Shamar @Shamar@qoto.org

@rugk

Well, but why a browser "focused on user privacy" should need an addon like #uBlockOrigin or #nuTensor (both way better than #NoScript)?

The answer is simple: they pretend to be privacy-friendly just to fool most people with their #Google-friendly defaults.

Indeed most people won't customize their browser (or at most will install sub-optimal extensions like NoScript).

In practice, #Mozilla became the geek-friendly PR-team of Google, Facebook and friends.

@emanuele @kuba_@101010.pl

@rugk

DISCLAIMER:
Google Chrome is NOT a privacy/security friendly browser.
In no way.

Yet, I'm glad to inform you that if you look in your settings, you will find in

> Privacy and security
> Site Settings
> Javascript

a toggle to disable #Javascript.

Without Developer Tools! 😉

Then in the #Chrome's addressbar you'll find a new button when you browse a page that need javascript (see attached image): click there and you will be able to enable javascript on that single host.

@emanuele @kuba_@101010.pl

@rugk

Not only #Javascript! 😉
Even other "features" like meta refresh, that could be used to hide an attack.

Attack that was actually exploited in the wide from Russian Government few months later.

@emanuele was looking for "something on #Firefox that is tracking on you with no choice" and in fact you do not even have a way to disable #JS and re-enable it with one click on a per #Web site base (like you have even on #GoogleChrome ! ! !).

Also Emanuele, you should consider that if people around you and people like you are tracked and profiled by #Google because of default firefox's settings (like default search engine), the end result is that you can still be manipulated and influenced through them.

That's why defaults should be #privacy friendly by default.

People should explicitly choose to opt-in #Surveillance, not opt-in #security/privacy.

@kuba_@101010.pl

@emanuele

Where should I start?

Oh... right... here: https://bugzilla.mozilla.org/show_bug.cgi?id=1487081#c16

@kuba_@101010.pl @aral

@enkiv2

Well also caching matters.

In HTTP, intermediate proxies were able to offload the server.

One of my strongest criticism of HTTPS is that it's designed to force users to always connect the server, disabling proxy caching.

That hurts users (because the server track them) and smaller websites (that needs more bandwidth and computing resources).

@jauntywunderkind420

@koantig

If you double half square (cut over a diagonal) you might get the original square, a triangle or a parallelogram: it all depend on how you arrange the two halves you get.

If you multiply one square by one, you can only get a square.

So I think I got the joke, I was just surprised to see mentioning #crochet in #math, a concept I've never heard before.

@Pouhiou

@Pouhiou

Uhm... mind to share some link about the topic? I've never heard of #crochet in #math.

@enkiv2

Well to be fair, it all depends in how hostnames are resolved.

For example #GNUnet adopts a decentralized #GNU Name System where each user manages their own zone.

@jauntywunderkind420

@namark

Ok, now I see your aggressiveness in this thread is just due to confusion.

When you write:

```
The complexity is understood by experts collectively, and if they honestly serve the general public it's not a problem what so ever.
```

it becomes evident you have no clue about programming and software.

Do you know the history of #Heartbleed?

There are thousands of severe security vulnerabilities in software discovered every years because:

1) not even experts, collectively¹ or not, understand the software they code
2) when a system is not fully understood by any single mind, you just need ONE dishonest expert to introduce subtle vulnerabilities.

Indeed this happens continuously in the real world, like it or not (I don't).

Anyway, feel free to keep your loved chains on your mind singing "Don't worry... be happy..." 🎶🎙️🎶

Bye!
___
¹ whatever "collectively" means in the contest of understanding complex and ever-changing systems

@namark

I do not know why you are so aggressive, but for sure we attribute different value to privacy and freedom.

The parallel with, say, legal writing is weaker than it seems because any contract is going to be enforced in front of a human (a judge) that will interpret both the text, the law and the intents of parties.

OTOH, you are right that even with writing we have field experts (mathematicians, lawyers, poets, novelists and so on) and that's fine but there is a reason why such professions are strongly tied to something that can be read by anybody.

Would you trust a court that can jail you for violating laws you are unable to read?

Today in our industry there is a lot of fuss about #Ethics in #AI just because we don't want to admit that any software for which we cannot explain exactly and completely the relation between input and output is broken and should not be used on human data.

But the same is true for proprietary software and even with #opensource software that is too complex to be understood in a reasonable amount of time by any single programmer (not mentioning people unable to program).

That's the power I was talking about: we create automated system that impose our will to unsuspecting and unaware people that not only have no understanding on what it really does (think of trackers, analytics and so on), but do not even realize they should be enabled to have a saying!

We basically write secret #laws that self-enforce over unsuspecting people and that not only affect what they can and cannot do, but what they can and cannot think!

And not just on an individual level, but on a global scale!

I don't think that a carpenter, an architect or a plumber can be so dangerous, tbh.

@jauntywunderkind420

Which "great browsers" are you talking about?

#Google's Chromium or Google's #Firefox?

@enkiv2