[-] ShadowPouncer@kbin.social 11 points 1 year ago

Every now and then, I try to browser without an ad blocker.

That generally lasts until I encounter something that's bad enough that I don't really have a choice, and then I turn it back on.

The page needs to actually function. It needs to be possible to click on something and actually be clicking on the thing that you're intending to.

And it can not have stuff that blinks in a manner that causes a segment of the population (which includes me at times, but not 100% of the time) significant neurological problems.

That last one has been the driving force behind stuff getting reenabled a fair bit.

Oh, and if it's ads on video content, they need to be at least vaguely reasonable in regards to interruptions and length. Youtube is way past that at this point.

[-] ShadowPouncer@kbin.social 29 points 1 year ago

To be real clear, the only thing this does is screw over the hourly employees trying to survive on tips.

It does absolutely nothing to the business, they don't care, at all. It doesn't impact them in the slightest.

Yes, by law, if someone makes so little in tips that they would be getting paid below minimum wage the business is supposed to make up the difference.

Assuming that happens for the entire shift.

In practice, by all accounts... That pretty much never happens.

[-] ShadowPouncer@kbin.social 11 points 1 year ago

Make no mistake, this is not an accident. It's the goal.

Take a hard look at the rhetoric they are using to try and justify there extremist actions against LGBTQ+ people in their states.

Then, go look at the language that was used by Nazi Germany about groups that they then went on to try and wipe out by systematic genocide.

Again, this is not some weird coincidence, or an accident, or a mistake.

It is nothing short of a political party that has decided that the nazis had the right idea, and is very deliberately copying them and their rise to power.

Expect things to get far, far worse.

[-] ShadowPouncer@kbin.social 37 points 1 year ago

From the comments, I think that the general answer is: We all recognize it, because a lot of different places used a logo sorta like this in the 90s.

And we can't pin it down exactly, because a lot of different places used a logo sorta like this in the 90s.

And being the 90s, a lot of that was never on the internet in the first place.

It rings very strong bells for me, and I don't think the reason is one that (at the time of this comment) has already been posted... But I can't for the life of me remember what it was for.

[-] ShadowPouncer@kbin.social 5 points 1 year ago

Yes and no.

I suspect that Reddit is going to lose a fair number of chargebacks, because the credit card association rules are often a bit more strict.

[-] ShadowPouncer@kbin.social 10 points 1 year ago

And the Supreme Court is supposed to be a court of law.

Sadly, as they have decided to move away from that, the least the executive can do is ensure that the law is being correctly applied in cases where it favors the people.

[-] ShadowPouncer@kbin.social 5 points 1 year ago

Mastodon absolutely does have a weakness of making it more difficult to find people that you want to follow based on what you have already engaged with.

And from a purely user perspective, that is a weakness.

But it's also a very distinct choice. Because having enough data to be able to meaningfully make such recommendations means having a central database of every user interaction by every user.

And it also means making choices and value judgements which, almost by definition, can not be value neutral.

If the creators of the algorithm are good, they will actually be aware of the choices and value judgements being made, if not, well... They will still be making them, just not in nearly as educated of a way.

On the whole, I really hope that we eventually come up with answers to these problems that make it possible for a user to make those choices, and to have the amount of recommendations that they want, while somehow not having anyone have the huge database of user interactions. I'm not sure if that's even possible, most especially if you assume that there will be entities on the fediverse that are fudging their data to get recommended in ways that other users don't want.

But it sure would be interesting to try.

[-] ShadowPouncer@kbin.social 25 points 1 year ago

The really really sad thing is, Reddit could have done a half decent job and made a fair bit of money, but they decided on stupidity instead.

Sure, it would have upset some people a bit, but... Not by anywhere close to the same degree.

Alright, we're sorry, but use of the API is going to have to start costing money for some kinds of uses.

First off, people that just want to scrape everything get the following access, and a much higher rate limit, but it's going to cost $x.

Moderator tools will always be free, but the API will require that the tool be associated with a moderator, and it will only permit access to subs that the user is a moderator for.

Community bots will generally be free, subject to the following restrictions.

And 3rd party clients will be charged a minimal amount, calculated to be roughly equal to what we are making from similar users on the official clients, to make up for lost ad revenue. Alternate options involving profit sharing may be viable, contact X for details.

By accepting the API agreement, you agree that use of the wrong class of API usage (for example, using the community bot or 3rd party client classes for data scraping) will be billed, retroactively, at $X * 10.

There. That's really not that hard. And people would have been much less upset at that, at least as long as the fees were actually as described, and not based on, say, how much they would like to make per user.

You'd probably want a free tier for 3rd party clients for users of specific account types. If the user is paying for Reddit Premium, maybe 3rd party clients don't get charged for API usage for that user account. Or if the user is a moderator for a given subreddit, API usage for that user on that subreddit is also free. With an API that the client can use to check the status of such things. If they were smart, they would also have a process for users with disabilities to have their accounts exempted from fees. That last one is hard, because you need a verification process, but it would get them a lot of good will.

Again... This shouldn't be hard. And it would have turned into a viable revenue stream!

Hell, flatly disclose that the 3rd party cost is 30% more than the average cost of using the standard client, to support the effort required to maintain the API. (Largely bullshit, but it makes those users more valuable than those that use the official client, while not being expensive enough to make it impossible for anyone to offer a 3rd party client at an even remotely sane cost.)

Yes, this would have very sadly been the end of free 3rd party clients... But I for one would have been... Okay with paying a small amount per month/year through the app store for a client that didn't suck.

Instead, Reddit decided that committing suicide was the better path forward.

[-] ShadowPouncer@kbin.social 4 points 1 year ago

The advice to always use a unique password per site is an excellent one.

The why is multifaceted, and some of them are moderately complex.

First off, not every site is going to be storing your password in a good a secure manner.

In an ideal world, every site on the planet would be hashing it with something like bcrypt with a fairly aggressive cost setting, and good salts.

And they would have a way to automatically rehash your password on login in the event that the password hashing settings change. (Almost everyone misses this one.)

In practice... It could be stored in plain text. It could be hashed with classic crypt(), or with md5 or sha1 with no salt. There are so many ways to get it wrong.

On the rehashing one, they could have picked something that was best practices at the time, you setup your account, and then two years later, best practices have changed, it turns out that there was a way to attack the previous way, so they change how they do it... And that's great for everyone who changes their password or sets up a new account after that change, but everyone who did it before that change? Well, those passwords are just sitting there hashed by the old method indefinitely.

Or someone could compromise the site, and grab every password everyone enters.

Or you could fall prey to a phishing attack, and type your login to what looks exactly like the site in question, but is infact a common typo of the real domain.

Again, there are a lot of ways for the password used on a site to get compromised. Many of those ways are entirely out of your control. It is standard practice for attackers to attempt to use that password and username / email on other services when this happens, just so that they can see what else they can get into.

Don't let that work.

[-] ShadowPouncer@kbin.social 7 points 1 year ago

I use + addresses for stuff.

Well, since I run my own mail server, I tend to use _ instead of + as the separator, simply because more places will consider it a valid address.

But it's amazing how useful it is to include the name of whoever you're giving the email address to in the email address. It lets you keep getting email for stuff like password recovery. And when an address is leaked, not only can you block that one, but you also get to know who leaked it.

Which is awesome for knowing which businesses to never use again.

[-] ShadowPouncer@kbin.social 6 points 1 year ago

Don't do this.

Just use a good, random, password generator with decent settings.

Varying away from that just to 'change the kind of password' is only going to reduce your security.

You want as many random bits of information as possible in the password. That's it.

[-] ShadowPouncer@kbin.social 8 points 1 year ago

If there are not already people running fediverse nodes that exist specifically to harvest potentially 'interesting' data, there will be.

You edited it? That's maybe interesting. You deleted it? Same deal, maybe interesting.

It looks like an email address? Definitely might be interesting. A phone number? Yep.

An address? Definitely could be interesting.

If you posted it, assume that it will always be available to the exact people that you don't want to see it.

view more: next ›

ShadowPouncer

joined 1 year ago