Dmitri Sotnikov ⚛️ is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

@yogthos heh, i've only learned a bit (officially) on public speaking but the "reach for the glass of water to not have to show what you're thinking" move is still recognisable. lol.

@yogthos oh heck, Dick Durbin's totally straight-faced delivery is simply amazing

@yogthos I feel like I should've watched this instead of streamed :D

@yogthos Saved for posterity 🔥 🔥 🔥 🔥 🔥 🔥

@yogthos No one has to share anything they don't want to on facebook. This is key. People are giving up their privacy. Voluntarily. That aspect of this whole debacle is not facebook's fault.

@trevdev @yogthos This is, essentially, victim blaming.

Facebook is designed to mislead people into sharing and over-sharing. The privacy controls are part of how they do that. So is Messenger, which supposedly lets you chat with your friends but also, incidentally, records everything - and prevents you from deleting things.

Facebook also actively makes life difficult for you if you try to avoid installing the apps that hoover up metadata from your phone.

Blaming the user is simply incorrect.

@HerraBRE @trevdev @yogthos

> Facebook is designed to mislead people into sharing and over-sharing

they used to do UI changes and reset privacy settings on the regular - it became a running almost-joke for a while. "oops fb changed something, gotta go finangle the settings... AGAIN"

@HerraBRE @yogthos @trevdev I wish some of the senators would raise these points, but they're too clueless and mostly delivering softball questions.

@HerraBRE @trevdev @yogthos I don't use fb, so I could be more worried, but they also own occulus rift, which records everything you look at. Sorry, that link has fallen off of hackernews or slashdot/wherever I read it this morning. What all else do they own you might use?

@gemlog I use WhatsApp - owned by Facebook - to communicate with my family.

I'm trusting that Moxie's (of Signal fame) encryption is as good as they say it is.

I mean, I do expect that over time Facebook will do something underhanded to compromise it and we'll have to move, but I don't think they have yet...

Although now that I say that, and I remember what we all know about the Messenger apps and the data it collects, I suddenly feel like an idiot.

Sigh.

@HerraBRE
fb owns the client. even if they don't undermine the e2e encryption, they own the client. when the message is decrypted (so that you can read it) they can read it too. this is why open source is a necessary (but not sufficient) requirement for privacy.
@gemlog

@0x3F @gemlog Theoretically true.

In practice, enough people know how to reverse engineer, and WhatsApp is an interesting enough target, that I think we'd know by now if the app was exfiltrating peoples' private comms as a matter of course.

Which isn't to say it won't ever happen, but I am comfortable in my belief that it isn't routine yet.

@HerraBRE @0x3F I don't use things like facebook or twitter for philo reasons. More like stallman (but not as strict, because NO ONE IS!) vs reasons of privacy.

But really, it doesn't matter if my communications are trivial or weighty, they are MINE. No, you can't sell or trade them to suit yourself.

@HerraBRE No one will reverse enginner a big companies proprietary software, or at least not publicly, because
- broad copyright laws in some countries
- software patents in some countries
- copyright trolls everywhere
- history showed many people who reverse-enginner proprietary stuff (for other reasons than interoperability, which legal in europe) get pursued or blackmailed by companies. Especially when they reveal security flaws

@gemlog @0x3F

@0x3F @gemlog @HerraBRE EDIT : reverse-engineer*

And « by some countries », I mean coutries that include USA. US software companies at good at patent-trolling and blackmailing people who do reverse-engineer, because US laws makes it easier for them.

@devnull @gemlog @0x3F I base my opinion on what I've heard from people who work full time in security and work with reverse engineers and exploit dev on a daily basis.

Weighing their opinion against yours on this one, yours isn't winning. 😀

Not that it matters all that much, we're on the same side. I prefer Free Software for many, many important reasons (see my profile, what I work on).

The security argument, whether it is right or wrong, has never been the most important factor IMO.

@HerraBRE And I'm basing mine on the facts that
- Each time someone exposes abuses from givs or big corps, they are pursued, to prevent other from doing the same (see the M$ vs cryptome case for example)
- I have never seen any big corp losing enough users to go bankrupt/lose much mobey/end a service because someone exposed their abuse.

That people you know think they would "be able to detect backdoors" on proprietary stuff doesn't matter

@0x3F @gemlog

@devnull @gemlog @0x3F I've been working in Free Software since the 90s, I've heard your argument before. This is your fourth lecturing toot on a subject I know very well.

People have differing opinions on the subject. You have yours, I have mine.

Agree to disagree or get muted, my friend!

@HerraBRE
Oh wow… the guy who can't make any other argument than "I know better than you" is saying mine are "lecturing toots"… 😂

Well, trust facebook "because reverse-enginneering" as much as you want. Not my problem after all…

@0x3F @gemlog

@devnull

@0x3F @gemlog @HerraBRE

If I recall correctly (big if), reverse engineering is protected from litigation in certain circumstances, like for pursuing interoperability between two technologies, or in the case of auditing for security purposes. The only exception I know of for this is DRM in the US, but outside that, I believe that rulings like Sega v. Accolade defined legitimate and legal cases of reverse engineering.

@HerraBRE No matter how good it might be, encryption *alone* is not enough ! whatsapp is a blackbox. You have no proof there's no backdoor. And encryption with backdoor is useless.

@gemlog

@HerraBRE @yogthos I'm not blaming, simply pointing out a lack of awareness. Am I crazy? I was raised by parents who warned and cautioned me several times to be hyper aware of the meaning of sharing in public forums.

Yes, facebook grooms and encourages its fresh, impressionable users, but education (as well as holding facebook accountable) is a huge part of the solution. Unfortunately, our system is set up in such a way that it requires us to mostly educate ourselves.

@trevdev @yogthos You called it voluntary.

You can't call something voluntary if people don't understand what they consent to.

Facebook actively pressures me into sharing things I don't want to share. I can resist, but that doesn't excuse them putting pressure on in the first place.

Lucky you having smart parents! How is that relevant? Do people who chose worse parents deserve to be abused by Facebook?

I'm glad your back-pedalling, but you're still way over the line here.

@HerraBRE @yogthos Doing something out of your own free will is the very definition of voluntary. People are intentionally over sharing. It's misguided - but still voluntary. That doesn't mean I'm blaming them at all.

@trevdev @yogthos It's not voluntary if you're coerced or tricked.

Facebook does both.

@HerraBRE @yogthos I guess? I'll take this to heart and give it some real thought.

@HerraBRE @yogthos You know what? I did think about it. It didn't take me long, either.

While I still maintain that I don't blame users, I *do see* how the attitude of calling user sharing "voluntary" perpetuates an attitude of entitlement to whatever people will share with you. I think it may be this attitude that neutralizes facebook's shitty behavior. I apologize.

@trevdev @yogthos Good for you! And I think you're absolutely right about the entitlement and how tech companies get away with stuff far too often.

Now, let's go convince everyone else. 😀 📣

@trevdev @HerraBRE @yogthos apologize? On the Internet? What magical kingdom have I suddenly been wooshed away to??!!

Seriously though, enjoyed points all throughout this discussion. User engagement on social media and "oversharing" is a challenging topic to wade through.

@trevdev @HerraBRE it's definitely a combination of the service being deceptive, and the users sacrificing their privacy for the sake of convenience.

My view is that proprietary platforms are fundamentally flawed because the incentives are in the wrong place.

Having open alternatives like Mastodon is really important for tackling the problem. Providing alternatives along with education on the dangers of oversharing is the way forward.

@trevdev @yogthos

There's a kind of asymmetry of information and context Facebook has compared to any one of it's users that's just staggering.

You know that spy film cliche of a bunch of agency employees on a stakeout in a van with a fake fast food or moving company on the outside?

Well Facebook if like that except it's an entire intelligence agency operation disguised as a college frathouse, targeting anyone & everyone on the internet.

It's more ridiculous than anything in .

@trevdev Not facebook fault that facebook makes mokey from mass surveillance (for taraget ads). Not facebook's fault that they use these data to manipulate users also, I guess… Not like it's not the first right?

washingtonpost.com/news/the-in

@yogthos

@trevdev Ok… then I'll say it otherwise. Just because it's not a good idea to share private info on facebook or anywhere else, and people should stop doing so, does *not* mean facebook is not faulty.

Yes they are. Because they do everything to manipulate people into sharing these info and make money from it.

@yogthos

@devnull @yogthos

I already did, and still already do, agree 100%. Thank you Dave!

@trevdev Well I hope more people will do so, after the CA scandal. But I know many people who still don't five a shit, because « There's no reason to spy on me, nothibg interesting there. I have nothibg to hide ».

As long facebook and suck companies exist, the problem remains :(

@yogthos

@yogthos This guy has access to private conversations and confidential information of 2 bln people and businesses and pretend to be community oriented but won't even share the name of his hotel with them. That's how much he likes and trusts them...

@yogthos there's a key element here that no one seems to question (yet?). "In modern America" is a vast understatement to say the least. Tech companies are multinational. In a way, tech companies are doing what governments have failed to, they bridge gaps between different countries and globalize society in a way that maybe people hoped would happen through agreements between governments.
On the surface that is wonderful and in fact it can be done with somewhat minimal negative effects.

@yogthos however it won't happen by allowing tech monopolies in sectors, simply because they lack an analog from before the tech boom.
Most tech companies going into automation and efficiency improvements of already existing pre-tech areas are getting hit by old, ineffective and bad regulations, but the companies that opened up their own business segments have been allowed to set rules on everything themselves. And given the global nature of the internet none of this is a one-country-issue.

@yogthos Sadly given the lack of ability of people to effectively cooperate and agree on issues in larger (country-wide and larger) groups, means that at best such companies will be regulated piece by piece differently in different markets, ending up in a inability to effectively create a sane global framework for what is ok and what is not ok to do as a large communication overlord.

@kunev I agree that multi-nationals have become their own virtual states now. Regulating them becomes very difficult for the reasons you've outlined.

I think that educating people on dangers of becoming dependent on these companies while providing open alternatives to the services they provide is the way to combat them.

@yogthos definitely. The thing that has and still does scare me though, is that all open alternatives require a level or technical literacy, which at least at the moment seems unrealistic to expect from people not involved in tech in some way.
Even mastodon, which is quite polished and nice, compared to other similar alternatives is confusing to many people. Federation is better, as it allows migration and prevents lock-in, at the same time it ups the mental cost of reasoning about the network.

@yogthos fb on the other hand is just there. It's that one big thing that has everything in it. It demonstrates that people like centralization for the comfort it gives them. And honestly for a lot of things that have been commodities centralization has either made sense so far (roads, water, heating) or they have been well off with some regulated free-ish market situation (most goods). Social media is in the middle of this and it does things that are very complicated to reason about.

@yogthos it's definitely an interesting problem to solve. I just hope getting to a solution doesn't take longer than it would take for the whole current fucky situation to completely mess up societies.

@yogthos Nice :)

It's interesting (and a little unsettling) that I found so little of this on the reddit front page this morning. Also a little telling that when you then go to an independent network (even as small as this one) - there it is!

@yogthos
Uh, I thought it was Nokia, connecting people around the world, or Vodka, I don't remember.