mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

344K
active users

@Gargron heh I find it interesting that I see this right after my teammate suggests we use stripe for a project and I said I didn't have the time/energy to look into whether I considered it ethical... not that I think they'll care.

@Gargron

> #Stripe is Silently Recording Your Movements On its Customers' Websites

It's not the only one. This sort of client-side tracking (aka "real user monitoring") is…well, "pervasive" is probably putting it to strongly. But way more common than I'd like.

@Gargron stripe has always been a bit suspicious company . ô.o

@aral
Agreed. The trouble is, as screwed up as this is, the "alternatives" that I can think of are even worse (eg. PayPal, Google Wallet, Facebook payments etc). Don't even get me started on MasterCard and Visa...

Does anyone know of *any* better alternatives?
@gargron

@Blort

> Does anyone know of *any* better alternatives

Yes, I do: don't use a payment service at all, ask people to do a bank transfer (? German: ").

I don't know about other regions of the world, but for the -Area (which is quit big: ~ all of Europe), publish and and you're ready.

I outlined this here some time ago:

mastodon.social/@el_joa/103478

cc @laura @aral @Gargron

@el_joa

I like that this option minimizes the number of parties who know the details of your transaction (and yourself), however the country I live in, the banks charge you around $10-12 USD "handling charge" for every wire transfer you receive. :/

@laura @aral @gargron

@Gargron

" I noticed that every page navigation generated a new HTTP POST request to a Stripe URL"

"This was strange because none of the pages I visited contained any calls to Stripe’s library."

oh my stars these are directly contradictory what business does this author have ANYWHERE near a website that handles money

@Gargron

"Based on the name mouse-timings, it seems that Stripe is recording my users’ mouse movements."

luckily for us Stripe didn't name it dna-transcript, then it would be recording our DNA.

@Gargron Worse, some websites don't load at all until js.stripe.com is allowed. I never dared to check in the #JavaScript code how that happens because it's too infuriating.

@Gargron To be fair, they're pretty plain about this in the integration docs -- it's hard to miss:

> To best leverage Stripe’s advanced fraud functionality, include this script on every page, not just the checkout page. This allows Stripe to detect anomalous behavior that may be indicative of fraud as customers browse your website.
- stripe.com/docs/js

Workaround is to just not do that (as we do).

stripe.comStripe: JavaScript SDK documentation & referenceComplete reference documentation for the Stripe JavaScript SDK.

@Gargron * if people put the Stripe JS bundle on every page, instead of just payment pages. Which they shouldn't do for lots of reasons anyway

Thanks for boosting awareness of this!

@vfrmedia

@Gargron looks like @stripe wanna to following the step of #Google and #FaceBook #amazon . They had been to public Evil. Is not the first time By Technology Giant in #BayArea.