[continued from previous message]
for all of Facebook for six weeks on such a topical matter. Given how few posts there are, I would also like to know how many of those posts were in
fact part of those 30 anti-vaccine groups.
In any event, generalizing from this to the entirety to Facebook, Instagram
and Twitter is wholly improper.
(Indeed, in the PDF, Instagram is in fact not investigated at all. It is mentioned as being a platform these individuals use, but the content was not examined - only Facebook and Twitter.)
I think the large majority of the PDF is emotive activism to censorship, including an actual and fairly lengthy profile of each of the accused, with
a small and I have to say I found rather confusingly presented, and rather unexplained (too many "we choose as representative") part being the investigation that was performed.
There may be something in this, but taken as it is, right now, this seems to
me to be a means to an end - indeed, not entirely unlike the very disinformation it seeks to discredit in others. The origin is the "Center
for Countering Digital Hate", so we can imagine they're coming at this from
a particular point of view.
------------------------------
Date: Sat, 22 May 2021 05:01:55 +0000
From: Jay Libove <
libove@felines.org>
Subject: Sharing lock-picking information on RISKS
[was: Re: A mom panicked when her 4-year-old bought $2,600 in SpongeBob,
Popsicles (RISKS-32.65)]
Interesting note by PGN, and interesting comment be Bernie. My eyes barely twitched when I read the original post which described how to bypass the Washington Post paywall. (I just open WaPo articles in an
InPrivate/Incognito browser and re-accept the cookie and "You have three
free articles left" notice).
Should we share information about how to pick locks? I'm pretty sure we do that. Every day, in announcing vulnerabilities and the devilishly clever technology steps taken to exploit them. And, even better, in a timeless
SciFi way, by theorizing from where a next class of such vulnerabilities
will come, and how they may be used (for good and ill).
Of course, there's a responsible way to do that (and in my decades reading RISKS the posts here have always fallen on the responsible side; thank you, moderators).
What constitutes responsible disclosure of "Site <X>'s paywall can be bypassed?"
For that matter, what constitutes *ethics* in such a situation?
I'm a paying subscriber to at least four major news publications across
three countries on two continents, and on all of them I *still* have to repeatedly deal with cookie (re-)notices, to re-log in too frequently
(despite the "remember me" box having been ticked), and to suffer a raft of other repetitive, intrusive technology and user experience design failures.
Where is the ethos that says that, especially for the paying customer, site
<X> has to do a good enough job to avoid repeatedly interfering with my paid
use of their product, and stop wasting my time?
Two wrongs don't make a right (Despite that sometimes three lefts do ...),
but, NOT talking about the-secret-that-everyone-knows which isn't even so
much a symptom of "I don't want to pay for it"-it is but really "it's broken and everyone knows it but why won't anyone actually fix it" .. is that even unethical, in fact? Or is it a needed prod to fix these services?
With all that background, plus of course the broad availability of browser plugins, etc, meant explicitly to bypass paywalls, cookie banners, etc, I didn't see any reason why RISKS shouldn't allow such an item to be posted,
and I'm unsurprised that the moderators didn't get much feedback about it.
Bernie, I'm glad you raised it, because I think that a *risk* that maybe we haven't discussed enough in recent years is the aggregated societal cost in wasted time and increased stress from poor user experience caused by a combination of incompetence, excessive intent to continue selling (even to those who have already bought), and failures to understand/ excessive(?)
fear of regulatory action provoking excessive "security" and "compliance" friction in daily Internet use.
[This is a very useful response. I do not endorse schemes to get around
paywalls. For many years, I have tried to invoke fair use and *not* to
not run pay-walled items without seriously abridging them or PGN-ed-ing
them into my own words, and encouraging interested readers to dig out the
originals as appropriate. In running the original item, I was hoping to
trigger some constructive discussion that is respectful of paywalls but
also warning that we are increasingly living in a world where almost
everything is becoming monetized. I am delighted with the responses from
both Bernie and Jay. PGN]
------------------------------
Date: Sat, 22 May 2021 12:09:13 +0100
From: Martin Ward <
martin@gkc.org.uk>
Subject: NoScript is immoral? (Re: RISKS-32.69)
I have been running NoScript to block all Javascript by default on all but a few websites for many years and have been reading the occasional article
from the Washington Post for many years. I would not have even *known* about their javascript block if I hadn't run the experiment of turning off
NoScript on the web site. Note that the Post hands out and displays the complete article, along with some javascript that waits a few moments, and
then covers up the article with a request for a subscription. If the
javascript is not executed, then the article is not covered up. For all I
know, there may be dozens of other web sites that do the same!
A real world analogy: The Washington Post says, "I have an article about
XYZ, would you like to read it?", You reply "OK, I'll have a look at it".
*The Washington Post* hands you the article and you start reading. Then *The Washington Post* hands you a piece of cardboard and says "Please cover the article I just gave you with this cardboard". You ask "Why?" and WP answers "So that I can ask you to pay me money to take the cardboard away
again". You say "How about I just decide *not* to cover the article with the cardboard and carry on reading?". "THIEF!!!" Except in my case, I didn't
even *hear* the request to cover the article with the card. Am I still a
thief?
Is it really morally wrong to choose *not* to execute by default every piece
of code that is handed to you by any web site that you decide to visit?
------------------------------
Date: 21 May 2021 21:50:31 -0400
From: "John Levine" <
johnl@iecc.com>
Subject: Re: freemium for all, was A mom panicked
It appears that Bernie Cosell <
cosell@alum.mit.edu> said:
How handy! We needed a forum on how to "share" things that we ought to pay >for. Next fun activity on RISKS -- how to get ATMs to spit out money.
NB: I don't mean to start a fight but I don't think that kind of "help" is >appropriate for RISKS.
For anyone familiar with the way that the web works, it should be obvious
that freemium sites that let you view a few articles and then ask you to pay use a browser cookie to keep the article count. If you set your browser not
to accept cookies from a site, there is no counter and in most cases you can see all the articles you want. A few sites are pickier and check to see if you're doing that, but mostly they don't bother, on the reasonable
assumption that anyone trying that hard to bypass the paywall is unlikely
ever to pay, and the harder they try to block freeloaders, the more likely they'll also accidentally block legit users.
Those of us from the previous millennium remember software on copy protected floppy disks, same idea to allow some kinds of use typical of paying
customers but not other kinds typical of non-payors. The software industry eventually stopped doing that, because the copy protection annoyed the legit users, and the people who might be deterred by copy protection were unlikely
to turn into paying customers. There was even a plausible argument that a certain amount of copying led to more sales as people with illicit copies
found they liked the software enough to pay for documentation (there were
these paper things called "manuals") and support (using a now-forgotten kind
of telephone that you couldn't lose because it was attached to the wall with
a wire.)
As I've noted before, newspaper reporters like to eat, and subscriptions are
a big part of how they do that. So if you tweak your browser to bypass the paywall, that has nothing to do with "freedom". You're just being cheap.
PS: Next rant: why I don't waste a lot of time chasing down pirate PDFs of
my books. But when people write and say your book is expensive, send me a
PDF for free, sorry, no, that's what libraries are for.
------------------------------
Date: Mon, 24 May 2021 20:16:00 +0000
From: David Roman <
roman@hq.acm.org>
Subject: June 2021 CACM Inside Risks column and video
"The Risks of Election Believability (or Lack Thereof)," the Inside Risks column in the June 2021 Communications of the ACM (CACM), and its related video, by Rebecca T. Mercuri and Peter G. Neumann, have been published
online at
https://cacm.acm.org/magazines/2021/6/252836-the-risks-of-election-believability-or-lack-thereof/fulltext.
The video alone is at
https://vimeo.com/552504677.
[David's ACM URLs are likely to be behind the ACM paywall. The article
is also up on the Inside Risks website at
http://www.csl.sri.com/neumann/insiderisks251.pdf
PGN]
------------------------------
Date: Mon, 1 Aug 2020 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<
http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume/previous directories
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.69
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)