debanqued

joined 2 years ago
[–] debanqued@beehaw.org 10 points 4 months ago* (last edited 4 months ago) (4 children)

I don’t want to be an enabler of the drivel, so without posting the full URL to that article that’s reachable in the open free world, I will just say that medium.com links should never be publicly shared outside of Cloudflare’s walled garden. I realise aussie.zone is also in Cloudflare’s walled garden, but please be aware that it’s federated and reaches audiences who are excluded by Cloudflare.

The medium.com portion of the URL should be replaced by scribe.rip to make a medium article reachable to everyone. Though I must say this particular article doesn’t need any more reach than it has.

Anyone who just wants the answer: see @souperk@reddthat.com’s comment in this thread.

 

I created a whitelist access profile. That ensures that the whole WAN is blocked except what is exceptionally whitelisted. I started with an empty whitelist. The LAN is rightfully accessible and the WAN is rightfully inaccessible.

The router does not use DSL. Instead, it uses a USB mobile broadband LTE modem. The modem has its own website which gives SMS capability. The modem is technically upstream to the router, so it is blocked when the WAN blocking profile is enabled. I want to whitelist the modem so that when I am blocking WAN access I can still reach the web UI of the modem and monitor SMS msgs.

Fritzbox is designed so that all attempts to directly access an IP is blocked if whitelisting is in play. IP addresses cannot be whitelisted, only URLs using FQDNs. So I did “nslookup 10.10.50.8” to get the hostname of the modem. Then I whitelisted the hostname. That does not work. The modem is still blocked.

[–] debanqued@beehaw.org 1 points 6 months ago* (last edited 6 months ago)

A website isn’t a common carrier

We were talking about network neutrality, not just common carriers (which are only part of the netneutrality problem).

you cannot argue that a website isn’t allowed to control who they serve their content to.

Permission wasn’t the argument. When a website violates netneutrality principles, it’s not a problem of acting outside of authority. They are of course permitted to push access inequality assuming we are talking about the private sector where the contract permits it.

Cloudflare is a tool websites use to exercise that right,

One man’s freedom is another man’s oppression.

necessitated by the ever rising prevalence of bots and DDoS attacks.

It is /not/ necessary to use a tool as crude and reckless as Cloudflare to defend from attacks with disregard to collateral damage. There are many tools in the toolbox for that and CF is a poor choice favored by lazy admins.

Your proposed definition of net neutrality would destroy anyone’s ability to deal with these threats.

Only if you neglect to see admins who have found better ways to counter threats that do not make the security problem someone elses.

Can you at least provide examples of legitimate users who are hindered by the use of Cloudflare?

That was enumerated in a list in the linked article you replied to.

[–] debanqued@beehaw.org 1 points 6 months ago* (last edited 6 months ago) (1 children)

Interstate commerce is governed by the federal government.

Not exclusively. Interstate commerce implies that the feds can regulate it, not that they have exclusive power to do so. We see this with MJ laws. The fed believes it has the power to prohibit marijuana on the basis of interstate commerce, but in fact mj can be grown locally, sold locally, and consumed locally. Just like internet service can be.

Suppose you want to buy a stun gun in New York. You can find stun guns sold via mail order from another state (thus interstate commerce), but New York still managed to ban them despite the role of interstate commerce.

A close analog would be phone laws. The fed has the TCPA to protect you from telemarketers, but at the same time various states add additional legal protections for consumers w.r.t. telemarketing and those laws have force even if the caller is outside the country. (Collecting on the judgement is another matter).

Schools now require the internet for kids. ISPs being allowed to be anything more than a dumb pipe means they have the control of what information is sent across their network.

Education is specifically a duty of the state set out in the Constitution. If you can point to the statute requiring schools to provide internet for students, I believe it will be state law not federal law that you find.

The internet is now a basic human right in the United States for numerous reasons, one of which is #2.

I don’t quite follow. Are you saying that because education is a human right, that internet access is a human right? It doesn’t work that way. First of all, people who do not exercise their right to an education would not derive any rights implied by education. As for the students, if a state requires internet in education that does not mean that internet access becomes a human right. E.g. an Amish family might lawfully opt to homeschool their child, without internet. That would satisfy the right to education enshrined in the Unified Declaration of Human Rights (UDHR) just fine. A student attending public school in a state that mandates internet in schools would merely have the incidental privilege of internet access, not an expanded human right that students in other states and countries do not have under the same human rights convocation. If your claim were true, it would mean that California (for example) requiring internet provisions for students would then mean students in Haiti (a country that also signed the UDHR that entitles people to a right to education) or Texas would gain a right to internet access via the state of California’s internal law. A state cannot amend the UDHR willy nilly like that.

Also, if internet could be construed as a human right by some mechanism that’s escaping me, the fed is not exclusively bound by human rights law. The fed signed the treaty, but all governments therein (state and local) are also bound to uphold human rights. Even private companies are bound to human rights law in the wording of the text, though expectation of enforcement gets shaky.

ISPs cross state boundaries and should be governed by interstate law.

I subscribed to internet service from a WISP at one point. A dude in my neighborhood rolled out his own ISP service. His market did not even exceed the city.

The local ISPs have ISPs themselves and as you climb the supply chain eventually you get into the internet backbone which would be interstate, but that’s not where the netneutrality problem manifests. The netneutrality problem is at the bottom of the supply chain in the last mile of cable where the end user meets their local ISP.

Also with MJ laws, several states have liberated the use of marijuana despite the feds using the interstate commerce act to ban it.

An ISP being a business, especially a publicly-traded one, will sacrifice all manner of consumer/user-protection in order to maximize profit. And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

Sure, and if the fed is relaxed because the telecoms feed the warchests of the POTUS and Congress, you have a nationwide shit-show. A progressive state can fix that by imposing netneutrality requirements. Just like many states introduce extra anti-telemarketing laws that give consumers protection above and beyond the TCPA.

And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

That’s a problem for the ISPs that benefits consumers. If ISPs operating in different states then have to adjust their framework for one state that mandates netneutrality, the cost of maintaining different frameworks in different states becomes a diminishing return. US consumers often benefit from EU law in this way. The EU forced PC makers to make disassembly fast and trivial, so harmful components could quickly and cheaply be removed before trashing obsolete hardware. The US did not impose this. Dell was disturbed because they had to make pro-environment adjustments as a condition to access to the EU market. They calculated that it would be more costly to sell two different versions, so the PCs they made for both the EU market and the US market become more eco-friendly. Thanks to the EU muddying the waters.

The right to repair will have the same consequences.

[–] debanqued@beehaw.org 1 points 6 months ago* (last edited 6 months ago) (2 children)

On a serious note, plenty of people here surely know what net neutrality is. Net neutrality is the guarantee that your ISP doesn’t (de-)prioritize traffic or outright block traffic, all packets are treated equally.

That’s true but it’s also the common (but overly shallow) take. It’s applicable here and good enough for the thread, but it’s worth noting that netneutrality is conceptually deeper than throttling and pricing games and beyond ISP shenanigans. The meaning was coined by Tim Wu, who spoke about access equality.

People fixate on performance which I find annoying in face of Cloudflare, who is not an ISP but who has done by far the most substantial damage to netneutrality worldwide by controlling who gets access to ~50%+ of world’s websites. The general public will never come to grasp Cloudflare’s oppression or the scale of it, much less relate it to netneutrality, for various reasons:

  • Cloudflare is invisible to those allowed inside the walled garden, so its existence is mostly unknown
  • The masses can only understand simple concepts about their speed being throttled. Understanding the nuts and bolts of discrimination based on IP address reputation is lost on most.
  • The US gov is obviously pleased that half the world’s padlocked web traffic is trivially within their unwarranted surveillance view via just one corporation in California. They don’t want people to realize the harm CF does to netneutrality and pressure lawmakers to draft netneutrality policy in a way that’s not narrowly ISP-focused.

Which means netneutrality policy is doomed to ignore Cloudflare and focus on ISPs.

Most people at least have some control over which ISP they select. Competition is paltry, but we all have zero control over whether a website they want to use is in Cloudflare’s exclusive walled garden.

[–] debanqued@beehaw.org 2 points 6 months ago (3 children)

Why would it necessarily have to be federal law, and not state law?

/cc @ulkesh@beehaw.org

[–] debanqued@beehaw.org 1 points 6 months ago

Whether the legislation is appropriate at the state or fed domain is unclear. Certainly if the orange tyrant takes power again, I would probably want state govs to be able to protect consumers from netneutrality abuses.

[–] debanqued@beehaw.org 3 points 6 months ago* (last edited 6 months ago) (1 children)

It’s worth noting that the FCC’s so-called “Open” Internet Advisory Committee (#OIAC) tragically gives two seats on the board to:

  • Cloudflare
  • Comcast

Both of whom are abusers of #netneutrality, especially Cloudflare. A well-informed Trump-free administration should be showing Cloudflare and Comcast the door ASAP.

Sure, Trump would just bring them back. But it’d at least be a good symbolic move.

Indeed, as someone else pointed out, the needed change should come from pro-netneutrality legislation. And the legislation needs to be broad enough to block Cloudflare’s broad discriminatory arbitrary attack on access equality, not just tinker with speeds at the ISP consumer level.

[–] debanqued@beehaw.org 1 points 7 months ago* (last edited 7 months ago) (1 children)

It’s not a topic issue. The discussions are largely around platforms and custodians. They bring lots of ethical problems. Anything on this page is relevant to personal finance:

https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/usa_banks.md

If someone managing their personal finances wants to ask how to avoid the bad players and still achieve their goals, it’s relevant. But Bogleheads is not keen. I don’t recall the particulars (it was over a decade ago) but it wasn’t topic related. It was just a conservative moderator or crowd who don’t want ethics getting in their way or cluttering their view.

Tor. I wonder if that is a more fraud or trolling concern. Or maybe for financial houses more of a US law concern.

Certainly not a legal issue in the US. Tor works ATM on Bogleheads. Cloudflare is often chosen out of ignorance by admins who don’t even know what Tor is, or at least don’t know that most Tor traffic is legit. It’s usually a lazy move. I don’t recall the details about Boglehead’s tor hostility but they’re reachable over Tor right now.

[–] debanqued@beehaw.org 1 points 7 months ago (3 children)

I used the Bogleheads forum over 15 years ago. It eventually turned sour and I left.

One of my issues is that the banking and finance sector and consumers engaging in it are conservatives. So if you want to ask a question like “where can I find a relatively ethical bank/investment firm that does not invest in fossil fuels?” it’s alienating to right-wingers to consider ethics. They don’t see the ethical problems that plague the industry and at the same time they don’t recognize the concept of ethical consumption. They just expect everyone to look after number 1. Bogleheads had little tolerance for politics, which inherently forces a narrow discussion of what financial products bring what value to the selfish types of consumers who neglect ethics. They don’t want someone exposing JP Morgan’s investment in private prisons or fossil fuels, or even how JPM Chase has a sneaky anti-Tor policy to discover which of their customers use Tor. Bogleheads did not kill my account.. it was just that ethical topics either had crickets or hostility, and censorship. IIRC what ultimately drove me off was Bogleheads started blocking Tor or using Cloudflare or something that demonstrated disrespect for digital rights. But apparently they re-liberated their forums since it seems Tor is permitted again.

[–] debanqued@beehaw.org 1 points 7 months ago* (last edited 7 months ago)

For medical chatter I would look at mander.xyz, which is science focused.

For law it’s a bit of a ghost town, but at least there is a ghost town ready to host interested litigants→ links.esq.social

[–] debanqued@beehaw.org 3 points 7 months ago (5 children)

There is !personalfinance@sopuli.xyz, which would be somewhat related to personal tax. There is also a Lemmy instance dedicated to finance. I don’t recall it off the top of my head but the instance joined Cloudflare so I immediately abandoned it.

For the record, lemmy.ml is a terrible place to discuss tax or personal finance. The admins of that instance treat personal finance questions as spam and even go over the heads of moderators to censor such discussion because of their political baggage. IMO sopuli.xyz might be a good place to create an account and create finance communities.

29
submitted 8 months ago* (last edited 8 months ago) by debanqued@beehaw.org to c/politics@beehaw.org
 

BBC World Service was covering the US elections and gave a brief blurb to inform non-US listeners on the basic differences between republicans and democrats. They essentially said something like:

Democrats prefer a big government with a tax-and-spend culture while republicans favor minimal governance with running on a lean budget, less spending¹

That’s technically accurate enough but it seemed to reflect a right-wing bias that seems inconsistent with BBC World Service. I wouldn’t be listening to BBC if they were anything like Fox News (read: faux news). The BBC could have just as well phrased it this way:

“Democrats prefer a government that is financed well enough to ensure protection of human rights…”

It’s the same narrative but expressed with dignity. When they are speaking on behalf of a political party it’s an attack on their dignity and character to fixate on a side-effect rather than the goal and intent. A big tax-and-spend gov is not a goal of dems, it’s a means to achieve protection of human rights. It’s a means that has no effective alternative.

① Paraphrasing from what I heard over the air -- it’s not an exact quote

#BBC #BBCWorldService

[–] debanqued@beehaw.org 1 points 8 months ago* (last edited 8 months ago)

You’re talking about Republicans but then saying “state” is a generic word.

I’m saying when I personally used the word “state” in the bit that you quoted, I was using the generic meaning of state. It’s an overloaded word (multiple meanings). What I mean by the “generic meaning” is that I was not referring to the state level jurisdiction. E.g. if the context were Texas, my use of the word “state” was not the state of Texas in that quote. The word state can simply mean government at any level. A federal government (aka nation state) can also generically be referred to as the “state”, even though it’s not state as the jurisdictional construct that composes the United States.

Likewise, even a local government like a city or county can be generically called the “state”. So to answer your question, the state of Texas can ban welfare checks from the state level in the whole state of Texas, but a lower (non-republican controlled) government can circumvent that by offering food and shelter instead of checks.

Welfare can happen at any level. I went to the emergency room and racked up a 4-figure hospital bill, and said “I have no insurance or income”. It was no problem.. the county had financial aid that I qualified for. The county paid the bill for me, not the state¹ or fed.

  1. in that case, I mean state in the sense of a jurisdictional construct.
 

For the past ~15 years I have tried for the most part to boycott:

  • American Express for being an #ALEC member (which supports #climateDenial and obstructs public healthcare, public education, immigration, gun control, etc), and for participating in the #Wikileaks donation blockade
  • Visa for pushing the #warOnCash (member of #betterThanCashAlliance.org and offering huge rewards to merchants who refuse cash), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards
  • Mastercard for pushing the #warOnCash (member of betterThanCashAlliance.org), for participating in the #Wikileaks donation blockade, and for blocking Tor users from anonymously opting out of data sharing on their credit cards

Discovercard has always been a clear lesser of evils. So Discovercard has earned the majority of my business whenever cash is not possible. But now I hear chatter that #Discovercard might merge with a shitty bank that had an embarrassing data leak by an Amazon contractor: #CapitalOne. I was disappointed when Samual Jackson promoted #CapOne. Capital One supported Trump’s Jan.6 insurrection attempt among other things.

So what’s left? JCB (Japanese) and UnionPay (China). JCB pulled out of the US like 10 years ago. People outside the US can get a #JCB card but then IIRC it uses the Discovercard network in the US and the #AmEx network in Canada.

I already favor cash whenever possible. In other cases it will be hard to choose the lesser of evils between CapOne and Mastercard.

update


Found an insightful article detailing a loophole that the fed gave to Discovercard which is why Capital One intends to buy it.

 

I posted an apparently off-topic post to !foss@beehaw.org. The moderator removed it from the timeline because discussion about software that should be FOSS was considered irrelevant to FOSS. Perhaps fair enough, but it’s an injustice that people in a discussion were cut off. The thread should continue even if it’s not linked in the community timeline. I received a reply that I could not reply to. What’s the point in blocking a discussion that’s no longer visible from the timeline?

It’s more than just an unwanted behavior because the UI is broken enough to render a dysfunctional reply mechanism. That is, I can click the reply button to a comment in an orphaned thread (via notifications) and the UI serves me with a blank form where I can then waste human time writing a msg, only to find that clicking submit causes it to go to lunch in an endless spinner loop. So time is wasted on the composition then time is wasted wondering what’s wrong with the network. When in fact the reply should simply go through.

(edit) this is similar to this issue. Slight difference though: @jarfil@beehaw.org merely expects to be able to reply to lingering notifications after a mod action. That’s good but I would go further and propose that the thread should still be reachable and functional (just not linked in the timeline where it was problematic).

 

This series of single word spam has 1 vote each:

https://beehaw.org/comment/2351412

Yet there are responses to the same comment with many more upvotes. Why don’t the higher valued comments rise above the comments with a score of 1?

5
submitted 11 months ago* (last edited 11 months ago) by debanqued@beehaw.org to c/support@beehaw.org
 

When trying to access https://beehaw.org/c/finance it gives a 502 bad gateway -- “Worker Bees are busy updating the website”.

 

Mozilla is ~83% funded by Google. That’s right- the maker of the dominant Chrome browser is mostly behind its own noteworthy “competitor”. When Google holds that much influence over Mozilla, I call it a false duopoly because consumers are duped into thinking the two are strongly competing with each other. In Mozilla’s effort to please Google and to a lesser extent the end users, it often gets caught pulling anti-user shenanigans. Users accept it because they see Firefox as the lesser of evils.

Even if it were a true duopoly, it would be insufficient anyway. For a tool that is so central to the UX of billions of people, there should be many more competitors.

public option

Every notable government has an online presence where they distribute information to the public. Yet they leave it to the public to come up with their own browser which may or may not be compatible with the public web service. In principle, if a government is going to distribute content to the public, they also have a duty to equip the public to be able to consume the content. Telling people to come up with their own private sector tools to reach the public sector is a bit off. It would be like telling citizens they can receive information about legislation that passes if they buy a private subscription to the Washington Post. The government should produce their own open source browser which adheres to open public standards and which all the gov websites are tested with.

I propose Italy

Italy is perhaps the only country in the world to have a “public money → public code” law, whereby any software development effort that is financed by the gov must be open source. So IMO Italy should develop a browser to be used to access websites of the Italian gov. Italy can save us from the false duopoly from Google.

 

Since last year, republicans have launched a campaign to get conservatives on school boards. This is the political party in the US who favors privatization of everything. They are sympathetic to giant corporations and champion #citizensUnited (which elevates corporations above humans). #Ohio has a large number of extremists intending to take school board positions.

I don’t get the impression #FOSS orgs like #FSF are paying attention. The FOSS movement stands to lose some ground here. #FreeSoftware in education is important and FSF does not even have a campaign for it on their website.

 

The #FSD purpose is to help people “find freedom-respecting programs”. Browsing the directory reveals copious freedom-disrespecting resources. For example:

FSF has no tags for these anti-features. It suggests a problem with integrity and credibility. People expect to be able to trust FSF as an org that prioritizes user freedom. Presenting this directory with unmarked freedom pitfalls sends the wrong message & risks compromising trust and transparency. Transparency is critical to the FOSS ideology. Why not clearly mark the freedom pitfalls?

UPDATE

The idea of having exclusive clubs with gatekeepers is inconsistent with FSF’s most basic principles, specifically:

  • All important site functionality that's enabled for use with that package works correctly (though it need not look as nice) in free browsers, including IceCat, without running any nonfree software sent by the site. (C0)
  • Does not discriminate against classes of users, or against any country. (C2)
  • Permits access via Tor (we consider this an important site function). (C3)

Failing any of those earns an “F” grade (Github & gitlab·com both fail).

If Cloudflare links in the #FSF FSD are replaced with archive.org mirrors, that avoids a bulk of the exclusivity. #InternetArchive’s #ALA membership automatically invokes the Library Bill of Rights (LBR), which includes:

  • V. A person’s right to use a library should not be denied or abridged because of origin, age, background, or views.
  • VI. Libraries which make exhibit spaces and meeting rooms available to the public they serve should make such facilities available on an equitable basis, regardless of the beliefs or affiliations of individuals or groups requesting their use.
  • VII. All people, regardless of origin, age, background, or views, possess a right to privacy and confidentiality in their library use. Libraries should advocate for, educate about, and protect people’s privacy, safeguarding all library use data, including personally identifiable information.

The LBR is consistent with FSF’s principles so this is a naturally fitting solution. The Universal Declaration of Human Rights is also noteworthy. Even if the FSD is technically not a public service, the public uses it and FSF is an IRS-qualified 501(c)(3) public charity, making it public enough to observe these UDHR clauses:

  • art.21 ¶2. Everyone has the right of equal access to public service in his country.
  • art.27 ¶1. Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.

These fundamental egalitarian principles & rights are a minimum low bar to set that cannot be construed as “unreasonable” or “purist” or “extremist”.

 

cross-posted from: https://fedia.io/m/privacy/t/346211

I need to check the balance of my bank card. It’s apparently becoming quite rare for ATMs to support balance inquiries. So as I try many different ATMs to check the balance, some ATMs demand PIN entry before you even see the service offers. So I enter my PIN and then it only gives a cash withdrawal option, at which point I eject.

Couple problems here:

  • anti-fraud AI sensors can be very fragile & trigger happy. If my card is inserted into several different ATMs with & no transaction is initiated, I am of course concerned that my account will be frozen due to fraud false positive.

  • some ATMs automatically print out your balance on the receipt if you ask for a receipt. Some show it on the screen Some ATMs will only print the balance on the receipt if you specifically requested the balance in your session. Some ATMs are completely incapable of balance inquiries (at least for cards from other banks). Consumers seem to have no way of knowing what kind of ATM they are dealing with in advance, which forces us to experiment.

Questions:

  • when an ATM demands PIN in advance, does that mean the transaction will signal the bank even if the session is terminated when the menu shows no balance inquiry option? IIUC, the PIN can be verified using the cards EMV chip without using the network - but is that necessarily the case?

  • when an ATM shows the menu options before asking for a PIN, can we count on no signal being sent to the bank?

One of my accounts got frozen for fraud. I called the bank, complained, demanded answers. The bankers themselves are kept in the dark and left guessing about what happened. One banker said “you asked for more than the daily limit 2 or 3 times, which failed, then you went to a different ATM and tried again. Since you went to a different machine, that likely looked like fraud”. (of course I tried a different machine -- why would a legit user keep trying the same machine?)

 

I filled out the form and clicked “create”. It turned into a spinner for a few seconds then just went back to the form. No error, but no action either. When I search for the new community, there are no results.

 

When someone says “Cryptocurrency is a solution looking for a problem”, this is the article to show them.

view more: next ›