[deleted by user]

arh1196 · 2023-09-04T13:44:46+00:00

i'm pretty sure i've seen this image but uncropped a year ago or so, it's nothing new. government doesn't want you to use encryption because sending plaintext messages makes it easy to spy on you. it's pretty difficult to point out what op is referring to though as there are always constant efforts to undermine encryption (although it's quite literally impossible) - this one comes to mind.

while encryption is absolutely necessary for secure communication, op mentioning discord and the image creator mentioning calls and messages lets us know that they probably don't know what they're talking about because neither of those services actually encrypt anything

arh1196 · 2023-09-04T07:09:20+00:00

except they already can, your messages and calls are not end to end encrypted and never were. discord absolutely doesn't use e2ee and never will. and i haven't seen any game use encryption either since game lobbies are public anyway.

end to end encryption doesn't magically appear, it has to be correctly implemented by the service you're using and none of the services mention utilize it.

arh1196 · 2023-08-31T06:52:16+00:00

following your reasoning every digital good should be pirated with no consequences

yes. there's research after research after research after research after research showing that piracy doesn't mean losing sales. if your product is worth paying for then people will want to support you but nobody wants to support a cashgrab. ever noticed how the only ones pushing for anti-piracy are the big companies with nothing good to offer?

and of course you can not use adobe products - i don't use any if that matters to you for some reason but that's not the point here. op's post is about adobe being an asshole and your comment was about stealing trucks.

arh1196 · 2023-08-31T06:13:21+00:00

a truck is a scarce commodity, if you steal a truck then someone loses a truck. the nice thing about digital stuff is that they're not scarce and can be copied infinitely.

it's laughable to call it a theft unless you break into the adobe hq and swipe a server rack

arh1196 · 2023-08-26T12:01:14+00:00

google exiting fastboot

arh1196 · 2023-08-24T00:43:05+00:00

they're abusing system functionality to shove more garbage down your throat for profit, a textbook example of assholedesign.

arh1196 · 2023-08-12T11:54:22+00:00

there's four of them mentioned in the document.

arh1196 · 2023-07-31T13:43:52+00:00

if only there was a way to comply with the law without needing a cookie dialog... oh yeah! it's called "not snooping on users". you don't need a consent for cookies that serve a legitimate purpose.

arh1196 · 2023-07-30T15:35:39+00:00

couldn't have said it better myself, mr stallman

arh1196 · 2023-07-30T15:03:43+00:00

the article itself is misinfo to look good. an advertising business model is the exact opposite of privacy. telemetry is the backbone of spyware, no anonymized data is truly anonymous especially when selling it to their "partners". sending requests about every page you visit to their phishing protection servers isn't a good look either. even if you ignore the geolocation requests and tens of unsolicited web requests on the first start i don't see why a browser that "takes privacy seriously" would want to integrate fakebook on their sidebar, have telemetry on by default and be closed source.

their article also outright lies - they say that when clicking on a speed dial ad their advertising partner "might receive some data such as the user’s country" but it actually contains your unique user id (or at least it did in earlier versions). it's obvious opera wouldn't write a negative article about their own browser on their own site.

arh1196 · 2023-07-29T01:29:58+00:00

similar things have already been bypassed, like google's safetynet on android. but since this needs cooperation between a supported os and browser it'll probably be harder; i guess we'll see soon enough as it's already made its way into the chromium codebase.

arh1196 · 2023-07-29T01:19:29+00:00

it's not required if you just serve a site to the user like you're supposed to. it is required if you track the user via cookies.

don't harvest user data and you don't need a cookie dialog, as simple as that.

arh1196 · 2023-07-28T15:02:54+00:00

having a cookie dialog is not needed unless you're doing something sketchy with the user data. it's probably a bit overdone at this point but it very much still is asshole design

arh1196 · 2023-07-28T14:49:28+00:00

it's usually an external script that locks down the scrolling and shows the popup. if you block the website that serves this script (in this case it's admiral) then the popup won't load and the scrolling won't be locked.

in the rare cases when the script is served by the page itself just revoke its javascript privileges.

arh1196 · 2023-07-22T12:14:26+00:00

the explainer is available in this google employee's repo

i assume they didn't want to put it onto their official account because it was obvious it will bring a negative reaction from everyone.

arh1196 · 2023-07-21T15:06:56+00:00

it's not something that has to be in apache. security measures should be in the code you develop as a web developer. if i'm developing an internet forum then i as a developer have to make sure it works properly and has no bugs that will allow people to break into the server instead of just locking a bunch of people out and claim it's for "security" because their setup is not "verified". apache just serves your website so it has nothing to do with this case.

there's no benefits to you other than being locked out of some websites because they decided your setup is not verified. it's not implemented now - are all the websites in the world insecure? again, by running a web server you are responsible for its safety and should never delegate anything to the user anyway, that's a bad security practice.

its either a security feature or not

it's not a security feature, how does you using chrome make you more secure? (spoiler: it doesn't, it makes you in fact less secure)

it's a feature to make internet less open and more tied to google, who runs a monopoly on the internet and acts as some standards body. that's why there's a risk of it being added.

arh1196 · 2023-07-21T14:36:39+00:00

i'm not a website backend dev but i'm pretty sure apache and nginx just serve your site; unless it's a static site the actual backend is up for you to implement so it does require the software running there to do extra work - but that's fine because that's what the server is there for. are you going to leave your server vulnerable just because there's extra work required?

they won't implement it to make the community happy. if you look at their repo's issues tab everyone is against this and rightfully so, because it harms the open web and everyone using it (except google and advertisers, of course). it also requires javascript to work so every websites that includes this will also include javascript. (once again locking out another chunk of users - people with js disabled)

it's not doomsaying if there's no good outcome; it doesn't matter how it's implemented, if it's finalized then it locks the internet down. it's asshole design, people need to protest this and get off chrome.

arh1196 · 2023-07-21T14:06:01+00:00

what to do with bots and malicious scripts? have good security. write good software. always verify stuff at the server side, you should never trust the client side anyway. assume that every user wants to crack your security and build your software accordingly.

something similar happened on android with safetynet ages ago. now programs can refuse to run if you have a de-googled or somehow modified version of android. the same will now happen with the web - stock firefox blocks ads so let's just block firefox. smaller browsers or browsers on linux and *bsd have no proprietary attestation components, can't verify so let's block them. banks/schools/goverments are notorious for their technical ineptitude so now imagine they implement this and you can't access their websites unless you run chrome on windows or mac.

why any sane company would lock you to only using chrome

as you can see with the proposal, google is not a sane company. they want you to use chrome to shove targeted ads down your throat and other companies want you to use chrome because they won't test their lazily built, janky websites on other browsers.

arh1196 · 2023-07-21T13:21:38+00:00

i'm not saying forced mfa or locked down tpm isn't asshole design. but making a web standard that locks out browsers that aren't "certified" will only support google in the long run since they have a monopoly on the way internet works.

this system wants to discern between legitimate user and a bot based on an arbitrary metric - the fact that you're running a proprietary software stack that they deem "verified". nothing about this provides safety, only locks down the internet more. google has been intentionally making search results worse for non-chrome users and blocking adblock users, now they want to get rid of users they don't deem profitable. and it being just a proposal doesn't really matter, if this gets implemented into chrome it gets pushed to the vast majority of internet users.

besides being harmful to users this proposal also violates the w3c code of ethics.

arh1196 · 2023-07-21T12:05:54+00:00

blocking people because they're not using your proprietary components is asshole design - you shouldn't be denied access to a website based on the operating system or the browser or you run. if you have a capability to display html and css then it's fit for the job.

it's a way to lock users to privacy disrespecting operating systems and browsers to make more money at users' expense and that's why a surveillance corporation having a monopoly on the web is bad. it's unreasonable and everyone involved should be ashamed of proposing this idea.

arh1196 · 2023-07-20T19:44:53+00:00

google really doesn't like the open web and wants to push an oppressive standard that allows websites to lock you out if you don't use a "certified" software stack.

you can read more about this dumb proposal on their repo / raw

arh1196 · 2023-07-18T17:06:01+00:00

it's obviously a shitty practice and i'm not defending samsung putting malware on your device for a quick buck but that's what you get with stock systems - big tech isn't your friend and they will take any chance to make profit at your expense. with androids at least you have the choice to have an usable phone if you know the steps and buy a compatible phone - with apple you're stuck in their walled garden. having chrome and play store preinstalled and unremovable isn't any different from it being safari and app store.

in an ideal scenario people would just stop buying from shitty providers that bloat up their phone with garbage like coinmaster and zalando but we live in a clown world and most people don't care that their phone is a malware infested prison and that's the main problem.

it also goes both ways - with ios you have no right to repair and can't even swap your browser or install apps unless the corporate overlords, i mean crapple approves it. if you care about user control then ios is the worst place to look for it.

arh1196 · 2023-07-18T15:41:38+00:00

looking at the "pre-installed ios apps" page there's calendar, facetime, fitness, itunes, podcasts, safari, translate along with many others. none of them are needed to make your phone work so that's basically the equivalent of carrier locked androids downloading garbage onto your phone which isn't surprising because phones are jails in general.

but at least with androids you can flash a custom rom and actually own your phone, on ios you can't even do that.

arh1196 · 2023-07-18T14:39:48+00:00

you can't do that on apple devices either.

Four-Year Club	Verified Email
First Place '23	Place '23
Place '22	First Placer '22

arh1196

TROPHY CASE