• 7 Posts
  • 217 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle







  • Do they “give high rankings” to CloudFlare sites because they just boost up whoever is behind CloudFlare, or because the sites happen to be good search hits, maybe that load quickly, and they don’t go in and penalize them for… telling CloudFlare that you would like them to send you the page when you go to the site?

    Counting the number of times results for different links are clicked is expected search engine behavior. Recording what search strings are sent from results pages for what other search strings is also probably fine, and because of the way forms and referrers work (the URL of the page you searched from has the old query in it) the page’s query will be sent in the referrer by all browsers by default even if the site neither wanted it nor intends to record it. Recording what text is highlighted is weird, but probably not a genuine threat.

    The remote favicon fetch design in their browser app was fixed like 4 years ago.

    The “accusation” of “fingerprinting” was along the lines of “their site called a canvas function oh no”. It’s not “fingerprinting” every time someone tries to use a canvas tag.

    What exactly is “all data available in my session” when I click on an ad? Is it basically the stuff a site I go to can see anyway? Sounds like it’s nothing exciting or some exciting pieces of data would be listed.

    This analysis misses the important point that none of this stuff is getting cross-linked to user identities or profiles. The problem with Google isn’t that they examine how their search results pages are interacted with in general or that they count Linux users, it’s that they keep a log of what everyone individually is searching, specifically. Not doing that sounds “anonymous” to me, even if it isn’t Tor-strength anonymity that’s resistant to wiretaps.

    There’s an important difference between “we’re trying to not do surveillance capitalism but as a centralized service data still comes to our servers to actually do the service, and we don’t boycott all of CloudFlare, AWS, Microsoft, Verizon, and Yahoo”, as opposed to “we’re building shadow profiles of everyone for us and our 1,437 partners”. And I feel like you shouldn’t take privacy advice from someone who hosts it unencrypted.








  • Like, each user is individually kicked off the PDS in reaction to some bad thing they did? Or labeling is reactive in that it labels bad stuff already posted, and each user has to pick labelers to listen to themselves?

    I’m not sure if Bluesky’s front-end defaults to using some particular labelers. I know there’s some moderation going on for you as soon as you log in, done by someone.

    But yes, each user has to choose whose moderation decisions they want to use, and they can’t rely on everyone they can see also seeing exactly the same space they themselves are seeing. But I’m not sure it’s possible or even desirable to get rid of the requirement/ability to choose your mods. I should be able to be in a community that has mods I trust, and the community chatting to itself and determining that so-and-so is a great mod who we should all listen to, and then all listening to them, sounds like a good idea to me.

    Being able to see and talk to people who aren’t in the same space I’m in might not be as good?



  • No?

    An anthropomorphic model of the software, wherein you can articulate things like “the software is making up packages”, or “the software mistakenly thinks these packages ought to exist”, is the right level of abstraction for usefully reasoning about software like this. Using that model, you can make predictions about what will happen when you run the software, and you can take actions that will lead to the outcomes you want occurring more often when you run the software.

    If you try to explain what is going on without these concepts, you’re left saying something like “the wrong token is being sampled because the probability of the right one is too low because of several thousand neural network weights being slightly off of where they would have to be to make the right one come out consistently”. Which is true, but not useful.

    The anthropomorphic approach suggests stuff like “yell at the software in all caps to only use python packages that really exist”, and that sort of approach has been found to be effective in practice.




  • Zuckerberg Did Nothing Wrong

    I’m concerned that the narrative that what Facebook was trying to achieve here was wrong or bad is itself user-hostile, and pushes in favor of the non-fiduciary model of software.

    Facebook paid people to let them have access to those people’s communications with Snap, Inc., via Snapchat’s app. This is so that Facebook could do their analytics magic and try and work out how often Snapchat users tend to do X, Y, or Z. Did they pay enough? Who knows. Would you take the deal? Maybe not. Was this a totally free choice without any influence from the creeping specter of capitalist immiseration? Of course not. But it’s not some unusually nefarious plot when a person decides to let a company watch them do stuff! Privacy isn’t about never being allowed to reveal what you are up to. Some people like to fill out those little surveys they get in the mail.

    Now, framing this as Facebook snooping on Snapchat’s data concedes that a person’s communications from their Snapchat app to Snapchat HQ are Snapchat’s data. Not that person’s data, to do with as they please. If the user interferes with the normal operation of one app at the suggestion of someone who runs a different app, this framing would see that as two apps having a fight, with user agency nowhere to be found. I think it is important to see this as a user making a choice about what their system is going to do. Snapchat on your phone is entirely your domain; none of it belongs to Snap, Inc. If you want to convince it to send all your Snapchat messages to the TV in Zuckerberg’s seventh bathroom in exchange for his toenail clippings, that’s your $DEITY-given right.

    User agency is under threat already, and we should not write it away just to try and make Facebook look bad.