Kyle Rankin (@kyle), President of Purism, talks to CNBC about how Librem 5 USA📱 is built mindfully towards a secure supply chain. “At Purism we think data is uranium, so we treat it like a radioactive substance where we collect as little of it as humanly possible. Every extra link you add to the supply chain is an extra opportunity for someone to inject themselves in that supply chain and tamper with things.” Get the full context ➡️ puri.sm/posts/how-purism-is-ad

@roland @purism Our UTM codes are only so we know which *platform* incoming traffic comes from (like referral links in web server logs). If you inspect them you can see there are no random strings or attempts to identify/track individuals.

@kyle @purism Well, I understand that part. Yet still you post it on a mostly privacy-favoring social network, like the #Fediverse and most fedizen are. #UTM is in its origin tracking through Google, not privacy-respecting #Matomo or #Piwik . I found stats.puri.sm and I see it is Matomo, fine. So I still found this a bit halfhearted, by on one side wanting to have a supply/production chain that is as short as possible to avoid tampering (see the #NSA scandal) for privacy/security reasons but on other side wanting to employ social-tracking. Also some Fediverse instances like mine are single-user instances where you can actually track individual people.

@roland @purism We have been open and very public in our thought processes to determine if it were possible to do marketing in the modern age in an ethical way:

puri.sm/posts/is-ethical-adver

After much thought (and community feedback) we codified some ethical marketing principles we follow (including how we use UTMs).

puri.sm/posts/purisms-ethical-

How we use UTM is not much different from HTTP referrer, it just makes it a bit easier for us to organize data in Matomo. Remove it if you want.

@roland @purism @kyle removing HTTP referrer is best practice nowadays in web development, at least when being serious about privacy.

@purism @kyle @marcusosterberg <meta name="referrer" content="none" /> should be the proper one according to #w3c
@purism @kyle @marcusosterberg What I have implemented for my PHP script was a "de-referer" script, that accepts an URL, a hash for validation to make sure the script isn't abused and a cryptographic salt to make it even harder. E.g. spammers can now no longer send their URLs to my de-referer to circumvent some URL blocks.
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml