You still aren't getting it. I don't know where your failure to understand is.
Look: it takes an overt act by somebody, to either peep through my window, or spy on my communications. Okay? They are deliberately acting against me. Therefore, they are ethically responsible, not me. The same applies to leaving router ports open.
I am NOT referring to whether it is stupid or not to leave it open. What I am saying is that a person or people who take overt action against me are responsible for what they do. I am not ethically responsible for what they do.
That is the context in which I was saying that it is like saying someone who wears a short skirt is "responsible" for being raped. That's not true; that's not the way it works. It might not be smart to do it, but that does not excuse overt, unethical or criminal actions on the part of others. They are responsible for their own actions.
And that is why, in my state, it is legal for me to open my curtains... however, it is NOT legal for someone to come across my lawn and peep in my window... whether my curtains are open or not.
The dictionary goes by popular usage, not technical accuracy. Which was my entire point. So that's a nonsense argument. YOU go look up the technical definition.
I don't care whether you think it was hatred or not. It could have been someone just trolling, for example. But your opinion of somebody does not give you license to go around publicly mislabeling them. That's about as hypocritical as it gets.
Although I will accept "misogynistic". There was direct evidence of that.
Yes it does. Tell me: does Request Policy block addresses it hasn't yet encountered, while still not blocking others? Is it clairvoyant?
I admit that all or none is not the "only" way, however. There are 3 other methods I know of: whitelists, blacklists, and user interaction. If you are given the choice, in realtime, whether to block requests, then my objection does not hold. But most people don't use Request Policy, or even know it exists.
Then you don't know what consent is. It is impossible to consent to something that you don't know in advance someone is going to do, or who is doing it, or when.
Your argument is like saying that leaving my curtains open is equivalent to giving permission for someone to sneak up and spy through my window. Sorry, but the law in my state disagrees with that kind of excuse.
"Half of my point is that you really need to coach your argument in terms of what the average user can be expected to do, not make hilariously wrong statements about what is possible."
Again, it's only hilarious to YOU, because you did not read my statement carefully, and made erroneous assumptions about it.
If you trace this thread back up to GP, you will see that the discussion was whether you are intentionally allowing people to track you. One of my arguments is that in order for you to intentionally allow someone to do something, (i.e., give your consent), you have to know that they intend to do it in the first place. If there is no advance information, there can be no informed consent.
Now, read again what I wrote just above:
"There is no practical way for you to know whether image bugs exist on a website without completely analyzing not just the HTML..."
That was not about whether tracking bugs exist on the site, or whether you can block them, but whether you can detect them. I know about RequestPolicy and have used it myself (until I found that it sometimes gets into contention with NoScript, and that for my purposes, NoScript does an adequate job).
Request Policy works by blocking third-party http, not by "detecting" the tracking bugs in advance. So it is irrelevant to what I was saying.
In any case, my statements have been about consent. Unless you know about a tracking bug, you are not consenting to it, no matter what your browser settings. As I mentioned elsewhere, that's like saying that wearing a short skirt is giving consent to rape, when you didn't even know the rapists were hiding out waiting for you. That is a ridiculous premise, though ethically it is nearly identical to the idea that leaving cookies turned on, or not using RequestPolicy, is an invitation to invade your privacy.
"Bollocks. Your browser, which you control, sends the information automatically when asked because you told it to."
Excuse me, but but that's shallow thinking. That's like saying that wearing a short skirt is an invitation to rape, when she didn't even know the guy was hiding in the parking garage. Nobody buys that excuse, nor should they buy yours.
I repeat: if I do not know in advance that someone intends to do something, I do not give my informed consent. It is actually impossible for me to do so.
It isn't actually oil based, but capsaicin, the "active ingredient" in hot peppers, is "very soluble" in fats and alcohol, and only very slightly soluble in water. A glass of water after eating a hot pepper can actually make it feel worse. A better solution is a glass of whole milk. The fats will dissolve and dilute the capsaicin. Strong alcohol like bourbon or vodka will too, but many people do not report as much of a subjective feeling of relief as with milk.
"How is this even slightly different to the banner adverts we've had since the 90's? Remember doubleclick? "
It isn't that much different... but if you remember doubleclick (which is still around by the way), you will also remember that even then it was pretty much universally despised.
But there ARE some differences: they have pumped up the intelligence of the software some, and gotten even sneakier. Facebook now follows people that are not even members; giving them unique IDs so that if they ever do become a member of Facebook (or one of their many affiliate sites), they have you pegged.
Another difference is what they do with that information. In the past, it was basically used for advertising purposes. Now the data is mined in sophisticated ways, and personal profiles of you are built and sold.
And a third difference is that using banner ads is one thing... at least you can see the ads. But today they hide this stuff, pretending to be social networking features, or even just an invisible 1-pixel image in the corner of the page.
Google's CEO recently announced, publicly, that Google+ is an "identity service" for their customers. (Their customers are the advertisers and others who buy your information. You are not one of them.) He said -- again quite publicly, in the same speech -- that the social networking features of Google+ are just "bait", to pull people in so their data can be gathered.
"it sort of makes statements like "you have no control over what image bugs or javascript they install on their site" sound really stupid..."
Sure. It sounds stupid to YOU, because you have only half-thought it through.
There is no practical way for you to know whether image bugs exist on a website without completely analyzing not just the HTML, but also all of the javascript. Which in effect does make it practically impossible at our current level of technology. I can link to some javascript on another server, and you have know way of even knowing what that javascript is, without actually following the link to it. Which could link to others, and so on. You could have 100 pages of javascript to sort out trying to determine if it's linking to some image off-site, and if it were decently obfuscated, you still would not know.
No, sorry. As a practical matter, the only real control you have is "all, or none". If you really expect everybody to browse in text-only mode forevermore, just to avoid image bugs, I don't think you are being very realistic.
"Configuring your browser so it sends cookies is intentional. You can change it so it doesn't. Being aware of this, and doing nothing shows that you consent (if you didn't consent, you wouldn't let your software send tracking information)."
Absolute rubbish. The fact is that it is not practical these days to browse regularly with your cookies turned off. Too many sites require logins, or some other kind of verification. So you are asking me to go far out of my way, and suffer a LOT of daily inconvenience, in order to prevent someone from doing something that is unethical in the first place.
And further yet, I DO NOT CONSENT... it is actually impossible for me to consent... to something that I do not even know is there ahead of time! Consent requires advance information. If there is no advance information, there is no consent. Period.
"But don't sue people servers for your clients behavior."
Sorry, but that's W3C standard behavior, it has nothing to do with the browsers themselves. Although browsers could be changed to block 3rd-party cookies and images, all they are doing is complying with the standard.
Further, this is an overt act on the part of others. It isn't as though those things get there accidentally. So it's not a matter of me dancing naked in front of an open window; morally and ethically it is a hell of a lot more like somebody coming up and peeping in my window. They are not the same things.
You are correct about the other software solutions, but I disagree with you about that being "the only reasonable solution". I disagree very much. I don't believe it is ethical at all for someone to compile personal data about my communications without my knowledge or consent, much less peddle that data to others.
"Facebook is not intercepting and recording any communications."
Yes, it is, at least in a sense.
Facebook is recording your IP, What sites you visit, and when. While it isn't recording any other communications, it doesn't need to in order to violate privacy.
What Facebook is doing is equivalent to a Pen Register used on telephones. The Pen Registers record what calls are being made, when, and to what number. But they don't record any actual conversations.
But even Pen Registers are illegal, and can only be used by Law Enforcement under strict conditions. The standard of evidence for allowing use of a Pen Register is lower than for actually tapping a phone line and listening to the conversations, but it is still legal only for law enforcement and it still requires due process, meaning they have to petition a judge for permission, and explain their evidence.
"The user is intentionally using software that sends tracking information (cookies) to Facebook"
No, that is not the case at all. If it were, this would be a different story.
We're talking here about third-party cookies. These are images that come from servers OTHER THAN the one you are visiting. But when that image is downloaded from that foreign server, it gets a record of your ip and what the referring domain is.
The issue here is that while you can control what websites you visit, you have no control over what image bugs or javascript they install on their site, nor is there any way to tell in advance what they are. So you aren't voluntarily doing anything at all; in fact most of the time you probably don't even know it is happening. That does not fit the definition of "intentional". On the contrary; it is downright sneaky.
Tracking bugs like that are completely unethical, and if they are not in fact illegal they should be.
What mcavic said. Cookies are one thing, third party cookies are another thing entirely. You can control the websites you visit, but as a practical matter you have no control over what or how many third-party cookies that site sics on you without any overt warning.
That is correct as far as it goes. But the problem there is that you have no way to know, ahead of time, what sites might have Like buttons and what sites not. By the time the page is downloaded, and you see the Like button there, it already has you tracked.
Currently, the only way to prevent that is to use a script blocker to block Facebook's javascript from running. Which I do. But it's not a satisfactory solution... they should only be able to track you if you give your explicit permission. What they are doing now is sneaky and unethical, given that most people don't even know they're doing it.
That doesn't add anything to the discussion. Of course the hypothesis was that homophobes were latent homosexuals. That was obvious. But how did they define "homophobe"? As an actual homophobe, in the technical sense, or someone who just didn't like homosexuals?
Given just this much information, even if we assume it's true, it is impossible to draw any conclusions from it.
What he said. Unless your data is extremely critical and confidential, full-disk encryption is absolutely the worst thing you can do in the case of theft, because you will never see your computer again.
It didn't cost HIM any money, so he doesn't care. With an encrypted disk, the thief will simply throw the computer away or destroy it, without hesitation. You can just kiss it goodbye.
The Prey Project is a free solution that probably does everything your commercial solution does, and more, except for the "working directly with police departments", which, in most parts of the US today, I would not trust anyway.
Remotely locking your computer is worse than pointless in the case of theft, if you ever want to get your machine back.
It did not cost your typical thief any money, and they don't care in the least about the data (unless they stole it because it has a credit card database or something).
Once they find out it's locked, they'll just throw it away, or maybe even destroy it. Everybody loses.
You still aren't getting it. I don't know where your failure to understand is.
Look: it takes an overt act by somebody, to either peep through my window, or spy on my communications. Okay? They are deliberately acting against me. Therefore, they are ethically responsible, not me. The same applies to leaving router ports open.
I am NOT referring to whether it is stupid or not to leave it open. What I am saying is that a person or people who take overt action against me are responsible for what they do. I am not ethically responsible for what they do.
That is the context in which I was saying that it is like saying someone who wears a short skirt is "responsible" for being raped. That's not true; that's not the way it works. It might not be smart to do it, but that does not excuse overt, unethical or criminal actions on the part of others. They are responsible for their own actions.
And that is why, in my state, it is legal for me to open my curtains... however, it is NOT legal for someone to come across my lawn and peep in my window... whether my curtains are open or not.
The dictionary goes by popular usage, not technical accuracy. Which was my entire point. So that's a nonsense argument. YOU go look up the technical definition.
I don't care whether you think it was hatred or not. It could have been someone just trolling, for example. But your opinion of somebody does not give you license to go around publicly mislabeling them. That's about as hypocritical as it gets.
Although I will accept "misogynistic". There was direct evidence of that.
I suspect you were joking. But in fact alcohol does dissolve and wash away the capsaicin.
Yes it does. Tell me: does Request Policy block addresses it hasn't yet encountered, while still not blocking others? Is it clairvoyant?
I admit that all or none is not the "only" way, however. There are 3 other methods I know of: whitelists, blacklists, and user interaction. If you are given the choice, in realtime, whether to block requests, then my objection does not hold. But most people don't use Request Policy, or even know it exists.
Then you don't know what consent is. It is impossible to consent to something that you don't know in advance someone is going to do, or who is doing it, or when.
Your argument is like saying that leaving my curtains open is equivalent to giving permission for someone to sneak up and spy through my window. Sorry, but the law in my state disagrees with that kind of excuse.
Thank you. Informed consent is the point I have been trying to make, but some people here just don't seem to get it.
"Half of my point is that you really need to coach your argument in terms of what the average user can be expected to do, not make hilariously wrong statements about what is possible."
Again, it's only hilarious to YOU, because you did not read my statement carefully, and made erroneous assumptions about it.
If you trace this thread back up to GP, you will see that the discussion was whether you are intentionally allowing people to track you. One of my arguments is that in order for you to intentionally allow someone to do something, (i.e., give your consent), you have to know that they intend to do it in the first place. If there is no advance information, there can be no informed consent.
Now, read again what I wrote just above:
"There is no practical way for you to know whether image bugs exist on a website without completely analyzing not just the HTML..."
That was not about whether tracking bugs exist on the site, or whether you can block them, but whether you can detect them. I know about RequestPolicy and have used it myself (until I found that it sometimes gets into contention with NoScript, and that for my purposes, NoScript does an adequate job).
Request Policy works by blocking third-party http, not by "detecting" the tracking bugs in advance. So it is irrelevant to what I was saying.
In any case, my statements have been about consent. Unless you know about a tracking bug, you are not consenting to it, no matter what your browser settings. As I mentioned elsewhere, that's like saying that wearing a short skirt is giving consent to rape, when you didn't even know the rapists were hiding out waiting for you. That is a ridiculous premise, though ethically it is nearly identical to the idea that leaving cookies turned on, or not using RequestPolicy, is an invitation to invade your privacy.
"Bollocks. Your browser, which you control, sends the information automatically when asked because you told it to."
Excuse me, but but that's shallow thinking. That's like saying that wearing a short skirt is an invitation to rape, when she didn't even know the guy was hiding in the parking garage. Nobody buys that excuse, nor should they buy yours.
I repeat: if I do not know in advance that someone intends to do something, I do not give my informed consent. It is actually impossible for me to do so.
It isn't actually oil based, but capsaicin, the "active ingredient" in hot peppers, is "very soluble" in fats and alcohol, and only very slightly soluble in water. A glass of water after eating a hot pepper can actually make it feel worse. A better solution is a glass of whole milk. The fats will dissolve and dilute the capsaicin. Strong alcohol like bourbon or vodka will too, but many people do not report as much of a subjective feeling of relief as with milk.
"That's legal under wiretapping laws."
Not in my state. Here, unless ALL involved parties agree, it is illegal as hell.
"How is this even slightly different to the banner adverts we've had since the 90's? Remember doubleclick? "
It isn't that much different... but if you remember doubleclick (which is still around by the way), you will also remember that even then it was pretty much universally despised.
But there ARE some differences: they have pumped up the intelligence of the software some, and gotten even sneakier. Facebook now follows people that are not even members; giving them unique IDs so that if they ever do become a member of Facebook (or one of their many affiliate sites), they have you pegged.
Another difference is what they do with that information. In the past, it was basically used for advertising purposes. Now the data is mined in sophisticated ways, and personal profiles of you are built and sold.
And a third difference is that using banner ads is one thing... at least you can see the ads. But today they hide this stuff, pretending to be social networking features, or even just an invisible 1-pixel image in the corner of the page.
Google's CEO recently announced, publicly, that Google+ is an "identity service" for their customers. (Their customers are the advertisers and others who buy your information. You are not one of them.) He said -- again quite publicly, in the same speech -- that the social networking features of Google+ are just "bait", to pull people in so their data can be gathered.
"it sort of makes statements like "you have no control over what image bugs or javascript they install on their site" sound really stupid..."
Sure. It sounds stupid to YOU, because you have only half-thought it through.
There is no practical way for you to know whether image bugs exist on a website without completely analyzing not just the HTML, but also all of the javascript. Which in effect does make it practically impossible at our current level of technology. I can link to some javascript on another server, and you have know way of even knowing what that javascript is, without actually following the link to it. Which could link to others, and so on. You could have 100 pages of javascript to sort out trying to determine if it's linking to some image off-site, and if it were decently obfuscated, you still would not know.
No, sorry. As a practical matter, the only real control you have is "all, or none". If you really expect everybody to browse in text-only mode forevermore, just to avoid image bugs, I don't think you are being very realistic.
"Configuring your browser so it sends cookies is intentional. You can change it so it doesn't. Being aware of this, and doing nothing shows that you consent (if you didn't consent, you wouldn't let your software send tracking information)."
Absolute rubbish. The fact is that it is not practical these days to browse regularly with your cookies turned off. Too many sites require logins, or some other kind of verification. So you are asking me to go far out of my way, and suffer a LOT of daily inconvenience, in order to prevent someone from doing something that is unethical in the first place.
And further yet, I DO NOT CONSENT... it is actually impossible for me to consent... to something that I do not even know is there ahead of time! Consent requires advance information. If there is no advance information, there is no consent. Period.
"But don't sue people servers for your clients behavior."
Sorry, but that's W3C standard behavior, it has nothing to do with the browsers themselves. Although browsers could be changed to block 3rd-party cookies and images, all they are doing is complying with the standard.
Further, this is an overt act on the part of others. It isn't as though those things get there accidentally. So it's not a matter of me dancing naked in front of an open window; morally and ethically it is a hell of a lot more like somebody coming up and peeping in my window. They are not the same things.
You are correct about the other software solutions, but I disagree with you about that being "the only reasonable solution". I disagree very much. I don't believe it is ethical at all for someone to compile personal data about my communications without my knowledge or consent, much less peddle that data to others.
"Facebook is not intercepting and recording any communications."
Yes, it is, at least in a sense.
Facebook is recording your IP, What sites you visit, and when. While it isn't recording any other communications, it doesn't need to in order to violate privacy.
What Facebook is doing is equivalent to a Pen Register used on telephones. The Pen Registers record what calls are being made, when, and to what number. But they don't record any actual conversations.
But even Pen Registers are illegal, and can only be used by Law Enforcement under strict conditions. The standard of evidence for allowing use of a Pen Register is lower than for actually tapping a phone line and listening to the conversations, but it is still legal only for law enforcement and it still requires due process, meaning they have to petition a judge for permission, and explain their evidence.
"The user is intentionally using software that sends tracking information (cookies) to Facebook"
No, that is not the case at all. If it were, this would be a different story.
We're talking here about third-party cookies. These are images that come from servers OTHER THAN the one you are visiting. But when that image is downloaded from that foreign server, it gets a record of your ip and what the referring domain is.
The issue here is that while you can control what websites you visit, you have no control over what image bugs or javascript they install on their site, nor is there any way to tell in advance what they are. So you aren't voluntarily doing anything at all; in fact most of the time you probably don't even know it is happening. That does not fit the definition of "intentional". On the contrary; it is downright sneaky.
Tracking bugs like that are completely unethical, and if they are not in fact illegal they should be.
What mcavic said. Cookies are one thing, third party cookies are another thing entirely. You can control the websites you visit, but as a practical matter you have no control over what or how many third-party cookies that site sics on you without any overt warning.
Probably the most popular one for Firefox is NoScript. I don't know about Chrome.
That is correct as far as it goes. But the problem there is that you have no way to know, ahead of time, what sites might have Like buttons and what sites not. By the time the page is downloaded, and you see the Like button there, it already has you tracked.
Currently, the only way to prevent that is to use a script blocker to block Facebook's javascript from running. Which I do. But it's not a satisfactory solution... they should only be able to track you if you give your explicit permission. What they are doing now is sneaky and unethical, given that most people don't even know they're doing it.
That doesn't add anything to the discussion. Of course the hypothesis was that homophobes were latent homosexuals. That was obvious. But how did they define "homophobe"? As an actual homophobe, in the technical sense, or someone who just didn't like homosexuals?
Given just this much information, even if we assume it's true, it is impossible to draw any conclusions from it.
Apparently even the Modbois are not immune to the Political Correctness bug. Hint, people: it means you can't think for yourself.
I am well aware that it is not the most popular viewpoint, but it's not "troll". It's the truth.
What he said. Unless your data is extremely critical and confidential, full-disk encryption is absolutely the worst thing you can do in the case of theft, because you will never see your computer again.
It didn't cost HIM any money, so he doesn't care. With an encrypted disk, the thief will simply throw the computer away or destroy it, without hesitation. You can just kiss it goodbye.
The Prey Project is a free solution that probably does everything your commercial solution does, and more, except for the "working directly with police departments", which, in most parts of the US today, I would not trust anyway.
Remotely locking your computer is worse than pointless in the case of theft, if you ever want to get your machine back.
It did not cost your typical thief any money, and they don't care in the least about the data (unless they stole it because it has a credit card database or something).
Once they find out it's locked, they'll just throw it away, or maybe even destroy it. Everybody loses.