• 0 Posts
  • 56 Comments
Joined 1 year ago
cake
Cake day: July 23rd, 2023

help-circle
  • The metadata in the headers can be avoided using Memoryhole and similar protocols which embed the headers inside the encrypted payload. The problem is again barrier to entry. Low-tech users generally can’t even handle app installs on desktops.

    When you say “worry”, that’s not the right word for it. My boycott against Google is not fear-driven. I will not feed Google anything it can profit from as an ethical stance. Even if an expert linux tor user were on Google, I’m not sure we could exchange email in a way that ensures Google gets no profitable data. If we use PGP coupled with Memoryhole to strip out the headers, I’m not sure Google would accept a msg with a missing or bogus From: header. But if so, Google still possibly learns the user’s timezone. Though that may be useless if Google learns nothing else about that user. But we’re talking obscure corner cases at this point. Such an expert user would have no Google dependency anyway.

    MS/google-dependent friends are generally extremely low-tech. They don’t know the difference between Firefox and the Internet. They don’t know the difference between Wi-Fi and Internet. Linux – what’s linux? They would say. At best, they just think of it as a mysterious nerd tool to be avoided. So what can I do wholly on my end to reach them via gmail without Google getting a shred of profitable data? Nothing really. So I just don’t connect directly with a large segment of friends and family. Some of them are probably no longer reachable. Some are in touch with people who connect to me via XMPP, so sometimes info/msgs get proxied through the few XMPP users. It’s still a shitshow because Google still gets fed through that proxied inner circle of friends and family. In the past when someone needed to reach me directly, they would create a Hushmail or Protonmail mail account for that temporary purpose (like coordinating a trip somewhere). But that option is mostly dead.

    I just had to reach out to plumbers for quotes. All of them are gmail-served. All I could do is refuse to share my email address and push them to use analog mechanisms. They are not hungry enough for business to alter their online workflow or create protonmail accounts.


  • That’s exactly what I did with hushmail. I would tell low-tech folks to get a hushmail account then I would use hushtools.com to do all the key management, putting my key on the keyring and grabbing their key. So the other person did not need to know anything or take any special steps. That was best option of my time. But last time I checked hushmail was still entirely non-gratis.

    Protonmail emerged when HM became non-gratis and messed with hushtools. But PM requires every one of their own users to do key management which creates a barrier to entry. I would have to walk a PM user through adding my key to my record in their address book and walk them through sending me their key. That effort is a show stopper for many. I might as well walk them through setting up a PGP-capable MUA. But then if they keep their gmail or MS acct the metadata still feeds those corps.



  • I give out my XMPP address and offer Snikket accounts. Some go along with it and some do not. I lost touch with some friends. Some people are in contact via phone but that’s not ideal some connections are lost as phone numbers change.

    I used to push some people toward Hushmail until they dropped the gratis plans. Then for a while I pressured people onto Protonmail but then distanced myself from PM when the brought in Google reCAPTCHAs and killed off Hydroxide. Tuta is a non-starter because Tuta’s variety of e2ee is incompatible with open standards, thus forcing me to periodically login to a web UI (also due to them sabotaging their Android app by way of forced obsolescence pushed in the most incompetent way).

    So it’s a shitty state of affairs. 2024 and simply sending a msg to someone has become a total shitshow.





  • It basically is saying that if you have more money then you have more “votes”.

    That’s simply true. It doesn’t do anyone any good to disregard the facts.

    Or to put it in another way: If you have more money you matter more.

    That abstraction doesn’t help much. And first of all, it’s more accurate to derive the statement “If you have more money then you have more influence”.

    It’s still a shitty status quo, but it is what it is. The worse thing you can do is tell people not to boycott shit products on the basis of rejecting reality. It’d be like telling people not to vote in elections because their vote is a drop in the ocean.

    Some people vote for democrats, then they cancel their own vote by getting their internet service from Spectrum, buying fuel from Chevron for their car, shipping their packages using FedEx, getting their phone service from AT&T, banking at PNC Bank, flying on Boeing planes, shopping on Amazon, doing their web searches on a Microsoft syndicate’s site (e.g. DDG), buying Sony devices… etc. They either have no clue that most of their voting is actually for the republicans, or they think that drop-in-the-ocean vote that comes once in 4 years somehow carries more weight than the daily votes they cast with reckless disregard.

    Greg Abbott’s war chest is mostly fed by oil companies. If you buy fuel for a car, you help Greg Abbott and other republicans. And if you buy from Chevron, you give the greatest support to republicans (Chevron is an ALEC member).




  • Ending capitalism is not the /only/ way. Within a capitalistic system, you can boycott shit. Most consumers are pushovers but it doesn’t have to be that way. I’m boycotting hundreds of shitty companies. Off the top of my head:

    • Amazon
    • Cloudflare
    • Microsoft
    • Facebook
    • Google
    • Apple
    • (surveillance advertisers in general)
    • (all closed-source s/w)
    • HP
    • Proctor & Gamble
    • Unilever
    • all ALEC members (American Express, Anheuser Busch, Boeing, CenturyLink, Charter Communications, Chevron, FedEx, Motorola, PNC bank, Sony, TimeWarner)
    • many shitty banks
    • Paypal
    • AT&T
    • GMA members (Coke, Pepsi, Kraft - Heinz, Kellogg’s, General Mills, McCormick, Hormel, Smucker)
    • BetterThanCashAlliance.org members (visa, mastercard, unilever) – war on cash
    • Bayar-Monsanto
    • Dupont
    • Hershey
    • Nestlé
    • Exxon/Mobil
    • Comcast
    • Koch
    • Home Depot
    • Lowes
    • …etc

    Those are all shitty companies that significantly worsen the world. Giving money or data to any of them contributes to enshitification of the world.

    Of course it’s an option to stop supporting assholes. Become ethical. Be the change you want to see.


  • emphasis mine:

    Anti-nuclear is like anti-GMO and anti-vax: pure ignorance, and fear of that which they don’t understand.

    First of all anti- #GMO stances are often derived from anti-Bayer-Monsanto stances. There is no transparency about whether Monsanto is in the supply chain of any given thing you buy, so boycotting GMO is as accurate as ethical consumers can get to boycotting Monsanto. It would either require pure ignorance or distaste for humanity to support that company with its pernicious history and intent to eventually take control over the world’s food supply.

    Then there’s the anti-GMO-tech camp (which is what you had in mind). You have people who are anti-all-GMO and those who are anti-risky-GMO. It’s pure technological ignorance to regard all GMO equally safe or equally unsafe. GMO is an umbrella of many techniques. Some of those techniques are as low risk as cross-breeding in ways that can happens in nature. Other invasive techniques are extremely risky & experimental. You’re wiser if you separate the different GMO techniques and accept the low risk ones while condemning the foolishly risky approaches at the hands of a profit-driven corporation taking every shortcut they can get away with.

    So in short:

    • Boycott all U.S.-sourced GMO if you’re an ethical consumer. (note the EU produces GMO without Monsanto)
    • Boycott just high-risk GMO techniques if you’re unethical but at least wise about the risks. (note this is somewhat impractical because you don’t have the transparency of knowing what technique was used)
    • Boycott no GMO at all if you’re ignorant about risks & simultaneously unethical.



  • I think this project has some tools that might automate that:

    https://0xacab.org/dCF/deCloudflare

    They ID and track every website that joins #Cloudflare. It’s a huge effort but those guys are on top of it. A script could check the list of domains against their list. There is also this service (from the same devs) which does some checks:

    https://karma.crimeflare.eu.org:1984/api/is/cloudflare/html/

    but caveat: if a non-CF domain (e.g. example.tld) has a CF host (e.g. somehost.example.tld), that tool will return YES for the whole domain.

    Manually adjusting availability is a can of worms that I don’t want to open

    I would suggest not bothering with any complex math, and simply do the calculation as you normally do but then if a site is Cloudflare cap whatever the calculated figure is to 98%. Probably most (if not all) CF sites would be 100% anyway, so they would just be reduced by 2%. Though it would need to be explained somewhere – the beauty of which would be to help inform people that the CF walled garden is excluding people. Cloudflare’s harm perpetuates to a large extent because people are unaware that it’s an exclusive walled garden that marginalizes people.



  • It’s not a matter of quick learning. If that were the case, GUI is a clear winner. It takes more time to learn a text-driven UI. But the learning curve pays off. You invest more time learning but the reward is reaching a point where you’re much faster than a mouse allows. I started off using gnusocial from a browser then transitioned to #bitlbee, after which I could search, read, and react faster than in the GUI. Same for Mastdon. Sometimes I’m forced into the Mastodon GUI because of something being unimplemented, in which case the loss of speed is apparent. Just like in the 90s, the keyboard is still faster than the mouse.

    BTW, I used a DVORAK keyboard for years. I never measured my speed difference but I think it slowed me down overall because there were moments where the brain would drift into QWERTY mode (and vice versa on a QWERTY keyboard), and the speed difference w/out drifting seemed negligible so I ultimately settled back on a QWERTY keyboard.




  • diyrebel@lemmy.dbzer0.comOPtoAsklemmy@lemmy.mlNo Debian Lemmy clients yet?
    link
    fedilink
    arrow-up
    2
    arrow-down
    11
    ·
    edit-2
    1 year ago

    I have had no choice but to try Firefox because (for years) #Lemmy has been wholly broken on Ungoogled Chromium. And for me the FF-Lemmy UX is terrible.

    Younger generations have no baseline for comparison because they were raised in GUI browsers. My baseline is IRC, gopher, usenet, emacs, lynx, mutt, bitlbee, toot (TUI + CLI), gnu screen, & piles of scripts on 15+ y.o. hardware, etc. So [bart simpson’s grandpa’s voice] all you young whipper-snappers chained to your GUIs with JavaScript, mice, labor-intensive clicking around have a very different reality and baseline of what’s good. Us older folks struggle to find tools that don’t rely on a mouse & which avoid all the #darkPatterns & bugginess of the modern day web.

    (edit) and wtf there are apparently several phone apps for the fedi. I just don’t get how people can like the small screens, small keyboards, and speech-to-text that causes embarrassments.

    The bigger problem is not even the mouse-dependent UI… it’s that browser clients have no practical HDD access apart from cookie storage. Rightly so, but I should have a local copy of things I write because my hard drive has better uptime & availability than any cloud service could have. When censorship strikes msgs are destroyed without backups. And (at least in the case of Mastodon), even the admins cannot recover posts they’ve deleted even if they want to. Wholly trusting a server to keep your records is a bad idea. So a browser can never by suitable for blogging/microblogging, at least certainly not without an archive download option that can be triggered by a cron job.