• 259 Posts
Joined 3 lata temu
Cake day: lip 26, 2020

cross-posted from: https://szmer.info/post/254044 > > Pierwsze doniesienia o atakach na smart-lodówki pojawiły się już w 2014 roku. Od tamtej pory słyszeliśmy m\.in. o botnetach opartych na niezabezpieczonych kamerkach internetowych, niewystarczająco zabezpieczonych podłączonych do Internetu lalkach, czy… włamaniach na seks-zabawki. > > > I choć może brzmi to abstrakcyjnie, pamiętajmy, że wiele z tych podłączonych do Internetu urządzeń wyposażonych jest w kamerki i mikrofony. Są w naszych sypialniach i salonach, w naszych kuchniach, w pokojach naszych dzieci. Kto ma do nich dostęp? Kto zbiera z nich dane?

> Pierwsze doniesienia o atakach na smart-lodówki pojawiły się już w 2014 roku. Od tamtej pory słyszeliśmy m\.in. o botnetach opartych na niezabezpieczonych kamerkach internetowych, niewystarczająco zabezpieczonych podłączonych do Internetu lalkach, czy… włamaniach na seks-zabawki. > I choć może brzmi to abstrakcyjnie, pamiętajmy, że wiele z tych podłączonych do Internetu urządzeń wyposażonych jest w kamerki i mikrofony. Są w naszych sypialniach i salonach, w naszych kuchniach, w pokojach naszych dzieci. Kto ma do nich dostęp? Kto zbiera z nich dane?

If a cafe wants to enforce a “no phones” rule, they can do so relatively effectively. If a website wants to enforce a “no robots” rule (especially if they also want to not require any login to view the content on the site) they can ultimately only pretend to be able to do that effectively.

But you’re again conflating the issue of consent and enforcement. There are things we are able to do but we know to ask first before we do them. The fact that something is possible doesn’t mean that it’s allowed. The fact that something is not easy to enforce against does not make it okay to do it anyway.

What about public parks? Is it okay to walk around you while you’re having a conversation and record you, and then post that conversation on-line? Is it okay to use directional microphones to record you in such a setting? Doesn’t the whole recording-in-the-park thing from the Conversation give you the creeps?

Are you saying that the fact that something is difficult to enforce against makes it okay to do, even if the person you do this to does not want it done?

But unlisted toots are still technically public. If you scrape my profile, you will get them. And the point is: the fact that they are public in the technical sense does not mean I consented to them being scraped etc.

Just as wearing a short skirt is not blanket consent to sexual advances.

You technically can, and if you get caught the cafe can (and should, imo) kick you out for doing so.

Right, so we agree here. But you did not respond to the second question: are cafés public or private spaces?

I’m a big proponent of enforcing privacy in online and offline spaces with technology, policy, and social norms. I’m also opposed to magical thinking. Telling people that they can semi-publish, to have some of the benefits of publishing without some of the consequences, is misleading to the point of being dishonest.

Nobody is saying that. Nowhere in the thread I linked is that being said. Nowhere in my comments did I say that. It’s not about telling people they can or cannot “semi-publish”, it’s about telling people creating systems and products that they need to ask these people for permission to do certain things.

Or in other words: it’s not about telling café patrons they can or can’t have perfectly private conversations in the café, it’s about telling anyone who might want to potentially record conversations in that café “you have to ask and receive permission for this first”. That’s a pretty crucial difference.

Sure, I think we basically agree.

There are things that are impossible without JS, and there are things that are possible without it but JS is still the better choice for implementing them — as long as it’s not the bloated mess, pulling random libraries from a dozen third party services, that we know and “love” from a lot of websites. And as long as there is graceful degradation built-in.

Are cafés public, or private spaces? Can I just sit at the table next to yours and stream and record your conversation with your friends?

Violating the distinction between content and representation in the form of a few hidden radioboxes or checkboxes to be able to make a JS-less menu strikes me as a reasonable trade-off in a lot of cases.

Pretty advanced UIs things can be done using just CSS. For example, this little tidbit of mine. It’s not mobile-optimized, but that’s beside the point — the point is a complex interface done without a line of JS. Making it mobile-optimized is possible too, of course.

I don’t think you’re arguing in good faith. In fact, reading your comment again, I am pretty sure you are arguing in bad faith. And I have better things to do than engaging with that.

If anyone wants to engage in an honest conversation, those who follow me on fedi or have seen my comments around here know I’m totally game for that. But “and yet you engage in society! curious!”-level discussion is not worth anyone’s time, frankly. 🙂

Great job at working hard to miss the point entirely. 🤷‍♀️

I am one of those technology educators, and today I would still warn people that “Internet does not forget”, and that they need to be careful what they put out there.

That doesn’t mean we should not demand explanation from people who make it so, and that we should not demand them to ask for consent and respect our refusal to give it. I really appreciate how fedi culturally puts this front-and-center. I hope it continues to do so, and that this way of thinking spreads farther!

I agree that consent should not be a controversial topic. Regardless of how much it inconveniences techbros trying to “disrupt” yet another area of human endeavor.

I think search engines indexing plain old websites (blogs etc) are an importantly different case.

The nature of the medium in blogs/news websites/etc is way more public and way less intimate (in general…) than social media. Social media blur the line between private and public conversations, for better or worse.

Social media is like having a conversation in a public cafe; websites/blogs is more like publishing a newspaper or standing on the corner of a street shouting your message at strangers.

Making a public archive of newspapers or recording a person shouting at strangers is one thing. Recording semi-private conversations in a cafe is a whole different thing. Does that make sense?

It has its place, but if it can be avoided, I believe it should. Basically, if something can be implemented using just HTML/CSS, it’s probably better to do it that way.

Fun fact, I have a large JS-based project, because what the project aims to do is impossible without JS. But the website itself is almost completely JS-free, apart from the demos (which necessarily need to use the JS-based project itself).

It loads immediately (just flat HTML/CSS/image/font files), it does not slow down user experience in the browser, it also signals very clearly there are not weird third-party JS scripts slurping the data for whatever godawful reason.

Additionally, one can build pretty nice, responsive, fast UIs with just HTML and CSS, and browser developers spent decades optimizing their rendering engines for that. JavaScript components on the front-end tend to be buggy, slow, and just all-around shitty UI/UX.

Or exposure to harassment, including offline. Or context collapse. Or…

In the end, adding search would change the space dramatically, especially any privacy-related expectations. And there are about 2mln people who are using fedi with current set of expectations. There are hundreds of thousands who had been using it with this set of expectations for years. Waltzing in and bulldozing these expectations is just not a good idea.

So yeah, don’t do search on fedi unless you do some deep research about consent.

I don’t have to defend my right to decide how stuff I put out there can be used. Whoever wants to scrape my toots has to explain why they want to do so, and get my consent first.

And “well it’s publicly available so it’s fair game” is not enough of an argument. Just as “she was wearing a short skirt” is not consent to sexual advances.

Ah I might have misunderstood, sorry.

Fediverse is like e-mail
Therefore it needs a search engine


Apparently Buffer is pretty big in "social media professionals" circles.


Specjalista | Komenda Główna Policji w Warszawie | Warszawa | Praca w służbie cywilnej
> Specjalista w Sekcji Realizacji Inwestycji i Remontów Wydziału Inwestycji i Remontów KGP Biura Logistyki Policji 👀

Santa and "GDPR jokes"
> He’s making a list, he’s checking it twice, he’s gonna find out who’s naughty and nice, Santa Claus is in breach of the GDPR. Best introduction to GDPR I have seen so far. And I've seen a bunch.

Elton John "Dear Johned" Elon
> All my life I’ve tried to use music to bring people together. Yet it saddens me to see how misinformation is now being used to divide our world. > I’ve decided to no longer use Twitter, given their recent change in policy which will allow misinformation to flourish unchecked.

To jednocześnie fascynujące i przerażające, z jaką łatwością prawicowe trolle rozgrywają Muska
> Mastodon zamiast Twittera, PeerTube zamiast YouTube'a, Pixelfed zamiast Instagrama i Lemmy zamiast Reddita. Taka alternatywna sieć nie ma jednego punktu, gdzie ten czy inny regulator albo reżim może przyłożyć dźwignię. > > Z Michałem "ryśkiem" Woźniakiem, specjalistą ds. bezpieczeństwa informacji, byłym członkiem Rady ds. Cyfryzacji, rozmawia Jakub Kibitlewski No elo. 😉 Niestety paywall. 🤷‍♀️

Opis obrazka: mem "is this a pigeon", tyle że chłopak ma sowiecką czapkę wojskową, a zamiast motylka jest głowa Putina. Tekst: > Is this anti-colonialism? Podpis pod Putinem: > Straight-up colonialism

> A couple of weeks ago a billionaire, whose skin is apparently as thin as his wallet is thick, took over one of the important public squares on-line. It is a good moment to explore and recognize other dangers, in addition to failure to moderate the public debate, such centralized control creates. Twitter’s tumultuous transition to a privately held company became a lens, focusing — at long last — our collective attention on them. > > These issues are hardly new or unexpected. Activists and experts had been warning about problems related to centralized control of our daily communication tools for years. But by and large, our warnings went unheeded. Today, as we mourn the communities disrupted and connections lost, and grapple with the fallout, we have to recognize this is about more than just Twitter. And use the opportunity to learn not to make the same mistakes again. (...) > We can also build systems that allow people to switch providers without losing contact with their friends and coworkers — e-mail and mobile networks are good, familiar examples of these. The fact that the big social media services, or the huge online productivity providers, do not allow this kind of compatibility is a business decision, rather than a technological necessity. (...) > “Never let a good crisis go to waste”, Winston Churchill once said, and it would serve us well to lean into that wisdom today. A centralized, closed, monopolistic platform’s agony is a good opportunity to reconsider our over-reliance on Big Tech walled gardens in general.

Jeśli Elon Musk wykończy Twittera, to porozmawiajmy o zaletach i wadach ... Mastodona i Fediverse — OKO.press
> Osoby oczekujące identycznego interfejsu, podobnie działającego algorytmu rekomendacji, czy tych samych kont do śledzenia, tyle że bez Muska, nie znajdą ich na fedi — ale nie znajdą ich dziś również nigdzie indziej. Produkt "Twitter bez Elona" zwyczajnie nie jest już dostępny. > > To jednak niekoniecznie zła nowina. > > Ponieważ Fediverse opiera się na niezależnych serwerach, zarządzanych przez konkretne osoby czy społeczności, znacznie prężniej działa moderacja. (...) > Mastodon (jako oprogramowanie) i Fediverse (jako sieć i społeczność) mają też inne, ważne zalety nad Twitterem. Na przykład, znacznie bardziej używalna (a co za tym idzie, częściej używana) jest funkcja dodawania opisu obrazków. To ważne dla osób niewidomych i niedowidzących, korzystających z czytników ekranu. > > "Jak było nas [osób korzystających z Fediversu] mało, to niemal wszystkie grafiki były opisane" — mówi mi w rozmowie Jacek Zadrożny, ekspert do spraw dostępności, sam korzystający z czytników ekranu. — "Teraz jest gorzej, ale się poprawia. Uciekinierzy z Twittera uczą się tego. (...) > Innym rozwiązaniem dostępnym (i często wykorzystywanym) w Fediwersie, a w zasadzie nieobecnym na Twitterze, są "ostrzeżenia o zawartości" (w skrócie "CW" od ang. "content warning"). (...) > "Wydaje mi się bardzo ciekawe, co się dalej wydarzy" — podsumowuje Alek Tarkowski. — "Otwarte infrastruktury mają ogromny potencjał. Widzę, że trwają prace nad nowymi serwisami, na przykład PeerTube. Pytanie, czy się przyjmą. Dużą rolę widzę tu dla instytucji publicznych. Fajnie, że powraca dyskusja o tym, jak komunikuje się polski rząd".