Notices by Epic Null (epic_null@infosec.exchange)

@evan Okay I have used word but please understand

Work.

@dalias @juliette I certainly wouldn't say I see a lot of "Pro safe-streets" discussion from the people who push to ban the internet for children. Or "Build more parks". Or "Open more child-friendly stores". Or even "Build denser housing so kids are closer to other kids". Or even "More libraries! Safe routes to school!"

You know, conversations that would emphasize opportunities to socialize in person.

It's just "Remove them from the internet"... and it's like "And let them go WHERE?!" Because ultimately, I know there is no "where". Not the streets, the parks, the library, the internet...

The goal seems ultimately for the children to not exist

And that makes a lot of sense when you consider that change often comes from the youth... but that makes it less okay, not more okay. If you want to keep kids from organizing to create a new movement, you can just... keep them from meeting. It's the same isolation we are used to today just... more!

@dalias @juliette So what is the take of "Those who want to ban kids from the internet aren't even interested in doing the work to accommodate in-person socialization, indicating that they aren't even trying to engage in conversion therapy - they are just straight up not recognizing that children and teens are people"?

@dalias @c0dec0dec0de @JessTheUnstill I am gonna turn everyone against me real quick

The Bleeding Edge Dependencies with No Cooldown Or Review issue probably stems from the idea that the most secure thing you can do is keep everything up-to-date.

Like yes, we fix bugs and security issues over time. No, that does not mean the latest version is the best version.

@JessTheUnstill @dalias @c0dec0dec0de Unfortunatly when it comes to LPMs (Npm specifically), you don't have a good option for Testing Shit Without A Public Release. (Nuget does a lot better, but is not perfect)

Honestly when it comes to Javascript, React and NPM, I often find myself wondering why doing the right shit is so hard. It's like it's almost intentionally sabotaged...

@patrickcmiller Question: Did you read this article?

@patrickcmiller If this is where we are

WHY DO WE STILL WORSHIP THE JOB?!

Let's just switch to a UBI already and start figuring out how to communism!

We should be focusing on better wealth distribution so that when we need 25% of the work done, everyone works 25% as hard.

@patrickcmiller Yes. Because unstable responses is EXACTLY what a spreadsheet needs.

@DaveFlater @skeletor I think it would be best to be mindful of the source here. Inspirational Skeletor has a particular type of post they trend towards.

I would say they trend towards "It is tough, but I persist and emrace, and it is worth it". In other words - inspirational.

From that lense, I propose a meaning that is similar to what you suggested, but with less of a "You can't follow in other's footsteps" vibe, but more of a "Don't worry about getting it right" vibe.

There is no higher authority dictating how things must be done - only us with a sense of what must be done and a world in which what is done impacts people.

@patrickcmiller While I disagree that agenic AI is great for the consumer, I do see how enabling AI to take unknown action could force companies to start looking at other browsers as a means of gaining control over their own systems. I hope this conclusion proves to be accurate.

@patrickcmiller

impatience, naivety, overconfidence

How about lack of relevant education from their olders combined with companies specifically MISEDUCATING them?

Budget-conscious youngsters may be more inclined to look for such content on third-party app stores, forums and other sites.

Actually... this is a normal and good behavior. They are just missing massive swaths of foundation to do this safely.

Only going with Major Brand Downloading Sites has not exactly been good for privacy, and leads to content getting lost at the whims of the host.

Always stick to official app stores

Put google's bullshit in that threat model or so help me

Deploy security software from a trusted provider to all PCs and devices.

Way too vague. Put Norton's bullshit in your threat model or so help me

Put Nord's bullshit in your threat model or so help me

to share knowledge, and communicate risk with empathy and understanding.

Well yes... but also... we need to share the Old Tools with them as well. What they are doing is Not New, and they need access to the whole woods to do it correctly, not just a gated garden.

Let's teach em how to use popularity to judge a tool, how to swing a proverbial hammer, and what preditors are out there, then let em go build their own forts.

They're clever kids. They're just missing some key knowledge.

@ansuz Okay I have something. It is not a full solution, but

The core issue here is this:

Browsers exist to support the standard, but every time they fuck it up, developers quietly fix the site for the browser.

Users only see working/not working, and we do nothing to communicate that we are compensating for their browser's problems.

I have at least another month before I get my personal website up, but I propose we start changing these two facts. Buisnesses will be the hardest to get on board, but we do need to try.

1. We need to create a website to act as a public Grievance Document. Every standard Chrome has broken should be listed as an ancored header, so we can direct link to the problem, but also highlight the sheer quantity of grevances.
2. We need to pick an icon to represent "Problem I worked around" and another to represent "Problem I will not work around". This needs to be standardized across all our sites.
3. We put that icon next to every field and property that doesn't work correctly.
4. We do this process for everything and anything.
5. We begin posting this motto: "The browser supports the standard, not the standard supports the browser"

@ansuz Alright so here is a question: how do we unseat Chrome?

@outfrost @josephcox The worst is when it shows up in the middle of an article. Like, I WAS IN THE MIDDLE OF SOMETHING! Also, THIS WAS NOT THE ARRANGEMENT I AGREED TO IN THE BEGINNING. If it shows up from the start, not only do I NOT get tools to bypass the freewall, but also... it feels more honest. There's no quick change in terms when I am halfway through.

@patrickcmiller "generally, copyright suits are considered a bad fit for class actions because each individual author must prove ownership of their works." Generally copyright suits are considered a bad fit for class actions because the plagarism is based off closer to 1 work at a time.

@w7voa Not related to your comment but WHAT THE HELL?!?!

An arbitration agreement and class action waver for LOOKING AT A WEBSITE?

@kyber_punk @JenJen Well... There's not much that can be done about the duopoly, but I can think of two things we can do at once.

1. Flood the social environment with self-host options. Payment is a real problem here, but Visa can't make you take down your own stuff.

2. It would be painful for a lot of online businesses... but we could do a cash-only boycott. Meaning no more putting things on credit cards, you take out cash and pay for groceries, toys, games, etc. in cash. You want steam games? You go to the store, buy a steam gift card using cash, and pay with that.

=====

I hate to say it but... crypto kinda sorta happens to be the only thing that has the right properties to bridge the digital payments gap this situation produces. Even with the Other Problems it presents. It's essentially able to fill the role of digital cash.

@Em0nM4stodon if they REALLY wanted secure ID, they would put an asymetric key in it.

Simple technology, appropriate for the digital age, and hell, we already have standards written out for it.

Pretty much anything else is the wrong way to go.

@patrickcmiller Before the updates, Notepad was a perfect, simple, reliable text editor that was safe to use for digging in to sensitive data (because what you typed would be lost when closed.)

@patrickcmiller I am once again left to ask why.

Why are they trying to shove this technology in places rather than trying to solve problems.

In the best of cases, they are trying to use boats to improve mining.