debanqued

joined 2 years ago
[–] debanqued 1 points 3 months ago* (last edited 3 months ago) (1 children)

The elitist idea that it’s okay to exclude people from public service for not having property cannot be framed as “harm reduction” when in fact it fails at that. The people who have mobile phones and subscriptions are the same people who can afford Wi-Fi at home, data plans, etc. These are people who are already served by the private marketplace. You merely give them a convenience at the expense of spending money in a way that marginalises the needy. It’s not just discrimination you advocate -- the money is poorly allocated when it should go toward serving precisely those you exclude; the ones underserved by the private sector. By catering for the more privileged you only introduce harm by creating a false baseline that harms the excluded groups even more. Libraries were more inclusive 10 years ago, before they needlessly introduced these SMS-imposing captive portals. And some still are inclusive. Some poorly managed libraries have gone in an exclusive direction and this trend is spreading.

We’re at #2.

Who? Which library is at #2? Some libraries are entirely inclusive and treat everyone equally. Some libraries have regressed and have no pressure to join the inclusive world. You’re opposing the pressure that’s needed to make them better. That’s not helpful.. that just enables the problem to worsen.

[–] debanqued 1 points 3 months ago* (last edited 3 months ago) (3 children)

Having services for some rather than none is quintessential harm reduction.

No it’s not. It increases the harm. We have already reached a point where many governments assume everyone is online and they have used that assumption to remove offline services. So people who are excluded are further harmed by the exclusivity as it creates more exclusivity. If a public service cannot be inclusive then nixing it ensures the infrastucture is in place to compensate knowing that the service is not in place.

extremely childish and harmful.

Elitism is extremely childish and harmful. Respect for human rights is socially responsible. It’s the adult stance.

Unified Declaration of Human Rights, Article 21:

“2. Everyone has the right of equal access to public service in his country.”

[–] debanqued 1 points 3 months ago* (last edited 3 months ago) (5 children)

If a library is exclusive the threat of defunding has two outcomes:

  • compliance -- to become inclusive and (if necessary) show the door to elitists therein who think it’s okay to exclude people
  • closure (unrealistic, see below)

Either outcome is better than directing public money toward exclusive services. In the case of closure, the same money can rightfully be redirected toward other libraries that are inclusive.

Compliance splits into two possible outcomes:

  • exclusive services dropped entirely; inclusive services like book/media access continue
  • exclusive services reworked to become inclusive

Both of those are better outcomes than inequality. Dropping an exclusive service invites pressure to fix it. In any case, the elitism of exclusive public service is unacceptible because it undermines human rights.

(edit) One thing I did not consider is the exclusive services getting non-public funding. If Wi-Fi is going to be exclusive/elitist, perhaps it’s fair enough to continue as such as long as Google or Apple finances it. The private sector is littered with exclusivity and that doesn’t pose a human rights issue. In any case it’s an injustice if one dime of public money goes toward a service that is exclusive, which has the perversion of potentially excluding someone whose tax funded it.

[–] debanqued 1 points 3 months ago* (last edited 3 months ago)

The irony, hypocrisy, and injustice here is that the UN’s own website itself discriminates against some demographics of people and denies access to the UDHR of 1948:

And this same UN will be creating the Digital Global Compact.

2
submitted 4 months ago* (last edited 4 months ago) by debanqued to c/bugs@sopuli.xyz
 

I installed the Aria2 app from f-droid. I just want to take a list of URLs of files to download and feed it to something that does the work. That’s what Aria2c does on the PC. The phone app is a strange beast and it’s poorly described & documented. When I launch it, it requires creating a profile. This profile wants an address. It’s alienating as fuck. I have a long list of URLs to fetch, not just one. In digging around, I see sparse vague mention of an “Aria server”. I don’t have an aria server and don’t want one. Is the address it demands under the “connection” tab supposed to lead to a server?

The readme.md is useless:

https://github.com/devgianlu/Aria2App

The app points to this link which has no navigation chain:

https://github.com/devgianlu/Aria2App/wiki/Create-a-profile

Following the link at the bottom of the page superfically seems like it could have useful info:

“To understand how DirectDownload work and how to set it up go here.”

but clicking /here/ leads to a dead page. I believe the correct link is this one. But on that page, this so-called “direct download” is not direct in the slightest. It talks about setting up a server and running python scripts. WTF.. why do I need a server? I don’t want a server. I want a direct download in the true sense of the word direct.

[–] debanqued 1 points 4 months ago* (last edited 4 months ago)

I would love to put my code where my mouth is. It’s on my long list of projects. The defects I describe in this thread probably do not justify a forking effort and I’m not enthusiastic about learning JavaScript, which is not just a shitty language but also it’s the wrong tool for the job. Although Rust is probbly a decent choice for the backend (but Ada would probably be better).

The biggest deficiency is that there is no decent threadiverse desktop client. I am just baffled that a majority of threadiverse users are using phones. There are like a dozen different mobile clients to choose from and not a single decent client for the desktop. So if I build anything it will be a proper client for a sensibly sized screen (non-portable).

As for fixing the defects exposed in this thread, the upstream Lemmy devs are rather stubborn but I think devs of an existing fork (Lenny?) might be more open to improvements.

Who would use a well-designed variant? You can see from the thread that millennials & gen Zers actually expect designs that prioritise the anti-bot agenda above the needs of both the direct user (the admin) and the end user. A majority of the population does not see how Google, Spamhaus, and Microsoft have broken email. This threadiverse crowd entered after email was already ruined. The emotional attachment to gmail (calling it what it is.. there is no generic netneutral email infra anymore) trumps software that avoids the dog food problem. I might be the sole user of such software, especially if I also code it to enforce decentralisation (which would necessarily include anti-centralisation features that would be unpopular).

[–] debanqued 2 points 4 months ago* (last edited 4 months ago)

to have not actually had an account yet makes it pretty obvious when you try to login and fail that the application has not been accepted.

That would be a blunt non-transparent/non-specific message to send. It’s not obvious /why/ the reg was denied.

If the instance admins wanted to talk about it, they’d have emailed you; or published some means of contacting them outside lemmy.

Lemmy software is designed as comms software itself with email address disclosure optional. An admin can make it mandatory, but Lemmy’s design should cater for the email-free option regardless of how an admin toggles that setting.

I wouldn’t expect to receive the reason for refusing the application via any other means than the email I’d provided in that application.

I get that. People are accustomed to relying on email. But this is not an excuse for software deficiencies.

That’s the entire purpose of providing an email; so you could be contacted when/if there are updates to your applications status.

That can be accomplished without email. Email is a convenience at best. Some users have decided email is an inconvenience and do not use it. And Lemmy supports that -- partially.

Let’s be clear about who the software is expected to serve. The comms feature of giving feedback to users without an email account is not to directly serve the end user. Software should serve its user (the Lemmy admin in this case). A Lemmy admin does not want to take the time to express themselves on their decision only to have their msg blackholed. They don’t necessarily know that an email address is disposable. The end user benefits by extension, but it’s about creating software that serves the direct user of the s/w. If you’re an admin who makes email optional, you might still want to be able to get a msg to a user.

The core purpose of the Lemmy platform is communication. So relying on out-of-band tech is kind of embarrassing. Think of it from the dog food angle. An in-band msg has the advantage that the admin has more control (e.g. they can edit a msg later and they can know whether the msg has been fetched). Lemmy relying on email as a primary means of comms is a dog food problem.

The only sensible concession I would see to make is that there are a hell of a lot more important things for Lemmy devs to work on because the software has a lot of relatively serious defects. I’m talking about how great software would be coded, but extra diligent handling of denials should have a low triage in the big scheme of the state of where Lemmy is right now.

[–] debanqued 2 points 4 months ago* (last edited 4 months ago) (1 children)

The cognitive dissonance in this

It seems you don’t know what that phrase means. It doesn’t follow from anything else you wrote why you think that.

You don’t think providing an email from a throw away service would strike the software as a malicious user/spam bot???

You don’t think that legitimate streetwise users secure themselves by supplying disposable email addresses???

You keep talking like you know everything

The post intends to solicit intelligent and civil discourse with logical reasoning, not the sort of ego-charged emotional hot-headed pissing contest you’re trying to bring here.

[–] debanqued 3 points 4 months ago* (last edited 4 months ago) (5 children)

I’m not seeing how this is a good justification for login refusals to lack information and transparency. When you are denied a login, a well designed system tells you why you are denied and the rationale the server gives you should either include enough info to imply a remedial course of action (e.g. “re-apply and tell us more detail about why you like our node”), or at least make it clear that the refusal is final for reasons that are non-remedial. Users should not have to guess about why they are denied a login when countless things can go wrong with email at any moment. The denial rationale should be emailed and also copied into the server records to present upon login attempts.

The only exception to this would be if they really believe they are blocking a malicious user. Then there is some merit to being non-transparent to threat agents. But the status quo is to treat apps rejected for any arbitrary reason as they would an attacker.

 

These are Lemmy instances with a “Sign Up” link which present you with a form to fill out to register. Then after you fill out the form and supply information like email address to the server, they respond with “registration closed”:

  • lemmy.escapebigtech.info (dead node now, but got instant reg. closed msg when they were alive)
  • expats.zone
  • hackertalks.com
  • lemmie.be
  • lemmy.killtime.online
  • lemmy.kmoneyserver.com
  • lemmy.sarcasticdeveloper.com
  • level-up.zone
  • zoo.splitlinux.org

I suppose it’s unlikely to be malice considering how many there are. It’s likely a case of shitty software design. There should be a toggle for open/closed registration and when it’s closed there should be no “Sign Up” button in the first place. And if someone visits the registration URL despite a lack of Sign Up link, it should show a reg. closed announcement.

Guess it’s worth mentioning there are some instances that accept your application for review (often with interview field) but then either let your application rot (“pending application” forever) or they silently reject it (you only discover non-acceptance when you make a login attempt and either get “login failed” or even more rudely it just re-renders the login form with no msg). These nodes fall into the selective non-acceptance category:

  • lemmy.cringecollective.io
  • lemmy.techtriage.guru
  • lemmy.hacktheplanet.be (pretends to send confirmation email then silently neglects to)
  • links.esq.social
  • dubvee.org

To be fair, I use a disposable email address which could be a reason the 5 above to reject my application. And if they did give a reason via email, I would not see it. Not sure if that’s happening but that’s also a case of bad software. That is, when a login attempt is made, the server could present the rationale for refusal. Another software defect would be failing to instantly reject an unacceptible email address.

 

Utility companies, telecoms, and banks all want consumers to register on their website so they do not have to send paper invoices via snail mail. When I started the registration process, the first demand was for an e-mail address.

Is that really necessary? They would probably argue that they need to send notifications that a new invoice has been prepared. I would argue that e-mail should be optional because:

  • They could send SMS notifications instead, if a data subject would prefer that.
  • They need not send any notification at all, in fact. Reminders is why calendars and alarm clocks exist. A consumer can login and fetch their invoice on a schedule. If a consumer neglects to login during a certain window of time, the data controller could send a paper invoice (which is what they must do for offline customers anyway).

They might argue that they need an email for password resets. But we could argue that SMS or paper mail can serve that purpose as well.

Does anyone see any holes in my legal theory? Any justification for obligatory email address disclosure that I am missing?

[–] debanqued 2 points 4 months ago* (last edited 4 months ago)

There is no valid reason for the United Nations blocking Tor.

A mom & pop shop selling cupcakes would have a valid reason (lack of funding, lack of competence, no conflicting principles). Blocking Tor is a cheap and sloppy attempt at separating ham from spam which inherently entails blocking ham, ultimately against the principles the UN theoretically supports. The UN should have the funding and competence to support their own values.

The UN probably should not be drafting rules about digital inclusion when they themselves have an embarrassing display of digital exclusion.

 

Yikes. As some Tor users may know, the UN drafted the Unified Declaration of Human Rights, which in principle calls for privacy respect and inclusion. That same UN blocks the Tor community from their website. Indeed, being denied access to the text that embodies our human rights is rich in irony.

Well that same UN plans to create a “Global Digital Compact” to protect digital human rights. It’s a good idea, but wow, they just don’t have their shit together. I have so little confidence that they can grasp the problems they are hoping to solve. Cloudflare probably isn’t the least bit worried. Competence prevailing, Cloudflare should be worried, theoretically, but the UN doesn’t have the competence to even know who Cloudflare is.

[–] debanqued 10 points 5 months ago* (last edited 5 months ago) (4 children)

I don’t want to be an enabler of the drivel, so without posting the full URL to that article that’s reachable in the open free world, I will just say that medium.com links should never be publicly shared outside of Cloudflare’s walled garden. I realise aussie.zone is also in Cloudflare’s walled garden, but please be aware that it’s federated and reaches audiences who are excluded by Cloudflare.

The medium.com portion of the URL should be replaced by scribe.rip to make a medium article reachable to everyone. Though I must say this particular article doesn’t need any more reach than it has.

Anyone who just wants the answer: see @souperk@reddthat.com’s comment in this thread.

 

I created a whitelist access profile. That ensures that the whole WAN is blocked except what is exceptionally whitelisted. I started with an empty whitelist. The LAN is rightfully accessible and the WAN is rightfully inaccessible.

The router does not use DSL. Instead, it uses a USB mobile broadband LTE modem. The modem has its own website which gives SMS capability. The modem is technically upstream to the router, so it is blocked when the WAN blocking profile is enabled. I want to whitelist the modem so that when I am blocking WAN access I can still reach the web UI of the modem and monitor SMS msgs.

Fritzbox is designed so that all attempts to directly access an IP is blocked if whitelisting is in play. IP addresses cannot be whitelisted, only URLs using FQDNs. So I did “nslookup 10.10.50.8” to get the hostname of the modem. Then I whitelisted the hostname. That does not work. The modem is still blocked.

[–] debanqued 1 points 5 months ago* (last edited 5 months ago)

Did you solve your issue?

I would use a directional yagi antenna. There are instructions floating around on how to make one cheaply using a Pringles can. You can then unscrew one of the “rubber ducky” antennas off your router and attach the pringles can using a “pigtail” (coax), and point it to the garage. That should put a signal right where you need it without brute forcing power into an omnidirecitonal antenna that blankets the whole block.

29
submitted 8 months ago* (last edited 8 months ago) by debanqued to c/politics
 

BBC World Service was covering the US elections and gave a brief blurb to inform non-US listeners on the basic differences between republicans and democrats. They essentially said something like:

Democrats prefer a big government with a tax-and-spend culture while republicans favor minimal governance with running on a lean budget, less spending¹

That’s technically accurate enough but it seemed to reflect a right-wing bias that seems inconsistent with BBC World Service. I wouldn’t be listening to BBC if they were anything like Fox News (read: faux news). The BBC could have just as well phrased it this way:

“Democrats prefer a government that is financed well enough to ensure protection of human rights…”

It’s the same narrative but expressed with dignity. When they are speaking on behalf of a political party it’s an attack on their dignity and character to fixate on a side-effect rather than the goal and intent. A big tax-and-spend gov is not a goal of dems, it’s a means to achieve protection of human rights. It’s a means that has no effective alternative.

① Paraphrasing from what I heard over the air -- it’s not an exact quote

#BBC #BBCWorldService

 

cross-posted from: https://beehaw.org/post/12271916

Suppose a law is named something like “The Royal Decree of June 14, 2018 regulating the Distribution of Pharmaceuticals and Vitamins”. If a document needs to refer to that law more than once, it makes a mess and causes some painful reading. How should something like that with a date be abbreviated?

(note that’s a fictitious law similarly named to the law I need to reference; it’s really a question of English and law and lawyers are perhaps best equipped to answer)

 

Suppose a law is named something like “The Royal Decree of June 14, 2018 regulating the Distribution of Pharmaceuticals and Vitamins”. If a document needs to refer to that law more than once, it makes a mess and causes some painful reading. How should something like that with a date be abbreviated?

 

For the past ~15 years I have tried for the most part to boycott:

  • American Express for being an #ALEC member (which supports #climateDenial and obstructs public healthcare, public education, immigration, gun control, etc), and for participating in the #Wikileaks donation blockade
  • Visa for pushing the #warOnCash (member of #betterThanCashAlliance.org and offering huge rewards to merchants who refuse cash), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards
  • Mastercard for pushing the #warOnCash (member of betterThanCashAlliance.org), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards

Discovercard has always been a clear lesser of evils. So Discovercard has earned the majority of my business whenever cash is not possible. But now I hear chatter that #Discovercard might merge with a shitty bank that had an embarrassing data leak by an Amazon contractor: #CapitalOne. I was disappointed when Samual Jackson promoted #CapOne. Capital One supported Trump’s Jan.6 insurrection attempt among other things.

So what’s left? JCB (Japanese) and UnionPay (China). JCB pulled out of the US like 10 years ago. People outside the US can get a #JCB card but then IIRC it uses the Discovercard network in the US and the #AmEx network in Canada.

I already favor cash whenever possible. In other cases it will be hard to choose the lesser of evils between CapOne and Mastercard.

update


Found an insightful article detailing a loophole that the fed gave to Discovercard which is why Capital One intends to buy it.

 

cross-posted from: https://beehaw.org/post/12170575

The GDPR has some rules that require data controllers to be fair and transparent. EDPB guidelines further clarify in detail what fairness and transparency entails. As far as I can tell, what I am reading strongly implies a need for source code to be released in situations where an application is directly executed by a data subject and the application also processes personal data.

I might expand on this more but I’m looking for information about whether this legal theory has been analyzed or tested. If anyone knows of related court opinions rulings, or even some NGO’s analysis on this topic I would greatly appreciate a reference.

#askFedi

view more: next ›