ciferecaNinjo

joined 1 year ago
MODERATOR OF
Brussels
sorted by: new top controversial old
mbin: data loss on censored threads, unlike Lemmy. Kbin also likely affected. in c/bugs@sopuli.xyz
[–] ciferecaNinjo@fedia.io 1 points 1 day ago

Yikes. I am disturbed to hear that. I was as well appalled with what I saw in a recent visit to a university. It’s baffling that someone could acquire those degrees without grasping the discipline. Obviously it ties in with the fall of software quality that began around the same time the DoD lifted the Ada mandate. But indeed, you would have to mention your credentials because nothing else you’ve written indicates having any tech background at all.

mbin: data loss on censored threads, unlike Lemmy. Kbin also likely affected. in c/bugs@sopuli.xyz
[–] ciferecaNinjo@fedia.io 0 points 1 day ago (2 children)

How have I made your point at all?

You have acknowledged the importance of having multiple points of failure. It’s a good start because the defect at hand is software with a single point of failure.

You're a bit incoherent with what you're talking about.

I suppose I assumed I was talking to someone with a bit of engineering history. It’s becoming clear that you don’t grasp software design. You’ve apparently not had any formal training in engineering and likely (at best) you’ve just picked up how to write a bit of code along the way. Software engineering so much more than that. You are really missing the big picture.

This has nothing to do with software design or anything else along those lines.

What an absurd claim to make. Of course it does. When software fails to to protect the data it’s entrusted with, it’s broken. Either the design is broken, or the implementation is broken (but design in the case at hand). Data integrity is paramount to infosec and critical to the duty of an application. Integrity is basically infosec 101. If you ever enter an infosec program, it’s the very first concept you’ll be taught. Then later on you might be taught that a good software design is built with security integrated into the design in early stages, as opposed to being an afterthought. Another concept you’ve not yet encounted is the principle of security in depth, which basically means it’s a bad idea to rely on a single mechanism. E.g. if you rely on the user to make a backup copy but then fail to protect the primary copy, you’ve failed to create security in depth, which requires having BOTH a primary copy AND a secondary copy.

This is a simple thing. If your data is valuable you secure it yourself.

That has nothing to do with the software defect being reported. While indeed it is a good idea to create backups, this does not excuse or obviate a poor software design that entails data loss and ultimately triggers a need for data recovery. When a software defect triggers the need for data recovery, in effect you have lost one of the redundant points of failure you advocated for.

When you reach the university level, hopefully you will be given a human factors class of some kind. Or if your first tech job is in aerospace or a notably non-sloppy project, you’ll hopefully at least learn human factors on the job. If you write software that’s intolerant to human errors and which fails to account for human characteristics, you’ve created a poor design (or most likely, no design.. just straight to code). When you blame the user, you’ve not only failed as an engineer but also in accountablity. If a user suffers from data loss because your software failed to protect the data, and you blame the user, any respectable org will either sack you or correct you. It is the duty of tech creators to assume that humans fuck up and to produce tools that is resilient to that. (maybe not in the gaming industry but just about any other type of project)

Good software is better than your underdeveloped understanding of technology reveals.

Thinking that a federated service is going to have a uniform or homogenous approach to things is folly

Where do you get /uniform/ from? Where do you get /homogenous approach/ from? Mbin has a software defect that Lemmy does not. Reporting mbin’s defect in no way derives and expectation that mbin mirror Lemmy. Lemmy is merely an example of a tool that does not have the particular defect herein. Lemmy demonstrates one possible way to protect against data loss. There are many different ways mbin can solve this problem, but it has wholly failed because it did fuck all. It did nothing to protect from data loss.

on your end and a failure of understanding what the technology is.

It’s a failure on your part to understand how to design quality software. Judging from the quality of apps over the past couple decades, it seems kids are no longer getting instruction on how to build quality technology and you have been conditioned by this shift in recent decades toward poorly designed technology. It’s really sad to see.

mbin: data loss on censored threads, unlike Lemmy. Kbin also likely affected. in c/bugs@sopuli.xyz
[–] ciferecaNinjo@fedia.io 0 points 1 day ago (4 children)

Exactly. You’ve made my point for me. Precisely why this defect is a defect. The user’s view should be separate and disjoint from the timeline. Lemmy proves the wisdom of that philosophy. But again, it’s a failure of software design to create a fragile system with an expectation that human users will manually compensate for lack of availaiblity and integrity. I know you were inadvertenly attempting again to blame the user (and victim) for poor software design.

It’s a shame that kids are now being tought to produce software has lost sight of good design principles. That it’s okay to write software that suffers from data loss because someone should have another copy anyway (without realising that that other copy is also subject to failures nonetheless).

mbin: data loss on censored threads, unlike Lemmy. Kbin also likely affected. in c/bugs@sopuli.xyz
[–] ciferecaNinjo@fedia.io 1 points 3 days ago (6 children)

Who cares?

Anyone who values their own time and suffers from data loss cares about data loss, obviously.

This is a serious question.

Bizarre.

Anything that is important to you should be backed up and/or archived. Relying on a third party social media app is folly.

This is a bug report on faulty software. If you have a clever workaround to the bug, specifics would be welcome. A bug report is not the place for general life coaching or personal advice. If there is an emacs mode that stores posts locally and copies them into a lemmy or mbin community and keeps a synchronised history of the two versions, feel free to share the details. But note that even such a tool would still just be a workaround to the software defect at hand.

2
mbin: data loss on censored threads, unlike Lemmy. Kbin also likely affected. (fedia.io)
 

Both Lemmy and mbin have a shitty way of treating authors of content that is censored by a moderator.

Lemmy: if your post is removed from a community timeline, you still have the content. In fact, your logged-in profile looks no different, as if the message is still there. It’s quite similar to shadow banning. Slightly better though because if you pay attention or dig around, you can at least discover that you were censored. But shitty nonetheless that you get no notification of the censorship.

Mbin: if your post is removed, you are subjected to data loss. I just wrote a high effort post europe@feddit.org and it was censored for not being “news”. There is no rule that your post must be news, just a subtle mention in the topic of news. In fact they delete posts that are not news, despite not having a rule along those lines. So my article is lost due to this heavy-handed moderation style. Mbin authors are not deceived about the status of their post like on lemmy, but authors suffer from data loss. They do not get a copy of what they wrote so they cannot recover and post it elsewhere.

It’s really disgusting that a moderator’s trigger happy delete button has data loss for someone else as a consequence. I probably spent 30 minutes writing the post only to have that effort thrown away by a couple clicks. Data loss is obviously a significant software defect.

EDPS decentralised social media pilot: the end of a successful story in c/europe@feddit.org
[–] ciferecaNinjo@fedia.io 0 points 4 days ago

Wojciech Wiewiórowski was intent on calling mastodon a failure for political reasons. When pressed on the harms of public services using Twitter and Facebook, he defends them on the basis of content moderation. Of course what’s despicable about that stance is that a private sector surveillance advertiser is not who should be moderating who gets to say what to their representatives. Twitter, for example, denies access to people who do not disclose their mobile phone number to Twitter, which obviously also marginalises those who have no mobile phone subscription to begin with.

The lack of funding on the free world platforms was due to lack of engagement. When the public service does not get much engagement they react by shrinking the funding.

We need the Facebook and Twitter users to stop disengaging with gov agencies on those shitty platforms. Which obviously would not happen. Those pushover boot-licking addicts would never do that.

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 1 points 1 month ago

Thanks for the insights. I was looking for a client not a server. So maybe this can’t help me. A server somewhat hints that it would be bandwidth heavy. I’m looking to escape the stock JS web client. At the same time, I am on a very limited uplink. To give an idea, I browse web with images disabled because they would suck my quota dry.

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 1 points 1 month ago

good, thanks!

5
installation instructions needed (fedia.io)
 

The readme talks about docker. I’m not a docker user. I did a git clone when I was on a decent connection. ATM I’m not on a decent connection. The releases page lacks file sizes. And MS Github conceals the size:

curl -LI 'https://github.com/Xyphyn/photon/archive/refs/tags/v1.31.2-fix.1.tar.gz' | grep -i 'content-length'

output:

content-length: 0

So instead of fetching the tarball of unknown size, I need to know how to build either the app or the tarball from the cloned repo. Is that documented anywhere?

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 2 points 1 month ago (3 children)

Photon is a strange beast. How do you install it?

It seems to only come as a docker container. That’s weird. I don’t have docker installed but docker should really be a choice.. not a sole means of installation. I see no deb file or tarball. It seems that it has taken a direction that makes it non-conducive to ever becoming part of the official Debian repos.

Then it seems as well that their official site “phtn.app” is a Cloudflare site -- which is a terrible sign. It shows that the devs are out of touch with digital rights, decentralisation, and privacy. That doesn’t in itself mean the app is bad but the tool is looking quite sketchy so far. Several red flags here.

(edit) I found a tarball on the releases page.

4
Recording website state at a snapshot in time for evidence (fedia.io)
 

I often save websites to my local drive when collecting evidence that might later need to be presented in court. But of course there problems with that because I could trivially make alterations at will. And some websites give me different treatment based on my IP address. So I got in the habit of using web.archive.org/save/$targetsite to get a third party snapshot. That’s no longer working. It seems archive.org has cut off that service due to popular demand, which apparently outstrips their resources.

Are there more reliable alternatives? I’m aware of archive.ph but that’s a non-starter (Cloudflare).

In the 1990s there was a service that would email you a webpage. Would love to an out-of-band mechanism like that since email has come to carry some legal weight and meets standards of evidence in some countries (strangely enough).

4
(mbin) Onion hosts are not recognized as URLs and thus get funny treatment (fedia.io)
Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 2 points 1 month ago (1 children)

I just need to work out exactly what the effect of the user-configured node block is. In principle, if an LW user replies to either my thread or one of my comments in someone else’s thread, I would still want to see their comments and I would still want a notification. But I would want all LW-hosted threads to be hidden in timelines and search results.

On one occasion I commented in an LW-hosted thread without realising it. Then I later blocked the community that thread was in (forgetting about my past comment). Then at one point I discovered someone replied to me and I did not get the notification. That scenario should be quite rare but I wonder how it would pan out with the node-wide blocking option.

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 1 points 1 month ago (2 children)

Ah, I see! Found it. Indeed that was not there last time I checked.

I’m on both Lemmy and mbin. I have several Lemmy accounts.

Now I need to understand the consequences of blocking lemmy.world. Is it just the same as blocking every lemmy.world community, or does it go further than that? E.g. If I post a thread and a LW user replies, I would not want to block their reply from appearing in my notifications. I just don’t want LW threads coming up in searches or appearing on timelines.

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 0 points 1 month ago (4 children)

I think he is talking about admins blocking instances in the settings for the whole node. AFAIK, users on Lemmy and k/mBin have no such setting.

Lemmy vs. PieFed vs. Mbin in c/fediverse@lemmy.ml
[–] ciferecaNinjo@fedia.io 0 points 1 month ago (3 children)

I don't get why you want users to be able to apply cloudflare filters, though.

Suppose an instance has these users:

  • Victor who uses a VPN
  • Cindy whose ISP uses a CGNAT (she may or may not be aware of the consequences of that)
  • Terry who uses a Tor
  • Norm who uses the normal clearnet
  • Esther who is ethical (doesn’t matter what she uses)

And suppose the instance is a special interest instance focused on travel. The diverse group of the above people have one thing in common: they want to converge on the expat travel node and the admin wants to accommodate all of them. Norm, and many like him, are happy to subscribe to countless exclusive and centralised forums as they are pragmatic people with no thought about tech ethics. These subscriptions flood an otherwise free world node with exclusive content. Norm subscribes to [!travelpics@exclusivenode.com](/c/travelpics@exclusivenode.com). Then Victor, Terry and sometimes Cindy are all seeing broken pics in their view because they are excluded by Cloudflare Inc. Esther is annoyed from an ethical standpoint that this decentralised free world venue is being polluted by exclusive content from places like like Facebook Threads™ and LemmyWorld. Even though she can interact with it from her clearnet position, she morally objects to feeding content to oppressive services.

The blunt choice of the admin to federate or not with LemmyWorld means the admin cannot satisfy everyone. It’s too blunt of an instrument. Per-community blocks per user give precision but it’s a non-stop tedious manual workload to keep up with the flood of LW communities. It would be useful for a user to block all of LemmyWorld in one action. I don’t want to see LW-hosted threads and I don’t want LW forums cluttering search results.

5
Rules and conventions for labeling documentary evidence -- I write “exhibit A” on the doc but it’s getting resistence (fedia.io)
 

I often supply documents as evidence to regulators (e.g. GDPR regulators). A document is normally in A4 format and I digitally superimpose that onto an A4 page. Thus generally without shrinking or expanding.

I label it by printing “exhibit A”, “bewijsstuk A”, or “pièce A” in the topmost rightmost corner at a 45° angle and give a small margin to avoid unprintable areas. I do that on every single page. If it would overlap something, I shift it down to avoid overlap. It seems to do the job well but a regulator once requested that I resubmit the evidence without my markups.

So apparently they don’t like my style. Maybe they wonder if I could be making more material alterations. What is the normal convention in the legal industry? These evidence submissions are not for a court process but they always have potential to end up in court in the future.

I have some ideas:

  • (only for paper submissions) I could stick a Post-It note to every document (every page?) and hand-write evidence labels. This would be inconvenient for them to scan. If they remove the notes to feed into a scanner, then the digital version is lossy and so they cannot dispense of the paper version. Or they must be diligent with entering the label into the file’s metadata or filename.
  • (only for electronic submissions) I could make the evidence label a PDF annotation, so when viewing the doc and printing it the user can decide whether to show/print annotations. This seems useful superficially but it’s problematic because the PDF tools poorly adhere to the standard to w.r.t. annotations. Many tools do not handle annotations well. A recipient’s app does not necessarily give them control over whether annotations appear, and how they appear (different fonts chosen by different tools and if a tool does not have the source font it may simply ignore the annotation). The 45° angle that sets it apart and makes it pop-out better is apparently impossible with PDF annotations. And with little control over the font it might look good in one viewer but overlap in another.
  • (versatile for both kinds of submissions) I could shrink the doc to ~90% of the original size, put a frame around it, and push it low on the page to leave space at the top for metadata like evidence labels. The the label is obviously not altering the original.
  • (versatile for both kinds of submissions) I could add a cover page to each doc with the sole purpose of writing “exhibit A”. Seems good for digital submissions but I really don’t like the idea of bulking out my paper submissions. It would add €1 to the cost for every ten docs.
  • (versatile for both kinds of submissions) Perhaps I could get away with rotating “exhibit A” 90° and finely printing it along the edge of the margin. This could even be combined with bullet 3 and maybe with less scaling (~95%).

Any other ideas?

11
français → anglais translation help wanted for a paragraph of legal text (fedia.io)
5
Translation help wanted on telecom law (fedia.io)
submitted 1 month ago* (last edited 1 month ago) by ciferecaNinjo@fedia.io to c/french@sopuli.xyz
7 comments fedilink
 

I would like to understand this paragraph:

§ 2. Lorsque (un opérateur d'un [¹ réseau public de communications électroniques]¹) a l'intention d'établir des câbles, lignes aériennes et équipements connexes, de les enlever ou d'y exécuter des travaux, elle tend à rechercher un accord quant à l'endroit et la méthode d'exécution des travaux, avec la personne dont la propriété sert d'appui, est franchie ou traversée.

Argos Translate yields:

§ 2. When (an operator of a [¹ public electronic communications network]¹) intends to establish cables, airlines and related equipment, to remove or perform work therein, it tends to seek an agreement on the location and method of carrying out work, with the person whose property serves as a support, is crossed or crossed.

I think tends is a false friend here because it seems unlikely in this context. A commercial machine translation yields:

§ 2. When (an operator of a [¹ public electronic communications network]¹) intends to establish, remove or carry out work on cables, overhead lines and related equipment, it shall seek agreement as to the location and method of carrying out the work with the person whose property is used as support, is crossed or is being traversed.

Sounds more accurate. I’m disappointed that there seems to be no requirement that the telecom company obtain consent from property owners. Is that correct? The telecom operator does not need consent on whether to use someone’s private property, only consent on how they deploy the cables?

17
Belgian tax law (“FisconetPlus”) exclusively accessible to those willing to share personal data with Microsoft Corporation (fedia.io)
13
Belgian tax law (“FisconetPlus”) exclusively accessible to those willing to share personal data with Microsoft Corporation (fedia.io)
3
Should Académie Française curate language translation models? (fedia.io)
submitted 1 month ago* (last edited 1 month ago) by ciferecaNinjo@fedia.io to c/french@sopuli.xyz
1 comments fedilink
 

The FOSS app Argos Translate enables people to locally translate their documents without depending on an external service and then hoping their content is not snooped on (while simultaneously hoping to get translation service for free). Argos does okay with quite popular language pairs but it’s really not up to a good standard of quality overall.

The machine learning input into Argos known as “models” are trained on samples of (hopefully manual) translations. The models require huge amounts of data. Apparently the effort to gather large volumes of input leads to grabbing poor quality samples, which ultimately leads to bad translations. To worsen matters, you have a sparse scatter of different projects making their own models. So the effort is decentralised in a detrimental way. End users are then left with having to experiment with different models.

Shouldn’t Académie Française (the French language protection org) have some interest in the public having access to resources that give high-quality translations into French?

Consider that Académie Française members each spend €230k on clothes (yes, that “k” after the number is correct), surely they have money sloshing around to promote French. If playing dress-up is worth €9.2 million (€230k × 40 members), just imagine how much money they must have for their mission of supporting the French language.

5
When a law requires you to supply information that does not exist -- then what? Or when you cannot comply because you don’t have what is required? (fedia.io)
 

This question is inspired by Belgian law but there is no Belgian law forum and I think it’s likely that Netherlands would have the same problem. So answers w.r.t. Dutch law would be interesting enough.

It’s increasingly common for law to mandate that people give the government their email address in various situations. If someone has no email address, I have to wonder how can they be expected to comply with the law? When the law requires disclosure of information that does not exist, is it implied that we must take necessary steps to make that information come into existence in order to disclose it? Is it implied by that law that we must enter the private marketplace and subscribe to email service, then periodically check our email?

I happen to have email addresses but I refuse to disclose them to users of Micosoft Outlook or Google. That includes government offices because the gov uses MS Outlook and simultaneously does not use PGP. Since my workflow of non-disclosure to MS & Google has ensured that email has the tiniest of roles in my life, it would not be a big step for me to nix email altogether and end my subscriptions. But I need to know if it’s even legal for me to do so.

3
How should “bis” and “ter” be typeset? (fedia.io)
 

French law often adds a “bis” (e.g. “Article 29bis”) if more law is added later and for whatever reason they don’t just append it to Article 29.

It’s ugly in text, but I’m writing a document in LaTeX so I have freedom and control to do something better. At the same time, I don’t want to invent something that alienates readers. I just want to know from people who have read a lot of well typeset French what style is common. I think italicizing the “bis” is common. But what about making it a subscript or superscript? What about putting a ½ space between the bis and the number?

view more: next ›