Free and Open Source Software soloActivist • 9 months ago • 100%

There is a common theme pushed by fanatics of capitalism that never dies: that a profit-driven commercial project ensures higher quality products than products under non-profit projects. Some hard-right people I know never miss the chance to use the phrase *“good enough for government work”* to convey this idea. I’m not looking to preach to the choir here, but rather to establish a thread of scenarios that correspond to quality for the purpose of countering inaccurate narratives. This is the thread to share your stories. In my day job I’m paid to write code. Then I go home write code I was not paid for. My best work is done without pay. ***Commercial software development*** When I have to satisfy an employer, they don’t want quality code. They want ***fast*** code. They want band-aid fixes. The corporate structure is too myopic to optimize for quality. ::: spoiler Anti-gold-plating: I was once back-roomed by a manager and lectured for “gold plating”. That means I was producing code that was higher quality than what management perceives as economically optimal. ::: ::: spoiler Bug fixes hindered: I was caught fixing some bugs conveniently as I spotted them when I happened to have a piece of code checked out in Clearcase. I was told I was “cheating the company out of profits” because they prefer if the bugs each go through a documentation procedure so the customer can ultimately be made to pay separately for the bug fix. Nevermind the fact that my time was already charged anyway (but they can get more money if there’s a bigger paper trail involving more staff). This contrasts with the “you get what you pay for” narrative since money is diverted to busy work (IOW: working hard, not smart). ::: ::: spoiler Bugs added for “consistent quality”: One employer was so insistent on “consistent quality” that when one module was higher quality than another, they insisted on lowering the quality of the better module because improving the style or design pattern of the lower quality piece would be “gold plating”. This meant injecting bugs to achieve consistency. The bugs were non-serious varieties; more along the lines of needless complexity, reduced performance, coding standard non-compliances, etc, but nonetheless something that could potentially be charged to the customer to fix. ::: ::: spoiler Syntactic dumbing-down: When making full use of the language constructs (as intended by the language designers), I am often forced by an employer to use a more basic subset of constructs. Employers are concerned that junior engineers or early senior engineers who might have to maintain my code will encounter language constructs that are less common and it will slow them down to have to look up the syntax they encounter. Managers assume that future devs will not fully know the language they are working in. IMO employers under-estimate the value of developers learning on the job. So I am often forced avoid using the more advanced constructs to accommodate some subset of perceived lowest common denominator. E.g. if I were to use an array in bash, an employer might object because some bash maintainers may not be familiar with an array. ::: ***Non-commercial software development*** Free software developers have zero schedule pressure. They are not forced to haphazardly rush some sloppy work into an integration in order to meet a deadline that was promised to a customer by a manager who was pressured to give an overly optimistic timeline due to a competitive bidding process. #FOSS devs are free to gold-plate all they want. And because it’s a labor of love and not labor for a paycheck, FOSS devs naturally take more pride in their work. I’m often not proud of the commercial software I was forced to write by a corporation fixated on the bottom line. When I’m consistently pressured to write poor quality code for a profit-driven project, I hit a breaking point and leave the company. I’ve left 3 employers for this reason. ***Commercial software from a user PoV*** Whenever I encounter a bug in commercial software there is almost never a publicly accessible bug tracker and it’s rare that the vendor has the slightest interest in passing along my bug report to the devs. The devs are unreachable by design (cost!). I’m just one user so my UX is unimportant. Obviously when I cannot even communicate a bug to a commercial vendor, I am wholly at the mercy of their testers eventually rediscovering the same bug I found, which is unlikely in complex circumstances. ***Non-commercial software from a user PoV*** Almost every FOSS app has a bug tracker, forum, or IRC channel where bugs can be reported and treated. I once wrote a feature request whereby the unpaid FOSS developer implemented my feature request and sent me a patch the same day I reported it. It was the best service I ever encountered and certainly impossible in the COTS software world for anyone who is not a multi-millionaire.

Some Lemmy instances (e.g. Beehaw) do not support down votes. When an instance does support down-votes, authors often get zero feedback with the down votes which ultimately supports obtuse expression, shenanigans and haters. The status quo suffers from these problems: * down voters do not need to read the comment they are down voting * down votes empower non-moderators to suppress comments and posts * some communities struggle to get content because of some malicious down voters who down vote every post to discourage activity and effectively sabotage the community; voting privacy shields malicious down-voters from discovery and supports their attack * silent down votes are non-constructive * some people make heavy use of down votes to suppress civil comments purely because of disagreement; other (more civil) users only use down votes to suppress uncivil dialog. This inequality ultimately manifests to reduce civility. * transparency: kids and adults are accessing the same forums and adults are blind as to whether down votes are coming from kids (the rationale can reveal this) The fix: An instance admin should be able to flip a switch that requires every down vote to collect a 1-line rationale from the voter. These one-liners should be visible to everyone on a separate page. Upvotes do not need rationale. So instance owners should have 3 configuration options: * down votes disabled (beehaw) * down votes require rationale (proposed) * down votes out of control (the most common status quo) Perhaps overkill, but it might be useful if a moderator can cancel or suppress uncivil down votes. --- BTW, the reason this enhancement request is not in the official bug trackers: * Lemmy’s bug tracker is in MS Github (#deleteGithub) * Kbin’s bug tracker is on codeberg, who silently deleted my account without warning or reason, and #Codeberg reg forces a graphical CAPTCHA (which fails on my non-graphical browser). #lemmyBug #KbinBug /cc [@nutomic@lemmy.ml](https://lemmy.ml/u/nutomic) [@ernest@kbin.social](https://kbin.social/u/ernest)

It would be useful to have more refined control over participation in a group. Someone should be able to create a group that gives permissions to specific individuals. A variety of permissions would be useful: * permission to see that a community/mag ***exists*** (some groups may or may not want to be listed in searchable a public directory) * permission to ***read*** the posts in a community/mag * permission to ***vote*** in the community/mag * permission to ***start a new thread*** in the community/mag * permission to ***comment*** on an existing thread in the community/mag A forum creator should be able to set the above perms on: * individual accounts * all users on an instance (e.g. users on an instance `@weH8privacy.com` might be unfit for voting and writing comments in the community “fightForPrivacy”) * all users not on an instance (e.g. local users only [for example](https://github.com/LemmyNet/lemmy/issues/1576#issuecomment-1611105437)) * instance IP-based (e.g. users from Cloudflared instances might be unfit to participate in a group called “decentralizationAdvocacy”) Settings for individuals should override instance-specific settings. So e.g. a “fightForPrivacy” forum might allow all forms of participation from an instance `stop1984.org`, but if `antiprivacyMallory@stop1984.org` is uncivil, a mod should be able to block all inputs from that user yet perhaps still allow `antiprivacyMallory` to just ***read*** the posts on the off chance of influencing the user to be more civil through exposure to civil chatter. ::: spoiler More background on the rationale - why the fedi needs this (click to expand) The fedi has undergone a huge flood of new users, largely moderates from Twitter. The moderates dilute movements. Consider the evolution of raves and Burning Man. The beginning was a rich subculture that briefly evolved in isolation apart from the ordinary world. These subcultures became more enriched within their own world whereby the core ideas spawned more culture. Then word got out and spread like brush fire. Masses of uninitiated crowds flooded into raves and Burning Man faster than they could be integrated. Commercialization took hold faster than people could be integrated. The scene became diluted with clubbers and conservatives who essentially turned raves into clubs. The way to promote raves that resembled the original experience was to selectively flyer party goers who overtly embraced the experience, who were not merely there to *be seen*. IOW, the fix was invite-only events. The flood of moderates into the fedi has crippled the decentralization movement and corrupted the vision. The fedi is now swamped with people from huge instances that are centralized on Cloudflare (lemmy.world, sh.itjust.works, lemmy.ca, lemm.ee, programming.dev, zerobytes.monster) and lemmy.ml. People without a firm grasp on the meaning, purpose, and benefits of decentralization and privacy still find their way into “privacy” communities and make foolish remarks (e.g. not sharing personal correspondence with Google and Microsoft “[is tinfoil-hattery](https://links.hackliberty.org/comment/1297282)”). Sure, it’s favorable that the “I have nothing to hide” crowd intermingle with more sophisticated privacy-aware folks. It’s important that there be a venue where ignorance can be reversed. But-- **Moderates are a drag on activism.** A “PrivacyAction” forum does not benefit from a mob of idiots who see those practicing established infosec principles as “tinfoil hat” nutters to heckle. Security-wise people with infosec degrees naturally and unavoidably appear “paranoid” to normies. These normies and hecklers can only get in the way in a workshop-centric forum with the mission of strategizing activist movements and protests. Fair enough if a “climate” forum has climate deniers butting heads with those who accept the climate-relevant science. That dialog is needed. But we don’t want climate deniers in a “climate *ACTION*” forum. They are only there to dilute and sabotage.. to side-track the discussion. A workshop is not interested in rhetoric from those who oppose their mission. So the status quo of #Lemmy and #Kbin disservices activism. ::: --- **Workaround 1 (Lemmy only):** Make an announcement community and make all participants a moderator. Bit crazy unless you really trust everyone involved. **Workaround 2 (Lemmy):** One community per instance using [instance-specific registration control](https://github.com/LemmyNet/lemmy/issues/209). Still too blunt, cumbersome, excludes mods who don’t have their own instance. **Question** Sometimes I click to subscribe to a community which then goes into a “subscription pending” state. What does that mean? As a moderator of some groups I never receive a signal that someone is requesting to subscribe. --- BTW, the reason this enhancement request is not in the official bug trackers: * Lemmy’s bug tracker is in MS Github (#deleteGithub) * Kbin’s bug tracker is on codeberg, who silently deleted my account without warning or reason, and #Codeberg reg forces a graphical CAPTCHA (which fails on my non-graphical browser). #lemmyBug #KbinBug /cc [@nutomic@lemmy.ml](https://lemmy.ml/u/nutomic) [@ernest@kbin.social](https://kbin.social/u/ernest)

Blind Main soloActivist • 9 months ago • 92%

Some of you might be interested in [this Mastodon thread](https://mastodon.social/@pkiff/111307458285193467). It’s a bit of bashing PDFs for having poor accessibility, and some [guidance](https://www.w3.org/WAI/WCAG22/Techniques/#pdf) on improving PDFs for accessibility. Some people are saying they prefer MS Word over PDF for accessibility reasons. Of course the elephant in the room is that “accessibility” is an over-loaded word. It usually refers to usability by impaired people, but in the case of being generally usable to all people on a broad range of platforms, MS Word is obviously inaccessible due to being encumbered by proprietary tech by a protectionist corporation.

cross-posted from: https://links.hackliberty.org/post/582272 > I have lots of old friends who I only maintained sparse contact with. When I let my personal email address die (the address they would all have records of), I did not bother to update them with a new address. > > They are all on the platform of some surveillance capitalist (e.g. Google or Microsoft). Google & Microsoft both refuse connections from self-hosted residential servers. And even if they didn’t, I am not willing to feed those surveillance advertisers who obviously don’t limit their surveillance to their users but also inherently everyone who makes contract with their users. I cannot support that or partake in pawning myself to subsidize someone else’s service. > > I just wonder if anyone else has taken this step.

Privacy soloActivist • 9 months ago • 81%

www.bbc.co.uk

cross-posted from: https://links.hackliberty.org/post/609883 > This BBC interview has a #Cloudflare rep David Bellson who describes CF’s observations on internet traffic. CF tracks for example the popularity of Facebook vs. Tiktok. Neither of those services are Cloudflared, so how is CF tracking this? Apparently they are snooping on traffic that traverses their servers to record what people are talking about. Or is there a more legit way Cloudflare could be monitoring this activity?

Privacy soloActivist • 9 months ago • 27%

I have lots of old friends who I only maintained sparse contact with. When I let my personal email address die (the address they would all have records of), I did not bother to update them with a new address. They are all on the platform of some surveillance capitalist (e.g. Google or Microsoft). Google & Microsoft both refuse connections from self-hosted residential servers. And even if they didn’t, I am not willing to feed those surveillance advertisers who obviously don’t limit their surveillance to their users but also inherently everyone who makes contract with their users. I cannot support that or partake in pawning myself to subsidize someone else’s service. I just wonder if anyone else has taken this step.

There’s a widespread nuisance of shared e-scooters (which do not need to be locked) taking up bicycle stalls that cyclists need to lock their bikes. Are e-scooter platforms instructing users to use bicycle racks? Or are people doing that against policy?

Privacy soloActivist • 9 months ago • 76%

Some banks will annually mail a paper “welcome” letter to all customers purely for the purpose of collecting bounced mail ultimately to verify if anyone has moved without telling them. The letters never state that’s the purpose.. they take that opportunity to talk about their service in arbitrary ways. Some banks even charge customers a fee for their cost in doing that. If you ask the banker about it they readily admit that it’s an address verification technique. That’s it.. just a PSA so folks are aware, as it is a bit sneaky. Some national postal services (e.g. USPS) sell your mail forwarding information which is how you get tracked to your new location by various entities even when you did not inform them of your new address. So obviously a good defensive measure is to never use the mail forwarding service. Select the entities you want to know your new address and inform them directly. But then to get some immunity to the sneaky trick in the 1st paragraph, perhaps give the next resident a stack of addressed envelopes and stamps and ask the next resident to ~~forward~~ (remail) for you.. or just ask them to trash your mail instead of returning it.

Fight For Privacy soloActivist • 9 months ago • 94%

A public service started blocking access from Tor users. Blocks like this almost never have the courtesy to acknowledge ***why*** you are blocked (Tor) much less why they decided to exclude Tor users from public access. The blockades seem to always be implemented by an asshole. So I play dumb: “your site is no longer working… here is my screenshot…('Unable to connect')”. I submit that as a complaint. The response I would hope for: “Oh, we are sorry sir, we will send you a link to our bulletin page that publishes a chronology of all changes we make to the site and have a technician call you to troubleshoot the problem.” My goal is to burden those behind unjustified/undocumented anti-Tor configs so they spend some time investigating as a consequence of their unannounced change and their useless error messages. What really happens: They reply saying: “the server works. No problems were reported. The problem is with your browser. Try another computer/browser”. So indeed, they double-down on being assholes. They give this snap response having no idea what could have gone wrong. There is no escalation procedure in government when you reach an incompetent person. So what’s the counter-move? Proposal: network with other Tor users in the region. When one user reports a tor-hostile, everyone else in the group should verify the block and complain at the same time; everyone taking care not to mention Tor. It should remove the the knee-jerk “there have been no complaints” response. Has anyone tried this?

Blind Main soloActivist • 10 months ago • 100%

I’m not blind but I browse with images disabled. This means I can no longer login to Protonmail because they push CAPTCHAs. I know some CAPTCHAs have an audio option but I just get a blank box from Protonmail’s CAPTCHA. So I was wondering how blind people deal with that, or if they are simply excluded from using #Protonmail.

Fight For Privacy soloActivist • 10 months ago • 86%

If you have a defensive browser that runs over Tor and blocks popups, CAPTCHAs, dark-pattern-loaded cookie walls, and various garbage, we still end up at the losing end of the arms race. The heart of the problem is that privacy enthusiasts are exposed to the same search engine rankings that serve the privacy-naïve/unconcerned masses. Would it make sense for the browser to autodetect various kinds of enshitification, add the hostname to a local db for future use, then report the hostname anonymously over Tor to central db that serves as an enshitification tracker? The local and centralized DBs could be used to down-rank those sites in future results. And if a link to enshitified sites appears on a page unrelated to searches it could be cautioned with a “⚠”. Some forms of enshitification would probably need manual detection but I could see people being motivated to contribute. The security and integrity of a centralized db would perhaps be the hardest part of the effort. But if that could be sorted out, we could get search results to prioritize (pro-user) resources. In principle the DB could also track access methods by which a website is garbage-free (e.g. if the garbage does not manifest when viewed in Lynx, then that should be captured in the DB as well).

If you try to download video `lU4vv7qCQvg` on a variety of #Invidious instances, some (most?) redirect you to a realtime player instead of serving up the file. Those instances that cause the wrong action work correctly for other videos. works → https://invidious.fdn.fr/watch?v=lU4vv7qCQvg broken → https://iv.ggtyler.dev/watch?v=lU4vv7qCQvg

cybersecurity soloActivist • 10 months ago • 85%

cross-posted from: https://links.hackliberty.org/post/454425 > When I visit this post: > > https://jlai.lu/post/2250911 > > the embedded short abstract intro to the article is “403 Blocked www.lecho.be” When I try visiting the link directly I get “403 bot detection”. This suggests that everyone who opens that thread independently visits that webpage by way of some javascript that’s not under the user’s control. If 1000 people open that thread, then 1000 separate fetches are made. That’s a poor design. The server could do that job just once and the results would be more reliable. As opposed to everyone getting different results. > > This is also a #privacy #security bug. Someone who opens a thread does not necessarily intend to fetch the linked article. Non-tor users are under surveillance in some countries (e.g. the US, where Trump enacted law s.t. ISPs can collect data on users without consent). So they should have control over what sites they visit. Merely opening a thread is an abuse because it makes users actions instantly trackable. IOW, users share information with their ISP without their knowledge or control. > > Note that the example thread shows the full text of the article because the author was diligent about copying it. But that’s not the general case. > > #bug #lemmyBug

When I visit this post: https://jlai.lu/post/2250911 the embedded short abstract intro to the article is “403 Blocked www.lecho.be” When I try visiting the link directly I get “403 bot detection”. This suggests that everyone who opens that thread independently visits that webpage by way of some javascript that’s not under the user’s control. If 1000 people open that thread, then 1000 separate fetches are made. That’s a poor design. The server could do that job just once and the results would be more reliable. As opposed to everyone getting different results. This is also a #privacy #security bug. Someone who opens a thread does not necessarily intend to fetch the linked article. Non-tor users are under surveillance in some countries (e.g. the US, where Trump enacted law s.t. ISPs can collect data on users without consent). So they should have control over what sites they visit. Merely opening a thread is an abuse because it makes users actions instantly trackable. IOW, users share information with their ISP without their knowledge or control. Note that the example thread shows the full text of the article because the author was diligent about copying it. But that’s not the general case. #bug #lemmyBug

Privacy soloActivist • 10 months ago • 100%

The #GDPR states that if an access request is submitted electronically, the response must also be electronic. But then there is a separate rule that if the data is too sensitive for the means of transmission that have been established (e.g. unencrypted email), the data controller must still respect the security requirements in their response at the same time and maintain an appropriate security level for the data. Thus this could mean that they have to send a USB stick via postal service to the data subject. But then at the same time, there is another rule that an initial request must be completed free of charge. So taking all that together, there are situations where data subjects will end up with gratis USB sticks. This inspires the question: what kind of data is too sensitive for unencrypted transmission and what kind of data is not? EDIT: If I were a data controller and for whatever reason I could not establish an appropriately secure channel, I might be tempted to offer data subjects these choices: * provide it on optical media (it’s the subject’s problem if they no longer have a drive) * demand a *refundable* deposit for the media and provide a postage-paid return envelope * require the data subject to deliver their own media * offer the option for the data subject to appear on site in person and copy the data, and return the media * publicly post PDF docs that are AES-encrypted and snail-mail the password to them I have no idea if those would be compliant. Likely the 4th bullet is, because it’s expressly stated that data controllers can require data subjects to collect their data in person so the data controller can get a signature proving that the data made it into the correct hands.

Fight For Privacy soloActivist • 10 months ago • 80%

cross-posted from: https://links.hackliberty.org/post/435505 > A data controller responded to a #GDPR request under art.15 & 17 (thus, an access request coupled with erasure request). They responded with a refusal, demanding ID card. They probably demanded it be in color, but I responded with a black and white copy of my ID. They refused again, affirming that the ID card must be in color. So then I sent them a color copy, but I used black boxes to redact my facial image and all personal text except my name. They again refused to honor my request, saying “zonder vlekken en met een goede resolutie om te worden geaccepteerd”. That translates into “without spots or stains”, correct? I don’t think that means without redactions. > > Anyway, I would like a GDPR expert to confirm or deny whether the controller’s refusal and demands are lawful. > > The relevant GDPR text is: > > * https://gdpr-text.com/read/recital-64/ > * https://gdpr-text.com/read/article-12/#para_gdpr-a-12_6 > > My request (via post) included my residential address and also mentioned a unique email address that only that controller knows me by (though they would not necessarily know it’s unique). Shouldn’t that be sufficient? *UPDATE* [This abstract](https://legalitgroup.com/en/guidelines-01-2022-on-data-subject-rights-right-of-access/) covers some of my questions. Indeed redactions on the ID card are allowed when making requests.

Privacy soloActivist • 10 months ago • 90%

A data controller responded to a #GDPR request under art.15 & 17 (thus, an access request coupled with erasure request). They responded with a refusal, demanding ID card. They probably demanded it be in color, but I responded with a black and white copy of my ID. They refused again, affirming that the ID card must be in color. So then I sent them a color copy, but I used black boxes to redact my facial image and all personal text except my name. They again refused to honor my request, saying “zonder vlekken en met een goede resolutie om te worden geaccepteerd”. That translates into “without spots or stains”, correct? I don’t think that means without redactions. Anyway, I would like a GDPR expert to confirm or deny whether the controller’s refusal and demands are lawful. The relevant GDPR text is: * https://gdpr-text.com/read/recital-64/ * https://gdpr-text.com/read/article-12/#para_gdpr-a-12_6 My request (via post) included my residential address and also mentioned a unique email address that only that controller knows me by (though they would not necessarily know it’s unique). Shouldn’t that be sufficient? I ultimately need to know whether a DPA should get involved.

Privacy soloActivist • 10 months ago • 100%

It seems rare that VOIP providers offer a secure tunnel using TLS. I have 2 providers and neither support TLS-- which is reckless because phone conversations are more sensitive than using the web. Conversations are not only quite personal but the realtime nature of a spoken conversation encourages people to divulge things faster than they can think about security. It’s a shitty trend particularly when unwarranted surveillance in the US has targeted VOIP specifically. And why not.. it’s in the clear. Sure, there is the problem that TLS can only secure one segment of the conversation. So if you call your doctor or lawyer using a rare TLS-capable VOIP provider, it’s only secure to the VOIP server and thereafter it’s in the clear. Is that the rationale for VOIP providers not bothering?

Dark Web soloActivist • 10 months ago • 83%

cross-posted from: https://links.hackliberty.org/post/285435 > When a private sector company blocks Tor, I simply boycott. No private entity is so important that I cannot live well enough without them. But when a *public* service blocks Tor, that’s a problem because we are increasingly forced to use the online services of the public sector who have gone down the path of assuming offline people do not exist. > > They simply block Tor without discussion. It’s not even clear who at what level makes these decisions.. could even be an IT admin at the bottom of the org chart. They don’t even say they’re blocking Tor. They don’t even give Tor users a block message that admits that they block Tor. They don’t disclose in their privacy policies that they exclude Tor. > > Just a 403 error. That’s all we get. As if it needs no justification. Why is the Tor community so readily willing to play the pushover? Even the Tor project itself will not stand up for their own supporters. > > The lack of justification is damaging because it essentially sends the message: “you Tor-using privacy seekers are such scum we don’t even have to explain why you are outcast. We don’t even have to ask permission to exclude you from participating in society” This reinforces the myth that Tor users are criminals and encourages non-criminal Tor users to abandon Tor, thus shrinking the Tor userbase. The civilized world has evolved to a point of realizing the injustice of #collectivePunishment. At best this is a case of punishing many because of a few. I say “at best” because I’m skeptical that a bad actor provokes the arbitrary denial of service. > > When the question is publicly asked “why did service X start blocking Tor” answers always come as speculation from people who don’t really know, who say they were probably attacked.

Dark Web soloActivist • 10 months ago • 90%

cross-posted from: https://links.hackliberty.org/post/303031 > These are the steps I take against companies who block Tor (e.g. a grocery store, bank, DNS provider.. whoever you do business with who have started using Cloudflare): > > 1. GDPR art.17 request to delete my email address & any other electronic means to reach me, but nothing else. > 2. Wait 30 days for them to comply. > 3. GDPR art.13 & 14 request to disclose all entities personal data was shared with + art.15 request for all my data (if I am interested) + art.17 request to erase all records. These requests are sent together along with criticisms for their lack of respect for privacy and human rights and shaming for treating humans like robots (if that’s the case). > > The reason for step 1 & 2 is to neuter the data controller’s option to respond electronically so they are forced to pay postage. It’s a good idea as well because they would otherwise likely use Microsoft for email and you obviously don’t want to feed MS. It may be feasible to skip steps 1 & 2 by withdrawing consent to use the email address (untested). > > A few people doing this won’t make a dent but there is a threshold by which a critical mass of requests would offset their (likely uncalculated) cost savings by arbitrarily marginalizing the Tor community. It’s a way to send a message that cannot be ignored.

Privacy soloActivist • 11 months ago • 100%

Some good samaritan has created a list of school board candidates and dug up dirt on them. They’re doing a good public service, but then I have to wonder: what if this happened in Europe? Wouldn’t those candidates have a #GDPR right to be removed from that list? I don’t think I’ve noticed anything in the GDPR that exceptionally withholds protections for public service people. (BTW, plz excuse the Google link. I hate to publicize a link to Google but there seems to be no free-world way to reach Google Docs.) EDIT: fixed. #askFedi #lawFedi

cross-posted from: https://links.hackliberty.org/post/307315 > Considering Sam Bankman-Fried claimed to practice #effectiveAltruism, and the fact that he makes substantial political donations, I thought we can validate to some extent whether his effective altruism is bogus or genuine. I thought this would be easily settled. If he favors democrats, he’s putting humanity above wealth & tyranny. If republicans, the altruistic claim can be easily dismissed. > > It turns out #SamBankmanFried donated to democrats and republicans both. It’s unclear if the donations were equally effective for both parties, but interesting that he donated to dems in-the-clear while hiding donations to republicans. One of the notable donations went to a congressman who was most critical of cryptocurrency. So naturally he had to bribe that politician. > > Dems were surprised to find that he also donated to republicans (and by his own admission!). Had he donated to both parties in transparency, recipients could see their opponent is also being fed and disregard the donation (i.e. give no preferential treatment). Seeing all the recipients would reveal if there were at least a consistent ideology or philosophy in play. > > I have to conclude the political donations were likely all just to promote his own success. It does not completely nix the claim of effective altruism because he would argue it was purely a wealth accumulation endeavor as a precursor to effective altruism. But I have to say someone who is fully engaged in the idea of effective altruism would be irresistibly selective in who receives political contributions even at the cost of reduced wealth. A humanitarian would not be able to stomach the idea of financing a republican war chest. > > You also have to figure that since he chose to make dem financing transparent and repub financing in the dark, he inherently gave republican recipients full view of it. That’s only viable if he donates much more to republicans who would see that he donates mere peanuts to the opponent for optics.

Philosophy soloActivist • 11 months ago • 57%

Considering Sam Bankman-Fried claimed to practice #effectiveAltruism, and the fact that he makes substantial political donations, I thought we can validate to some extent whether his effective altruism is bogus or genuine. I thought this would be easily settled. If he favors democrats, he’s putting humanity above wealth & tyranny. If republicans, the altruistic claim can be easily dismissed. It turns out #SamBankmanFried donated to democrats and republicans both. It’s unclear if the donations were equally effective for both parties, but interesting that he donated to dems in-the-clear while hiding donations to republicans. One of the notable donations went to a congressman who was most critical of cryptocurrency. So naturally he had to bribe that politician. Dems were surprised to find that he also donated to republicans (and by his own admission!). Had he donated to both parties in transparency, recipients could see their opponent is also being fed and disregard the donation (i.e. give no preferential treatment). Seeing all the recipients would reveal if there were at least a consistent ideology or philosophy in play. I have to conclude the political donations were likely all just to promote his own success. It does not completely nix the claim of effective altruism because he would argue it was purely a wealth accumulation endeavor as a precursor to effective altruism. But I have to say someone who is fully engaged in the idea of effective altruism would be irresistibly selective in who receives political contributions even at the cost of reduced wealth. A humanitarian would not be able to stomach the idea of financing a republican war chest. You also have to figure that since he chose to make dem financing transparent and repub financing in the dark, he inherently gave republican recipients full view of it. That’s only viable if he donates much more to republicans who would see that he donates mere peanuts to the opponent for optics.

Fight For Privacy soloActivist • 11 months ago • 83%

These are the steps I take against companies who block Tor (e.g. a grocery store, bank, DNS provider.. whoever you do business with who have started using Cloudflare): 1. GDPR art.17 request to delete my email address & any other electronic means to reach me, but nothing else. 2. Wait 30 days for them to comply. 3. GDPR art.13 & 14 request to disclose all entities personal data was shared with + art.15 request for all my data (if I am interested) + art.17 request to erase all records. These requests are sent together along with criticisms for their lack of respect for privacy and human rights and shaming for treating humans like robots (if that’s the case). The reason for step 1 & 2 is to neuter the data controller’s option to respond electronically so they are forced to pay postage. It’s a good idea as well because they would otherwise likely use Microsoft for email and you obviously don’t want to feed MS. It may be feasible to skip steps 1 & 2 by withdrawing consent to use the email address (untested). A few people doing this won’t make a dent but there is a threshold by which a critical mass of requests would offset their (likely uncalculated) cost savings by arbitrarily marginalizing the Tor community. It’s a way to send a message that cannot be ignored.

Fight For Privacy soloActivist • 11 months ago • 80%

cross-posted from: https://links.hackliberty.org/post/285435 > When a private sector company blocks Tor, I simply boycott. No private entity is so important that I cannot live well enough without them. But when a *public* service blocks Tor, that’s a problem because we are increasingly forced to use the online services of the public sector who have gone down the path of assuming offline people do not exist. > > They simply block Tor without discussion. It’s not even clear who at what level makes these decisions.. could even be an IT admin at the bottom of the org chart. They don’t even say they’re blocking Tor. They don’t even give Tor users a block message that admits that they block Tor. They don’t disclose in their privacy policies that they exclude Tor. > > Just a 403 error. That’s all we get. As if it needs no justification. Why is the Tor community so readily willing to play the pushover? Even the Tor project itself will not stand up for their own supporters. > > The lack of justification is damaging because it essentially sends the message: “you Tor-using privacy seekers are such scum we don’t even have to explain why you are outcast. We don’t even have to ask permission to exclude you from participating in society” This reinforces the myth that Tor users are criminals and encourages non-criminal Tor users to abandon Tor, thus shrinking the Tor userbase. The civilized world has evolved to a point of realizing the injustice of #collectivePunishment. At best this is a case of punishing many because of a few. I say “at best” because I’m skeptical that a bad actor provokes the arbitrary denial of service. > > When the question is publicly asked “why did service X start blocking Tor” answers always come as speculation from people who don’t really know, who say they were probably attacked.

Privacy soloActivist • 11 months ago • 81%

When a private sector company blocks Tor, I simply boycott. No private entity is so important that I cannot live well enough without them. But when a *public* service blocks Tor, that’s a problem because we are increasingly forced to use the online services of the public sector who have gone down the path of assuming offline people do not exist. They simply block Tor without discussion. It’s not even clear who at what level makes these decisions.. could even be an IT admin at the bottom of the org chart. They don’t even say they’re blocking Tor. They don’t even give Tor users a block message that admits that they block Tor. They don’t disclose in their privacy policies that they exclude Tor. Just a 403 error. That’s all we get. As if it needs no justification. Why is the Tor community so readily willing to play the pushover? Even the Tor project itself will not stand up for their own supporters. The lack of justification is damaging because it essentially sends the message: “you Tor-using privacy seekers are such scum we don’t even have to explain why you are outcast. We don’t even have to ask permission to exclude you from participating in society” This reinforces the myth that Tor users are criminals and encourages non-criminal Tor users to abandon Tor, thus shrinking the Tor userbase. The civilized world has evolved to a point of realizing the injustice of #collectivePunishment. At best this is a case of punishing many because of a few. I say “at best” because I’m skeptical that a bad actor provokes the arbitrary denial of service. When the question is publicly asked “why did service X start blocking Tor” answers always come as speculation from people who don’t really know, who say they were probably attacked.

After submitting an HTML sample in [this post](https://links.hackliberty.org/post/264937), #Lemmy gutted the content ***silently*** and destructively without telling me. The original text is totally lost and not recoverable. I only noticed because more than half the code was discarded. This is terrible. It’s perhaps understandable that raw HTML might have security issues if it appears as-is, so of course the angle brackets should be automatically encoded as literals by the submission processing modules. The status quo is obviously a #LemmyBug because authors are not even warned about the destruction and given a chance to preserve their work. It just gets trashed.

Blind Main soloActivist • 11 months ago • 100%

A public library’s website has iconified buttons instead of textual buttons; I assume to make it easy for those who don’t speak the local language. The code snip looks like this: ``` <div>Wifi</div> <div><p></p> </div> ``` Will that cause problems for blind people considering `alt=""`? I don’t have a screen reader or whatever tools blind people use, so I’m somewhat blind in being able to know if the website is reasonably accessible. Lynx shows the button descriptions just fine, so I think if a blind user ran #Lynx with a screen reader the UX would work. But what if a GUI browser is used in order to run JavaScript? I loaded the site in a GUI browser with image loading disabled and the text description (“WiFi” in this case) does not appear unless I hover the mouse over the substitute icon for the missing icon. So the question is: do a screen readers handle that okay? EDIT: Shit, my HTML code was gutted by #Lemmy even though it was a code block thus making the above code useless (calling that a #LemmyBug). Perhaps it’s not important for answering my question. ([bug reported](https://links.hackliberty.org/post/265101))

Solarpunk Travel soloActivist • 11 months ago • 31%

cross-posted from: https://links.hackliberty.org/post/226775 > After living in a region that was (foolishly¹) designed exclusively for cars, I moved to a proper city: a city with public transport and a cycling infrastructure. Started using public transport and felt liberated. No more insurance burden, no maintenance burden, no vehicle registration, no traffic fines, parking fees &amp; fines, no more financing unethical right-wing oil companies that are burning up the planet, etc. It was a weight off my shoulders to live cheaper and more ethical. > > ***public transport also unethical*** > > Then a colleague convinced me that using public transport needlessly is also unethical.. that the huge amount of energy required to power that infrastructure is still harmful &amp; wasteful. Public transport needs to exist for various reasons like serving disabled people, but when able-bodied people flood onto it more vehicles must be dispatched more frequently. I was adding to that burden. > > ***the winner: cycling*** > > So after years on public transport I switched to a bicycle. It’s even cheaper than public transport. And it came with another upgrade to liberties: > > * privacy— my realtime whereabouts is no longer surveilled &amp; tracked (no license plate readers, no public transport card readers w/DBs, no insurance records which can then intermingle with other insurance &amp; credit records &amp; cause harm in other ways). > > * independence— it’s easy to maintain one’s own bicycle. So I’m free of dependency on mechanics &amp; free of dependency on public transport schedules (which can be unreliable). Dirt cheap and you only need to depend on yourself. > > After evolving into a cyclist, I cannot stomach the thought of living again in a non-cyclable region. Those regions are encumbered by stupidity and addicts: people addicted to their perception of convenience (despite sitting in traffic that bicycles are immune to and despite looking for parking)… and people addicted to energy (from oil or power plants) because they think peddling their bike will be a notable effort. > > ***Intelligence of car drivers*** > > It’s been said jokingly (by Douglas Adams IIRC) that dolphins are smarter than humans because they’ve figured out how to get their needs met without investing crazy amounts of cost and labor to create things that work against them to some extent. Cyclists are like dolphins in this regard, as they see people work their asses off to be able to afford the car that takes them to work, where they earn the money to finance their car ownership so they can work more. At the same time they work to finance the oil politicians who work against them. > > 2023 research suggests [cycling makes you smarter](https://goldcountrymedia.com/news/294091/we-knew-it-all-along-cyclists-are-smarter/) and apparently 2014 research suggests cyclists are more intelligent² (I suspect there’s the factor that people with naturally higher IQs favor cycling anecdotally. E.g. many profs cycle to universities). > > ***self imprisonment*** > > We all live in a prison of some kind. My new prison is being self-excluded from a big chunk of the car-dependent world and living in all those regions. But I prefer my new prison better than that of car dependency and being forced to finance companies that finance politicians who work against humanity. > > _*footnotes*_ > > ¹: it would be unfair to fault pre-climate aware municipal designs as foolish, but foolish that decades thereafter these shitty designs are still being maintained (unlike Utrecht who were wise enough to [realize their mistake &amp; fix it](https://mastodon.online/@BrentToderian/109907272450375948)) while people continue rewarding the shit designs with their residency and tax. > > ²: I’ve not read the 2014 study myself. Some articles claim the research shows cyclists are [*perceived*](https://web.archive.org/web/20220603230839/https://www.independent.co.uk/sport/cycling/cyclists-are-more-intelligent-charitable-and-cool-than-the-average-person-says-study-9051434.html) as more intelligent while other reports claim cyclists [*are* more intelligent](https://www.huffingtonpost.co.uk/2014/01/09/cyclists-more-intelligent-charitable_n_4569136.html).

Philosophy soloActivist • 11 months ago • 27%

After living in regions that were (foolishly¹) designed exclusively for cars, I moved to a proper city: a city with public transport and a cycling infrastructure. Started using public transport and felt liberated. No more insurance burden, no maintenance burden, no vehicle registration, no traffic fines, parking fees &amp; fines, no more financing unethical right-wing oil companies that are burning up the planet, etc. It was a weight off my shoulders to live cheaper and more ethical. ***public transport also unethical*** Then a colleague convinced me that using public transport needlessly is also unethical.. that the huge amount of energy required to power that infrastructure is still harmful &amp; wasteful. Public transport needs to exist for various reasons like serving disabled people, but when able-bodied people flood onto it more vehicles must be dispatched more frequently. I was adding to that burden. ***the answer: cycling*** So after years on public transport I switched to a bicycle. It’s even cheaper than public transport. And it came with another upgrade to liberties: * privacy— my realtime whereabouts is no longer surveilled &amp; tracked (no license plate readers, no public transport card readers w/DBs, no insurance records which can then intermingle with other insurance &amp; credit records &amp; cause harm in other ways). * independence— it’s easy to maintain one’s own bicycle. So I’m free of dependency on mechanics &amp; free of dependency on public transport schedules (which can be unreliable). Dirt cheap and you only need to depend on yourself. After evolving into a cyclist, I cannot stomach the thought of living again in a non-cyclable region. Those regions are encumbered by stupidity and addicts: people addicted to their perception of convenience (despite sitting in traffic that bicycles are immune to and despite looking for parking)… and people addicted to energy (from oil or power plants) because they think peddling their bike will be a notable effort. ***Intelligence of car drivers*** It’s been said jokingly (by Douglas Adams IIRC) that dolphins are smarter than humans because they’ve figured out how to get their needs met without investing crazy amounts of cost and labor to create things that work against them to some extent. Cyclists are like dolphins in this regard, as they see people work their asses off to be able to afford the car that takes them to work, where they earn the money to finance their car ownership so they can work more. At the same time they work to finance the oil politicians who work against them. 2023 research suggests [cycling makes you smarter](https://goldcountrymedia.com/news/294091/we-knew-it-all-along-cyclists-are-smarter/) and apparently 2014 research suggests cyclists are more intelligent² (I suspect there’s the factor that people with naturally higher IQs favor cycling anecdotally. E.g. many profs cycle to universities). ***self imprisonment*** We all live in a prison of some kind. My new prison is being self-excluded from a big chunk of the car-dependent world and living in all those regions. But I prefer my new prison better than that of car dependency and being forced to finance companies that finance politicians who work against humanity. _*footnotes*_ ¹: it would be unfair to fault pre-climate aware municipal designs as foolish, but foolish that decades thereafter these shitty designs are still being maintained (unlike Utrecht who were wise enough to [realize their mistake &amp; fix it](https://mastodon.online/@BrentToderian/109907272450375948)) while people continue rewarding the shit designs with their residency and tax. ²: I’ve not read the 2014 study myself. Some articles claim the research shows cyclists are [*perceived*](https://web.archive.org/web/20220603230839/https://www.independent.co.uk/sport/cycling/cyclists-are-more-intelligent-charitable-and-cool-than-the-average-person-says-study-9051434.html) as more intelligent while other reports claim cyclists [*are* more intelligent](https://www.huffingtonpost.co.uk/2014/01/09/cyclists-more-intelligent-charitable_n_4569136.html). ***update:*** bonus paragraph. Due to popular demand, I’m giving you folks a bonus paragraph: ***car → bicycle upgrade*** If we go back to the last year I drove a car, and someone were to say: ditch your car and get a bicycle, my answer would probably be hell no, I'm not going to peddle my ass around. I might rather drive over animals like in [this pic](https://image.cagle.com/266695/750/266695.png) (j/k). Having the public transport middle-step seems important. It’s easy to go from car to effectively being chauffered around. Then to transition to cycling has the upgrade of not waiting, no tracking, etc.. door-to-door about the same as public transport.

Privacy soloActivist • 11 months ago • 100%

cross-posted from: https://fedia.io/m/disabled/t/346115 > Banks have started capturing customers voice prints without consent. You call the bank and the robot’s greeting contains “your voice will be saved for verification purposes”. IIUC, these voice prints can be used artificially reconstruct your voice. So they could be exfiltrated by criminals who would then impersonate you. > > I could be wrong about impersonation potential.. just fragments of my memory from what I’ve read. In any case, I don’t like my biometrics being collected without my control. > > The countermeasure I have in mind is to call your bank using [#Teletext](https://fedia.io/tag/Teletext) (TTY). This is (was?) typically a special hardware appliance. As a linux user, TTY is what the text terminal is based on. So I have questions: > > 1. can a linux machine with a modem be used to convert a voice conversation to text? > > 2. how widespread are TTY services? Do most banks support that, or is it just a few giant banks? > > 3. if street-wise privacy enthusiasts would theoretically start using TTY in substantial numbers, would it help the deaf community by increasing demand for TTY service, thus increasing the number of businesses that support it?

Directly visiting a Kbin thread on the server hosting it shows some positive number of votes. If the URL of that kbin thread is used is queried in lemmy so a copy local to the lemmy instance is made, the number of votes is zero. Edit-- this also happens when the source article is another lemmy instance.

cross-posted from: https://links.hackliberty.org/post/213918 > I’m increasingly encountering situations where people are forced to go through various kinds of technical hoops in order to exercise their legal rights. > > Five examples: > > ① You have a right to reserve streetside public parking in front of your house (e.g. for a week-long construction project). Historically you can go to city hall or the like, give your schedule, and pay a fee. But then they decided to put the reservation system exclusively online. Cash payers are excluded. Offline people are excluded. People who are online but do not want to share their email address with an office that uses Microsoft for their email are also excluded. > > ② You have a right to unemployment benefits. But the unemployment office goes online and forces you to solve a Google reCAPTCHA. Google’s reCAPTCHA often refuses to serve the puzzles to Tor users. People who are on clearnet may be unable to solve the CAPTCHA. Some people /can/ solve it but object to feeding a system that helps Google profit because they boycott Google. > > ③ You have a right to vote. But the voter registration process exposes your sensitive information to the tech giant Cloudflare and Amazon. Even if you register on paper, the data entry workers will expose your data to Cloudflare and Amazon anyway. > > ④ You have a right to energy access. But the energy company refuses cash payments so you are forced to open a bank account. All banks force you into a situation that goes against your beliefs. E.g. forcing you to obtain from Google a closed-source app to run on a smartphone (which you may not even have), or the bank’s website is Cloudflared and you will not share your sensitive financial info with CF. And the banks either have no analog/offline means of service, or the offline services are costly. > > ⑤ A public school excludes students who are unwilling to use Facebook, Google, Cloudflare, and Microsoft products &amp; services. Anyone can attend but those who refuse to feed the corporate surveillance capitalists are put at a great disadvantage perhaps to the extent that they cannot pass their classes. > > Not all those examples are real. E.g. in the real life scenario of case ② I think there is an offline option (but not sure during a pandemic). So my question is hypothetical— assume there is no pathway to service except for satisfying the barriers to entry. > > The Universal Declaration of Human Rights, article 21: > > **“2. Everyone has the right of equal access to public service in his country.”** > > Some nuances can be extracted from the examples: > > A) You are incapable of exercising your right yourself. E.g. blind and the CAPTCHA requires vision, or you are not tech literate enough to follow the tech process. But you can hire someone to do the work for you. > > B) You are capable of exercising your rights but unwilling to accept the conditions. Hiring someone may or may not be possible depending on whether your personal conditions can be accommodated. > > So the big question is, for groups A and B: are rights being violated? > > Group B is the more interesting one. A common attitude is: those people have *“preferences”* and their rights are not violated when their preference is not respected. I find that quite harsh. When a right becomes conditional by the institutions who are supposed to support the right, IMO the conditions (which are not written in law) are inherently excluding people. If a right is going to be made conditional, isn’t there some kind of legal principle that the conditions be codified into law and not some arbitrary condition that a systems administrator decided was a good idea? > > #rightToBeOffline #rightToBeAnalog

cross-posted from: https://links.hackliberty.org/post/213918 > I’m increasingly encountering situations where people are forced to go through various kinds of technical hoops in order to exercise their legal rights. > > Some examples: > > ① You have a right to reserve streetside public parking in front of your house (e.g. for a week-long construction project). Historically you can go to city hall or the like, give your schedule, and pay a fee. But then they decided to put the reservation system exclusively online. Offline people are excluded. People who are online but do not want to share their email address with an office that uses Microsoft for their email are also excluded. > > ② You have a right to unemployment benefits. But the unemployment office goes online and forces you to solve a Google reCAPTCHA. Google’s reCAPTCHA often refuses to serve the puzzles to Tor users. People who are on clearnet may be unable to solve the CAPTCHA. Some people /can/ solve it but object to feeding a system that helps Google profit because they boycott Google. > > ③ You have a right to vote. But the voter registration process exposes your sensitive information to the tech giant Cloudflare and Amazon. Even if you register on paper, the data entry workers will expose your data to Cloudflare and Amazon anyway. > > ④ You have a right to energy access. But the energy company refuses cash payments so you are forced to open a bank account. All banks force you into a situation that goes against your beliefs. E.g. forcing you to obtain from Google a closed-source app to run on a smartphone (which you may not even have), or the bank’s website is Cloudflared and you will not share your sensitive financial info with CF. And the banks either have no analog/offline means of service, or the offline services are costly. > > ⑤ A public school excludes students who are unwilling to use Facebook, Google, Cloudflare, and Microsoft products &amp; services. Anyone can attend but those who oppose the corporate surveillance capitalists are put at a great disadvantage perhaps to the extent that they cannot pass their classes. > > Not all those examples are real. E.g. in the real life scenario of case ② I think there is an offline option. But my question is hypothetical— assume there is no pathway to service except for satisfying the barriers to entry. > > The Universal Declaration of Human Rights, article 21: > > **“2. Everyone has the right of equal access to public service in his country.”** > > Some nuances can be extracted from the examples: > > A) You are incapable of exercising your right yourself. E.g. blind and the CAPTCHA requires vision, or you are not tech literate enough to follow the tech process. But you can hire someone to do the work for you. > > B) You are capable of exercising your rights but unwilling to accept the conditions. Hiring someone may or may not be possible depending on whether your personal conditions can be accommodated. > > So the big question is, for groups A and B: are rights being violated? > > Group B is the more interesting one. A common attitude is: those people have *“preferences”* and their rights are not violated when their preference is not respected. I find that quite harsh. When a right becomes conditional by the institutions who are supposed to support the right, IMO the conditions (which are not written in law) are inherently excluding people. If a right is going to be made conditional, isn’t there some kind of legal principle that the conditions be codified into law and not some arbitrary condition that a systems administrator decided was a good idea? > > #rightToBeOffline #rightToBeAnalog # UPDATE This question was [answered](https://links.hackliberty.org/comment/572192) in !philosophy@mander.xyz.

Philosophy soloActivist • 11 months ago • 92%

I’m increasingly encountering situations where people are forced to go through various kinds of technical hoops in order to exercise their legal rights. Five examples: ① You have a right to reserve streetside public parking in front of your house (e.g. for a week-long construction project). Historically you can go to city hall or the like, give your schedule, and pay a fee. But then they decided to put the reservation system exclusively online. Cash payers are excluded. Offline people are excluded. People who are online but do not want to share their email address with an office that uses Microsoft for their email are also excluded. ② You have a right to unemployment benefits. But the unemployment office goes online and forces you to solve a Google reCAPTCHA. Google’s reCAPTCHA often refuses to serve the puzzles to Tor users. People who are on clearnet may be unable to solve the CAPTCHA. Some people /can/ solve it but object to feeding a system that helps Google profit because they boycott Google. ③ You have a right to vote. But the voter registration process exposes your sensitive information to the tech giant Cloudflare and Amazon. Even if you register on paper, the data entry workers will expose your data to Cloudflare and Amazon anyway. ④ You have a right to energy access. But the energy company refuses cash payments so you are forced to open a bank account. All banks force you into a situation that goes against your beliefs. E.g. forcing you to obtain from Google a closed-source app to run on a smartphone (which you may not even have), or the bank’s website is Cloudflared and you will not share your sensitive financial info with CF. And the banks either have no analog/offline means of service, or the offline services are costly. ⑤ A public school excludes students who are unwilling to use Facebook, Google, Cloudflare, and Microsoft products &amp; services. Anyone can attend but those who refuse to feed the corporate surveillance capitalists are put at a great disadvantage perhaps to the extent that they cannot pass their classes. Not all those examples are real. E.g. in the real life scenario of case ② I think there is an offline option (but not sure during a pandemic). So my question is hypothetical— assume there is no pathway to service except for satisfying the barriers to entry. The Universal Declaration of Human Rights, article 21: **“2. Everyone has the right of equal access to public service in his country.”** Some nuances can be extracted from the examples: A) You are incapable of exercising your right yourself. E.g. blind and the CAPTCHA requires vision, or you are not tech literate enough to follow the tech process. But you can hire someone to do the work for you. B) You are capable of exercising your rights but unwilling to accept the conditions. Hiring someone may or may not be possible depending on whether your personal conditions can be accommodated. So the big question is, for groups A and B: are rights being violated? Group B is the more interesting one. A common attitude is: those people have *“preferences”* and their rights are not violated when their preference is not respected. I find that quite harsh. When a right becomes conditional by the institutions who are supposed to support the right, IMO the conditions (which are not written in law) are inherently excluding people. If a right is going to be made conditional, isn’t there some kind of legal principle that the conditions be codified into law and not some arbitrary condition that a systems administrator decided was a good idea? #rightToBeOffline #rightToBeAnalog # UPDATE This question was [answered](https://links.hackliberty.org/comment/572192) in !philosophy@mander.xyz.

Philosophy soloActivist • 11 months ago • 80%

A common objection to boycotts is based on sympathy for the workers. If you call for a boycott on Amazon, for example, a substantial portion of the population will argue “good people work for bad companies”. This rationale essentially attempts to take the boycott option off the table entirely for all mid-size companies and larger. So I wonder to what extent this widespread way of thinking damages activist movements to correct harmful companies. Recently in Belgium there was a boycott on the grocery chain Delhaize for their employment practices. So I can’t help but notice this boycott is purely out of sympathy for the employees, effectively a 180° contradiction to the mentality that boycotts harm employees.

I filled out a form to crosspost to !assistive_technology@lemmy.sdf.org, clicked create, and the create button turns into a spinner. Forever. F12 » console gives: ` Source map error: Error: request failed with status 400` `Resource URL: https://links.hackliberty.org/css/themes/darkly-red.css` `Source Map URL: darkly-red.css.map ` #lemmyBug

Fight For Privacy soloActivist • 11 months ago • 92%

cross-posted from: https://fedia.io/m/disabled/t/346115 > Banks have started capturing customers voice prints without consent. You call the bank and the robot’s greeting contains “your voice will be saved for verification purposes”. IIUC, these voice prints can be used artificially reconstruct your voice. So they could be exfiltrated by criminals who would then impersonate you. > > I could be wrong about impersonation potential.. just fragments of my memory from what I’ve read. In any case, I don’t like my biometrics being collected without my control. > > The countermeasure I have in mind is to call your bank using [#Teletext](https://fedia.io/tag/Teletext) (TTY). This is (was?) typically a special hardware appliance. As a linux user, TTY is what the text terminal is based on. So I have questions: > > 1. can a linux machine with a modem be used to convert a voice conversation to text? (edit: perhaps [minimodem or asterisk](https://github.com/kamalmostafa/minimodem/issues/28)?) > > 2. how widespread are TTY services? Do most banks support that, or is it just a few giant banks? > > 3. if street-wise privacy enthusiasts would theoretically start using TTY in substantial numbers, would it help the deaf community by increasing demand for TTY service, thus increasing the number of businesses that support it? > > (update) > > Another privacy benefit that comes to mind: bankers will sometimes start an unprovoked interrogation of intrusive questions irrelevant to your reason for calling, such as who you work for, how much you earn, career skill, etc. The realtime nature of a voice call puts you at a disadvantage whereby a delayed response can create suspicion. So you must answer quick and without stumbling. Quick answers also invite many questions. In a text conversation, a delay can simply mean that you stepped away for a moment. And presumabley a CSR is handling multiple conversations at once. > > Some banks only have on file where I worked 2+ jobs ago. I don’t want to keep them up to date with more data, so I can take a moment to check my notes for where they think I still work.

In [this comment](https://links.hackliberty.org/comment/409723) my use of the “b” word was overzealously suppressed, silently without telling me. I only discovered it when re-reading my post. There are **THREE** #LemmyBug cases here: 1. when the “b” word is used as a verb, it’s not a slur. And when it’s used as a noun, it’s only a slur if not literally referring to a dog. 2. my post was tampered with without even telling me. Authors should be informed when their words are manipulated and yet still presented to others as their own words. 3. The word “removed” cannot simply replace any word. It makes my sentence unreadable. In the very least, the word should be “REDACTED”, and there should be a footnote added that explains /why/ it was redacted.