Kyle Rankin @kyle@librem.one

It's been long enough now that we are back to the pre-golden era world where people don't understand the risks of vendor lock-in and proprietary protocols. To me this means there's an opportunity for a new golden era, if we can get people to appreciate why the "freedom" part of FOSS is so important.

The following era saw priority shift from "freedom" to "open" throughout FOSS. Linux webapp development was primarily done on Macs and that changed how FOSS development happened overall, as devs had to adapt to homebrew libraries instead of curated packages. Dev tools changed to solve the problem of inconsistent library versions between Mac and Linux distros, which ultimately led to docker. I believe the primary reason docker was created was to serve Linux webapp development on OSX.

I'd love to see a history of FOSS in its "golden era" (early aughts) to the early teens. There was this great momentum at the time, giant advances in the Linux desktop and server, and a large focus worldwide on open standards (XMPP became, briefly, the standard chat protocol).

This progress stalled. My theory is that it's in large part due to OSX convincing FOSS developers "it's UNIX" and with FOSS devs on Macs, Linux desktop advances slowed down.

@aral I'll have to admit that I am not fluent in Javascript. My worries were more triggered by the overall concept of data being stored as executable code that was evaled when reading, and what an attacker could do who could write to that database or bypass sanitization attempts, since they would, in theory, have the full range of JS capabilities at their disposal (arbitrary code exec) instead of the more limited set of standard DB queries (data leak).

@aral I have to admit I'm a bit concerned what my good friend Bobby Tables might do with a database that stores data as JS that gets evaled at run time.

@laura My favorite, as a noscript user, is when a paywall site uses JS to enforce a paywall pop-over but their content loads w/o JS.

“I’d be more worried about the camera on your phone than I would be about a drone,” #whynotboth #privacy https://www.theverge.com/2020/9/25/21455197/amazon-ring-drone-home-security-surveillance-sidewalk-halo-privacy

It does make me feel good to know that all the articles I wrote for @linuxjournal since 2008 (I just checked my bibliography on https://kylerank.in/writing.html, I'm a few articles shy of 200) will still be around. I still refer back to them from time to time.

Whoa, it looks like Linux Journal is back (again again):

https://www.linuxjournal.com/content/linux-journal-back

This Blacklight #privacy tool by The Markup is great. While https://puri.sm got a clean score, it took us a lot of effort over years to get there. Tracking visitors is the industry default for web tools and I only wish this tool existed years ago. https://themarkup.org/blacklight/

I bet the client and attorney were coordinating their case over gmail and gdocs and realized Google gave itself the legal right to access that data. I wonder if Google did something in the case that would only be explained by that action?

In summary, the company's ToS allow it to access user data to "protect Google" so does that extend to everyone involved in a legal case against Google? Interesting implications for people (and govts) who have brought cases against Google while using Google services.