Nice. Some feedback: The "first run" page doesn't tell me clearly that anything has been installed or has started working. This kind of information should be really clear and prominent, the largest thing on the page. Instead it's not even there at all, as far as I can see.
Edit: Please don't reply and say "you can check if it's working by blah blah blah." That is missing the point. My point is that EFF should fix the extension to make this communication clear for ALL users.
First place I went to was "I am an online advertising / tracking company. How do I stop Privacy Badger from blocking me?".
If all it takes is MaliciousCompany.com from posting some text document in the right spot to get PrivacyBadget to whitelist the page, how is this any better than DNT?
Do they have a way of blacklisting domains that abuse this?
Edit: Also, I LOVE the idea behind this and installed it immediately to compliment ABP and Ghostery.
tl;dr: A browser add-on that blocks privacy invasive behaviour, not necessarily ads. Some ads are permitted, others are blocked. Currently in alpha, blocking only third-party objectionable behaviour; first-party blocking on the roadmap.
All: please don't use "tl;dr" on Hacker News. It's fine, of course, to point out relevant details from an article. But it should be part of a considered comment of your own.
HN values intellectual substance. Good reading, writing, and thinking take time. If we're to have high-quality discussion, we need to inhibit the reflex to snap judgment and give the slower and quieter reflective process a chance to function. Since memes like "tl;dr" are emblems of that shallow reflex, we should heed the broken windows theory and not have them here.
(Not picking on any individual here; PeterWhittaker's comment is fine without the "tl;dr". The concern is the symbol—symbols matter.)
I wholeheartedly disagree. Much of the content on HN is long form journalism, some is content that is so specifically specialized in a field, that only those with thesis in that field will understand. Part of the brilliance of conversation on the web is interactions between disparate fields. On may articles, if I have to read all the way through a theoretical physics post and understand it without a synopsis, I wouldn't be able to add any value to the conversation, and the thread becomes an echo chamber. The initialism tl;dr does matter, because it's a clean and easy way to identify the content that someone looking for a synopsis will look for.
I understand the goal. HN doesn't want to become reddit, and values engaged discussion. But tl;dr isn't reddit, and it isn't going away. Language is ever evolving, and the way we talk today would have sent my granddad into a tizzy. Part of being a platform, and HN is a platform for ideas and conversations, is that the people will decide how to manage that relationship. Moderation can only trim the edges, and remove the bad actors, but the tonne and tools will not be set by moderation, but rather cultivation by the users.
I agree with you about specialized content, but this has nothing to do with "tl;dr".
The best HN threads are already great at giving context and making clear what a story is about. (That's usually how I learn what stories are about.) And yes, no one has time to read every specialized paper or the expertise to understand all of them. That's why we often prefer a high-quality popular article, when one exists, to specialized literature. Original papers typically get linked to in the comments anyway, for those who want them.
All of this is good and necessary. But none of it requires "tl;dr".
"Tl;dr" is an equivalent in comments to the linkbait gimmicks that we edit out of titles, and it should be kept out of HN comments for the same reason. We're not asking you to make the effort of reading every article or understanding every specialty, just the effort of looking at an HN thread for its content, without gimmickry.
I very much question the value of a comment from someone who is incapable of understanding the source material linked in the submission in the first place. If it's so technical you need somebody elses slimmed down (and likely faulty) synopsis to even comprehend it how likely is it that your comment truly contributes to the discussion?
I would encourage you to re-think this stance. Interdisciplinary conversation is a tremendous tool to approaching hard problems, conversions, and ideas. I've encountered this enough in my life to know it to be very beneficial. We get arrogant when we specialize, often missing simple solutions because we assume that the solution has to be hard because we're very smart, and we haven't effectively solved it yet.
I've often had aha moments when someone who didn't understand the problem, framed a question in a way that caused me to reconsider my approach.
Besides, jargon, not comprehension, is what keeps many smart people out of conversations that they can definitely add value.
tl;dr is a perfectly useful meme, better (IM(NS)HO) than such dry fluff as "abstract", "summary", what-have-you.
We all of us value substance and content, of course. (Need I really write that? Really? C'mon man.) But we are all of us limited in our time and attention.
I consider tl;dr on HN a form of curation: "Here is a pithy summary as to why you should, perchance, take the time to read TFA."
Many is the time I have RTFAd only because of a tl;dr provided by another HNer, headlines being worth less than the paper on which they were never even written. I attempt humbly (who the frak am I kidding?) to return the favour to others.
"Please don't"? WTF for? Some memes have utility, anything that enables communication and understanding is good.
IM(NS)HO, of course. YMMV. IANAL but I don't see how that's relevant.
Of course there can be value in a synopsis. The synposis in your comment was fine. But "tl;dr" doesn't add anything about the topic at hand. What it signals is: "you don't need to read anything else". On HN, readers should be reading for themselves, thinking and deciding this for themselves.
We want users to have to work a little. The key is "a little". It's not like it's hard, but it requires engaging one of the slower cognitive gears. That gear shift is annoying if we expect everything to be laid out for us. On HN we try to thwart that expectation. Why? We want fiber—thoughts and comments of substance.
It's fashionable to talk about opinionated design. One opinion baked into HN's design is: this should be the kind of site that people who don't want to be reflective find boring. When pg was showing me how to moderate HN he said the front page should be "bookish".
You wrote something here that I find fascinating:
> We all of us value substance and content, of course. (Need I really write that? Really? C'mon man.)
What's fascinating is the "of course". It seems so obvious that it's irritating to have to say it. It's such a cliché that there's even a cliché follow-up: "But we are all of us limited in our time and attention".
But, on reflection, it's not true. We mostly value a stimulus-response reward cycle. We value having our preconceptions mirrored back to us. We value the feeling that we understand things (recognition) more than the effort of working through material in order partly to understand it. This is also the dynamic in flamewars, so substance and civility are related.
There can't be many of us who are free from this—certainly not me. But HN is an experiment in trying to grapple with this problem on the internet (https://news.ycombinator.com/newswelcome.html). That's what this site is. It may not do it well, and is probably doomed, but the driving idea has always been "maybe we can stave off doom a little longer".
> You're ignoring the elephant, which is that "tl;dr" stands for "too long, didn't read".
As much as "Good-bye" stands for "God be with ye", in that in each case that's what the expression was shortened from. But, in actual use, that's not what it generally means -- at least, for tl;dr, when it is used with other content rather than standing as a comment on its own.
Not sure you're helping your case by invoking a 400-year-old example. Tell you what, let's split the difference: if "tl;dr" is in use 200 years from now, I'll take your point. I'll even give you 95%! If "tl;dr" is in use 20 years from now, I'll take your point.
(But now I'm curious, so as an aside: what's the most recent abbreviation that has totally lost its original meaning? It certainly isn't "tl;dr".)
In the meantime, it's clear that "tl;dr" is there to signal something like "The Cliff's Notes Version". If it were a headline, the headline would be: "15 Easy Words You Should Read Right Now That Tell You All You Need To Know". There's a good reason why we don't want headlines like that on HN, and for the same reason, we should guard against that quality in comments.
It's not as if HN threads are so hard and time-consuming to read without such gimmicks. Would making them easier and snappier make the discussions better? I think the answer to that isn't merely "no", it's a resounding, obvious no. We need people to do more considering, not less.
> In the meantime, it's clear that "tl;dr" is there to signal something like "The Cliff's Notes Version". If it were a headline, the headline would be: "15 Easy Words You Should Read Right Now That Tell You All You Need To Know".
I disagree from observing the actual use. There's times when it is used for a comment that is nothing but a summary, or when it used (with or without other comment) for a hostile summary. Sure, those are bad, but they are bad independently of the use of the phrase "tl;dr" to signal a summary.
But much of the time its used on HN its used to either (a) distill the commenters understanding to contextualize the comments being made more clearly, or (b) to introduce a summary of the commenter's own detailed comment.
I don't think those are problematic. Yeah, the origin is dismissive. But the use on HN often isn't; the abbreviation "tl;dr" isn't the problem, and looking at it as if it was is looking past the real problem it is sometimes associated with.
Rather than saying "don't use tl;dr", it would be better to say "don't post just to summarize".
A substantial portion of the uses of tl;dr I've seen on HN are summaries of comments, not the article (and the most common, or close to it, is people using tl;dr to provide a short summary of their own in-depth comment.)
Its become a widely accepted online shorthand for "or, more succinctly, ...", so "don't use it on HN" is a pretty weird dictate. Yes, the etymology of the shorthand is a abbreviation for "Too long, didn't read", but except when its used alone, that's actually fairly distant from the meaning it has taken on in use.
I'm curious if the functionality is only enabled if I have the "Tell sites that I do not want to be tracked" setting turned on in my browser preferences? There is nothing explicitly said about this in the FAQ's, but there are references to the purpose of this being "so sites will honor the Do Not Track feature", so it seems to be implying that it only does its thing if I have "Do Not Track" enabled?
I don't know about ADB, but I find the Privacy Badger a little easier to use and understand than something like Ghostery. I think it's also a little easier to unblock stuff when something isn't working because of it.
"[...] in Firefox, Privacy Badger will be automatically deactivated when you enter Private Browsing Mode [...]". This is kind of a deal breaker for me. I frequently use Private Browsing to quickly open a single browser window without waiting for all my session windows/tabs to open.
Speaking of privacy badgering... Why won't firefox let me create a security exception to view this page? Without a way to jump through that hoop, I can't even view the page.
(Firefox dev here) When you say Security Exception, do you mean you're seeing a certificate error on this page? The certificate is valid for me, so that indicates something dodgy on your end (perhaps a captive portal, or middlebox on a corporate network).
I'm behind a simple NAT, but that's never caused trouble before. Other self-signed certs work fine, but this one doesn't give me the "I understand the risks" option.
Oh, you know what? I think I have. IIRC there was news about a cert issuing entity charging to remove insecure certs, so I removed it from my trusted list. I'm sure that's what has caused this issue for me.
I saw a bug on this but I'm on my phone and can't find it. It's a misconfiguration on their end. They're missing an intermediate cert in the chain and have HSTS enabled. Oddly, if you visit some other site we'll cache the intermediate and then it will work.
I haven't made up my mind if tracking is altogether bad. I certainly enjoy Google showing me relevant ads in a non-malware-appearance. Privacy is good in theory but out of convenience I keep using services that compromise my private information and I myself willingly leave personal information online on several websites. Anything is as strong as your weakest link. And their are too many weak links in my online circle.
After reading about AdBlock Plus's effect on memory usage in Firefox[1] I immediately disabled it. Seeing that this is also based on the ABP codebase, I wonder if it will run into the same issue.
Could maybe someone explain to me: What exactly is wrong with Adblock Edge + Ghostery? If not, why do they make another similar extension then?
There is no actual manual configuration needed, they don't use me for their business model (or none of that I know).
> Although we like Disconnect, Adblock Plus, Ghostery and similar products (in fact Privacy Badger is based on the ABP code!), none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren't entirely comfortable with.
Nope. That's a good first step but here are many ways to track you outside of 3rd party cookies. Google Analytics, for example, uses 1st party cookies.
We begin therefore where they are determined not to end, with the question whether any form of democratic self-government, anywhere, is consistent with the kind of massive, pervasive, surveillance into which the Unites States government has led not only us but the world.
This should not actually be a complicated inquiry.
They are not John Poindexter, they’re trying to sell advertising. But make no mistake about it – they are in the surveillance business; that is how they make money: they surveil people and use that to profit.
Call me when someone gets hauled off to Guantanamo because of ad demographics.
The lack of nuance here when it comes to "tracking" is insane. I can see wanting to block them for whatever reason, but I can't understand this reduction to the absurd chicken-little behavior when it comes to ad targeting.
(I was a coauthor of this blog post, though not of the underlying press reporting. There was another article on this topic recently underscoring that there are other programs to use these cookies this way.)
In this case the problem from the point of view of a user concerned with government surveillance is not necessarily the ad network tracking, but the fact that it wasn't protected with HTTPS so other people were able to take advantage of it for their own surveillance purposes. Unfortunately, ad networks have not generally responded by making HTTPS mandatory, or even optional.
Apart from exposing users directly to government location tracking programs, ad networks often know that some users don't want to be tracked and deliberately track them anyway.
Why? If company X tracks all the websites you visit, it's really not that hard for the government to get a hold of that data. It doesn't matter who collects the data or what it is initially used for; as long as the data is collected you're at risk.
So we must hamstring all advertising and personalizing because somewhere a government might abuse their power and get into the data.
That's absurd. Why should we change our behavior because bad actors exist instead of dealing with the bad actors? The whole argument implies that somehow blocking ads will keep $someScaryTLA from screwing with you, which is silly on its face.
And on top of that, ad tracking data is all about aggregates. Ads are targeted to "groups of people who like X", not "pyrocat, 123 foobar st, san francisco".
I really don't get this fear. I'd rather see ads for things that are relevant to me.
I thought the whole point of the various social graph implementations was to build a datastructure that handles details on the level of an individual: who your friends are, what you shop for etc.
E.g. I was browsing cutlery on Crate and Barrel, suddenly I'm seeing ads all over the internet for products that I was viewing. I visited Digital Ocean's site and I see ads everywhere offering their hosting. Same with New Relic.
If I had to guess, the economic systems that underpin these ad networks are getting stronger and eventually they will all merge. Well, of course there will still be big players like facebook, but you get my point.
I'd rather not see ads that are targeted to me. The more an advertiser knows about you, the easier it is for them to manipulate you into buying their product.
And lastly, we now know that the ‘Aurora’4 attacks on Google were at least partially about intercept. One thing we’ve learned from those attacks is that the Government is running intercept systems on their networks, and not only that but other ‘eavesdroppers’ are trying to get access to those intercept systems. So what we are seeing is as more and more data accumulates in these places, it becomes more and more valuable. And so ‘eavesdroppers’ move to those places and even ‘eavesdroppers’ without a legal backing also try to move to those places. So I think we are going to continue to see that as a problem as these become more and more valuable over time.
So the primary form of collection that should concern us most is media that spy on us while we use them. Books that watch us read them, music that’s listen to us listen to it. Search boxes that report what we are searching for to whoever is searching for us and doesn’t know us yet.
There is a lot of talk about data coming out of facebook: is it coming to me? is it coming to him? is it coming to them? They want you to think that the threat is data coming out. You should know that the threat is code going in.
For the last 50 years what has been happening in enterprise computing, is the addition of that layer of analytic on top of the datawarehouse that mostly goes in enterprise computing by the name of "business intelligence". what it means is you’ve been building this vast datawarehouses in your company for decade or 2 now you have only information about your own operations your suppliers your competitors, your customers now you want to make that data start to do tricks. By adding it to all the open source data out there in the world, and using it to tell you the answers to questions you didn’t know you had. That’s business intelligence.
The real threat of facebook is the BI layer on top of facebook warehouse. The facebook datewarehouse contains the behavior not just the thinking but also the behavior or somewhere nearing a billion people. The business intelligence layer on top of it which is just all that code they get to run covered by the terms of service that say "they can run any code they want for improvement of the experience". The business intelligence on top of facebook is where every intelligence service of the world wants to go.
Imagine that you are a tiny little secret police organisation in some not very important country. Let’s put ourselves in their position Let’s call them I don’t know what, you know ... "kirghista".
You are a secret police you are in the "people business" secret policing is "people business". You have classes of people that you want you want agents, you want sources you have adversaries, and you have influencables, that is people you torture who are related to adversaries wives, husbands, fathers, daughter you know those people.
So you are looking for classes of people. You don’t know their names, but you know what they are like you know who is recrutable for you as an agent you know who are likely sources, you can give the social characteristics of your adversaries, and once you know your adversaries, you can find the influencables.
So what you want to do is run code inside facebook. It will help you find the people that you want it will show you the people whose behavior and whose social circles tell you that they are what you want by way of agent, sources what their adversaries are and who you can torture to get to them.
So you don’t want data out of facebook the day you have data out of facebook it is dead. You want to put code into facebook and run it there and get the results you want to cooperate.
Edit: Please don't reply and say "you can check if it's working by blah blah blah." That is missing the point. My point is that EFF should fix the extension to make this communication clear for ALL users.