Sounds mostly reasonable… but I don’t see the alternate citizenship helping, unless you mean to go as far as renouncing because all FATCA regions (~130+ countries) look at the birthplace, not nationality, and you can never get a new birthplace. It’s probably hard to find a non-FATCA region where you can trust the banks. But indeed… getting your 4th amendment rights has come to extremes.

That makes some sense.

In my case I think I have credit that I’ve never actually used; and I think I’ve also put on their file that I am unemployed. So in principle consumers who either don’t care for the credit, or are happy to be in the highest risk category, they should not be harassed with this. I will just ignore it and see what happens.

I’m not on a good enough connection to watch videos but when I read “How the Religion called Atheism…” I know it cannot be coming from any sort of credible source. Atheism is absence of religion, not a religion in itself. It includes both agnostics and gnostics (both those who are convinced there is no god and those who are unconvinced either way). So I don’t suppose it’s worth it to note the URL and try to fetch the video when I have a good connection.

Surely some of those captured faces are people in Europe, Brazil, and California, who would then be protected by GDPR, L…(something… forgot), and CCPA respectively.

Under the guise of reducing crime,

Woolworths has justified these measures as necessary for the purposes of security.

There is video surveillance, and then there is that extra intrusive step of facial recognition. They can have video without FR. They can submit video evidence to the police who can then use FR, if needed. They probably want to argue that they can block known shoplifters as they enter. But of course what they really want is to track who enters the shop, which products they look at, how long they gaze at promo ads, etc. Being able to preemptively strike without a crime, just a bad reputation, does not justify the intrusion to everyone else.

Food is essential. It’s not like some shitty smartphone shop or Amazon b&m store that people can boycott.

I’ve been out of the loop on games for a while but ReactOS may be worth a look.

The 1st ½ of your comment sounds accurate. But…

And also in Foss there are highly opinionated software where the devs completely ignore users, ban them from GitHub when they post issues,

Right, but to be clear non-free s/w is worse - you can’t even reach the devs, generally, and there is no public bug tracker. FOSS is an improvement in this regard because at least there is a reasonable nuclear option (forking). The nuclear option for non-free software is writing it yourself from scratch.

That all sounds accurate enough to me… but thought I should comment on this:

However - in larger enterprises there’s so much more, you get the whole SDL maturity thing going - money is invested into raising the quality of the whole development lifecycle and you get things like code reviews, architects, product planning, external security testing etc. Things that cost time, money and resources.

It should be mentioned that many see testing as a cost, but in fact testing is a cost savings. In most situations, you only spend some money on testing in order to dodge a bigger cost: customers getting burnt in a costly way that backfires on the supplier. Apart from safety-critical products, this is the only business justification to test. Yet when budgets get tightened, one of the first cuts many companies make is testing – which is foolish assuming they are doing testing right (in a way that saves money by catching bugs early).

Since the common/general case with FOSS projects is there is no income that’s attached to a quality expectation (thus testing generates no cost savings) - the users are part of the QA process as free labor, in effect :)

I agree.

One of the reasons no one gives a shit is there is never news about CF making use of that MitM position. But I know they hire data scientists and what corp can resist the urge to monetize data they have access to? So I think it’s just a matter of time before they get caught abusing the vast amount of valuable data they have visibility on.

Sorry I do not know if BBC interviews are transcribed.

But FWIW it will air again on BBC World Service at 02:32 GMT tomorrow and the next day (which could be useful for those on limited internet connections)

Nobody is disagreeing with you or saying your wrong

At least 10 people here believe Google/MS avoidance is “tinfoil hat” paranoia. It’s a stark disagreement on infosec principles. All responders in this thread (apart from 3 exceptions) come from privacy-hostile #Cloudflare instances including yourself. This crowd has little hope of taking privacy seriously.

However, it’s not really realistic to expect everyone to abandon the easy and useful tools that they’re comfortable with just to match your views, regardless of the ethics or logic involved.

You’re probably not going to sell anyone on an idea that requires discarding ethics and logic. That’s actually the crux of the problem. The problem exists because people disregard ethics and logic in pursuit of pragmatism.

You seem to be overlooking the fact that Google and MS are inherently exclusive choices. That is, if I try to connect to gmail-smtp-in.l.google.com, the connection is refused, full stop. Google is blocking me before I send the first packet. So you’re implying that I must go through Google’s hoops in order to not be “extreme”. IMO, that’s an extreme position to take. To expect people to go beyond the norms of established open standards to cater for the extra requirements and special needs of a monopolistic corporation. I must either rent an IP address that’s to Google’s liking at my own expense, or I must establish a contract with another third-party who I must then trust with a centralized view on all my outbound traffic. I’m not supporting that abuse and loss of freedom.

Ways that are beyond either the capabilities or desires of the average user.

You vastly underestimate the average user w.r.t to “capabilities”. You can scrap capability from your statement because the avg user can just as well use protonmail/tuta, or disroot.org, for example.

That leaves “desires”. Two people agree on how to correspond. The desire of someone to use one of the most unethical controversial corporations possible and in an insecure manner that exposes the data to a profitable extent in a privacy-lacking part of the world, and the other party has a higher privacy bar (and/or high moral bar), the party who must adapt is the one with the lower standards. It’s unreasonable to expect someone to lower their privacy standards or to lower their moral standards. If someone’s desire to support Google or MS trumps their desire to stay in touch, then the conversation isn’t worth it to them.

There is a rule of least privilege principle that seems to have escaped you. In the information security discipline, we do not need to justify security measures by default. It’s lack of security that calls for justification. If there were truly a capability problem, that would be reasonable rationale for reduced security. But it’s a phantom excuse. And “desire” is not an acceptable rationale for reduced security.

Your doubling down on the tinfoil claim was a failure simply because the security matter is least important of everything I’ve already said on this. But even if security were purely my sole rationale (as it is for some people), you are still calling the practice of basic well-established infosec principles tinfoil hattery. Pushing this culture of branding sound security practices as paranoia is a socially harmful move that you are partaking in.

That’s not the trade-off. Google has no opportunity to show me ads anyway. If alice@privacyrequired.com emails bob@gmail.com about a Taylor Swift concert, Google profits from information about both people. Even if Alice does not use Google services, Google’s file on bob shows he knows Alice and Alice is a TS fan. Then when bob searches for gifts, Google shows him TS t-shirts and profits from that. Conversations are two-ways, so when Bob responds to Alice Google learns directly about Bob, such as whether he’s a Swift fan. Alice’s msg therefore generated profitable data about Bob for Google, which potentially works against Alice’s boycott against Google.

That’s just the tip of the iceberg—

So when you say this is about “the ability to show you ads that are more relevant to your interests”, you and at least 5 others have wholly misunderstood the problem.

You don’t get how boycotts work. Using their products without compensating them doesn’t contradict opposition to feeding them. You don’t know what hypocrisy means. You could more easily argue that it’d be a hypocrisy to leave the PCs in a dumpster and allow e-waste to go to a landfill and pollute ground water against my beliefs. Even in regions where they dispose of PCs properly, I oppose destruction and recycling whenever reuse is an option.

This. Life is too short to deny myself human contact.

This is scrapping a long list of old contacts who might at most every 5—20 years briefly exchange life updates from another part of the world. It’s not denying human contact. When I meet someone new, they either need to reach me a way that’s agreeable to both of us or they need to proxy msgs through a mutual friend.

You’ve both demonstrated to easily back the gatekeepers as you’ve both needlessly chosen to create fedi accounts that are centralized on Cloudflare (lemmy world and shit just works both). You can’t speak with any credibility on the privacy front under those circumstances because you compromise digital freedom even when it yields no meaningful gain.

Sometimes you have to stay connected to have any chance of saving the others.

This is not that. In this particular situation remaining connected to the surveillance advertisers only reinforces through codependency the idea that people can centralize themselves on those platforms to count on being reachable by everyone. That’s not the right msg.

Being the one hold out is a strong position. There was an academic group of people on FB that I had to corresponded with. When I refused to appear on that platform, everyone was forced to step outside of FB to reach me thus making them consciously aware of the problem. I wouldn’t have it any other way. Taking the pushover stance only proves to them that it works to choose the side of the monopolistic oppressor.

Indeed it makes sense for a privacy advocacy org to have a Facebook acct to reach those people. But most of them get it wrong and needlessly advertise FB on their public website. Which means they’re not just using it for outreach.

I’m merely trying to point out that there is a healthy middle ground between the extremes of internet usage where people can interact with each other in a meaningful way while also being aware of the inherent risks and realities of using the internet today.

You’re mistaken where compromise is needed and where it is not. There are ways to communicate without putting Google or MS in the loop and you’re at the unethical extreme if you have opted to support GAFAM by feeding those platforms.

Doesn’t matter how you got them.

No, it matters absolutely. You can get the goods by financially contributing to their bottom line, or you can get them without contributing financially. Surely you must understand that companies exist to profit.

How do you think your device was made?

I have not bought a PC for the past 15 years. Every upgrade has been from pulling fully functional PCs out of dumpsters, LCDs included. Permacomputing is a good movement to follow.

You are definitely wearing some tin foil, OP.

You have definitely failed to understand how capitalism works and how money flows in relation to data, and the ethical history of corporations involved.