I wrote a piece on the @purism blog on why consent is critical for #privacy, the tech industry's failure to get consent, and as a result how "Privacy has become the tattoo removal of the information age". https://puri.sm/posts/consent-matters-when-tech-shares-your-secrets-without-your-permission/
Client-side heuristics beat human-maintained lists in #PrivacyBadger - perhaps they could be useful elsewhere? #designpattern
"The techniques used by trackers are always evolving, so Privacy Badgerβs countermeasures have to evolve, too. In the process of developing the new cookie-sharing heuristic, we learned more about how to evaluate and iterate on our detection metrics."
This is a fantastic long read from Valentina Pavel via @privacyint
"If we keep our focus primarily on figuring out data ownership, we face the risk of sidetracking the discussion onto a very questionable path. This is an open invitation to develop new language for clearer conversations and to better shape our demands for the future we want to see." #scenario4 #datarights
https://privacyinternational.org/long-read/3088/our-data-future
@switchingsocial@mastodon.at Dongles (hardware-based multi-factor authentication) are a great replacement for users and site owners. See https://www.dongleauth.info/dongles/ for a list. This also decentralizes "single" sign-on!
If hardware is not an option (yet), site owners should probably ask their framework-development community for a locally-hosted replacement such as https://django-simple-captcha.readthedocs.io/en/latest/ - any replacement that is not locally hosted is not really a solution.
Happy to discuss more by email.
@privacyint Great visualization! I hope you eventually host a twin here in the fediverse π€
Do you like #ruby and pleistocene megafauna? Then you might be interested in this position!
Purism is a very progressive team, we encourage all interested people to apply, regardless of location, income, gender, age, race, religion, skin, height, weight, sexual orientation, or any other personal trait(s). We do not discriminate and are proud to operate a safe-work-place. More details in the link.
@switchingsocial@mastodon.at Don't forget https://lutris.net π I recently helped someone use them as a bridge from GOG (like itch.io, proprietary but DRM-free). I couldn't find a fediverse account though. #lutris
@monc Great! It had a different name before (I forget) and was basically "strict mode", but now they've made it "strict mode with an escape hatch" π
Just revisited "Encrypt All Sites Eligible (EASE) Mode" in #httpseverywhere
Great workflow that 1) warns you when visit an HTTP-no-S domain and 2) allows you to disable the warning for that single domain, if you trust it... and all intermediaries. π²
I tested with http://internetbadguys.com since example.com uses HTTPS these days. π
Read more here: https://www.eff.org/deeplinks/2018/12/how-https-everywhere-keeps-protecting-users-increasingly-encrypted-web
"WebRTC WG has asked for privacy and security considerations around the disclosure of a user's local IP address in #webrtc "
https://www.w3.org/wiki/Privacy/IPAddresses
You can prevent this with, for example, #ublockorigin or #privacybadger - see https://github.com/gorhill/uBlock/wiki/Prevent-WebRTC-from-leaking-local-IP-address for some discussion.
My favorite response to #libremone so far: "I don't know about this... Names Sound to political biased (#liberal) and federal (#fediverse) to not suspect undercover #NSA devs involved."
You got me π΄
@davidrevoy As always, your holistic approach (sharing license, safe website, humanist UX) makes #peppercarrot an exemplar in #freeculture. Thank you! And the new layout looks great πΊ
πAfter a month of work, I launched the new Pepper&Carrot website! Discover the new features and contents β https://www.davidrevoy.com/article722/
"No matter what solution you might chose, it is important that we start the debate of how #datastoragearchitecture should look like"
I'm a bit late to the party, but congrats to #prospress - it couldn't have happened to a nicer team. https://prospress.com/final-prospress-post/
@danielst Do you mean https://tracker.pureos.net/w/pureos/tips/torbrowser/ in the #libremtunnel post? It works for me (when logged out), but we'll have a look. Thanks!
Free software professional. Free culture enthusiast.
Opinions are my own. (If not me, who else?)