UNIX: A History and a Memoir by Brian Kernighan
Brian Kernighan talks about the history of UNIX and promotes his 2019 book.YouTube
elrido hat dies geteilt.
"Nobody is fired for chosing Microsoft," lautet ein geflügeltes Wort.
Das impliziert aber auch, dass Leute gefeuert werden, die sich gegen die Einführung von #Microsoft-Lösungen stellen. Genau das scheint im Kanton #Luzern dem IT-Sicherheitschef passiert zu sein, wie eine Reportage von @adfichter in der #Republik zeigt. (Der Kanton dementiert.)
republik.ch/2025/06/16/microso…
Es knallt in den Kantonen
Der Luzerner Regierungsrat stellt den kantonalen IT-Sicherheitschef frei – aufgrund dessen Kritik an der Einführung der Microsoft-Cloud.Adrienne Fichter (Republik)
teilten dies erneut
Die CoSin Eintrittsbadges sind bereit und warten auf euch! Kommt zahlreich! 😺
Es gibt genug Badges, mehr als auf dem Bild.
Bitte bringt aber eure eigenen Bändel / Lanyards mit! (Beispielsweise von der letzten CoSin.) Wir haben nur eine sehr begrenzte Anzahl zur Ausgabe.
teilten dies erneut
Wer schon am Donnerstag den "I Love Free Software Day" mit uns feiern möchte und in der Nähe von Zürich ist, ist willkommen. /Ralf
gnulinux.ch/zum-wochenende-i-l…
Zum Wochenende: I Love Free Software Day
Alle Jahre wieder feiern wir den "I love free software day". Viele Organisationen und Personen sagen Danke! So auch die FSFE in der Schweiz.GNU/Linux.ch
elrido hat dies geteilt.
#PrivateBin v1.7.6 released - Several quality-of-life frontend improvements & some backend code cleanup
I think we could now consider switching from the bootstrap 3 to the bootstrap 5 template as the default in the next release. Still need to migrate the templates of the info and directory websites to use bootstrap 5, though, so it all looks the same.
Is changing the look-and-feel of the default template, while keeping all of it's functionality the same, considered a major number change in terms of semantic versioning? We would not remove the old template, so if the old one is configured it would keep looking the same. See for example our template screenshots for a comparison of the two.
@lwn has published a review of sq. From the article:
"The first 1.0 release of a project is sometimes a bit rough, but in Sequoia's case that does not appear to be the case. The tool supports all of the basic operations of an OpenPGP implementation, integrates well with existing software, and has a discoverable interface that makes it easy to come up to speed in a short time."
lwn.net/SubscriberLink/1003243…
#pgp
teilten dies erneut
CoSin 2024 live streams:
👉 streaming.media.ccc.de/cosin20…
Live-Streams – Chaos Singularity 2024 Streaming
Die Chaos Singularity ist eine Mischung aus technisch-gesellschaftlichem Kongress, kreativem Beisammensein und Hacker-Familientreffen.streaming.media.ccc.de
teilten dies erneut
#BerndFix an der #CoSin2024 mit #WikiLeaks-Vortrag - zu #FreeAssange und (jetzt) #AssangeFree.
Es wird eine Gesamtübersicht seit den ersten Kontakten mit #JulianAssange 2008 (am CCC-Kongress) angekündigt; Bernd rekapituliert die Geschichte seither.
Punkto Spendeneinnahmen ist gleich einmal interessant:
Nach der Publikation der US-Depeschen nahm das Spendenaufkommen via #PayPal massiv zu: ca. EUR 100k / d wurden eingenommen - bis zum Punkt, wo PayPal das Konto der Stiftung @wauland sperrte.
elrido hat dies geteilt.
Beim Besuch der Botschaft ferner zu beachten: die spanische Firma #UCGlobal war von der ecuadorischen Regierung beauftragt, für die Sicherheit (gerne hier: #Totalüberwachung) der Besuche / Besucher zu sorgen.
Wie später nämlich publik wurde, sind auch Geräte geöffnet und verwanzt, Daten abgesaugt worden usw.
Dies ist auch Gegenstand eines laufenden juristischen Verfahrens.
Mit dem #Machtwechsel in #Ecuador von Correa zu Moreno wurde der Druck auf den nunmehr "unerwünschten Gast" #JulianAssange erhöht. Im Zuge dessen wurde ihm der via Correa in der Amtszeit zuvor ausgestellte ecuadorianische Pass entzogen und organisiert sowie medial inszeniert, dass er aus der Botschaft rausgeworfen wurde - in die Hände der britischen Polizei, so dass er schliesslich nach #Belmarsh (besser: #Hellmarsh) kam.
#ChaosSingularity #CoSin #CoSin2024 #FreeAssange #AssangeFree #WikiLeaks
Zum Finanziellen des Ganzen - von #FreeAssange zu #AssangeFree:
Für die Anwälte wurden für zehn Teams in acht Ländern EUR 12 Mio. ausgegeben.
Das Geld für die immensen juristischen Ausgaben kam von der "Einkaufsgesellschaft" #AssangeDAO, die ein #NFT vom Künstler pak gekauft hat.
pak hat in dem Rahmen 16'593 #ETH (#Ethereum) eingenommen, was (damals) umgerechnet ca. EUR 52 Mio. waren. Das Geld hat er im Februar 2022 an die #WHS-Stiftung gegeben, wo Kryptowährungen auf einem Hoch waren.
Total hat die #WHS ca. 11'000 #ETH getauscht - immer nach Bedarf. In Fiat-Währung umgerechnet waren das über die rund zwei Jahre tatsächlich ca. EUR 17 Mio., weil der #Ethereum-Kurs in den diesen Jahren auch (länger) weiter unten war.
Dies bedeutet folglich, dass noch ca. 5'000 #ETH da sind, wo jetzt geschaut werden muss, was damit zu machen ist; gegeben die Tatsache, dass der Spenderwille (vom Künstler pak) im Wesentlichen erfüllt ist.
Ich stelle die Frage, was mit Leuten wie #OlaBini und anderen vom #WikiLeaks-Umfeld ist.
Dazu sagt Bernd, dass nicht ausgeschlossen werden kann, dass die US-Regierung gegen das (erweiterte) Umfeld von WikiLeaks noch einmal eine Keule auspackt. Es müsse dann geschaut werden, wie vorgehen.
Das #NFT-Geld kann dafür zumal nicht genutzt werden, weil das nicht dem expliziten pak-Wunsch entspräche. Juristisch betrachtet sei dies klar an ihm gebunden.
... d. h.: die EUR 7'500 wurden nicht überwiesen, weder an Anwälte noch sonst irgendwohin. Das wurde dem Finanzamt auch mitgeilt. Nach viermonatiger "Arbyte" hat das Finanzamt vor zwei Tagen festgestellt, dass es wieder wilde Theorien über den Korruptionsgrad der Stiftungsräte aufgestellt hat; entsprechend ist die #Steuerbefreiung von @wauland wieder hergestellt. - just vor zwei Tagen, also am 27.6.2024! 🍾 ✊
(Da hat sicher das jüngste mediale Licht #FreeAssange -> #AssangeFree geholfen. 😉)
Group picture from the first day.
Took a lot of notes, my highlights so far were:
- Massimilianos' RP2040-based, Rust-driven robot racer
- options to improve handling of bitfields in packed structs
- typestate pattern for use in state machines, think objects that mutate into different types as the states progress, so only methods relevant to the current state are available and enforced at compile time, ex. rustls::ConfigBuilder
- Milica shared her teams' experience switching from C++ to Rust
- Simon Brummers' text-2-morse-code character device driver, an excellent example project to get started with Rust-based Linux-kernel-module development
Grandmaster Bash hat dies geteilt.
Did go see Furiosa tonight, can highly recommend, if you enjoy George Miller's Mad Max series. I'd call this the Rogue One of the series. 🤩
It fills a lot of gaps and backstory of Immortan Joe and the citadel and the other wasteland towns and of course, Furiosa. It ends just before Fury Road hits off and even has short scenes from Fury Road as reminders of how that story went during the end credits. It would be perfect to watch the two back to back as a double feature.
Arguably, Max does briefly show up in this one, but it is only a vague reference via the iconic car and a brief shot of a man standing next to it with his back towards the audience. Bit like in the early Fury Road trailer.
Edit: Removed the CW reg. mild spoilers. Doesn't seem to translate properly to Mastodon, messed up the order of the content and didn't hide anything. Sorry.
Congratulations @Natanael Copa on the release of Alpine Linux 3.20!
I know how much of an effort this one turned out to be and can not thank you enough for all of your efforts to get this one over the line and into our hands.
teilten dies erneut

MadMike77 hat dies geteilt.
elrido hat dies geteilt.
Note on all the #xz drama, there are some technical solutions for such #supplychainattack that can make such an attack way harder, at least to hide the code in tarballs etc.
slsa.dev/ e.g. is a solution. Combined with reproducible builds, it ensures that a software artifact is built exactly from the source given in a source repository, with the possibility to prove that and no way for any maintainer to tamper with (in the highest level).
#slsa #infosec #security #linux #backdoor
Supply-chain Levels for Software Artifacts
SLSA is a security framework. It is a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.SLSA
elrido hat dies geteilt.
Furthermore produced software artifacts proofs are written into a database similar to #certificateTransparency.
We have recently implemented this in #PrivateBin and it works great: github.com/PrivateBin/PrivateB…
Of course practically, people (especially software consumers) needed to verify it, to be worth the work.
Obviously, it's no magic bullet. It just raises the burden for an attacker. Obviously, the source code repo could be made to contain bad code, but you cannot anymore tamper at built-time.
Getting SLSA ("Supply-chain Levels for Software Artifacts") compliance · Issue #1169 · PrivateBin/PrivateBin
The problem Any software can introduce vulnerabilities into a supply chain. As a system gets more complex, it’s critical to already have checks and best practices in place to guarantee artifact int...GitHub
The way this works, is, essentially, quite easy: the whole build process is documented in the same repository, builds are automated via CI/CD and all that is, to reach best support, done in an environment that prevents tampering and (crucially) is *out of your control*.
Then you get #SLSA v3: slsa.dev/get-started#slsa-3 (quite easy with GitHub Actions)
Get started
If you’re looking to jump straight in and try SLSA, here’s a quick start guide for the steps to take to reach the different SLSA levels.SLSA
Now, you say, you have to trust GitHub? Sure, you do, to achieve this. But threat models: What is more likely compromised: a maintainer/account in your project, or the whole GitHub build infra?
Personally, I was also not quite convinced, given you loose "control" over your build and GitHub could theoretically now inject #malware.
However, as the project itself states, this is not a big deal, if you combine it with the older security feature aka #reproduciblebuilds.
To explain, we have #SLSA signatures that verify the build was done automatically by #GitHub as instructed, *and* we have traditional #gpg signatures with private keys only known to maintainer(s) that verify a maintainer actually triggered the built and locally reproduced it…
Given they both validate, you automatically achieve reproducible builds _and_ #SLSA validity.
One caveat: This was only easy, because our build process is essentially one command (git archive).
github.com/PrivateBin/PrivateB…
PrivateBin/doc/Release.md at master · PrivateBin/PrivateBin
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. - PrivateBin/PrivateBinGitHub
Wow, je mehr ich über die ganze #xz Saga lese, desto beeindruckter bin ich, was für ein unglaublicher Zufall es war, dass das so schnell gefunden wurde 😳
boehs.org/node/everything-i-kn… ist ein lesenswerter Überblick.
bugs.debian.org/cgi-bin/bugrep… gibt einen guten Eindruck, wie vor 5-6 Tagen angefangen wurde, Druck aufzubauen, die kompromittierte Version in Debian hochzuladen. Und wie viel Energie da rein gesteckt wurde.
Everything I know about the XZ backdoor
Please note: This is being updated in real time. The intent is to make sense of lots of simultaneous discoveriesboehs.org
A classic bug for a leap day: At work, colleagues discovered and fixed a bug in a lesser used tool that only occurs on February 29th. It did trip up the tests, so no one got to merge until it got identified and resolved.
The source file in question hadn't been touched in over 4 years. Last leap year, the 29th was on a Saturday, so likely no one noticed.
What was annoying is that the logic had been clearly written with the intent of handling leap years. A leap year check condition was present, validated only on a February > 28th, but had to get inverted.
You may wonder why we wouldn't have used the languages' standard library date functions to validate the date - unfortunately the language in question doesn't have such a sophisticated standard library (language omitted to protect the innocent).
Niklaus Wirth, the inventor of the Pascal programming language, author of "Algorithms + Data Structures = Programs", and more, passed away on January 1.
Wirth's law, named after him, is an adage which states that software gets slower more rapidly than hardware gets faster.
teilten dies erneut
Best #37C3 quote so far:
[...] to observe the international compressor holiday [...]
Context: Newag's train "DRM"
Congratulations to Sergio Benitez on releasing rocket.rs 0.5.0! Thank you for this great framework. 👏
I got to follow rocket's journey to async and stable #rust with the PrivateBin directory service. Coming from Python flask apps, it is really easy to pick up and get going with your webservice, offering static & templated content, easy to create web forms and JSON APIs.
Thanks to rust's strict type system I could focus on the logic and didn't have to waste time double checking and casting data received by clients. If my API accepts an integer in a certain parameter, Rocket will ensure I only receive valid requests in my logic.
teilten dies erneut
I'm so so excited to announce #rust hyper v1.0 🚀
seanmonstar.com/blog/hyper-v1/
hyper v1
I’m excited to announce v1.0 of hyper, a protective and efficient HTTP library written in the Rust programming language. hyper provides asynchronous HTTP/1 a...seanmonstar
teilten dies erneut
I like CSS-animations, clocks and dials for making metrics easier to digest (we are quicker at detecting angular changes than reading and parsing digits). So I'm in awe with this creative use of a watch-dial to visualize a 32-bit hexadecimal number:
The letters below were discovered in September 1993 in a reverse time-capsule apparently sent from 2023.
The first of those emails dates from this morning. Note the author of the RFC and the publication date.
GitHub - Nessex/yaml2json-rs: Command line utility (+libraries) to convert YAML to JSON.
Command line utility (+libraries) to convert YAML to JSON. - GitHub - Nessex/yaml2json-rs: Command line utility (+libraries) to convert YAML to JSON.GitHub
Schade das zu erfahren und vielen Dank an Herrn Dornier für die jahrzehnte-lange gute Betreuung und die ausgezeichneten Produkte!
Habe beruflich und privat seit Ende der 2000er Jahre immer wieder auf PC Engines für m0n0wall- und später OPNsense-basierte Router gesetzt. Diese Nachricht wurde über eine apu4d4 ins Internet geschickt und von einem Server hinter einer apu2e4 gehostet.
#TIL:
prompt injection, which is a form of cyberattack that exploits [an AI's] natural language processing abilities.
Bing: “I will not harm you unless you harm me first”
Last week, Microsoft announced the new AI-powered Bing: a search interface that incorporates a language model powered chatbot that can run searches for you and summarize the results, plus do …simonwillison.net
Winterkongress der Digitalen Gesellschaft
Während zwei Tagen werden Themen rund um Informationstechnologie, Digitalisierung und deren Auswirkungen auf unsere Gesellschaft in verschiedenen Vorträgen und Workshops behandelt.
elrido hat dies geteilt.
Release v1.5.1 - Filesystem purge lookup change & administration script - PrivateBin
This release reverts a filesystem purge lookup change and adds a script for administrative tasks.privatebin.info
Thorsten Butz 🎗️
Als Antwort auf Aral Balkan • • •That’s the problem with theory and practise : in real life an army of lawyers and „experts“ advice you to behave exactly like all the others. And all the public services provide bad examples since they behave exactly in the same wrong way.
In reality, GDPR brought the opposite results of what we wanted to achieve.
Hyperlink Your Heart
Als Antwort auf Aral Balkan • • •mx alex tax1a - 2020 (5)
Als Antwort auf Aral Balkan • • •Szymon Nowicki
Als Antwort auf Aral Balkan • • •small correction. You can still track people, just not share it with everyone and their dog.
If you have data in your system you're free to use it for analytics. As long as it's anonymized, so, properly aggregated.
No consent needed.
Aral Balkan
Als Antwort auf Szymon Nowicki • • •@hey Yes, aggregate analytics – what you describe – does not constitute tracking.
(That is different from anonymised data; anonymised data can be deanonymised using other data sets – a common practice within the people farming industry.)
Szymon Nowicki
Als Antwort auf Aral Balkan • • •Anton Gerasimov
Als Antwort auf Aral Balkan • • •Aral Balkan
Als Antwort auf Anton Gerasimov • • •Veronica Olsen 🏳️🌈🇳🇴🌻
Als Antwort auf Aral Balkan • • •disorderlyf
Als Antwort auf Aral Balkan • • •Hannah
Als Antwort auf disorderlyf • • •@disorderlyf This feature already exists. It is just that ad-tech ignored that users were sending a do-not-track request and instead they opted for trying to nudge everyone into accepting their surveillance, by making obnoxious cookie banners.
en.wikipedia.org/wiki/Do_Not_T…
proposed HTTP header field that requests web applications to disable individual user tracking
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)Aral Balkan
Als Antwort auf Hannah • • •@uncanny_static @disorderlyf It’s worse than that: this was a feature spearheaded by Mozilla (Silicon Valley’s acceptable face) and it had the very real effect of staving off regulation for a decade (“look, we are self regulating”). The moment people realised it could be used to communicate consent within the framework of GDPR, the feature was deprecated.
Sadly, some folks still think Mozilla are the good guys.
Walter van Holst
Als Antwort auf Aral Balkan • • •Queen Calyo Delphi
Als Antwort auf Aral Balkan • • •Genuine question:
If I hosted my own private analytics tracker (something like Matomo (née Piwik), e.g.) just so I could have funny numbers to look at because I like to look at numbers but do nothing meaningful with them, would that require a cookie banner?
I'd pondered about just having a static notice in the footer of my site that just says "This site uses some functional cookies and one (1) tracking cookie for a self-hosted analytics dashboard because I like to look at Numbers™."
Aral Balkan
Als Antwort auf Queen Calyo Delphi • • •Parade du Grotesque 💀
Als Antwort auf Aral Balkan • • •Elric
Als Antwort auf Aral Balkan • • •Aral Balkan
Als Antwort auf Elric • • •Peter Atwood
Als Antwort auf Aral Balkan • • •Aral Balkan
Als Antwort auf Peter Atwood • • •Ensō
Als Antwort auf Aral Balkan • • •Aral Balkan hat dies geteilt.
NymanTech
Als Antwort auf Aral Balkan • • •John-Mark Gurney
Als Antwort auf Aral Balkan • • •joriki
Als Antwort auf Aral Balkan • • •Jeff Atwood
Als Antwort auf Aral Balkan • • •see infosec.exchange/@codinghorror… and infosec.exchange/@codinghorror… and infosec.exchange/@codinghorror… and mastodon.social/@JeffGrigg/115…
Jeff Atwood
2025-08-31 21:37:57
Simon Dassow
Als Antwort auf Jeff Atwood • • •Jernej Simončič �
Als Antwort auf Jeff Atwood • • •Andrew Kelley
Als Antwort auf Jeff Atwood • • •@codinghorror
you make money from ads on stack exchange so you are biased in the conversation.
switch business models to be ad-free and then I want to hear your perspective after that.
Jeff Atwood
Als Antwort auf Andrew Kelley • • •Aral Balkan
Als Antwort auf Jeff Atwood • • •@codinghorror @andrewrk I think what people are trying to tell you is that you’re part of the problem.
You’re not just any “user of the internet”, you’re a developer. You have agency. Don’t like cookie banners? Great! Lead by example: remove them from the sites you own and control (i.e., stop tracking people on the sites you own and control. Find other ways to make money.)
William Pietri
Als Antwort auf Aral Balkan • • •@codinghorror @andrewrk
padeluun ⁂ hat dies geteilt.
Orman
Als Antwort auf Aral Balkan • • •Andrew Kelley
Als Antwort auf Jeff Atwood • • •Laurent Bercot hat dies geteilt.
tecteun
Als Antwort auf Aral Balkan • • •Writing Slowly
Als Antwort auf Aral Balkan • • •Aral Balkan
Als Antwort auf Writing Slowly • • •@writingslowly There’s an easy solution to that. We pass a GDMR and effectively outlaw their business model (don’t hold your breath).
ar.al/2018/11/29/gdmr-this-one…
GDMR: this one simple regulation could end surveillance capitalism in the EU
Aral BalkanGeorg Weissenbacher
Als Antwort auf Aral Balkan • • •@writingslowly There’s a problem with point 1 - who decides what “can be built”? For instance: Many legislators want companies to implement encrypted communication in a way such that they - and only they - can listen in. Numerous experts believe such a system can’t be built (at least not securely).
If I’d run a company I’d rather not end up in court where a lawyer explains to me what can be built and what not.
Aral Balkan
Als Antwort auf Georg Weissenbacher • • •@GeorgWeissenbacher @writingslowly I’m one of those experts.
Yes, regulation, like any legislation can be good or bad. That said, if you run, say a construction company, a lawyer does explain to you what can and can’t be built. You don’t just get to dig up a park and put in luxury apartments because you feel like it. You don’t get to construct a factory and dump your sewage into the sea. Or, more to the point, if you run a cinema, you don’t get to put cameras in the bathrooms. There are many things you don’t get to do if you run a company because they would infringe on the rights of others and your right to make a profit doesn’t supersede that.
I hope you’re teaching your students that they should be thoughtful in what they build so that it benefits humanity. We don’t need more things, we need
... mehr anzeigen@GeorgWeissenbacher @writingslowly I’m one of those experts.
Yes, regulation, like any legislation can be good or bad. That said, if you run, say a construction company, a lawyer does explain to you what can and can’t be built. You don’t just get to dig up a park and put in luxury apartments because you feel like it. You don’t get to construct a factory and dump your sewage into the sea. Or, more to the point, if you run a cinema, you don’t get to put cameras in the bathrooms. There are many things you don’t get to do if you run a company because they would infringe on the rights of others and your right to make a profit doesn’t supersede that.
I hope you’re teaching your students that they should be thoughtful in what they build so that it benefits humanity. We don’t need more things, we need more things that improve human welfare. And the last thing we need are more libertarian techbros who think they can do whatever they want in pursuit of their gluttonous profiteering and that rules don’t apply to them. That’s how we end up with technofascism.
Mirko
Als Antwort auf Aral Balkan • • •Jonathan Schofield
Als Antwort auf Aral Balkan • • •David Chisnall (*Now with 50% more sarcasm!*)
Als Antwort auf Jonathan Schofield • • •@urlyman
It's often not even malicious compliance. Most of these banners don't even meet the requirements of the GDPR, specifically that you must be able to withdraw consent at any time and that you mist give informed consent (i.e. that you must know what you have consented to to be able to grant consent).
@noybeu is doing a great job going after some of these people.
Aral Balkan
Als Antwort auf David Chisnall (*Now with 50% more sarcasm!*) • • •Piggo
Als Antwort auf Aral Balkan • • •Robert Kingett
Als Antwort auf Piggo • • •Sightless Scribbles
sightlessscribbles.comJdeBP
Als Antwort auf Robert Kingett • • •@WeirdWriter @piggo
We don't. (-:
I got sucked in by @ska boosting a post by someone else entirely.
#EULaw #GDPR
Laurent Bercot
Als Antwort auf JdeBP • • •JdeBP
Als Antwort auf Laurent Bercot • • •@ska
They tried on Hacker News, but they missed the mark. It turned out not to be a cat, for starters.
news.ycombinator.com/item?id=4…
news.ycombinator.com/item?id=4…
#Anubis #HackerNews
... but entirely lacking the primary visual feature that Anubis had. | Hacker News
news.ycombinator.comLaurent Bercot
Als Antwort auf JdeBP • • •Xe
Als Antwort auf Laurent Bercot • • •kel
Als Antwort auf Aral Balkan • • •HEAR! FUCKING! HEAR!
DEATH TO CAPTCHA!!!
LONG LIVE THE FREE INTERNET!!!
Matias N. Goldberg
Als Antwort auf Aral Balkan • • •Misleading. If you implement first party cookies for your own analytics to improve your website (like... what content is more popular, what pages are broken from UX standpoint), you still have to show the cookie notice.
Whether it's first or third party is not part of the equation.
Aral Balkan
Als Antwort auf Matias N. Goldberg • • •@matiasgoldberg Yes it is very much part of the equation.
A first-party functional cookie (e.g., to store log-in state): no consent necessary.
First-party *aggregate* statistics: no consent necessary.
Matias N. Goldberg
Als Antwort auf Aral Balkan • • •Aral Balkan
Als Antwort auf Matias N. Goldberg • • •Grievous Angel
Als Antwort auf Aral Balkan • • •@codinghorror I remind you that this is Jeff Attwood you are finger wagging at here. He is wrong on this take. But if you really think this invalidates his critique of capitalism or his significant charity work then I think you might consider reappraising your position.
And picking a better target next time.
Cairo Braga [gts]
Als Antwort auf Grievous Angel • • •Jeff Atwood
Als Antwort auf Cairo Braga [gts] • • •stony kark
Als Antwort auf Grievous Angel • • •Jeff Atwood
Als Antwort auf stony kark • • •Grievous Angel
Als Antwort auf Jeff Atwood • • •Jeff Atwood
Als Antwort auf Grievous Angel • • •fog
Als Antwort auf Jeff Atwood • • •Andreas
Als Antwort auf Aral Balkan • • •99 % agree. But to be fair, the cookie banner did serve as an important wake up call, back in the day. It's also, to this day, an easy way to discern which pages absolutely don't give a shit. But 100 % agree that if no data is collected, no consent is required.
(Cookiebanner != gdpr consent)
craignicol
Als Antwort auf Aral Balkan • • •craignicol
Als Antwort auf Aral Balkan • • •if GitHub doesn't need a cookie banner, there's no technical reason for a site to have them, it's always a privacy reason
techcrunch.com/2020/12/17/gith…
GitHub says goodbye to cookie banners | TechCrunch
Frederic Lardinois (TechCrunch)Mike Sax
Als Antwort auf Aral Balkan • • •Cy
Als Antwort auf Aral Balkan • • •The goal of the GDPR was to get companies to STOP tracking users There's no reason that they couldn't have made their websites non-tracking by default, or configurable at the browser. Instead they want to make the user annoyed that they have to say no, every time.
This is very similar to the way we got to the point of banning plastic straws when we wanted to ban plastic fishing nets.
Rune
Als Antwort auf Aral Balkan • • •mkj
Als Antwort auf Rune • • •@praerien Install uBlock Origin and turn on at least the "EasyList - Cookie Notices" list.
@aral
mathew
Als Antwort auf mkj • • •Pēteris Caune
Als Antwort auf mathew • • •@mathew @mkj @praerien some do, some don't. Some don't because they're oblivious, some intentionally.
You can check in Chrome: load a page in Incognito window, then press F12 to open developer tools, then go to Application > Cookies, and see if there's _ga, _fbp, or any of the other usual suspects.
Pēteris Caune
Als Antwort auf Pēteris Caune • • •@mathew @mkj @praerien
I made a script that tracks Latvian websites that have the "load cookies first then ask for permission" problem: https://sīkdatnes.lv
For problematic sites, I send an informal email explaining the problem and asking to fix it. In case of no action, I send a formal, signed complaint. And then in case of no action, I report them to our country's DPA.
In quite a few cases the informal email is enough, and the issue gets acknowledged and fixed.
Aral Balkan
Als Antwort auf Pēteris Caune • • •