I think most will agree that we should focus on making browsers by default limit the amount of private and identifying information sent to anywhere that didn't explicitly get authorized for it.
TBH, with today's web the only way I have found to limit the information sent is to either not use a browser to make HTTP requests (e.g., use TCP client instead) or use a browser that (a) does not auto-load resources, e.g., images, Javascript files, etc, and (b) does not run Javascript inside <script> tags. Of course no other silly stuff like automatic "DNS prefetch" either. This way I know that the only information I am sending is the information I the web user actually sent, i.e., the HTTP request. Otherwise, there is no way to know what other HTTP requests will be made to accomplish auto-loading images, fonts, etc. or what other HTTP requests will be made by auto-loaded or inlined JS when the browser automatically runs it.
When the user types or clicks on https://hostx.com/1.htm, the user knows she has sent a request for filepath "/1.htm" at hostx.com. That's straightforward and easy to understand. Her intent is clear. She wants the file named "1.htm" from hostx.com.
However, what if she uses a browser that auto-loads remote files and auto-runs JS, and, e.g., the file 1.htm instricts the browser to auto-load the file "1.js", the browser automatically runs 1.js without any input from the user, and then 1.js makes more HTTP requests. Has the user "authorised" that information to be sent. Imagine she does not know the contents of file 1.js. How can she authorise sending information, i.e., an HTTP request, if she does not know what is the information, i.e., the request, and where it is being sent.
The federal government really can't interfere with private contracts like this as long as everything was legal. That's why we couldn't do anything about the 2008 bonuses that were paid out.
Once the federal gov starts tampering with private contracts it's game over for the American economy. Maybe even America itself.
County sheriffs. Which is to say, if you enter a contract with me, breach it, and get a judgment entered against you, it will ultimately be the county sheriff who will come execute the judgment on your property, sell it at auction, and give the proceeds to me. The federal government is not likely to take a significant role except if I get the judgment from a federal court or the property is someplace very weird.
Of course laws can be applied retroactively. As a general rule, they shouldn't be, but they certainly can be and have been. "The Constitution of the United States forbids Congress and the states to pass any ex post facto law. In 1798 it was determined that this prohibition applies only to criminal laws and is not a general restriction on retroactive legislation." (Britannica.)
I still haven't seen evidence the _government_ demanded censorship. Maybe it exists, but nobody seems to cite any sources for it.
What I have seen is government-adjacent entities that people confuse for the government like the Biden campaign request that Twitter apply their own Terms of Service policies to remove things that are not supposed to be allowed (like the nudes of Hunter, which is technically revenge porn)
It's right in the twitter files reporting. You probably relied on news organizations to inform you on it rather than actually read the twitter files themselves. With the state of news today, that's probably not a great idea. The screen shots are part of it.
> On Thu, Nov 10, 2022 at 10:53 PM
@fbi.gov> wrote:
Hello Twitter contacts,
FBI San Francisco is notifying you of the below accounts which may potentially constitute violations of Twitter's Terms of Service for any action or inaction deemed appropriate within Twitter policy.
Looks to me like ToS violation tips, not YOU MUST CENSOR
edit: if you think the FBI wasting their resources helping Twitter identify terms of service violations is "government censorship" we will never see eye to eye on this issue. It was unusual, but definitely not a constitutional crisis.
>if you think the FBI wasting their resources helping Twitter identify terms of service violations is "government censorship" we will never see eye to eye on this issue. It was unusual, but definitely not a constitutional crisis.
No I suppose not. Ask yourself, why would the FBI help Twitter with their terms of service for probably a few years? Why would Twitter charge them for the privilege? Why would they do it right during the run up to an election? They don't do things just because. Why wouldn't it be a more appropriate agency like the FEC or the FCC? Would you feel comfortable if they did similar to NYT, WaPo or Fox articles? Questions everyone should think about as a voting citizen. Our government is only corrupt as we allow it to be; we've allowed a lot in the last 23 years.
It doesn't matter why. All that matters is that everything they did was perfectly legal behavior.
Maybe alarming, maybe suspicious, but it's legal and it wasn't government censorship. Trying to frame it so only weakens your position when the facts and the laws are clearly laid out.
Neither of those are used by general consumers on a regular basis. Those are used by people that are generally knowledgeable. I don't know why people can't wrap their head around this. .zip is used every day by people that aren't the best at understanding computer security. Massive difference.
The category of "tech literate enough to use zips but not enough to know not to blindly click links in emails and also aren't covered by their company's security policy" is a pretty niche group. Your grandpa isn't compressing zips and sending them around to family. Vast vast vaaaaast majority of people just use direct file uploads.
This is going to be a problem, but not for the average folk, but rather for IT teams with unstable rules and other software teams like Gmail who are likely to signal larger differences between attachments and just links.
> The category of "tech literate enough to use zips but not enough to know not to blindly click links in emails and also aren't covered by their company's security policy" is a pretty niche group.
As someone that has worked on a support desk in my youth, I can assure you that this is not true. I've seen 20-year-olds open bad attachments or fall for password reset phishing. A new one is a texting scam from your manager, etc asking you to do them a favor. Scammers are pretty good at what they do (even if it seems obvious to us), that's why the US is scammed out of billions a year. The new TLD is absolutely going to get people scammed. It might not be on a nightmarish level, but it's going to happen.
My co-founder will have trouble with this, as would several others.
Over the years, I have held enough varied and deep IT and development roles to warrant volunteer mentoring aimed at combating this kind of thing. My experience says the group of people hit by this is larger than many of us would expect.
My number one favorite approach is to share some stories and get others to do the same to get that convo up and running. Then set that baseline rule: if you were not expecting it, don't open it and or send it to me.
I get a few a month and from competent people.
Fact is we are often working hard with a lot on our minds. And then the slip happens. It is that momentary relaxing of discipline and hello!
no, but commonly used services like Google Drive often zip folder downloads automatically, so regular users have been conditioned to blindly accept .zip downloads. so even if grandpa himself doesn't know how to create a zip file, he might very well try to open a .zip link when he sees one.
SSDs are very likely to put all those copies into a single physical block underneath. Since ZFS makes backups easy, better stick to copies=1 and do backups often.
I shouldn't think that's true. Why wouldn't the firmware be splitting writes across different physical chips for performance and wear leveling reasons?
What do you mean? The discussion in this particular sub-thread is about running ZFS on a single drive (think laptop). Does it have some kind of mechanism to send the write for a copy "later enough" that it will likely end on a different physical block?
I meant "primarily this copies mechanism is targeted towards multiple devices setup".
With a single SSD it's indeed prone to the caveat which was pointed out; even if not due to being mapped to same storage "area" but also because SSDs often fail completely.
Also makes sense to note that __when__ narrowed to a single-disk setup ZFS' can be interchanged with Btrfs; almost same set of features but lesser overhead and complexity.
Thank you for this concise explanation. I feel like every time the term BBB comes up nobody really knows how it works and I've never taken the time to research
Cancel your T-Mobile and buy a Calyx (also using T-Mobile) and you'll be paying ~$45/mo (after hotspot device cost) and have no data cap or throttling (it's real, grandfathered contract from Clearwire)
