#CyberSecurity#Privacy#Messaging#Metadata#Encryption: "When stored, aggregated and analyzed, this metadata provides ample information that could potentially incriminate someone or be submitted to authorities. When WhatsApp and Facebook Messenger enabled end-to-end encryption for messages, of course it was a welcome and widely celebrated change. But it’s important to remember that not all end-to-end encryption utilizes the same standards, some implementations are more secure than others, so it’s something that shouldn’t necessarily be accepted at face value. More importantly: collecting and storing an obscene amount of metadata should invite global scrutiny, considering this data is often combined with whatever other information companies like Meta harvest about your identity (which is a lot.)
This is one of the many reasons why we need to resist giving out our phone numbers just to access an app, especially to do something as personal and intimate as private messaging. Even though users can sometimes mask their numbers with a username, their identity on the app is still fundamentally tied to their phone number. App operators have access to this, as well as user contacts. Additionally, with a simple modification to the app's source code, the contacts may also gain access in some cases. This should raise more concerns about privacy, and it makes the need for anonymity difficult to achieve." https://simplex.chat/blog/20240416-dangers-of-metadata-in-messengers.html
We're excited to be joining an ever-growing number of signatories that committ to
✅ working toward making openness the default for research information;
✅ working with services and systems that support and enable open research information;
✅ supporting the sustainability of infrastructures for open research information;
✅ and supporting collective action to accelerate the transition to openness of research information.
In our context, we work hard to make that happen by providing an #opensource platform for small, scholar-led, and university publishers to manage and disseminate fully open #CC0#metadata for #OAbooks - which is of particular relevance to the #Humanities#SSH!
I'm getting ready for the kickoff of an #NSF POSE grant workshop. So many good papers to reference, so little time. I'd better start a Zotero library now... #OpenSource#Standards#Metadata
Delighted to be able to publicise a paper that was presented at the @ALTAnlp 2023 Workshop at the end of last year, co-authored with my #PhD supervisor, Associate Professor @eltwilliams, and written as part of my research at #ANU School of Cybernetics.
Titled "Right the docs: Characterising voice dataset documentation practices used in machine learning", it combines both exploratory interviews and documentation analysis to characterise how large voice datasets - e.g. #LibriSpeech, @mozilla's #CommonVoice, and several others, document their #metadata.
Unsurprisingly, it finds that the #dataset#documentation practices seen currently do not meet the needs of the #ML practitioners who use these datasets.
We show, once again, in the words of Nithya Sambasivan - "everyone wants to do the model work, but nobody wants to do the data work" ...
Reid, K., Williams, E.T., 2023. Right the docs: Characterising voice dataset documentation practices used in machine learning, in: Muresan, S., Chen, V., Casey, K., David, V., Nina, D., Koji, I., Erik, E., Stefan, U. (Eds.), Proceedings of the 21st Annual Workshop of the Australasian Language Technology Association. Association for Computational Linguistics, Melbourne, Australia, pp. 51–66.
“... #Signal can’t interoperate with another messaging platform, without them raising their #privacy bar significantly... Because we don’t just encrypt the #contents of messages... We encrypt #metadata, ... your profile #name, your profile #photo, who’s in your #contact list, #who you talk to, #when you talk to them. That would need to be the level of privacy and security agreed across the board... before we could consent to interoperate.”
#Debian has been moving more towards the deb.debian.org mirror which is provided by a single CDN company, #Fastly. It works well, but also feeds an enormous amount of #metadata to a single company, and it can be used to track computers and maybe even people. And the privacy policy in effect is unclear. Fastly says the #privacy policy of the "subscriber" applies, but the privacy policy for deb.debian.org is not listed anywhere I could find. Anyone have any insight here?
Get found and stay found! Join PKP for a free online webinar February 27, 2024, 9 AM PST to learn about #PIDs & #metadata in #OJS publications. Registration is open!
Wil je meer weten van metadata? Op 5 maart staat de kennissessie van het NORA Open Huis van de Architectuur in het teken van metadata.
Wat is het en waarom doen we het, wat speelt er bij het FDS, en bij de werkgroep Metadata Overheid en hoe kijk je als architect naar de architectuur ervan? Vervolgens is er een workshop waarin we samen aan de slag gaan met architectuurprincipes rondom metadata.
If Substack is perfect for your needs then use that. Your problem with substack prolly isn't who else uses it, but rather, that you yourself are calling a proprietary, privacy disrespecting deprecated monolithic silo a "Perfect solution".
Instead of doing what's right, and for the right reasons, you eschew dogfooding on #FOSS when you should be championing it, and call a professional data mining haven perfect, when it is anything but.
Well, you're already on the Fediverse, so you should know better, but I'll dispense with the lecture now and point out a few good FOSS solutions that are Fediverse powered (and one that isn't, but still rocks as a publishing platform) for you:
Option #1, #WriteFreely, which you can find over at its git repo under https://gitHub.com/writefreely/writefreely.
Option #2, deploy yourself a #WordPress site, Then install the #ActivityPub plugin - the latest release publishes into the Fediverse and allows any Fediverse account to reply/comment threads natively - like I'm responding now. It also allows anyone on the Internet to join the discussions as well. WordPress has many options for subscriber lists, Etc., as well as #paywalled#digital_downloads, if you like.
Option #3, #Mitra is a Fediverse publishing platform that currently supports paid subscriptions for Authors: https://mitra.fediverse.observer/list - pick one that has open registrations or self-host yourself, like all of the other solutions here :)
If you're really talking about maintaining subscribers lists, but especially Having a subscriber list and building it up, then most ignorant folks would recommend HubSpot - but they would be wrong, because you can get the same powerful inbound marketing solution / #CRM, only better, for #FREE (That's a bare minimum savings of over $500/month)!!! So install #Mautic and let it do what it does, which you can get here: https://www.mautic.org/download/source-code and then after that, use it in conjunction with the following FOSS application that was tailor made for exactly what you're asking for...
#Ghost is FOSS, and in conjunction with an inbound marketing platform like Mautic is the perfect dynamic duo - like Batman and Robin. But even better, is that I'm going to point you towards a #HowTo that is an actual cookbook #tutorial written by someone expressing the same lamentations as yourself, and here's the exact solution they've provided for you:
By the way, your Mautic server also integrates directly with#MailGun (or Sendgrid, SendinBlue, SparkPost, etc.) to complete your transactional email system that will tell you when each and every recipient received, viewed (and or how long) your emails, as well as how many times they looked at those emails, with a bunch of other tools as well.
I hope that helps, and I'm very glad that you came to your senses about not using a privacy disrespecting, proprietary closed source solution like Substack - besides, registering your own domain name would have hidden the fact that you were using substack anyway, so it's about YOU doing the right thing the right way. Please choose your software in the future based upon the freedoms and ethics it offers in serving you and your customers. There's evil people everywhere, and the smart ones are using FOSS too - not substack.
It's good to receive feedback that helps people determine information that has value to others. It helps us focus on topics with merit.
There are a couple of additional things I'd like to address though, as briefly I can, considering I'm a rather loquacious sort ;)
I think it was @frogzone that brought up the general controversies that typically do follow #Cloudflare around. I have privacy conscious friends on both sides of that widening chasm...
In general it tends to be the developer sorts that although are cautious, reserved usually, when passing around compliments where Cloudflare is concerned, they're also the pragmatists where performance and dare I say security is concerned, and are often quite willing to turn to Cloudflare (specifically, as a #CDN).
With respect to security concerns, it is true that incorporating a CDN does provide a level of obfuscation of the IP spectrum, that is often cited as a major reason by hosting providers for the customer to incorporate/subscribe to CDN services (more often than not, Cloudflare - because they offer better kickbacks (er.... incentives) to hosting providers.
Then there's the hard core privacy concerned folks. #Last_Mile delivery performance considerations typically being much less of a compelling reason to use, let alone pay, for a CDN like Cloudflare to be injected into the website admin's #DNS. This is because, and let's be real here folks, most websites don't generate anywhere near the levels of traffic that their Nginx or Apache Servers can easily serve up, and for folks on the other side of the world from the particular website, a few milliseconds on a clear day is negligible.
Now, if you're running a very busy site, like... Etsy, or even really popular sites with thousands of requests per minute then you can really benefit by spreading your cache around the globe on super fast CDN services. Even a site that receives on average 1 request per second (60 per minute - and that's pretty respectable traffic) doesn't really benefit enough from the #caching related benefits of a CDN to mark a compelling case - the Last Mile Delivery, however, to Oslo, Norway, from a website in Melbourne, Australia... that can indeed improve perceived response by 250ms (2.5 seconds) or so.
So, just like these so-called VPN services, like NordVPN, etc., there needs to be an effort to educate the consumer as to the actual benefits expected for specific matters - some may be important considerations for the consumer, while others may just be a tech support person in a boiler room trying to reach that bonus number for the month... I've seen waaaay too many people purchase services they really didn't need or would receive much benefit from, and many support desk personnel upselling customers with things they probably shouldn't have.
Now, there's another thing I didn't mention - #Denial_of_Service attacks... Good ole #DDoS campaigns. Well, first of all, one should check with their hosting provider - whether they have the benefit of protections against such attacks, and then, weigh the added benefit of using something like Cloudflare to do the same job (are you paying for protection that you might need twice?).
I personally would probably not have included Cloudflare as part of the #HowTo. It can be added at anytime, but some folks swear by it, so it's not that I'm on the fence about Cloudflare, it's just that I look at it more from the engineering and security perspective, with an eye specifically focused on the veracity of any perceived needs by the customer. And I'm not super fond of turning all of that DNS control (and valuable #metadata) to some third party.
I realize that may have only served to raise more questions, so I'll just say that this is why you pay your trusted IT support professionals who make all of their money on labor they've billed you for, to sit down and discuss what you may or may not need, and especially, why 👍
Brenden Eich was invoked by @marathon - and I too, concur that It is only right to measure technology based on it's own merit and capability - without regard to superfluous and unrelated matters of personal politics.
When haters start fomenting hatred, disparaging everyday, average people for their informed choice of technologically capable software relevant to the task at hand, I like to remind those vile, adolescent, sniveling children that they're literally denigrating things like Brave Browser and Soapbox (the platform I'm authoring this post on), while at the same time availing themselves of the full compliment of features that #JavaScript's technology affords them - JavaScript, invented by#Brenden_Eich...
And they have my blessings to completely swear off and forgo ever using JavaScript again - but they won't, will they? Why? Because they're filthy, hateful, hypocrites consumed by their own criminal commiserations.
ROR turns five in 2024, and to celebrate we're holding five rip-RORing online events on January 30th & 31st. Register now for the main annual update and celebration, a showcase of ROR users, a panel on funding #metadata, or either of two informal drop-in sessions. Let's all do more with ROR in 2024! https://ror.org/events
@matthew@10leej
Maybe explain how XMPP is tried-and-tested for over a generation (15 years), and how many proprietary systems use it at the back end, while collecting our #metadata (and data) at the same time.
It really is time to move on from the colonised, censorship web too. Mixnets like I2P/Tor are the present and future.
Even the slowest moving decentralised money protocol uses I2P. Its just time to move into the 21st century, really.
@CharlieMcHenry nothing new, since basically everyone is #oversharing their images with #metadata like #GPS in them and it's also trivial to #OSINT most images based off basic info about the photographers origin/place of residence as well as whereabouts...
That's no big deal, just basic #DataScience to the point that I think this should be mandatory about #journalism to be taught in #schools...
Governments spying on Apple, Google users through push notifications - US senator (www.reuters.com)
Unidentified governments are surveilling smartphone users via their apps' push notifications, a U.S. senator warned on Wednesday....