I bought some cola flavored candy and cola popsicles recently. Both had a hint of mint or eucaliptus or something fresh and penetrating like that… I wondered if that was part of the cola ingredient or if it was added.

I think a surveillance advertiser known as “Microsoft Corporation” acquired OpenAI. If chatgpt works for an advertiser, then it’s working to manipulate people into buying shit they don’t need, which is obviously not good for the environment.

Green chili beer is a thing in New Mexico. I tried some a long time ago, back in the days when decent beer was still non-existent in the states. And it was quite nice. So if you ever pass through NM then it’d be worthwhile to see if any breweries would share their knowledge.

(edit) I also tried red chili beer from the same brewery. The green chili was much better, which is also what I find with chili in food.

Looks like a couple good finds there. The 2nd one put me off at 1st w/an apparent dependency on Google drive, but after clicking forward it’s clear that we can skip Google and do a direct upload.

Thanks for the links!

It last worked in 2024. Throughout 2025 it presents the forms, accepts the document, then gives an instant permission denied when sending. Tried creating a new acct and same problem.

It’s something boycotters of Microsoft use to communicate to MS-hosted agencies to avoid supplying recipients with an email address. It gives us control over what MS is allowed to see.

It also channels money better. The recipient who needs to respond is forced to support the postal service instead of Microsoft.

How will they know the difference between an HTTPS connection to a website and a corkscrew (VPN nested inside of HTTPS)?

There is also a human rights issue here. Some servers discriminate depending on where vistors come from, which is determined by IP address. Getting equal treatment sometimes requires us to appear as the unmarginalised group by using a VPN.

FWIW, I’ll just add that Hexbear’s user count is more than 2 standard deviations above the mean. So some would also regard them as somewhat centralised, which goes against fedi principles. OTOH, at least they are not Cloudflared.

IMO being centralised is sufficient for defederating.

Not quite sure what you mean. What are numbers stations? Do you mean FM where the frequency is a memorable number?

I get the impression they would rather you listened via them then broadcast.

Yeah it’s a bit annoying how BBC keeps mentioning their digital services. They want you to have their content and they want to track you. But I think their top priority is just that you tune in one way or another. Offgriders give them the advantage of undivided attention. They don’t have to compete very hard for the attention of those without Internet.

OTOH, BBC is a special case because they get nothing from broadcast ads. I don’t even know how they are funded. Sure they get tax funded in the UK, but what’s their incentive to broadcast in continental Europe which apparently does not fund them?

(edit) a lot of FM and DAB stations have no digital resources that would track you (extremely basic websites without even a schedule). Some stations seem to have no web presence at all. So in those cases it would be interesting for them to emphasise their privacy alignment.

Facebook also likely has active communities. I personally would not promote Facebook or Cloudflare or similar technofeudal fiefdoms for any reason. But neglecting that, it might be worded in a way that’s fully informative to let people choose for themselves. E.g. something like this:

For novices who prioritise visibility and engagement above digital sovereignty and decentralisation, you can maximise engagement in Facebook or at !python@programming.dev.

For free world, we have:

• (english) !python@lemmy.sdf.org
• (spanish) !python_es@mander.xyz

I have a script which searches an aggregation of 3 different datasets, and tags them based on freedom and digital sovereignty factors. So instances with “🗽☯” symbolise freedom and balance (thus not so big as to effectively be centralised). Those tagged with a warning (“⚠”) are not in Cloudflare’s walled garden, but they have allowed themselves to grow more than 2 standard deviations above the average node size and thus approach centralised places. Those with a castle 🏰 are in Cloudflare and should simply be avoided by anyone who opposes tech giant tyranny.

Other symbols are either non-lemmy or nodes not known to the dataset that tracks cloudflare. lemm.ee is Cloudflare, btw.

programming.dev is not a good choice because it sends people to Cloudflare. It’s like sending people to Facebook.

When I search for “privacy“, I get:

🗽☯europe.pub/c/privacy (239/463) “Privacy”
🗽☯sopuli.xyz/c/FightForPrivacy (64/455) “Fight For Privacy”
🗽☯diggita.com/c/sicurezza (789/66) “Sicurezza Informatica, Privacy e lotta al capitalismo della sorveglianza”
🗽☯sopuli.xyz/c/privacy (897/53) “Privacy”
🗽☯europe.pub/c/PrivacyGuides (119/28) “Privacy Guides”
🗽☯feddit.it/c/privacypride (391/27) “Privacy Pride”
🗽☯lemmygrad.ml/c/privacy (240/12) “Privacy”
🗽☯sopuli.xyz/c/privacysecurityosint (412/1) “Privacy, Security, and OSINT Show”
🗽☯rqd2.net/c/websafety (1/1) “online safety and privacy, for paras”
🗽☯lemmygrad.ml/c/digitalprivacy (118/1) “Digital Privacy”
🗽☯lemmy.libertarianfellowship.org/c/sap (5/1) “Security Anonymity Privacy”
🗽☯l.posterdati.it/c/privacy (2/1) “Privacy 🕵”
🗽☯feddit.uk/c/privacysecuk (264/1) “Privacy & Security UK”
🗽☯krabb.org/c/privacy (5/0) “Privacy”
🧺fedia.io/emailprivacy “Email Privacy”
🧺fedia.io/privacy “Privacy”
📰!privacy@lemm.ee
⚠feddit.org/c/datenschutz “Datenschutz - Privacy - Digitale Selbstverteidigung”
⚠lemmy.blahaj.zone/c/thenexusofprivacy “The Nexus of Privacy”
⚠lemmy.dbzer0.com/c/privacy “Privacy”
⚠lemmy.ml/c/vpn “Privacy is a right. Learn about how you can best protect your privacy in this channel”
⚠lemmy.ml/c/privatelife “privatelife - privacy, security, freedom advocacy”
⚠lemmy.ml/c/privacypride “Privacy Pride Europe”
⚠lemmy.ml/c/privacyonandroid “Privacy on Android”
⚠lemmy.ml/c/privacyinternational “Privacy International”
⚠lemmy.ml/c/privacyguides “Privacy Guides”
⚠lemmy.ml/c/privacydo “Do Privacy”
⚠lemmy.ml/c/privacy “Privacy”
⚠lemmy.ml/c/extremeprivacy “Extreme Privacy”
⚠lemmy.ml/c/exodus “Exodus privacy”
⚠lemmy.ml/c/europrivacy “Europe Privacy”
⚠lemmy.ml/c/dataprivacy “GDPR (RGPD) / Apply LegalTech to Defend European Dataprivacy Rights”

↓ Kingdoms under the imperial Cloudflare empire ↓
🏰lemmy.ca🌩|privacycanada “Privacy Canada Edition”
🏰lemmy.ca🌩|privacy “privacy”
🏰lemmy.one🌩|theprivacypodcast “The Privacy, Security, and OSINT Show”
🏰lemmy.one🌩|privacyguides “Privacy Guides”
🏰lemmy.world🌩|thenexusofprivacy “The Nexus of Privacy”
🏰lemmy.world🌩|protonprivacy “Proton ”
🏰lemmy.world🌩|privacypride “Privacy Pride International”
🏰lemmy.world🌩|privacyhub “Privacy Hub”
🏰lemmy.world🌩|privacycoins “Privacy Coins”
🏰lemmy.world🌩|privacy “Privacy”
🏰monero.town🌩|privacy “privacy”
🏰programming.dev🌩|privacy “Privacy”
🏰sh.itjust.works🌩|digitalescapetools “Digital Escape Tools — Privacy & FOSS”
🏰zerobytes.monster🌩|privacy “Privacy in the digital age”

On the good nodes, (x/y) means (subscribers/active recent posts).

It’s also worth noting that there are some communities for specific privacy topics, such as:

🗽☯lemmy.sdf.org/c/digi_fiefdom_required (121/1) “Digital Fiefdom (aka walled-garden) Required 🏰” 🗽☯lemmy.sdf.org/c/email_required (126/1) “Email Required (digital exclusion of people without email) 📧” 🗽☯sopuli.xyz/c/right_to_unplug (125/32) “Right to be Offline / Analog / Unplugged 🔌📪📖📟📝” 🗽☯lemmy.sdf.org/c/smartphone_required (277/65) “Smartphone Required 📱(digital exclusion of people without smartphones)”

Generally I would expect in france to be able to get a prepaid SIM for €15, which would then last a year. Is that not an option?

I would still object to paying anything, and then being forced to tend to that number which pinpoints a geographical location. If they can get msg to you by sms or voicemail, that likely satisfies any obligation they have to inform you which then creates an obligation on you to monitor the phone (I suspect).

How so? No blow-ups in the decades I’ve been doing it. People are not obligated to be voice-reachable (at least not by any laws I’ve encountered). Creditors need to send you a bill, sure, but that’s their problem. If they can’t handle fax they better be willing to use snail mail.

What’s blowing up in people’s faces is the culture of sharing a mobile number that then takes the role of identification, which then gets exfiltrated by cyber criminals. The abuse of using mobile numbers as an identifier has spread through Europe and only a small segment of privacy advocates currently realise the problem.

Twitter demanded a mobile number from me. Would not take a fax number. So I walked. Shortly after, Twitter had a data breach that leaked everyone’s mobile numbers. Then Twitter was caught abusing the mobile numbers themselves in ways not allowed in the privacy policy.

Americans are extra fucked because there is no privacy safeguard. The bank shares the number with the credit bureau, who then shares it with all members (banks, insurers, etc) and those who will pay for it.

Not even remotely. Ever heard of Efax? You email the phone number and the Efax company sends the fax.

eFax was bought by j2.com, so indeed i’m aware of it. Efax, Jconnect, j2… all the same ownership.

Fax is being ditched by those who think it is no longer used, regardless of whether they have dedicated equipment or a gateway. It’s the same decision. Either they ditch their fax service (i.e. their fax line is virtual), or they ditch their fax hardware. Or they decide to keep the fax number because they see they have customers who still use fax.

More likely they would call it, get the fax tone and mark it as a wrong number until you contact them.

They can suit themselves… that doesn’t matter to me either way if they decide to alternatively pay postage to reach me. Of course they’re going to be waiting a long time for me to reach them if they don’t signal to me that they want to reach me. If I decide to call them from my non-DID SIP line, the caller ID is set to spoof my fax number, which shows them the number is still correct.

There is no hope for people who choose to have a Google account in the first place. They are a lost cause… they cannot be saved.

I was hoping the article would instruct people who send email to a gmail recipient how they can opt their message out of any kind of Google snooping. I envisioned a header that I could add to my msg to opt out. But no, that article is only for Google boot lickers.

BTW, I always do an MX lookup on email recipients and if I see Google or MS, I don’t email them. But it’s not entirely effective because some recipients mask their email provider by using an email firewall service like baracuda. Hence why I would want a header or something to opt-out in case my email inadvertently traverses Google’s servers.

In some cases, snail mail is just too slow for the situation at hand. Speed is the only thing that makes fax irreplaceable in some cases.

In most cases, fax is much cheaper than postage. So I’m always grateful when I can send a fax… so I don’t burn through stamps so quickly.

I’m glad to hear some libraries offer access to broadcast TV signals. I’ve not encountered it but this will help in convincing my local library to do the same.

I’m familiar with the surveillance capitalist streaming svcs (amazon, netflix, etc) but I did not know about Hoopla and Kanopy. They are described as ad-free, so worth a look. But my quick take is that the websites are a bit dodgy/enshitified. Hoopla needs lots of Google JavaScript and after I enable it the page remains blank. Kanopy blocks Tor while playing dumb (“Sorry. An unexpected error occurred.”) I wonder are those US-only services or can a library member outside the US get access?

My local library indeed has DVDs, blu-ray discs, and PCs. I use the DVDs but that’s not really what I mean by broadcast TV. My local libraries seem to have no way to access local broadcast TV. Maybe it’s possible to go on a hunt to work out which networks have local broadcast, then track down their websites to see if they have liberated the content online, which could be enshitified in many ways with ads injected or be a conduit to a shitty place like Youtube. It’s probably not the best experience.

Broadcast TV “just works”. Broadcast TV does not push CAPTCHAs, try to collect data on you, or reject you for not using some proprietary app. It gives a technological guarantee of avoiding most enshitification that offline people expect to avoid.

I was an early adopter of e-mail and was on the web before it was graphical. But commercialisation has ruined them. I have mostly switched back to postal mail and fax. I have unplugged from home Internet service. For me this was an upgrade. In the same way, I think broadcast TV is a better UX than the enshitified net.

This method of Cloudflare would never be used in a site that takes credit card data, for example. That would violate the PCI rules that protect credit card data.

I took a moment to look briefly into this. PCI is not a legal compliance. It’s contractual. Merchants violate their agreement with visa/mc all the time and it tends to go unenforced.

So the next question is whether using Cloudflare’s gratis service (thus the 1st and last diagram in your post) is PCI compliant. Having read the nerdwallet link and this link:

https://listings.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf

letting Cloudflare see card № and CVV code seems to be PCI compliant. If the 1st diagram is in play (which is unlikely), that would be non-compliant. But in most cases there will be a CF→origin tunnel (the last diagram which is incorrectly X’d out). The rules are quite loose. E.g.:

Do ensure that third parties who process your customers’ payment cards comply with PCI DSS, PED and/or PA-DSS as applicable. Have clear access and password protection policies

So 3rd parties are allowed to see the data. Those other standards appear to deal with data at rest not in transit, IIUC. From nerdwallet:

4. Encrypt cardholder data when transmitting it across open, public networks. Among other things, don’t send unprotected account numbers via messaging technology. This includes email, instant messaging, text and chat.

When the tunnel terminates at Cloudflare’s server, the supplier just has to treat CF as a 3rd party who complies with PCI DSS, PED and/or PA-DSS.

In the event of disaster, law is out of the picture and all you have is finger pointing between two sides a slippery sloppy worded private contract. PCI does not seem to have any real unambiguous force in the case of Cloudflare’s most common config.