Ad pushing is only part of the problem… These tokens will kill the #InternetArchive Wayback machine. It’s anti-library tech.

Anti-bot tech is inherently anti-human.

It’s bizarre that you think the EU market it small enough to be dispensable. When GDPR came into force, many US sites had to reject EU traffic. But that was only temporary for the most part. They knew it wasn’t smart for business to exclude the EU so they got their compliance issues sorted.

Hope you guys enjoy not being able to search for things.

I would love that actually. But it’s not reality. In reality what happens is the search engines deliver a shit-ton of unusable garbage results that I would rather not see. E.g. sites that block Tor users, CAPTCHAs, giant cookie popups, etc.

If a search engine were to filter out the garbage, it would be a great start to solving the shitty web problem.

Yes, but sadly the contrary is happening. Restaurant owners now have a sneaky trick to increase tips in order to lower wages: you know those receipts & terminals that have a “suggested tip”? Yeah, those things.. they keep increasing. I was handed a PoS terminal in Netherlands (where tipping norms are like a couple euro), and the terminal asked me to tap for how much I want to tip which suggested as much as 25%.

It’s working, too. A recent article described how this trick is causing average tips to increase. So the #warOnCash is part of the problem.

It would stop beneficial bots like the ones I create¹ as a small-time hobbyist because the little guy does not have the resources for this arms race. You may be right when it comes to large-scale scraping ops that are done by a business (e.g. scraping RyanAir or Southwest airlines so an airfare consolidation site can show more fares).

① e.g. I wrote a bot that scraped the real estate market sites, scraped the public transport sites, and found me a house with the shortest public transport commute.

I don’t get the “/s”.

The #GDPR is absolutely a perfect example of ½-assed laws & loopholes. I have filed reports on dozens of GDPR violations; not a single one of them lead to enforcement. The GDPR is just a prop to make people feel comfortable as the EU destroys the offline infrastructure.

emphasis mine:

Anti-nuclear is like anti-GMO and anti-vax: pure ignorance, and fear of that which they don’t understand.

First of all anti- #GMO stances are often derived from anti-Bayer-Monsanto stances. There is no transparency about whether Monsanto is in the supply chain of any given thing you buy, so boycotting GMO is as accurate as ethical consumers can get to boycotting Monsanto. It would either require pure ignorance or distaste for humanity to support that company with its pernicious history and intent to eventually take control over the world’s food supply.

Then there’s the anti-GMO-tech camp (which is what you had in mind). You have people who are anti-all-GMO and those who are anti-risky-GMO. It’s pure technological ignorance to regard all GMO equally safe or equally unsafe. GMO is an umbrella of many techniques. Some of those techniques are as low risk as cross-breeding in ways that can happens in nature. Other invasive techniques are extremely risky & experimental. You’re wiser if you separate the different GMO techniques and accept the low risk ones while condemning the foolishly risky approaches at the hands of a profit-driven corporation taking every shortcut they can get away with.

So in short:

• Boycott all U.S.-sourced GMO if you’re an ethical consumer. (note the EU produces GMO without Monsanto)
• Boycott just high-risk GMO techniques if you’re unethical but at least wise about the risks. (note this is somewhat impractical because you don’t have the transparency of knowing what technique was used)
• Boycott no GMO at all if you’re ignorant about risks & simultaneously unethical.

Cloudflare is an exclusive walled garden that blocks a marginalized¹ segment of people from most of their sites.

① People whose ISP uses #CGNAT, Tor users, users with text browsers, beneficial bots (which serve humans), impaired people (who can’t solve CF’s CAPTCHAs), those who distrust a US corp to have visibility on the plaintext contents of every single packet including usernames and passwords, etc.

Really All this is going to do is create a opportunity for AI ad removal,

It’s worse than that. As it stands, I’m blocked from ~30+% of the web because of Cloudflare. Unjailing the content into archive.org’s #WaybackMachine is indispensable. From the article:

“Websites funded by ads require proof that their users are human and not bots”

I already lose copious access to content as a human being treated like a bot. #Google’s plan is to take the next #CAPTCHA extreme. It’s the wrong direction.

Robots work for the user, not against. I created a bot to find me a house because the real estate sites lacked the search criteria I needed. I scraped the sites & found the ideal house. This would be nearly impossible today & Google brings it closer to impossible.

It was coded 8 years ago in Tcl¹ for a one-off project in Belgium. Would you really be interested?

The APIs would have changed dramatically by now & some of the real estate sites no longer exist. Some of the sites brought in CAPTCHAs. It was coded to use Tor & the public transport site has become Tor-hostile and also changed their API. It’s also very user unfriendly.. a collection of scripts & variety of hacks because I was my only user.

I didn’t publish the code at the time because I worried that it would trigger the target sites to become bot-hostile.

① Also note that I use #Tcl for personal use but I resist publishing any Tcl code because I would rather not promote the Tcl language. Why? Because the Tcl folks have jailed a large portion of their docs in Cloudflare’s walled garden. I believe programming language docs should be openly public.

I really cannot stand that phrase because it’s commonly used as poor rationale for not favoring a superior approach. Both sides of the debate are pushing for what they consider optimum, not “perfection”.

In the case at hand, I’m on the pro-nuclear side of this. But I would hope I could make a better argument than to claim my opponent is advocating an “impossible perfection”.

The heart of your stance is apparently that pernicious socially harmful mechanisms are okay as long as they finance something useful. Correct?

Or is it that you don’t see the harms of advertising?

Advertising is a wasteful arms race. Bob may not want to spend money advertising his business, but if Mallory (his competitor) spends money on ads, then Bob is forced to spend money on ads to recover marketshare loss due to Mallory’s ads.

To be clear, both of them are funny.

#Google will make you want to unplug (as Cloudflare has done to me), but if you’re in Europe you will be unable to because European governments have already killed off offline infrastructure (#digitalTransformation). There are already a number of government transactions & public services that can no longer be done offline.

The others are right. Trying to stream from a torrent seems wasteful and complex.

But if you must for some strange reason, perhaps it would work to use webtor.io to produce an http-reachable audio file which could be curl/wget-fetched and piped to an audio decoder/player. I doubt you could make webtor fetch pieces linearly from the beginning. You would likely have to wait until the last piece is fetched to start streaming.

I’ve not fetched subtitles in a while but back when I did, I recall all the websites hosting them were extremely protectionist… more so than any other category of content on the web.

Of course the fix is to have torrents for the subtitle collections, perhaps by language.

Anyone know how the price of electricity from these chargers compares to prices in the home?

I just wonder about possible non-car use-cases. E.g. someone is off the grid and they use a cargo cycle to bring batteries¹ to one of these charging stations. Will they be fleeced on price, or are there subsidies that could perhaps make the cost lower than household electric?

① asking w.r.t. both lead-acid batteries and li-ion, though I suspect these chargers would be li-ion only.

It is indeed another attack on #openData principles.

luckily there will always be people fighting to keep the Internet free

Google’s move makes the fight much more uphill for freedom fighters. The real problem is the masses of pawns who fail to vote with their feet. Some of them voted with their feet merely because CAPTCHA is inconvenient. Eliminating the CAPTCHA puts these #tyrannyOfConvenience users on the wrong side of the fight.

You might let her know that she can borrow DVDs from the public library at no cost. Another little-known gratis option is freesat and terrestrial broadcast. I recently started using MythTV as a PVR to record broadcast TV and was pleasantly surprised to find no commercial interruptions (but if there are commercials in her region, MythTV can cut them out).

The problem is search engines have proven not to keep up with our needs. Sites trashed up with cookie popups, subscription nags, and CAPTCHAs are making it into the highest ranks of search results. Cloudflare sites in particular.

I didn’t see the OP’s pic but these groups generally work against enshitification of the world:

• !asshole_crappy_design@slrpnk.net
• !activist_investing@lemmy.whynotdrs.org
• !escapebigtech@lemmy.escapebigtech.info
• !cyber_activism@sopuli.xyz
• !netneutrality@sopuli.xyz
• !right_to_unplug@sopuli.xyz
• !buyitforlife@slrpnk.net
• !anticonsumption@sopuli.xyz
• !fightforprivacy@feddit.ch
• !offgrid@slrpnk.net
• !foss@beehaw.net
• !privacy@links.hackliberty.org
• !climate_action_individual@slrpnk.net

Notice that none of those communities are on Cloudflared instances (thus also avoid propagating the enshitified portion of the fedi).

Servitor indeed looks like a good option. Thanks for the list!

So I have to ask why was this post which asked what is a decent client for Debian removed (per rule #3):

https://lemmy.dbzer0.com/post/1681507

while at the same time this “What's the best Android/iPhone app for Lemmy?” is not removed? Is it because the moderator created this thread & thus /above the law/, in effect?

I think this project has some tools that might automate that:

https://0xacab.org/dCF/deCloudflare

They ID and track every website that joins #Cloudflare. It’s a huge effort but those guys are on top of it. A script could check the list of domains against their list. There is also this service (from the same devs) which does some checks:

https://karma.crimeflare.eu.org:1984/api/is/cloudflare/html/

but caveat: if a non-CF domain (e.g. example.tld) has a CF host (e.g. somehost.example.tld), that tool will return YES for the whole domain.

Manually adjusting availability is a can of worms that I don’t want to open

I would suggest not bothering with any complex math, and simply do the calculation as you normally do but then if a site is Cloudflare cap whatever the calculated figure is to 98%. Probably most (if not all) CF sites would be 100% anyway, so they would just be reduced by 2%. Though it would need to be explained somewhere -- the beauty of which would be to help inform people that the CF walled garden is excluding people. Cloudflare’s harm perpetuates to a large extent because people are unaware that it’s an exclusive walled garden that marginalizes people.

Glad to see they are tagged. It could evolve more but the tags are the most important thing.

I used a PalmOS device in school to manage my school schedule. So this was my 1st thought:

“Banning mobile phones entirely from school premises would raise some practical concerns, for example for parents wanting to contact their children while travelling between school and home.”

Feature phones still exist. It would be great if the massive stockpiles of prematurely discarded dumbphones could be recycled to students. Maybe bring back offline PalmOS types of things for scheduling.

“…Some pupils will also use phones as payment methods on public transport.”*

Easily solved: smartphones go into the locker at the start of the day. Also, bring back the ability to pay cash on the public transport vehicle -- this will help push back on the #warOnCash. We could also say there’s a systemic inefficiency if students don’t have season passes on public transport.

I was thrilled when #wiby.me was first introduced. Then for a while wiby.me was itself a Tor-hostile Cloudflare site. I’m glad you brought it up because it prompted me to check again & it seems at the moment wiby is a user-respecting non-Cloudflare site. Note there was another search engine similar to wiby which I can’t track down right now.. but it’s possible I’m confusing that other one with wiby. Err.. I think both were unusable for a while.

(edit) The other site is search·marginalia·nu. That’s the one that became a despicable CF site. I think wiby broke down for tor users for a while but glad to see at the moment that it’s still usable. I just got good results when searching for a recipe.

Challenge rejected.

If you want challenge, just simply try to find a search engine that filters out shitty websites (e.g. Cloudflare sites, CAPTCHA-pushing sites, giant cookie popups, countless dark patterns).

We are already failing to meet the challenge. We don’t need more challenges.

That’s good to know. I would hope a metal anchor to reshape when temp causes expansion. It’s a shame to hear it’s the brick that’s forced to expand. In my case it’s a solid metal rod, so it sounds like the metal is guaranteed to split the brick in a temp change.

It sounds like I have to pull out the shank, bore the hole to 10mm, and either use chemical anchor or fasten it using a sheet metal w/2 nuts.

Perhaps not at all.

But the limitation of using #Selenium is a big one. Being forced to work in java, forced to use the resource hog of a modern gui browser, forced to reveal more browserprint info, being browser-dependent, etc. Selenium is my last choice when desperation is sufficiently high.

What’s so revolting and obnoxious about @STRIKINGdebate2@lemmy.world’s trolling is low wages and high tips are precisely in line with #Trump principles (and in fact right-wing conservatives in general) and contrary to the principles of the liberals who are repulsed by Trump & his repugnance.

The only benefit I can see to users is it could eliminate captchas

#CAPTCHA elimination is not a benefit. The CAPTCHA motive of separating humans from bots is responsible for killing beneficial bots. The only good thing about it is humans get fed-up with CAPTCHAs and the captcha-pushers lose human traffic. That backlash is a good thing™. Remove that backlash and beneficial bots are defeated on a much larger scale.

I would bet it’s a slim enough minority of students who pay public transport on a per-trip basis that theft would not be from arbitrary break ins. A student would have to (recklessly?) use a high-end phone for this & be spotted putting an uncovered phone in the locker.

The best security is a good insurance policy. Not sure if high-end phones tend to have an insurance policy because I avoid them myself.

I’m not sure how you can blame a corporation for doing the job of a corporation. It’s capitalism doing its thing.

I will blame the end users. When the masses of anti-bot pro-advertising normies decide to run browsers that play the token game, it will be on them. Just as countless shitty websites get high ranking search results today.. it’s because the masses endorse it.

Boycotts are far too rare. It’s the consumer’s job to #boycott. They don’t do their job and this is the real point of failure (which Google gladly exploits).

The weapons you mention are quite basic. Those don’t even begin to scratch the surface unless you’re using the internet the way most normies do.

My bad, you’re not. Insinuation that Trump would somehow solve the low wages due to tipping didn’t come from you.

Right but that’s not the logic I replied to. @Amilo159@lemmy.world proposed a ban on tips, not on below min wage payments, then wrote as a separate statement that higher wages should be demanded. So @4am@lemmy.world’s interpretation was an incorrect interpretation -- though it’s the right idea.

You seem to be viewing tips as an all-or-nothing proposition. When in fact you can have a tipping culture that is not used as a crutch for wages (as most of Europe demonstrates).

Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it.

You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.

The problem is there is nothing to enforce article 77 itself. When a DPA neglects to act on an article 77 report, there is no recourse. There is only a provision that allows lawsuits against the GDPR violators. But then when someone did that, and then claimed legal costs, an Italian court decided for everyone in a precedence-setting case that legal costs are not recoverable. Which essentially neuters the court action remedy. So we have an unenforced article 77 and a costly & impractical direct action option.

It works on the basis of multiple infractions being recorded and then escalating the agencies response level.

It’s not even doing that much, in some cases. The report has to get past the front desk secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever. Some of my reports were flippantly rejected by a pre-screening secretary for bogus reasons (e.g. “your complaint is ‘contractual in nature’” when in fact there is no contractual agreement, apart from the fact that the existence of a contract does not nullify the GDPR anyway).

I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR

So you’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness (likely due to the lack of penalty). On the commercial side banks also don’t give much of a shit about the GDPR because when they violate it there’s a shit ton of banking regs they point to and the DPAs are afraid to act against banks because of the messy entanglement of AML/KYC laws that essentially push #banks to violate the GDPR.

Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker.

Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the #GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.

I have also personally requested information about me and my family through the rights bestowed by the GDPR

I have had article 15 access requests denied which I then reported to the DPA, who opened a case but just sat on it. For years, so far.

(edit) By the way, I suggest you leave Lemmy·world for a different instance. If you care about privacy at all, you don’t use Cloudflare nodes. I cannot even see the msg I wrote (which you replied to) because #lemmyWorld blocks me (which I give some detail here: https://lemmy.dbzer0.com/post/1435972). I had to reply to you based purely on your msg without context.

I don’t know if it’s even possible, but it would be cool if I could use the fediverse over TOR just for the sake of supporting TOR.

Here are two #Mastodon onion nodes:

• iejideks5zu2v3zuthaxu5zz6m5o2j7vmbd24wh6dnuiyl7c6rfkcryd.onion
• 7jaxqg6lfcdtosooxhv5drpettiwnt6ytdywfgefppk2ol4dzlddblyd.onion

Also. Those running an exit node can and do sniff traffic.

Sure, but if you stop there with that statement you’re just FUD-scaring people from using the service that does more for their privacy than conventional direct clearnet usage. Every connection that matters uses TLS so the exit node honeypot only sees where the traffic is going, not what’s in the traffic and not where it comes from. IOW, the exit node knows much less than your ISP.

It’s bad practice to login to stuff that’s important (like banking) over tor.

It’s the other way around. You should insist on using Tor for banking. It’s a bad practice to let your ISP track where you do all your banking.

Also, nation states can track you using a variety of techniques from fingerprinting to straight up working together to associate connection streams.

And your thesis is what, that we should make snooping easier for them by not practicing sensible self-defense?

A large number of tor nodes are run by alphabet agencies.

Let them work for it - and let them give the Tor network more bandwidth in the process.

That’s not a magic bullet for secuirty.

It wasn’t presented as such. Good security comes in layers (“security in depth”). TLS serves users well but it’s not the only tool in the box.

There are so many ways to exploit connections. Look at what happened here on lemmy with vulns leading to takeovers of instances with xss of session cookies.

Tor Browser includes noscript which blocks XSS.

The primary difference is your ISP is not generally actively hostile. They may want to sell metadata but they aren’t actively trying to exploit you.

Selling your metadata is exploiting you. And this exploit happens lawfully under a still-existing Trump policy, so you have zero legal protections. Contrast that with crooks stealing money from your bank account, where, if it’s a US account, you have regulation E legal protections.

If your ISP (or in some cases a nation state is your isp) is actively tracking you, then there are other alternatives that may be better.

Different tools for different threat models. If you are actually targeted by a nation state, Tor alone is insufficient but it’s still in play in conjunction with other tech. But from context, you were giving general advice to the general public telling them not to use Tor for banking, thus targeting is not in the threat model. But mass surveillance IS (i.e. that of your ISP).

But to answer my your question my thesis is tor is not necessarily a privacy panacea.

Tor is an indispensable tool to streetwise users. Of course it is a tool among other tools & techniques.

The threat model an American or European has is much different than someone from Vietnam or turkey or China, which is also much different than someone from the Nordic countries.

Those threat models all have a common denominator: mass surveillance. It is safe to assume mass surveillance is in everyone’s threat model as a baseline. Of course there are a variety of other threats in each individual threat model for which you couldn’t necessarily anticipate.