This is the kind of thing that kept me off Quora forever. It’s a great resource but I don’t feel like logging in 100% of the time. So now I just ignore all of their links.
Of course, this means everyone is using web scrapers for what was used API keys before, because of you can use public internal API.
Just out of curiosity, is there a marketplace for private APIs? I'd love if you could elaborate on the "charge someone else for it" part.
You can also send requests via your own server, which would allow you more control over the requests that get sent out to your 3rd party APIs and just restrict tokens as much as possible to the minimal set of features necessary for your application.
-a keypair is generated in secure hardware
- you send the public key to a server which encrypts the secret key with it
- the server sends the encrypted key back
- then it goes inside the secure hardware where it gets decrypted
The decrypted secret key is never in the userspace.
Certificate pinning is a good security measure, but not a counter-RE one.
If it's executing on my device, you can be sure I can poke it and see what it's doing.
Additionally, while it's true (to my knowledge) that re-implementing a full safteynet spoof is not currently publicly available, a combination of Frida and MagiskHide is able to bypass SafetyNet for dynamic RE purposes, just launch the app as normal with MagiskHide enabled then attach to it with Frida as root. If they enforce full hardware attestation this may change in the future, but right now we're good.
This from the site that used to indicate on every tweet the client used
That was years ago. Recently, I went looking for how to un-retweet something from an account that has since blocked me, and every single answer on every instance of someone asking that on Quora is more or less a copy of Twitter's documentation for an ordinary un-retweet. Useless search result pollution.
Their algo will just continually blast email you every category you ever clicked on
Not sure what they wanted to achieve with that change, but I never visited the site again.
They are doing this SOLELY because of the need for audience creation, marketing attribution, and ad revenue.
This is why Facebook is SO very against what Apple is doing with iOS14+, particularly with cross-device and cross-app tracking opt-in, because they know it will decimate their ability to do what they do today.
This is probably the only good content that existed on there before it became a cesspool: http://qsf.cf.quoracdn.net/best_of_quora_2010-2012.pdf
this is an issue (and I fail to see this mentioned here today) in that public sector agencies use Twitter to disseminate emergency information. With a login wall, this information is not getting out to the people who need it the most.
I mod /r/Twitter and saw about a week ago a number of threads complaining about a new login-wall. This shit is 100% user-hostile, Twitter.
The problem comes if they don't provide any other way to access their information.
If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and sticking to the rules when posting here, we'd be grateful.
Do you genuinely believe (1) IRC is anywhere near as usable as Twitter for the general population, or that (2) a real-time chat is an equivalent offering to Twitter?
EDIT: I should note that beyond being more usable than IRC, I have precious little good to say about Twitter.
So in a way IRC is better. If for no other reason because it required some personal discipline and will to learn to use and it segmented the internet to prevent these monstrous echo chambers. Humans aren't ready for a global forum. We are still only good at small communities.
Or they read an article about one twitter group bashing another twitter group and clicked on one of the tweets.
There's no path from toxic Twitter to constructive Twitter, but there are thousands of paths the other way.
Which can only mean that toxic twitter is where Twitter wants its users, so it seems like you're using twitter wrong in their view.
Of course there are worthwhile interactions to be made. But the people making them would have been doing so on the less accessible older internet anyways.
The news seems just as negative as social media.
Private DMs easily map to one-on-one privmsgs. Public replies and threads won't have an equivalent unless there was some meta-protocol to temporarily allow another person to talk in your channel + duplicate your posts in your channel to theirs + expire that access eventually.
Also subscribing to tags won't work without a similar "copy all messages from one channel to another" relay.
Someone should come up with a pub-sub distribute micro blogging service like how emails work.
fediverse: mastodon, pleroma, pixelfed
hypercore https://hypercore-protocol.org/ (see iris.to for an implementation)
It still exists, it’s just harder and harder to find. For example, most of the tech blogs you see on HN are hosted on personal websites with no ads.
It's called NNTP
Attempting to resurrect Usenet at any scale simply won't work. Even with a lessons-learned set of improvements (Usenet II), it went nowhere.
People say they want the old early-90s internet, but that internet only worked that way because almost nobody outside of universities was on it and nothing on it actually mattered to anybody.
It took me way too long to find the usage numbers (which ironically were within an arm's reach on my bookshelf most of the time), but ~1988 Usenet was under 1 million potential users, and fewer than 150,000 active readers. Even by the mid-1990s, it was under 1 million active participants.
Google+ was considered a failed social network with at least 10--100 million active users (by my own conservative estimates based on sampled profile data, independently verified by a much larger analysis). Facebook has 3 billion MAUs (monthly active users).
Until ~1992 (the Eternal September), Usenet users were largely represented as cohorts of a few hundred to low thousands, each subject to the disciplinary authority of university network administrators. Privileges could be and were revoked. Netadmins had a hardcopy directory in which everyone's number was listed twice (forward and reverse search). They talked to each other.
I'm active on Diaspora (for over a decade) and Mastodon (for about five years now). Both are far smaller than their comparable commercial equivalents (FB and Twitter, respectively). Each already strains under abuse, spam, and propaganda efforts, though Mastodon seems to have a more robust containment toolkit. Much resembles the old Usenet model: individual instance administrators can determine what users (locally or remotely) or instances (remote federation) can interact, and to what extent. It's high-touch, and has issues, but at present scale it mostly works. (Not perfectly, but it's not completely blown up yet either.)
Diaspora ... seems on far shakier grounds. User controls, admin engagement, reporting tools, and the culture of active management are all far weaker. The saving grace is the lack of algorithmic amplification, but bad actors are a distinct presence, if largely walled off into their own small, sad world.
Google closed it down because they realize they never needed it. You were rarely providing new information to google because you already had an account and they already were tracking you everywhere. Your posts on other social networking sites google knows about and uses. What sites you visit google knows about.
The only thing google+ gives google is your social graph. But not your friends/family social graph more of your professional social graph. I don't think there was a way to target that info through ads into more profit. They probably leveraged access to facebook's data for ads in exchange for shutting it down.
I sampled a random selection of ~50,000 profiles to find out how many were actually actively using the site.
9% of all profiles had ever posted anything at all to the site. This is somewhat fewer that 99.99%.
And only 0.016% of all G+ profiles had posted publicly in the first 18 days of 2015, when I performed my sampling.
And again, you're talking to the guy who ran that experiment.
Eric Enge of (then) Stone Temple Consulting independently replicated my analysis using a much larger sample of 500,000 profiles, confirming the results I'd found and providing additional details:
I had absolutely no idea Enge was doing this until he published his results. They're a completely independent validation. Which is how science is supposed to work.
Your other comments about G+ are at best speculation, and largely fail to match my knowledge and understanding of the site and service.
> They probably leveraged access to facebook's data for ads in exchange for shutting it down.
As well as NNTP (mentioned in a sibling comment), listserves work for that (and don't just work like email, they use email.) And both have been around longer than the web.
When people say 'I miss IRC', they don't necessarily mean the technicalities of the protocol though.
So what? They're analogous not identical. The distinction you point out isn't relevant to the point of the analogy.
> switching to another network is literally as simple as pointing the client to a different domain name.
irc and http are the same in this respect, thus they are analogous.
I'd way rather have something that doesn't improve for 30 years than something that actively gets worse at a rapid clip.
That's an example of what corporate interests have brainwashed people into thinking. They didn't have to turn us against IRC. Most internet users don't even know it exists.
At one point it was easy enough for the average person to use, because the average person had to deal with a command-line. But tech, in its infinite quest to Make More Money, keeps chasing the dumbest of the dumb so that it can expand its market into an imagined infinity. It kinds of reminds me of the windshield repair shop that takes a baseball bat to nearby windshields at night to drive business
How about we work towards unwinding this whole mess and meet users in the middle??
FOSS and open protocols are criminally undervalued because of greed, and all the fake newbie empathy it generates
People have such a gap-filled view of the past. I barely had to learn any IRC command-line stuff because of mIRC
As for the chatbot craze? It was a craze. A fad.
IRC is an instant-messaging platform, while Twitter is a microblogging platform that was available to anyone in the pre-smartphone era as it was initially tailored for SMS message length.
IRC requires a client (okay, you could use a web gateway), and you somewhat need to know what you're doing (not saying it's hard, but the average user might not even care about accessing IRC if it requires a minimum of effort), while Twitter could be used through a flip-phone or accessed simply through a web browser, which you can assume everyone have.
99% of users just don't value the things you value in these services.
TBH: These days I prefer other venues though. E.g. HN, Slack and Facebook groups.
Just like the US does : https://www.theguardian.com/us-news/2020/jun/15/all-lies-how...
What is the list of services used for?
This needs a lot more explanation built into the site!
Techbro lingo for bitcoin's smallest unit, the satoshi.
The most abused and dishonest phrase of the 21st century.
That's actually an honest one, since they know exactly what the value is of the PII that they sell to third parties.
Tiwtter's product is you.
A key difference is that in the Twitter case, there's no monetary penalty which can be imposed by the host class (that is, the unpaied content contributors).
Much of the "harvest as much data as possible" element is also driven by fundamental power and monopolistic differences.
The T&C equivalent of "your call is very important to us"?
Safety, as it is commonly used, would better be translated, in French, as "sûreté". "Salut" would be a much, much stronger word.
Although I do see your point.
But I'm still not quite sure what the French word "salut" means. Is there not a simple one-word English translation? What exactly is the remit implied by the name Comité de salut public?
So, in this case, considering they considered themselves the defenders of the greatest ideology of all time and the (worthy) people, and were at war with both foreign countries and some of their own people, I’d say it'd mean something like:
"Committee in charge of delivering the country, the Republic (the idea of Republic itself; not just it’s French incarnation) and freedom / democracy (even though they weren’t quite democratic) from utter ruin and certain doom"
But that’s quite a mouthful.
- pay a small fee but that requires a credit card
- send us government documents which is worse
- mine crypto for a while but it doesn’t stop people who are actually motivated
- send a selfie and then do some face matching, also worse.
Reddit, Qora and Pinterest all tried it, shot themselves in the foot, lost a huge readership and reversed it or will reverse it.
It's hard to realise how bad it is as only lurker don't have a sunk cost fallacy and easily quit and their quitting is invisible.
10 years ago when a government banned Twitter it was almost universally seen as bad. That's probably not the case anymore. Will it be worse in the future?
I'm sure they have. And I, being used to being in the minority of users, will likely find some 3rd party solution around the problem they created. Win-win outside of me wasting a few minutes installing another extension.
Nothing. Hire more moderators maybe. it also looks dishonest to frame it this way when twitter asks these pii for "spam protection" and yet still can't ban obvious Fiverr-like spam accounts
> Like what other things can we ask for that actually work and aren’t more invasive?
Nothing, somehow plenty of websites do fine without even asking for email, including this one. It seems what you really want to say is "What can we ask from you for it not to cost us anything?".
I want Tesla to give me a free car too, but it ain't happening. At some point a company makes decisions you aren't gonna agree with and your only recourse is to not use them. If that means you can't read Twitter, then that's the price you pay. You aren't "owed" a free Twitter account solely on your own personal terms.
It's funny that all those companies are trying to get so big and so central to our lives, to the point many news (including from police precincts or first responders) are only posted on twitter or fb, yet when you point out they shouldn't ask you a phone number to access them it's "they owe you nothing".
(But that's a ship that sailed long before the internet age. "Want to know the laws? Pay up!")
Public sector and publicly funded groups should be communicating through standards-based channels. Their content belongs to the digital commons. This exists today, via the ActivityPub and RSS sphere of ecosystems.
They're asking for a stop to major companies lying to the public. To stop harvesting people's data under false pretenses.
I think citizens can and should demand those things from companies that choose to incorporate in their country. That avail themselves of the legal systems and protections. That take advantage of the workforce present.
Companies are free to choose where they operate and incorporate.
If we go that route of argumentation: Can Twitter please close shop and go away then? Their value is vastly overestimated: Most people don't want to use Twitter specifically, they are peer pressured into it because it is where everyone is. There are better free and open source alternatives without them trying to steal from me. Twitter burns all that money (do they generate a profit yet?) to stay on top, just so that nobody else can.
To stay with your analogy: Tesla rolled up and pushed every other car manufacturer out, now they are giving a somewhat free car and in return they want you to do everything they say, and the keys to your house "just in case".
We don't owe Twitter anything.
no you see, that's the problem. I don't WANT a twitter account, but I apparently need to use the site to view local updates in my town.
I'm perfectly happy continuing to not post there. I just don't see the benefit in making me find an extension around this annoyance so I can continue to not have a twitter account.
HN works because it's niche. It can be moderated by a handful of people. Once you cross the "can't be moderated by humans" threshold of size you're solving a completely different problem.
I won't knock you for saying "well then you shouldn't exist at that scale" but that's a non-answer for the real world where giving up PII in exchange for participating in a huge social network is a trade enough people are willing to make that you feel pressure to do it in order to get in.
It doesn't follow to me, those people open thousands of account for those scams, how are they clean? They are not sophisticated, they don't even use them like real humans and it's literally for $5!
> "can't be moderated by humans" threshold
Is it a threshold or simply a cost center that starts to be big and needs to be slashed in order to please shareholders?
To me it's perfectly possible to be big and have moderators, you just can't have it cheaply.
In the case of posting, rate limiting / scoring w/o a phone number without explicitly banning until you build more reputation works pretty well from what I can see, and most legit twitter users, especially new ones, don't post a lot and mostly read anyway.
And in twitter's case, I think paying a small amount of crypto would actually be something the CEO is interested in this case for the private types who won't / can't get a phone number. Some of twitter best accounts are anonymous and the CEO is into crypto. Add a monero payment option for those small amounts who aren't fraudulent and are private people and you will probably get rid of a lot of complaints.
Maybe there is room for some simple innovation here. Is it possible to do “coarse” address for tax purposes? After all I imagine they only care about which tax jurisdiction such as county / parish or something like that?
Let’s say you pay a fee for being able to view tweets without logging in. How will they know it’s you who’s trying to view a tweet if you don’t effectively log in?
* Give us your Credit Card information
* Give us a picture of your real life self
Neither of these are solutions to the privacy and compromise potential problem that is the 'phone number or else' requirement. Its objectively worse, so that you go "oh, guess you can have my phone number instead".
- Combat spam.
- Be large.
- Allow (pseudo-)anonymous accounts.
A social network can only pick two.
Reddit has all three (no need for email even), they might not be perfect but I can't remember any time I saw "viagra links" or other obvious spam. They have problems with accounts obviously, but you can't frame it as a spam problem.
That does nothing to speak of “auto moderator”, fragmented rules/guidelines and ilk and the sheer effort involved by volunteers.
Even then: the spam gets through. But I agree that PII is not solving this.
Where? I've seens a couple of ghost subreddits with spam, but then you see the same with ghost fb groups, weird twitter profiles, youtube, etc On even moderately sized subs I've seen any that wasn't removed quickly by the mods.
People can say mods are too expensive for fb and twitter, but there is the dishonesty, instead of paying mods they pass on that cost to us with our pii while pretending it's free.
How does allowing people to read (but not post) without logging in produce "spam"?
But in the end it comes to the fact that your Google/Apple needs to have your app store account that is verified to be human enough (less fake accounts) and then a web browser confirms this via a login to this account.
Another option might be to rate-limit by things which don't require accounts, which won't strictly rate-limit individuals, but it's unlikely that's the terminal goal here. It's not actually clear what they are trying to accomplish. Reducing the amount of resources wasted on scraping bots ?
"Trust tokens" was built to deal with these issues just for this use case:
I want them to do nothing.
Back then you could bypass captchas and other checks by changing Tor endpoint (some endpoints required captchas, some didn’t). Made a script that did just that.
It also worked for Facebook and I still receive facebook spam for those accounts daily.
I have no problem with asking for a phone number during registration, it complicates automated account registration and makes it quite expensive.
But I dislike the idea of hiding content behind login page, internet should not be a walled garden.
Last, customers of their data love being able to search/correlate by phone number, not by some pseudonymous identifier that might not be present in some other dataset.
I think this crackdown might in fact be a reaction to attempts by institutions like Apple to ensure better privacy. If fingerprinting isn't giving them the data, they ask for it directly at the threat of restricting access.
I imagine the data of 99.9% people they mostly care about are the ones who dont know what cookies are, let alone how to delete them or otherwise mask/misdirect various internet trackers.
I doubt that - twitter started as an SMS service…
If you're going to require a phone number to read tweets, don't lie about it, just be up front about it.
What I found interesting is that “translate tweet” button doesn’t appear unless you are signed in.
Why cannot I read news from all over the world unless I’m signed in?
Why do users have to sign in to read translated tweets in real time?
Thanks a lot
On one side, people rightfully complain about trolls, harassers, spam, CSAM, misinformation campaigns and propaganda on online services. And on the other side, people will also rightfully complain about data harvesting, and an ever growing lack of anonymity on the Internet.
At the moment, phone numbers are the closest thing we have to at least have some cost associated with spamming and a legal pointer to get hold of criminal-level abusers. Using government IDs such as the German Personalausweis (which can communicate with a website using NFC and a special app) would outright kill anonymity, using middle men to do the same (or video/postal identification) like for banks, porn and gambling sites costs money and is not much better in terms of anonymity.
It's a lazy solution that pushes spam control costs onto the users.
This was the original use case of twitter. I understand SMS is not secure enough to publish tweets but why can we no longer get texts when someone tweets?
* Even though the bait-and-switch can be done there too, but at least you didn’t have to give up your email to the scummy service.
This includes both encouraging sites, content, and/or users, and suggestions as to unwelcomed behaviour.
Might be bad for activists, whistleblowers, et al.
This trickery is still a very effective way to get phone information for masses of people, but on the individual level, it's possible to avoid.
They’ve added sign in/up with Google & Apple recently though.
Three, almost four months in and zilch. It’ll be a good test case anyways.
I can "lock in" an apparent IP address, i.e. ssh to some box with no-ops; but that's either per-connection or still NAT enough that I get flagged. att aggregates all such connections at F5 routers in large cities, mine is in Dallas, for both of my fixed wireless connections.