from all offices, like a “big brother” show set up in the white house with live recordings of all calls and communications, so the voters can judge by themselves and monitor if the person they employed as the servant for the country is doing its job.




  • On Android 12 or later, apps will be autoupdated after the first install or first update, no root, no unlocking, no PrivExt needed. Older apps that can’t be updated will feature a banner explaining why.

    Most old versions of the apps are not build to support that, and you’ll have to manually update each of those apps at least once (after they have been built with support for it). When checking most apps at the moment a banner appears showing how the app does not support automatic updates (yet?)


  • This.

    I don’t understand the appeal of microblogging. The content is generally very low quality, the signal-to-noise ratio is horrible… I’m not interested in the shower thoughts of any particular individual …or in marketing stunts.

    The only individuals I’m interested on are my family & friends, and even for them I’d rather use a more private platform.

    And when I want to read a public post I’d rather it’s well thought and ideally not restricted by micro-limitations. Even better if it’s curated by a public voting process among a community of people with my same interests, or some other process that makes it so I don’t have to waste my time going through tons of content I’m not remotelly interested on.


  • It can be formatted “nicely” with no issue. But that doesn’t necessarily make it easy to understand.

    What that person posted was in a function named smb() that only gets called by rmb() under certain conditions, and rmb() gets called by AdB() under other conditions after being called from eeB() used in BaP()… it’s a long list of hard to read minified functions and variables in a mess of chained calls, declared in an order that doesn’t necessarily match up with what you’d expect would be the flow.

    In the same file you can also easily find references to the user agent being read at multiple points, sometimes storing it in variables with equally esoteric short names that might sneak past the reader if they aren’t pedantic enough.

    Like, for example, there’s this function:

    function vc() {
        var a = za.navigator;
        return a && (a = a.userAgent) ? a : ""
    }
    

    Searching for vc() gives you 56 instances in that file, often compared to some strings to check what browser the user is using. And that’s just one of the methods where the userAgent is obtained, there’s also a yc=Yba?Yba.userAgentData||null:null; later on too… and several direct uses of both userAgent and userAgentData.

    And I’m not saying that the particular instance that was pointed out was the cause of the problem… it’s entirely possible that the issue is somewhere else… but my point is that you cannot point to a snippet of “nicely formated” messed up transpiler output without really understanding fully when does it get called and expect to draw accurate conclusions from it.


  • It doesn’t really matter whether it was “targeted” at Firefox specifically or not, what matters is whether the website has logic that discriminates against Firefox users. Those are 2 different things. “End” vs “means”.

    I wouldn’t be surprised if the logic was written by some AI, without specifically targeting any browser, and from the training data the AI concluded that there’s a high enough chance of adblocking to deserve handicapping the UX when the browser happens to be Firefox’s. Given that all it’s doing is slowing the website down (instead of straight out blocking them) it might be that this is just a lower level of protection they added for cases where there’s some indicators even if there’s not a 100% confidence an adblock is used.


  • That’s out of context. That snippet of code existing is not sufficient to understand when does that part of the code gets actually executed, right?

    For all we know, that might have been taken from a piece of logic like this that adds the delay only for specific cases:

    if ( complex_obfuscated_logic_to_discriminate_users ) {
    
        setTimeout(function() {
            c();
            a.resolve(1)
        }, 5E3);
    
    } else {
    
        c();
        a.resolve(1)
    
    }
    

    It’s possible that complex_obfuscated_logic_to_discriminate_users has some logic that changes based on user agent.

    And I expect it’s likely more complex than just one if-else. I haven’t had the time to check it myself, but there’s probably a mess of extremely hard to read obfuscated code as result of some compilation steps purposefully designed to make it very hard to properly understand when are some paths actually being executed, as a way to make tampering more difficult.


  • I expect it would be technically possible to have lemmy-like or peertube-like services built on top of the AT protocol Bluesky uses, like with ActivityPub. And I expect if/when that happens the communication across services would probably work too.

    In fact, accounts being “portable” in the AT protocol can potentially make the integration more seamless across different services, not only might the posts be seen from different services, but you might be able to directly access those different services with the same account. Imagine if you could login in lemmy with a mastodon account or vice-versa.

    Bluesky is just one of the possible services. But as long as the invites are private and you can’t host your own instance, I wouldn’t even consider it an alternative. I think it’s a bit early to judge, both its positives and its negatives.


  • Ferk@lemmy.mltoLinux@lemmy.ml*Permanently Deleted*
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    1 year ago

    It’s changing by having a library like wlroots do most of the work.

    When you consider the overall picture, “wlroots + compositor” is actually less complex than “X11 + window manager” because you no longer need to consider the insanely high requirements of having to have a team maintaining the spaghetti mess of X11 code.

    Wayland-based dwl has roughly the same line count as X11-based dwm (about 2.2k), without having to depend on a whole separate service as big as X11.

    But of course, it being a completely different approach, it’s likely that for most smaller projects (ie. not Gnome or KDE) it’s easier to start a new project than creating a layer to maintain two different parallel implementations.

    If you want something that’s more or less compatible with openbox, there seems to be this project, labwc, which claims to be inspired by openbox and compatible with its config/themes… though I haven’t personally tried it.

    Also keep in mind that openbox (and I expect labwc too) doesn’t include any “panels” / “taskbars” or anything like that… and it’s likely your X11 panels might not work well if they do not explicitly support Wayland (but I believe that, for example, xfce-panel now supports both).



  • Wouldn’t it be easier and more direct to simply impose a tax to those external big tech services?

    I don’t understand why using protection against “bad actors” as an excuse is necessary at all if getting money from big tech were the ultimate goal. A lot of people within the EU would happily support such a tax targeting big US companies, it’s the privacy problems what we are pushing against, not the fees. So I’d expect a more direct and honest fee for external companies making business within the EU would be easier to pass if that were what they actually wanted, wouldn’t it?



  • I don’t think EVERYONE needs to understand / know about it. I mean, I remember when I was young most people had no idea how to use the internet (hell, they didn’t even know how to program a VHS), yet I was perfectly happy using that technology.

    I only need a specific set of people and specific communities to be there for it to be worth it. Like I said: I no longer use reddit, even though the fediverse has only a small fraction of the content existing in reddit… I would have expected people in the fediverse would be more receptive to unpopular but technologically/ethically superior alternatives.


  • Yes, but the question is: what does matrix need to establish itself as a solid alternative?

    You can’t answer that by saying “people don’t use it, change that” because that’s something only people can change, not matrix, that’d lead to a cyclic problem.

    Specially when that’s given as a counterpoint to justify not wanting to do the change for “this community”. It’s contradictory to want its popularity to be changed but accept the lack of change alone as a valid reason to justify your communities not changing.


  • like how not being able to sign up for something with tor and monero is a privacy violation, it’s not.

    Note that “secrecy” and “privacy” are often understood in Security lingo as different things. One protects confidentiality, the other one protects anonymity.

    It’s possible to have one and not the other…

    You can have a very private system through onion routing but have the contents of the messages exchanged be in plaintext, open to the public. Nobody will be able to know the one who wrote the message was you. But they can see the message. (then there is privacy, but not secrecy).

    Or you can have very strongly encrypted communications (say HTTPS) but have the DNS exchanges (or the TLS handshake, or the IP addresses) be in the clear, so people in the middle (eg. your ISP… or your workplace tech guys) can know exactly that the packages are sent by you and where you sent them, even if their content is encrypted. They can know which service you tried to access to, for how long and how many times (so you have secrecy, but not privacy).