Chrome & Firefox are a false duopoly. Do we need another option? Should there be a public option? Should it come from Italy?
debanqued @ debanqued @beehaw.org Posts 12Comments 119Joined 3 yr. ago
debanqued @ debanqued @beehaw.org
Posts
12
Comments
119
Joined
3 yr. ago
#Apnews is Tor-hostile. I do not support excluding people so I shared a link that is open to the public and inclusive.
If AP News would have also blocked archive.org (thus public libraries) then I would not have shared the link at all — out of respect for #netneutrality (access equality).
Indeed there is a big difference between warranted sharing and unwarranted sharing. The Snowden leaks are not about warranted sharing. There is no controversy over warranted sharing. You only muddy the waters to bring that up. It’s wholly irrelevant unless you are still actually claiming that the only sharing going on is warranted, which again is severely out of touch. You’ve not been paying attention to the Schneiere blogs. You should read them before discussing this topic. There are dozens of ways the unwarranted sharing occurs between intel agencies and tech giants, from simply buying the data commercially to backroom deals to inteligence insiders to outright malicious hacking exfiltration (which sometimes includes paying or pursuading the tech giant to simply neglect to fix a bug that the exfiltration relies on) to intelligence agencies handing a box over to the tech giant saying “here, just plug this box in on your LAN and pretend it’s not there - ask no questions”. All of those methods have been detected and exposed. It’s all there; inform yourself; I’m not going to do your homework for you. The HOW is irrelevant to the mere point that the data sharing happens without a warrant.
Look through the repository you linked, it’s in there.
I cited a specific article, not a repository.
HP has their hands in a lot of places. They even work as contractors for the IDF (Israeli Defense Forces). They offer services to govs who instead of buying HP computers they hire HP to deliver PCs that HP maintains. If private individuals would boycott HP extensively it would not sink HP but it would force HP to shrink by killing off their most shitty flimsy consumer products. A corp cannot justify to its shareholders an unsustainable money losing endeavor. HP would be forced to just focus on their industrial products.
The problem with the Boeing comparison is Boeing does not need a bailout due to a boycott. The pandemic is one of the cited factors for Boeing’s failure (accurate or not; optics matter. It’s a shame they had that excuse). So Congress believes a bailout is not wasted money. If Boeing were boycotted into need for bailout, it would not be feasible for Congress to save them. Boeing also has its hands in aerospace and defense to a much greater extent than just 7(X)7s, but those segments of the business could always be sold off to Lockheed Martin.
BTW, I boycott #Boeing myself. Boeing is an #ALEC member among other wrongdoing particularly in how their greed caused the aircraft crashes, death, and coverups. Ethical consumers have no choice but to boycott Boeing.
I just encountered a website that uses alt="" on buttons. That means the text description of the button is unreadable in GUI browsers. Mouseovers were coded so you can only get the description in GUI browsers like Firefox by hovering the mouse over the icon. Lynx renders the mouseover text in place of the button. So a screen reader would work on Lynx but not on Firefox for that website.
For example would you visit a website if it was hosted on Windows server?
It depends on how it is hosted. Is Tor blocked, thus forcing me to reveal metadata that identifies me to MS in order to reach the resource? If yes, then no, I would walk. Is it enshitified with popups & CAPTCHAs? If yes, then no. It comes down to what information must I share with who and what hoops do I have to go through.
If the website is sufficiently usable without unreasonable data compromise, then the mere fact that MS is in the supply chain would not stop me using it. This is only due to global lack of social advancement. That is, when we are up to our necks in garbage, who we choose to support (and to what extent) is relative. If Cloudflare did not exist and the communities being marginalized by CF were liberated, then there would be a theoretical point where a 100% boycott on all things Microsoft would be sensible. ATM, we’re not even close to that degree of progress where picking that battle would be wise.
I’ve known people who were absolutely like this, who wouldn’t use a site/service/etc. because it wasn’t on a 100% FOSS stack. It’s tiresome.
It’s tiresome that exclusivity & enshitification persists on such a huge scale which encumbers people on a daily basis because there are so many pushovers feeding & pushing shitty websites. The digital rights movements are starving for more people with integrity.
I’m all for open source, open standards, being able to modify and share the tools you use, etc. But people like that are extremists who seem to go out of their way to undermine their own credibility and message.
It’s the hypocrisy of not practicing what you preach that undermines one’s own credibility and the digital rights mission. Quite perverse to claim the contrary— that adherence to one’s own ideology in practice would “undermine their own credibility and message.” It’s tiresome to see digital rights activists needlessly using contradictory tech that’s antithetical to the purpose they claim to support.
Many, many sites and services block Tor
30% at most. Cloudflare compromises ~20—30% of the web and non-CF tor blocking is almost insignificant (likely in the 5—10% of non-CF sites range).
and for good reason
Most of the above-mentioned CF portion blocks Tor out of naïvety. They’re just blindly running with the shitty CF defaults not knowing they can whitelist Tor. Most don’t even know they’re blocking Tor & many don’t even know what Tor is.
But the legit users pale in comparison.
Nonsense. Most Tor users are legit. You’ve apparently been reading Cloudflare’s propaganda where they claim irrationally Tor users are mostly bad actors. It’s a false claim.
If you run a financial institution, for example, or anything that houses sensitive personal information, are you willing to allow an entire threat model to attack, just to let the handful of legit users from that model? No. You wouldn’t.
I insist on using Tor to access my bank account. Banks admit in their ToS that they use customer’s IP address for the express purpose of tracking & logging their realtime location. Some banks are more competent than others. If a bank’s security relies on arbitrary pre-emptive blocking based IP reputation, their security is not up to scratch.
Likewise, there are FOSS projects that also demonstrate ability to serve Tor users. This will stand out when anti-feature tags are applied.
Being able to see bug reports is not required to use the software.
That doesn’t quite answer the question. Nor is it strictly true. Bug tracker info is rich in workarounds for problems that hinder the use of the software.
You’ve made the decision to block Cloudflare,
Cloudflare’s decision, not mine. Cloudflare along with projects that use it made the (often unwitting) decision to block me, among other excluded people. Could I have executed Cloudflare’s non-free javascript to use the website, which is pushed contrary to FSF criteria C0? Perhaps, I didn’t try. Though I’ve run their garbage in the past and found that it rarely works anyway because the CAPTCHA servers themselves tend to be tor-hostile.
It’s worth noting that when execution of JavaScript of any kind is imposed in order to obtain information, it’s not a document; it’s an application.
Expecting free software developers to ensure that every single part of the experience is seamless for users who decide to block certain services is not reasonable.
Expecting FSF to facilitate exclusion of free software documentation and resources (the status quo) is not reasonable.
What is reasonable is FSF supporting their own principles:
All important site functionality that's enabled for use with that package works correctly (though it need not look as nice) in free browsers, including IceCat, without running any nonfree software sent by the site. (C0)Does not discriminate against classes of users, or against any country. (C2)Permits access via Tor (we consider this an important site function). (C3)
The Library Bill of Rights (LBR) is also quite reasonable:
V. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views.VI. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use.VII. All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information.
The Universal Declaration of Human Rights is also reasonable:
art.21 ¶2. Everyone has the right of equal access to public service in his country.art.27 ¶1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.
These are good ideas. These fundamental principles & rights are a minimum low bar to set that cannot be construed as “not reasonable.”
If Cloudflare links in the #FSF #FSD are replaced with archive.org mirrors, that automatically invokes the Library Bill of Rights (as InternetArchive is an ALA member). The LBR is also consistent with FSF’s principles.
People who are manipulated aren’t at fault
That’s debatable.
the manipulators are doing their job and are to blame
Yes, I agree. But our blame on them doesn’t matter if we aren’t going to make the blame accountable by boycotting. Shareholders are happy to pat them on the back when the manipulation succeeds & brings profits.
Also what does boycotting matter when the government will bail out a company that is failing.
I do not believe that if HP were to fall due to a boycott that the gov would bail them out. Such a bailout would be extremely unpopular among the public (who opted to boycott HP).
Boycotting is the only tool in our toolbox. I would love to have a different toolbox.
Should users be able to see bug reports?
Just tried to see the bug reports for a gitlab·com project. This is what I get:
Bruce Schneiere has frequently covered data sharing between US tech giants and intelligence agencies in his blog. It’s widely accepted. To call that a “conspiracy theory” is severely out of touch, post-Snowden revelations. At best, it’s only true as a technicality (that is, the US does not admit that the Snowden leaks are real so the official narrative still differs). It’s naïve to accept the official narrative and ignore Snowden’s leaks. Bruce Schneiere concurs with Snowden’s revelations & often acknowledges in his blog that that info sharing is going on.
That said, I do not see your specific claim about the NSA in the document that I linked, which is well cited. Which paragraph number are you referring to?
Sounds to me like this is the kind of abuse blocking any site would use not just cloudflair. Do you have any evidence that Cloudflair is unique in any way in this?
That’s not a meaningful comparison. Blocking sites do indeed block differently in various different circumstances & discriminate against different groups of people. There are patterns (like Tor blocking) but the meaningful comparison is CF to inclusive sites. E.g. gnucash.org. Gnucash demonstrates how a website can be deployed in an inclusive manner that respects user’s rights.
Cloudflare is unique in how it deceives its users (e.g. tells its users they have a “zero trust” model when in fact you must trust CF with visibility on all traffic payloads). CF holds the SSL keys, unlike other implementations. The recommendation to anti-feature tag CF sites would cover the vast majority of exclusive access-restricted projects. But if a link leads to a rare Siteground site, that should also get an anti-feature tag for being exclusive.
I mention this because I am not sure not using Cloudflair would change much.
Of course it would. Cloudflare brings in a long list of problems. Not using CF (like gnucash.org does) solves all those problems of exclusivity and privacy.
You would have to use another CDN or build your own solution. Abuse is a real thing and is the reason we cannot have nice things.
The Gnucash project disproves this. Furthermore, a CF link can often be replaced with an archive.org link.
Also, loading images has nothing to do with not passing the Cloudflare check.
Cloudflare is anti-robot. It’s one of the things they’re not secretive about. Robots do not load images because they are scraping textual information into a DB. Not loading images is relevant to bot detection and triggers anti-bot blockades. So bot creators will sometimes code their bots to needlessly fetch images in order to appear more human.
Like, phone screens could just display black for a blind user. But they don’t.
But they should. The reason they don’t can only be attributed to no one making the effort to extend the battery life for blind users. If the option existed, why wouldn’t blind people use it?
I have a few disabilities myself, and know a couple people who are blind. They just use Firefox.
Certainly you can’t speak for blind people by finding a few who have not realized they can disable images. This does not mean more advanced blind people have not done that. My vision is fine and I still disable images in Firefox in part to not waste bandwidth. Obviously I would keep image loading disabled if I were to go blind. The only reason for a blind person to load images (apart from getting help from someone else) is the same reason bot authors do it: to avoid being treated like a bot.
Going way overboard to the point of being pure is one of the biggest issues the FSF has in terms of relevance and your suggesting they go further down the rabbit hole.
Framing inclusion of all people as a “purist” agenda is a bit rich. The Universal Declaration of Human Rights doesn’t say it’s okay to deny equal access to some people. for example. And we don’t call the UDHR “purist” or extremist for being all inclusive. Being inclusive is where the bar should be set. It’s achievable and there are some projects that prove that.
It is better to direct people to good FOSS they can and will use then some imagined pure breed that no one will ever use.
You’re not grounded in reality. Tagging anti-features does not lead to “some imagined pure breed that no one will ever use.” Nor would anyone avoid listings which have no anti-feature tags. It’s the contrary. Projects that lack anti-features are superficially attractive.
Biggest issue with github is that it mixes FOSS and non-FOSS and even worse not all projects have clear licensing.
That is not the biggest issue with Github. Github is exclusive, feeds copilot, feeds a company that’s antithetical to the FSF mission, among other issues that were listed in the OP.
First of all Cloudflare does not disclose to excluded communities why they are excluded. This non-transparency keeps the marginalized in the dark about both the technical criteria for exclusion and also the business reason for exclusion.
Why I personally have been excluded is irrelevant trivia. The full extent of CF’s exclusion is unknown but it’s evident that at a minimum these groups of people are excluded:
- public libraries
- Tor users
- VPN users
- CGNAT users (often poor people in impoverished regions whose ISPs have fewer IPv4 addresses to allocate than the number of users)
- people who use scripts to access web resources (and interactive users who merely appear to be bots by using non-graphical FOSS tools, blind people IIRC as they are not loading images)
- all people with a moral objection to exposing ~20—30% of their web traffic (metadata & payloads both) to one single centralized tech giant in a country without privacy safeguards.
I personally experience exclusion by all of the above except CGNAT.
As far as Cloudflair… they are a CDN. relax. Nothing is locked there
Nonsense. Cloudflare (a proxy not a CDN) is exclusive. People like myself are in the excluded group. If Cloudflare gives you no problems personally, then you are in the included group. It’s designed so those excluded are invisible to the included group. You can only see the barriers to entry if you are actually excluded.
Those mught look like freedom pitfalls but are actually not. On the one hand gitlab dot com is not reaaly bad for freedom as it has at least an open core and is very freedom friendly.
You’re conflating a specific instance (the flagship one) with the software it uses, and also neglecting that it runs a non-free enterprise-licensed package, not free s/w. SaaS ≠ software. This particular instance scores poorly by FSF’s own freedom criteria.
There are FOSS-based Gitlab community repos which have no notable freedom issues, but these are not what my comment refers to. The Gitlab CE instances would not need an anti-feature tag. But Gitlab dot com does.
Cloudflare? Why are you even mentioning this?
Restricted-access docs exclude people and also violates the Free Documentation License.
Remember it stand for Free software first.
Software as a service was rightfully cautioned by RMS himself and it is well inside the purview of FSF which has published various essays on the topic.
The first bounty I would create for any project of interest is a bounty to move the bug tracker out of Github so those who boycott Microsoft can at least participate in the QA process.
So having a bounty mechanism inside Github is a bad idea. As a MS boycotter, I would be excluded from contributing bounties via the mechanism you propose.
No specific manufacturer in mind right now
MFDs are being tossed into dumpsters in high numbers. I keep pulling out HPs and Canons. The scanner functionality always works. I think the focus should be on hardware that is getting thrown away for environmental reasons. Even if the printing is toast, printers could be repurposed for all kinds of things since they are all network-attached now.
HP should be boycotted, so ideally FOSS f/w would only be developed for discontinued models so as to not incentivize procurement.
I’ve not been tracking them because I tend to only collect dirt on the greatest of evils. What comes to mind:
I vaguely recall a slew of Mozilla actions that were anti-thetical to privacy and user interests which caused me to move them from “a decent browser” to a “lesser of evils”. Hopefully others have better records of Mozilla’s history.
update May 2024