Conversation
Notices
-
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Friday, 29-Sep-2023 20:34:30 JST 
翠星石
@Joe_0237 Wait till you learn about what "google analytics" and "google recaptcha" does.
Thankfully there is free software that can extract documents from "google docs", but I don't think there are Haketilo scripts that allow for editing.
I would recommend Etherpad instead, you just need to be careful to use a non-proprietary instance.-
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Friday, 29-Sep-2023 20:34:31 JST 
Joe
Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.
Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
tyil (tyil@fedi.tyil.nl)'s status on Sunday, 01-Oct-2023 21:35:13 JST 
tyil
@Joe_0237@fosstodon.org Damn, the company that made tracking its core business adds tracking to literally everything they can? Who would've expected that!
翠星石 likes this. -
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Sunday, 01-Oct-2023 21:35:14 JST
Joe
Google Docs exports automatically infected with tracking links:
txt - unaffected
html + AFFECTED
odt - unaffected
pdf - unaffected
epub + AFFECTED
rtf - unaffected
docx - unaffectedsample web html <a> tag:
<a class="c4" href="https://www.google.com/url?q=https://wikimediafoundation.org/&sa=D&source=editors&ust=1696089933805520&usg=AOvVaw2ypOvslXzoEGwdryv4bFyJ">https://wikimediafoundation.org/</a>sample epub xhtml <a> tag:
<a class="c5" href="https://www.google.com/url?q=https://wikimediafoundation.org/&sa=D&source=editors&ust=1696087392161966&usg=AOvVaw1v4xpIFWD9GYkMFifXd1uo">https://wikimediafoundation.org/</a>Haelwenn /элвэн/ :triskell: and NeonPurpleStar :heart_bi: like this.Tobias Hellgren repeated this. -
Embed this notice
Bø!rge (forteller@tutoteket.no)'s status on Thursday, 05-Oct-2023 19:17:07 JST 
Bø!rge
@grumpygamer This is a huge annoyance for me too! I've asked about it many time, without getting any satisfactory answer. Saying cryptpad is a good alternative for example is ridiculous. I use it personally, but it's just not good enough for collaborations.
The closest thing I've found is Zoho. It is good, but any and all collaborators needs to have an account, which pretty much makes it useless. Haven't tried Notion, though, I should give that a shot.
@Joe_0237 -
Embed this notice
Ron Gilbert #KamalaHarris (grumpygamer@mastodon.gamedev.place)'s status on Thursday, 05-Oct-2023 19:17:09 JST 
Ron Gilbert #KamalaHarris
@Joe_0237 Google docs is the only thing I still have to use from Google. What is a good web based alternative? I have yet to find one that isn't just a simple online notepad. I need a full featured editor and spreadsheet. I need something that non-technical people can collaborate with me by clicking on a link. I'm happy to pay for it.
-
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Thursday, 05-Oct-2023 23:00:36 JST
Joe
For those unfamiliar with html: the href section, everything between href=" and "> is the real link, and the section between > and </a> is the display text
This html feature is useful so that a link can display as smething like "Read more", "Profile", "Wiki" etc, but in this case it is misused.
Google tracks people that are not using any of their products by adding hidden tracking links to exports without designer knowledge or end user consent.
-
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Saturday, 07-Oct-2023 02:47:45 JST
Joe
#collaboraoffice is excellent free alternative to Googles collaborative office technology, its based on Libre Office technology, #collabora is the largest contributor to #libreoffice and does a lot of other good for #freesoftware . You can install it super easy if you have a #nextcloud instance, or if you use a nice cloud host, or for no charge if you want to learn some systems administration and use your own hardware.
novatorine 🏴🏳️⚧️ repeated this. -
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Saturday, 07-Oct-2023 02:47:59 JST
Joe
@unchartedworlds and @cryptpad recommend CryptPad for collaborative document editing
https://cryptpad.org/ -
Embed this notice
Joe (joe_0237@fosstodon.org)'s status on Saturday, 07-Oct-2023 18:05:01 JST
Joe
@mark an ads and tracking firm puts unique codes on a redirect wrapper on exports from their product, that a malicious user can simply delete, not to track anyone, but to protect users from web publishers who want to push malicious links to other malicious sites, but don't know how to operate a text editor to fix the link or how to program their website.
That sounds much more plausible now that you say it ...
Seriously tho, the idea from @villetakanen that its a bug makes a lot more sense.翠星石 likes this. -
Embed this notice
Mark T. Tomczak (mark@mastodon.fixermark.com)'s status on Saturday, 07-Oct-2023 18:05:02 JST 
Mark T. Tomczak
@Joe_0237 That's not a tracking link; it's a redirect notice.
As ridiculous as it may sound to non-normies, Google added a feature ages ago where they warn a user when a link is about to go outside Google Drive (or, in the case of a corporate acount, outside the corporate intranet as configured in Google Apps). That feature is implemented by salting links in a doc with redirect wrappers.
Why? Because users can't tell the difference, so sending someone a legit document that looks like it links to an internal company page but actually links to a third party proved to be an attack vector. One that needed to be defended against.
(Yes, hypothetically they can be harvesting the redirect visits for link-out-following information. But that's not the primary purpose or the reason these links exist. They exist to pop up this page so that users have a moment to realize that the link they just clicked on isn't going to login.corpsite.org, it's going to login.hackers-steal-yo-creds.com)
-
Embed this notice
fenix (librebits@masto.nobigtech.es)'s status on Monday, 09-Oct-2023 01:55:42 JST 
fenix
@Joe_0237 happy #1984
Alexandre Oliva likes this.
-
Embed this notice
All GNU social JP content and data are available under the