It’s a decent approach but incomplete. Couple problems:

• Lemmy would not host youtube videos. YT transcripts could (and should) be part of the post, but then there is the same problem as the next bullet:
• w.r.t text content, some people (very few people) indeed copy the content. It’s failing because people are lazy. Too lazy to check whether the link is in a walled garden; too lazy to warn people of the walled garden; also too lazy to copy the text. Sometimes it’s more naivety than lazy, but same problem: you are relying on the masses to make individual decisions that are wise, inclusive, and higher effort.

A good system is designed with the assumption that users are lazy. As such, Lemmy is poorly designed.

1 lazy author can inconvenience thousands of readers. Lammy’s design fails to address that.

Down-voting every youtube link is indeed the only individual action that can be taken in the current system. It could theoretically lead to a YT link being folded or sunk lower. Tricky though because people should know why their YT links get down-voted. Ideally you would be able to tell them in a response. But I think I know how that would go: people with digital inclusion principles have actually become a diluted small minority in the fedi. A flood of lemmy.world folks who would follow the crowd off a cliff would down-vote your reply and up-vote the YT link in solidarity of their favorite walled gardens.

You could DM the reason for down-voting. But then the problem does not get the exposure it needs.

The fedi has evolved like Burning Man. The movement was true to its founding principles early on but as the crowd grew over the years it became enshittified faster than a digital rights subculture could take hold.

BTW, I should mention that sh.itjust.works is also a centralised Cloudflare node.

My point still stands.

Of course it doesn’t. Your point doesn’t even grasp the problem. You think the problem is that fedi users have (or have not) entitlement to content. It’s a red herring. You cannot begin to solve a problem you do not understand. It does not matter who is “entitled” to the content. The content is exclusive; locked inside a walled-garden with a gatekeeper. The problem is that exclusive access content is being linked on an open content platform and shoved in the face of readers who do not have access to the closed content.

The moment you are using someone else’s platform

Again, you still fail to grasp the problem. Using someone else’s platform is not a premise. You can either be on someone else’s node or you can be on your own self-hosted node. Either way, exclusive links are in the reader’s face.

How can you get so many things wrong… then you claim using one platform inherently revokes rights outside that platform – of course not. Irrelevant regardless, but rights granted on one platform do not diminish rights on another.

you loose the rights to the content outside of that platform.

It’s not about “rights”. That’s a legal matter. It’s about digital inclusion (a technical matter). People don’t want to see links that exclude them. It’s just pollution.

To reach the particular law office which has become a specialist in this particular case, yes you are trapped because they use MS Outlook. There is no way to exchange email with them without involving MS.

Victims can use any lawyer, but any other lawyer will need to research the case (at the victim’s cost).

better than what? I’m not understanding your comparison here.

You’ve misunderstood the problem. It’s not a fix to access content that’s needed. The question is how to fix the pollution: exclusive walled-garden links appearing outside of the walled garden (where not everyone has access or is part of the special club of Google/Facebook/Cloudflare patrons). How did you misunderstand when I mentioned a toggle? And the title… how could I make the title more clear?

But at some point to interact with any kind of large company … You could also consider not interacting with large companies at all

Actually the large corps are more likely to hold the data in-house. Small companies cling to outsourcing. E.g. credit unions are the worst… outsource every service they offer to the same giant suppliers. Everyone thinks only a small company has the data (and consequently that the small dataset does not appeal to cyber criminals) but it’s actually worse because they outsource jobs even as small as printing bank statements to the same few giants most other credit unions use. Then they do the same for bill pay with another company. It’s getting hard to find a credit union that does not put Cloudflare in the loop. So in the end a dozen or so big corps have your data and it’s not even disclosed in the privacy statement.

Of course it depends on the nature of the business. A large grocery chain is more likely to make sure your offline store purchase history reaches Amazon and Google than a mom & pop grocer who doesn’t even have a loyalty program.

Whether businesses get copies of information is usually included in a site’s privacy policy,

I have never seen a privacy policy that lists partners and recipients apart from Paypal, who lists the 600+ corps they share data with for some reason. Apart from bizarre exceptions privacy policies are always too vague to be useful. Even in the GDPR region. If you read them you can often find text that does not even make sense for their business because they just copied someone else’s sufficiently vague policy to use as a template.

If you really want to limit your information exposure, you either have to audit everyone you do business with this way (because most large companies do this) or hire someone (or a service) to do it.

The breach happened in a country where companies are not required to respond to audits. No company wants any avg joe’s business badly enough to answer questions about data practices. In the EU, sure, data controllers are obligated to disclose the list of parties they share with (on request, not automatically). And even then, some still refuse. Then you file an article 77 complaint with the DPA where it just sits for years with no enforcement action.

My approach is a combination of avoiding business entirely, or supplying fake info, or less sensitive info (mailing address instead of residential, mission-specific email, phone number that just goes to a v/m or fax). This is where the battle needs to be fought – at data collection time. Countless banks needlessly demand residential address. That should be rejected by consumers. Data minimization is key.

In the case at hand, I’m leaning toward opting out of the class action lawsuit and suing them directly in small claims court. I can usually get better compensation that way.

Exit nodes are temporary unless you deliberately pin them for a particular connection, which I have not done for the DNS servers. The problem manifests without exception for weeks now, so it could not be attributed to a bad exit node. The tor microdescriptor db tracks the perms of every node, so I don’t think it would create a circuit for disallowed traffic. There could be an inconsistency between the microdesc and reality, but it would have to be a replicated inconsistency for every connection attempted with torsocks and yet not replicated on any connection made using the torsocks alternative (which works).

Which torsocks version? Yours is probably newer than mine. It seems to be a problem with torsocks 2.3.0 and only with dig. And indeed there is nothing wrong at the network level because I was able to do an MX lookup over tor using a different method than torsocks. I’m also able to use other apps with torsocks, just not dig all of the sudden.

Self hosting would mean I could control account creation and make many burner accounts. But there are issues with that:

• If there are several burner accounts then the admin would have to make it easy for others to create burner accounts or else it would be evident that all the burner accounts are just the admin’s, which does not solve the aggregation problem. It introduces complexities because the DNS provider and ISP would have the identity of the self-hoster. One could onion host but that greatly narrows the audience.
• It does not solve the problem for others. Everyone who has the same need would then be needlessly forced to independently solve all these same problems.
• I do not have high-speed unlimited internet, so I would have to spend more on subscription costs.

I think it complicates the problem and then each author has to deal with the same. If it’s solved at the fedi API level, then the existing infrastructure is ready to work.

(edit) I recall hearing about a fedi client application that operates in a serverless way. I don’t recall the name of it and know little about how it works, but it is claimed to not depend on account creation on a server and it somehow has some immunity to federation politics. Maybe that thing could work but I would have to find it again. It’s never talked about and I wonder why that is… maybe it does not work as advertised.

Those do not obviate the use cases I have in mind. Secure drops are useful tools for specific whistle blowing scenarios. But they are not a one-size-fits-all tool.

I routinely use framadrop and then transmit the links to regulators or whoever I am targeting to act on a report. But what if the target audience is not a specific journalist or regulator but rather the entire general public? The general public does not have access to reports submitted to the Guardian’s dropbox or NYTimes’ dropbox. Those are exclusive channels of communication just for their own journalists. The report then only gets acted on or exposed if the story can compete with the sensationalisation level of other stories they are handling. If I’m exposing privacy abuses, the general public does not give a shit about privacy for the most part. So only highly scandelous privacy offenses can meet the profitable publication standards of Guardian and nytimes. The reports also cannot be so intense as to be on par with Wikileaks. There is a limited intensity range.

The fedi offers some unique reach to special interest groups like this one without the intensity range limitation.

NYtimes is also a paywall. So even if the story gets published it still ends up a place of reduced access.

They are great tools for some specific jobs but cannot wholly replace direct anonymous publication. Though I must admit I often overlook going to journalists. I should use those drop boxes more often.

(edit) from the guardian page:

Once you launch the Tor browser, copy and paste the URL xp44cagis447k3lpb4wwhcqukix6cgqokbuys24vmxmbzmaq2gjvc2yd.onion or theguardian.securedrop.tor.onion into the Tor address bar.

That theguardian.securedrop.tor.onion URL caught my attention. I did not know about onion names until now. Shame it’s only for secure drops.

That story is focused on #CloudSTRIKE but the bigger more remarkable demon here is #CloudFLARE.

This story demonstrates Cloudflare acting as a proxy bully of their own customer, on behalf of CloudStrike by pushing a frivilous #DMCA take-down demand. CF took the spineless route as it sees CloudStrike as having more muscle than their customer. After CF joins the Goliath side of the David vs. Goliath battle, CF ignores Senk’s responses and keeps proxying threats.

Senk bounced from Cloudflare and went to a provider who has his back. #ArsTechnica publishes Cloudflare’s conduct. As embarrassment hits Cloudflare and David (Senk) starts winning against Goliath (CloudStrike), CF changes their tune. Suddenly they are on Senk’s side, saying “come back, we’ll protect you – we promise we didn’t get your messages”. LOL. Senk should do a parody site for Cloudflare too.

Senk’s mistake: leaving CF. He should have waited until CF actually booted him. Then that would have more thoroughly exposed CF’s shitty actions. Senk gave CF an easy out.

Interesting to note how a human on the side of civil rights who advocates decentralisation was treated with hostility by Cloudflare. Yet CF is fine with sheltering actual criminals.

Customers should take several proactive steps to protect their personal information and reduce potential risks: Be Wary of Phishing Attempts

Customers should rethink their stupid ass decision to use AT&T in the first place since it has been known for over a decade that AT&T is the most privacy abusive of all US telecoms, most notably their role in project Fairview (archive for clearnet users and wikipedia).

AT&T customers don’t give a shit about privacy. But I do have some sympathy for all the non-AT&T people who communicated with AT&T pawns.

BTW, the OP’s link avoids reclaimthenet’s shitty popup if proxied through 12ft.io:

https://12ft.io/https://reclaimthenet.org/nearly-all-at

Not sure it matters since the text is in the OP anyway… guess if someone wants to share it around.

Folks, FedEx has always been on the extreme right. Some basic facts:

• FedEx is an ALEC member (extreme right lobby and bill mill), largely as an anti-union measure
• FedEx founded by an ex military serviceman
• FedEx gives discounts for NRA membership (though I heard this was recently discontinued). NRA is obviously an extreme right org who also finances ALEC.
• During the NFL take-a-knee protest, FedEx is one of very few die-hard corps that refused to give in to the boycott. FedEx continued supporting the NFL against all the Black Lives Matter athletes taking knees and getting punished.
• FedEx ships shark fins, slave dolphins and hunting trophies. Does not give a shit about harm to animals (even when endangered) or environment.

I have been boycotting FedEx for over a decade. Certainly being pro-surveillance is fitting with their history and should not be a surprise to anyone who is aware of this background.

The only moral inconsistency is that FedEx has a reputation for not snooping on your packages and seems to be favored by people shipping contraband. But to find the consistency it’s just about the bottom line. They make no money by ratting out their customers who break the law. But installing a surveillance system on their trucks is probably yielding revenue for FedEx.

Sounds mostly reasonable… but I don’t see the alternate citizenship helping, unless you mean to go as far as renouncing because all FATCA regions (~130+ countries) look at the birthplace, not nationality, and you can never get a new birthplace. It’s probably hard to find a non-FATCA region where you can trust the banks. But indeed… getting your 4th amendment rights has come to extremes.

That makes some sense.

In my case I think I have credit that I’ve never actually used; and I think I’ve also put on their file that I am unemployed. So in principle consumers who either don’t care for the credit, or are happy to be in the highest risk category, they should not be harassed with this. I will just ignore it and see what happens.

I doubt it. It will probably show the clearnet address. I just now logged in via the onion, so this reply will be a test.

Replacement link to a privacy-respecting host:

https://www.blankrome.com/publications/us-department-commerce-publishes-proposed-rule-imposing-know-your-customer-and

This article seems to suggest the KYC rules only apply to foreign customers:

https://www.bankinfosecurity.com/commerce-proposes-rule-to-fight-foreign-cloud-cyber-threats-a-24219

but then you have to wonder how they will know you’re domestic without a bit of KYC on Americans as well.

BTW, a good way to find privacy-respecting links is to search using this service:

https://ombrelo.im5wixghmfmt7gf7wb4xrgdm6byx2gj26zn47da6nwo7xvybgxnqryid.onion/

That search tool will not return Cloudflare MitMd links.

what happened here? Looks like you tried summons an autotldr bot, but it did not do its job, correct? That’s kind of a shame. Indeed theregister.com is an exclusive website and direct links to it should not be shared. A privacy-respecting infrastructure would block such links or replace them with archive.org variants.

I’m not on a good enough connection to watch videos but when I read “How the Religion called Atheism…” I know it cannot be coming from any sort of credible source. Atheism is absence of religion, not a religion in itself. It includes both agnostics and gnostics (both those who are convinced there is no god and those who are unconvinced either way). So I don’t suppose it’s worth it to note the URL and try to fetch the video when I have a good connection.