Mark Tomczak @mtomczak@qoto.org

@djsundog This approach would have stopped Google from being built. Google received hate-mail from server administrators who had wired up GET endpoints to things that did stuff to their servers (in violation of the HTTP standard, but you can do whatever you want when you're writing your own code). Google's search crawler put those users in harm's way---in some cases, "delete post" was one of the buttons incorrectly flagged as a GETtable URL, and the crawler would blow away a blog as it crawled the blog. Crawler had no way to know it was doing this.

... but fundamentally, "am I even potentially putting others in harm's way" is too high a bar. A better bar is a standard people can agree upon collectively (such as robots.txt... Which *still* isn't good enough to *protect* things people don't want seen, you really do need auth/auth for that, but it's a good standard for flagging content as "don't be a dick").

One problem the fediverse has right now is there is no standard for individual users to flag their toots something equivalent to "noindex, nofollow" so we're not even at a place yet where there's a standard to opt-in or opt-out of being search-indexed. I think the system needs that (and lacking it, I think we ask too much of the world to demand that nobody build any indexers, even the non-malicious among us).

... it's possible that Mastodon's protocol is simply default-too-open to feel comfortable using it in its current iteration.

@djsundog It's not one's dev sandbox, but it *is* a massive trove of text put up on a publicly-accessible network, retrievable via unauthenticated clients. The author's consent is not technologically necessary to access it, and may or may not even be audited by the administrator of the service.

It *will* be indexed. It's only a matter of time. I appreciate the appeal to "Don't be that guy," but everyone with something to lose *must* understand that if it's really, really important to them that their toots not be searchable, a solution of "trust eight billion people not to build the thing" is completely untenable.

On tuning playable character design to get from the abstract concept to the fun of action.

https://www.youtube.com/watch?v=7EpgjR-k3fE

@ocdtrekkie ... More importantly, the SCOTUS review *isn't* about that. Cert has been granted on the broader question of whether S230 protection encompasses recommendation algorithms or merely the authority to allow or reject third-party content.

(TBH, constraining that might be practically fine... There is a simple way to comply with the new legal ecosystem if recommendation algorithms aren't protected, which is to remove all recommendation boxes. On the other hand, if the boxes are valuable, the easiest way to comply is to reject all possibly-objectionable content, which is likely to have the opposite effect to the one many S230 critics might desire).

@ocdtrekkie Generally imminent incitement. Someone watching a YouTube video and then 2 years later committing a terrorist act doesn't pass that bar.

@ocdtrekkie Nothing in the phrase "freedom of the press" implies it's either or neither. "Poor Richard's Almanack" was created to promote Franklin's printing business ("Field of Advertising," 1918).

We give the government a very big stick when we give them the authority to constrain speech based on its intent. And while that is certainly a stick we hand the government from time to time for very specific purposes (restrictions against incitement to violence, for example)... How comfortable do we feel giving the government the authority to suppress advocacy because they classify it as "advertising?"

@ocdtrekkie Trusting corporations to make independent Freedom of the Press-type decisions is a lot closer to the intent if the First Amendment than trusting the government to make them. In this context, I can see the preference.

@ocdtrekkie I, for one, am thrilled at the prospect of replacing YouTube's authority to choose what ads to display and what ads to accept on the network with... *checks notes*... The government's authority.

(No seriously though, TV did fine under the FCC most of the time and this'd probably be an improvement. It will give First Amendment absolutists heartburn though).

@tim Is the scenario you're describing in Python avoidable in general? I was under the impression that if my app depends on modules A and B, and they both depend on C, but A depends on Cv1 and B depends on Cv2, I'm just screwed because Python's module infrastructure *itself* demands all the packages it sees be at the same version.

(Contrast with npm, where dependencies load their own shadow copies of their dependencies and eventually a compilation / tree-shake process renames the different-versioned copies of the libraries so they can live in the same resulting codebase).

@BartlebysCorpse @SwiftOnSecurity Oh, the worst part is it's specifically an option you can select *against.* And the company ignored the form the family filled out and donated her body for that application anyway.

@Natanael_L @SwiftOnSecurity "Now I know what you're thinking... 'What possible value could we gain from blowing up someone's dead grandmother?' Well, I'd like to answer your question with a question. 'Do explosions need justification?' That was rhetorical, the answer is no. Kaboom. Heh heh heh."

@TessMishoe@ioc.exchange @SwiftOnSecurity Yeah, in this specific case the situation is real beyond the pale in multiple ethical frameworks. Family was apparently specifically asked if they were comfortable with this kind of testing being done and they said "no." But the company that brokered finding a use for the body was so scummy that they ignored that explicit statement of intent.

@SwiftOnSecurity This is vital data to support the Global War on Doris.

@mekkaokereke Me, I see it as the Milllenials carving their due out of this society.

I ain't going to bat for her, but I ain't going to bat for JPMorgan either. 🙃

@lauren Looking forward to Renfield? I know I am.

... but really, you can put Nicholas Cage in basically anything and I default to looking forward to it.

@mattblaze My hobby is engaging people in discussions of election security long enough to walk them into designing the largest central database of PII on American citizens the world has ever seen, only to see them blanche at the realization of what they've done.

Usually happens right around the time I convince them of the necessity of a facial recognition database.

@lauren I think classification is important to running an empire this size in a modern world...

... but I also like to remind myself that the first use of "That information is classified" / executive privilege in a court of law was to suppress evidence in the wrongful death suit brought by some families after their (civilian) loved ones died in a military plane crash...

... And fifty-odd years later, when those docs were declassified, they showed that the "secret" tech the contractors were working on was utterly mundane, but the plane they were on had a known history of malfunctions and maintenance lapses.

@lauren I had just about forgotten that once upon a time, the Doctor's companions were occasionally warrior women from a devastated group of survivors in the future, and not just cheeky ladies from near-modern-times Bristol.