Alice in Wonderland and the theft of the public domain
ADS ADS ADS ADS ADS ADS
HI BUY PRODUCT CONSUME
AD AD AD AD AD AD AD
Hey welcome to our instructional video on CPR. Remember to smash that like and subscribe button! This video is sponsored by VPN SERVICE. Use promo code LIFESAVER to get 20% off the privelege of having all of your internet traffic sold to China.
Okay, so to perform CPR---
The maintainer of harfbuzz got fucking black bagged by Iran and they're threatening his friends and family
Being based in Switzerland or wherever else is NOT a panacea when it comes to privacy.
They're still vulnerable to hacking attempts (which CAN be state sponsored and have lots of resources!), zero-day vulnerabilities, illegal warrants and soapenas from the host country, regieme changes, and the company being sold.
Frankly, with correct end-to-end encryption you should be comfortable with the service provider storing everything and personally handing over the data to the NSA, MI6, and the North Korean government without ever fearing your privacy being compromised.
If you want your data to be private, NEVER GIVE IT TO A THIRD-PARTY WITHOUT ENCRYPTING IT FIRST.
THIS IS THE ONLY SOLUTION.
If you haven't read this, here's what the US National Intelligence Council predicted in 2016. Pretty bleak and pretty much on-point so far. https://www.dni.gov/files/images/globalTrends/documents/GT-Full-Report.pdf
"Time feels weird because we’re in a low-entropy experiential purgatory surrounded by a high-entropy black hole of social disorder unlike any in our lifetime."
"Of those 1.3 million packages, 1,700 depend directly on themselves, either perfectly circularly, or a different version of the same package. I have no explanation for that."
Questions to ask when evaluating an online service
1. Are they open source to an extent that you're comfortable with? Do they ask you to run proprietary software on your devices? Is the code running on their servers open?
2. If they claim to be open source, do they use an OSI-approved or FSF-approved software license? If not, they're misleading you.
3. Is your personal data handled by such proprietary software? Do you ever transmit your personal data to their servers? Even if open source, they would be able to read and use this data however they wish and you wouldn't be able to tell - do you trust them to? What if they're compelled by law enforcement?
4. Do the needs justify the personal data they are collecting about you? If not, why are they collecting it?
5. If they claim to use encryption for the data which is transmitted to their server - question whether or not it's really private. Do they ever handle the unencrypted data? For example, if an email service claims to encrypt incoming emails, they have an opportunity to read the unencrypted email before they store it. Do they disclose these "gotcha"s, or do they make clear the limitations of their encryption? Is any encrypted information decrypted by software they control, like their web application, or a desktop application which is automatically updated without your consent? If so, they could decrypt it on your computer and transmit the decrypted data back to their servers.
6. Are they responsible for any scarce resources, like an email address, phone number, and so on, which you wouldn't be able to take with you if you leave? Are there ways to provide the same functionality without scarcity, such as the use of your own domain? If so, why aren't they offering them? How important are these resources to your identity, will your friends be able to find you if you choose to stop using the service?
7. How do they make money? What is their motivation for providing services to you? If their circumstances change, will their values change? How likely is change?
Periodic reminder that climate change isn't primarily due to small, individual choices. It's the large-scale, systematic choices of our society.
Also, you should support nuclear power.
"A terrible command name is a curse, but a great command name has a poetic elegance."
"The Poetics of CLI Command Names"