Instead, they didn't know much about me apparently and just stored what I told them.

Then it appears they were hacked because some completely unrelated release of stolen data included all my data, specifically all that data I had provided to that service, that one time.

The Verification Service is the honeypot for your private information. Arg.

I thought in many places it was related to the upcoming minimum age for social media. To verify age you need an ID. That's how we make it so most kids can't buy cigarettes, alcohol, thc, etc. You could argue social media shouldn't have a minimum age but that'll be the reality it looks like. How do we do that without ID?

This is an interesting point: there is a trade-off between kids being denied access to inappropriate websites and adults not being forced to verify their age. We can't have both, so we must weigh which is more important. One could argue that protecting kids is clearly more important; on the other hand, there are way more adults in the world than kids, so more people are impacted with restrictions for adults.

like if you could be issued an E-id that could perform a local signature/challenge-response that allowed the site to confirm an age bracket (like 12 or below,13-17,18-20, 21+), assert the entity that issued the id but not assert a stable identifier (not even pairwise) and not pass any data between other parties.

Obviously not foolproof, credentials can be stolen (same in your scenario) but the site doesn't need to care, they should be legally in the clear. Basically it would let you anonymously assert your age.

That attempt officially failed because the UK failed to inform the EU about it, but I suspect it was also much harder to sell people on having to buy "porn passes" than on "just" kicking kids off phones

[1] https://www.theguardian.com/culture/2019/oct/16/uk-drops-pla...

To the sibling comments: don't "accept the cookies" and then delete them.

- - -

I'm super angry at what the web has become, especially at the OS browser community. There is 0 browser (that I know of) that can access the web safely and conveniently. Atm I use Firefox with uBlock which blocks the cookie banners, but Firefox's extension model is broken, and every single extension provides 100% access to my websites to whoever controls the extension. I don't like it.

We need a browser with a safe extension model.

- - -

edit: I guess using 2 Firefox profiles, one with uBlock and one with my google/facebook/bank/amazon/etc accounts solves the threat posed by uBlock and extensions. I still don't like it.

I don't even think it would be even a blip on the radar now.

It really is depressing how much ground we've given.

It's really alarming, actually. I run the cyber security training & phishing simulations at my work, and it's the younger employees that struggle the most. It's like they just assume that everything on the web is trustworthy.

It's not hard to see why though. They grew up with app stores & locked down devices. No concept of a file or file system, no concept of software outside of the curated store & webapps. People that never had to take responsibility for their own digital safety because "someone else" (Google, Apple) always did it for them.

Definitely in 2026 kids should be getting tons of education in public school about how to safely browse the internet, both for personal data privacy and for safety against stalking, doxxing, grooming etc in the same way millenials were grilled about source checking internet resources like Wikipedia.

I click “accept the cookies” almost every time. I just personally don’t feel it’s worth the effort and cost to try to avoid it.

What “dark pattern cookie trick” are you worried about? I just can’t come up with a scenario where it will actually harm me in any way. All the examples I have heard are either completely implausible, don’t actually seem that bad to me, or are things that are trivially easy to do even without any cookies.

Now, I am not going around giving my real email out to random sites, though, although even that doesn’t strike me as particularly dangerous. I already get infinite spam, and I am sure there are millions of other ways to get my email address… it is supposed to be something you give out, after all.

I just don’t think it is something that is worth stressing out about and fighting against. Maybe I am actually naive, but I just have not yet been convinced I should actually care.

All this to let you do stuff you were allowed to do anyway.

The problem is handing kids admin level access on a device with full unfiltered access to several communication networks. You do not fix that by demoting everyone's access.

The person gets to see what information the service is asking for and can approve or deny. This'll likely end up being the future of how citizens access government services online.

Funny choice of wording: https://www.eff.org/deeplinks/2026/02/discord-voluntarily-pu...

IMO, the approach of having the large / popular commercial OS platforms ask you the birthday of the primary user on install (and secure that so it can't be changed), and then reveal the age (bucketed to a range) to apps. If you don't have kids, or care what they see, just put Jan 1 1900 (or have an explicit opt-out, which puts you in the last bucket). After that it's up to parents to parent.

https://github.com/moj-analytical-services/splink.

The question I'd ask myself is; who would _I_ trust to implement privacy preserving verification?

The only answer I can come up with right now is; myself. I would trust myself.

Very few of the things you list are things that I do primarily online (even during the pandemic), and none of those are things that I can only do online.

Presumably my place of employment would have already verified my identity when I started working for them.

> School? Online.

Ditto, and for kids enrolling during lockdown they wouldn't have any ID to hand over anyway.

> Recreational activities? Online.

> Talking to loved ones you don’t live with? Online.

> Birthday party? Online.

> Nonfood shopping? Online.

Doesn't need me to verify my identity.

> Banking?

Every bank I've ever interacted with has done this verification in-person.

> Paying taxes

The government already knows who I am and what I look like (by issuing the ID to me); this is fine.

> and bills?

Direct debit just has a sort code, account number, and name on the account. No verification of identity.

> Job interview?

I wouldn't think that a new employer would be verifying your identity until you actually get the job offer?

> Doctors appointment?

Doesn't need me to verify my identity to arrange it. I have to go there in person anyway, I can damn well show them my ID then.

> Dating? You guessed it, online.

Eh. This one is a grey area. I can see the desire to have members verify who they are. I've also seen how badly that can go wrong.

Children are clearly not capable of understanding the ramifications of this decision. So, prompting children to upload such info should itself be illegal.

Nevermind that most adults do not understand the ramifications either, but we assume they are capable of consenting to anything by fiat, so let's ignore that...

But there are couple of things I find subpar:

You can’t import/export a list of website permissions. For a couple of extensions I’d like to say “you have access to every website, except this narrow list” and be able to edit that list and share it between extensions.

On iOS, the only way to explicitly deny website access in an extension’s permissions is to first allow it, then change the configuration to deny. This is bonkers. As per the example above, to allow an extension access to everything except a narrow list of websites is to first allow access to all of them.

Finally, these permissions do not sync between macOS and iOS, which increases the maintenance burden.

¹ Private being the equivalent to incognito.

https://codeberg.org/konform-browser/source/releases

https://techhub.social/@konform

Shared today on Show HN but seems to be drowning in deluge of LLMs...

https://news.ycombinator.com/item?id=47227369

> every single extension provides 100% access to my websites to whoever controls the extension

That feels a like a bit of overstatement and depends on what addons you use and how you install them... CSPs at least make it possible to restrict such things by policy (assuming user has been exposed to it and parsed it...). https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web... MV3 introduced further restrictions and controls regarding addon capabilities. While I agree the UI and UX around this could be much better, it's not all hopeless. The underlying pieces are mostly there.

While the fundamental addon execution security model in Konform Browser is inherited from upstream, for core addons like uBO you can improve the supply-chain security situation by loading it under "system scope" and disable addon updates in the browser itself. So while we don't (yet) improve on the runtime aspects you speak of, at least for now we can tighten up the supply-chain side to minimize risk of bad code running in the first place.

Literally `apt-get install webext-ublock-origin-firefox`.

"Enterprise policy files" can be used to change Firefox behavior and tweak security model around addon loading. A little explanation and reference of how it works if you want to do the same in other FF build or for other addons: https://codeberg.org/konform-browser/source#bundled-extensio...

Any particular addon you think is missing from the list there and should also be packaged and easily available? Maybe will be able to improve some of the security-UI/UX here too down the line. I'd be keen to hear your take on how this should be done better!

Regarding what addons can and do leak about you to the outside... I think you may also take interest in FF Bug 1405971. We ship a patch for that which can hopefully be upstreamed Soon (tm).

My local library is run by the county government, so of course the government can see the checkouts, they are the ones I check the book out from. But they restrict checkout information from others. For example, a parent can see the checkouts of their own children, but not after they turn 13.

Perhaps you're talking about subpoenas? Checking some other libraries I see SF Public Library has some discussion about that, but they delete books from your checkout history once they are returned. https://sfpl.org/about-us/confidentiality-and-usa-patriot-ac...

...I mean I suppose you still can but still, it's not as obvious anymore and people's mobile phone numbers are unlisted by default and not publicly linked to an address..

How are the codes minted? Can I pretend to be a gas station and buy a big pack of ID cards, then just not check ID?

How can that be? The world population has been growing for decades.

Because of this, I found it odd that the regulation allows displaying the accept cookies button. Instead, it should be rejecting cookies by default and a separate flow to accept tracking cookies (e.g. via account settings page)

I suppose idea is that Chinese women will stay at home with the child so the state doesn't have to provide any help?

Being able to limit the influence of external bad actors is the main goal of ID verification. Age verification is a useful side effect that makes it easier to sell to the general public.

Big Tech has had at least a decade to fix this, did nothing of note, and is all out of ideas. Privacy advocates had the same time to figure out a "least bad" technical solution, but got so obsessed with railing against it happening at all, that nothing got any traction.

So governments are here to legislate, for better or worse. They know it's a trade-off between being undermined by external forces vs. the systems being abused by future governments, but their take is that a future authoritarian government will end up implementing something similar anyway.

I would say the time to buy mesh networking equipment is now. But it's not like I'm capable of defending the transmitter. So when they come for the VPNs, the VPSs, and encryption, I guess I'll just be out of luck.

(Out of luck = resigned to zero digital privacy. No matter I follow the law and “have nothing to hide” of course.)

Perhaps people will pass flash drives like North Korea or Cuba?

So many aspects of our lives are like this now. People just accept defeat cuz it would mean giving up one click ordering or free return shipping or they might have to look at labels to avoid bad companies.

I've run ad blockers for years now, but I'm still trying to forget those disgusting zit popping pictures that trended in ads for a while. Or those incredibly stupid life hack shorts, like the one where someone tied a cord around a mug and the hack to get it loose was smashing the cup... that crap made me despair for humanity as much as the Gaza genocide.

But google and facebook convinced the legislators that it would be impossible to keep that chum away from kids on their platform, so the legislators are going with the next option: banning the kids from the platforms.

(“what will be the impact to me”)

What makes it worse is that a substantial portion of users block web trackers through an adblocker. However on phones, unless you have a rooted phone or use some DNS-based blocker, all these analytics get uploaded without restraint.

Atm I use Firefox with uBlock which blocks the cookie banners, but Firefox's extension model is broken, and every single extension provides 100% access to my websites to whoever controls the extension. I don't like it.

Some browsers (e.g. Vanadium, Vivaldi) have a built-in adblocker, so you have to trust one party less.

At some point, you have to implicitly trust someone unless you audit every line of code (or write it yourself) and build everything from source that you run.

But the browser also has 100% access to all of the websites. The browser is software that works for you. You control the browser.

Who but yourself do you imagine controls your extensions?

> It's not hard to see why though. They grew up with app stores & locked down devices.

When we create a safer world, people’s defense mechanisms naturally atrophy or are never developed in the first place.

I think almost every Android user has thise concepts.

But on the trustworthy web assumption, I agree. The only effective remedy is a personal calamity.

You are. Tracking is extremely dangerous to the society.

Before Shiftkey offers a nurse a shift, it purchases that worker's credit history from a data-broker. Specifically, it pays to find out how much credit-card debt the nurse is carrying, and whether it is overdue.

The more desperate the nurse's financial straits are, the lower the wage on offer. Because the more desperate you are, the less it'll take to get get you to come and do the gruntwork of caring for the sick, the elderly, and the dying

https://pluralistic.net/2025/02/26/ursula-franklin/

I'll stand by my opinion that deeply integrating the internet into our daily lives instead of keeping as a "place you go" was a huge mistake.

Ooh I know, the elite classes across the globe have been exposed as degenerate pedophile subhumans. Knowing the information would release soon, they began to coordinate this campaign to provide lip service virtue signaling about child predation while also tightening their grip on the underclasses before it gets too heated.

It's disheartening that so many people still do this (and not accepting has rarely ever required enormous efforts, to begin with).

FWIW I'm 43 and grew up on the dark parts of the internet.

I'd be curious how that might work as I haven't yet seen a zero-trust age verification system.

We need better supervision which demands better parental controls which demands better content filtering which demands better content classification.

So fix the root. Legally mandate a standardized protocol for self reporting the content rating of resources.

Sure, it usually won't be prosecuted... Until you upset the wrong person and they're looking for a crime you did...

You are shifting the onus on to the platforms, when the problem is pretty simple; with a few exceptions, we've failed as a species to learn how to think.

Also do you think that the TLAs don't know who the bots most likely are with all the surveillance data they're gathering? That the NSA doesn't have detailed telemetry of the surveillance ops??

Let me ask you the question, what have they done about it? And why not?

    ||github.com^

Oh really? Then why do my browsers keep moving things?

To access government service we have something different. Here in Austria it's called ID Austria and you sign with an app when you try to access government services, but also others like health insurance etc.

Terrifying.

I am fanatically following my rule "one email per website". Obviously, they all route to the same inbox. Initial motivation was to see who leaks my address and simply block it. However, the separation helped me out tremendously more than I ever expected (at the very least I believe so).

I'm originally from a country with a highly oppressive regime. Years ago I signed up for financial support to a political opposition leader. Things weren't as bad and it felt safe enough at the time. They had my email, of course.

Eventually opposition systems were compromised, and the full donor list became public. The regime's response: they cross-referenced it against emails registered on government services. For quite a few whose addresses matched, police officers paid a visit — looking for grounds to fine them, pressure them, etc.

My alias for that site existed nowhere else. No match, no visit. Definitely an experience I was more than happy to avoid.

It’s naive to think that cookies are the only tool used for tracking, but they are the most powerful tool for web based tracking.

I think that is exactly backwards. Many of the companies integrating with KYC/AML providers (such as my company) definitely don't want to be dealing in ids, just like most companies don't want to be dealing in storing credit card numbers (and the compliance that goes along with it). Its why Stripe exists, and its why ID verification companies exist.

How? People already sell their accounts to spammers. Why would that change?

The choice is between democracy and our current ever worsening sociopolitical hellscape.

If eliminating bots and sockpuppets is the price for restoring some semblance of democracy, then gosh darn.

And if social media, targeted ads, and algorithmic hate machines are collateral damage, than gee double gosh darn.

Those sacrifices are a price I'm willing to pay.

Then they should say so. Elected officials lying to and misleading the public when their real intentions differ is almost criminal. It's not a behavior anyone should ever support. I will not vote for people who do that.

How does automatically determining your age serve the goal of ID verification? It seems like most sites are choosing this as the first option. If the point was to link your ID, why wouldn't they ask everyone to provide it?

Browsers should provide a filtering option before they makes a request.

IMO a lot of no-brainer options are missing from personal computers. Like the ability to start a program with restricted access to files, network or OS calls (on Windows and on Linux). Browsers should provide the ability to inspect, and filter network access, run custom javascript on websites, etc.

> At some point, you have to implicitly trust someone

A model so I trust my OS and my browser, and I don't have to trust anyone else, that is, they can't harm me.

Why are you using that malware? Is a "nice wallpaper" worth the security risks? Really?

- Read-only access to cross-tab web site content

- Ability to modify web site content

- Ability to access the network

They can always "access the network" in that the extension developer can push static updates for things like ad block lists or security updates.

It might be possible to have "read only" cross-tab access include automation APIs like keyboard + mouse, with user prompting to prevent data exfiltration.

We might be safer in terms of vulnerabilities, root exploits, RCEs, etc. but the internet is still full of malware, scams are still just as rampant. Vigilance is still very much required, but is no longer taught.

Look at all the malware available on the Play Store. The curation does nothing but create an illusion of safety.

the effort and cost to download an ad-blocker that automatically removes the prompt to accept/deny entirely is practically zero and the amount of clicks you'd save yourself would quickly exceed the clicks it took to install the blocker.

> I just don’t think it is something that is worth stressing out about and fighting against. Maybe I am actually naive

It seems like you are, but that's just how our brains work. We're very bad at judging long term and abstract risks, especially when the consequences and their connection to the cause are intentionally kept unclear. For example, when people's cars started collecting data on their driving habits and selling that data to insurance companies a lot of people saw their insurance rates go up, but none of the insurance companies said that it was because of the data collected from their cars. I'd be willing to bet the data being collected by tracking your browsing history has already been screwing you over in various aspects of your life, online and offline, but you won't be told when it happens or why.

No other prior generation comes close.

Compare them to people growing up in the 1980s. The average person at that time was overwhelmingly oblivious to computing very broadly, their grasp of a "file" as a concept would have been close to non-existent. That was just 40 years ago.

In the mid 1980s a mere 10% of US households had home computers. And that was a high mark globally, it was drastically lower in nearly every other country (closer to zero in eg China, India at that time). The number of people routinely using office PCs was still extremely low.

Today young people have a computer in their hand for hours each day, and they knowingly manage files throughout the day.

"Use Chrome"

"Crazy"

Or, completely normal behavior. Are you suggesting that people should live in a shed in the woods like the Unabomber?

One click usually gives random foreign corpos the right to your data across a multitude of platforms, the right to identify you across data sets, and to permanently link your device identifiers to you, for ”fraud detection” on a site which sells nothing.

Clicking on accept or deny on those notices makes no real difference, since the ”partners” and ”vendors” usually enshrine their core data activities into the ”legitimate interest” category, which has no opt-out.

The data trail you are creating is much more personal and invasive than you want to imagine, and in the wrong hands it could be used to devastating effect.

To your point about the actual harm, I've come to see it as a kind of ecological problem. Wasting energy and sending more trash to a landfill doesn't harm me individually, at least not immediately. But it does harm in aggregate, and it is probably directly related to other general harms, like overall health outcomes, efficiency, energy costs, etc.

No, accepting cookies by itself may not do much to me, but the broader surveillance and attention economy that relies on such apathy certainly has.

It's about the same process as any other vice: guns, drugs, etc.

(fwiw it's been a while since iOS also have those concepts)

It was also drilled into me that the default state of anything on the internet is to be untrusted and potentially harmful.

It also helped that you could actually tinker with things, and there were plenty of foot guns around to drill that lesson home.

Somewhere along the way that message got lost and didn't get communicated to the young ones, and I'm not even that old (38).

[1] https://news.ycombinator.com/item?id=47231456

> 1. Most of the dollar costs of making it all happen will be paid by the people who actually need/use the feature.

> 2. No toxic Orwellian panopticon.

> 3. Key enforcement falls into a realm non-technical parents can actually observe and act upon: What device is little Timmy holding?

> 4. Every site in the world will not need a monthly update to handle Elbonia's rite of manhood on the 17th lunar year to make it permitted to see bare ankles. Instead, parents of that region/religion can download their own damn plugin.

  - Misrepresents a material (non-trivial) fact in order to obtain action or forbearance by another person
  - The other person relies upon the misrepresentation
  - The other person *suffers injury* as a result of the act or forbearance taken in reliance upon the misrepresentation.

  - Recovery of damages in the amount of the *difference between the value of the property* had it been as represented and its actual value
  - Out-of-pocket loss, which allows for the recovery of damages in the amount of the *difference between the value of what was given and the value of what was received*.

18 U.S.C. § 1343

  (...)'any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises'(...)

Bubblewrap allows you to do that on Linux.

But there are other uses cases, like cloud2butt.

But what I'm actually questioning in my comment above is effectiveness of the technology solution proposed at the device level.

As the years have marched on, though, that "birthdate" becomes significantly closer to my real birthday.

When I got filtering on observe-only mode I saw users were getting up to a dozen phishing emails every day.

We quickly did a hard simulated phishing test and most users opened the email but zero users clicked through.

Two years later, after we had excellent email filtering in place, our simulated phishing test had a 30% fail rate.

Take from that what you will!

https://ageverification.dev/av-doc-technical-specification/d...

and remember its like ratchet. there might be 99% of services that use inhouse face id, and its enough to have only one to leak your data.

The point of ID laws is not to stop "bots" or "sockpuppets", it's to enable governments to shut down the speech of their political adversaries by painting them as dangerous. That is not democracy, that is authoritarianism, even if you absolutely hate the people that are being shut up.

Western countries are not in the midst of polarized political crises because of "external bad actors" or "sockpuppets". They're in these crises because of fundamental contradictions in values and desired policies between different segments of the populace.

The Europeans are currently full steam ahead in attempting to "fix" the situation by criminalizing dissent, which will, in the end, only exacerbate the political crisis by making the democratic system illegitimate.

This presents the problem of governments being able to gatekeep speech which I am quite uncomfortable with but maybe there's some safeguard within the eIDAS proposal that makes this idea incorrect?

But the tricky part is that "reading files" is done all the time in ways you might not think of as "reading files". For example loading dynamic libraries involves reading files. Making network connections involves reading files (resolv.conf, hosts). Formatting text for a specific locale involves reading files. Working out the timezone involves reading files.

Even just echoing "hello" to the terminal involves reading files:

  $ strace echo hello 2>&1 | grep ^open
  openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/proc/self/maps", O_RDONLY|O_CLOEXEC) = 3
  openat(AT_FDCWD, "/usr/lib/cargo/bin/coreutils/echo/en-US.ftl", O_RDONLY|O_CLOEXEC) = -1 ENOTDIR (Not a directory)

Or do you want the browser to enforce permissions on extensions so you can lock them down as well as auditing them?

It's only zero if you don't need to interact with sites that break when you're running an adblocker. I run an ad-blocker nearly continuously, but there are all sorts of sites where I have to disable it in order to use the actual functionality of the site (and these are frequently sites I _have_ to interact with).

For less-often used, e.g., non-English language sites, these often leave a site in an unusable state, e.g., non-scrollable. I often have to go into the developer tools to fix a site manually, sometimes hunting for the element to fix if it's not body or html.

While it is possible to interact with the local file system on a school Chromebook, it’s certainly not the default. School interactions with Chromebooks seem to consist of logging with highly secure passwords like “strawberry” and using Google Docs. And playing games with heavy PvP components and paid DLC (paid by parents whose kids beg for it, not by schools) that call themselves “educational” because they interject math problems needed to use those juicy spells, make no effort whatsoever to teach anything, but produce a nicely formatted report correlating scores to numbered elements of the Common Core standards.

This argument is like saying you understand nutrition because you eat food every day and haven't died yet.

No, they do not. First, simply using something does not mean you understand it at all. Secondly, because the devices they've become the most accustomed to work very hard to hide all those details from the user.

Unfortunately, they don't.

They might have had a computer in their hand for hours each day, but they barely know anything about it. The ones who do tend to be those who grew up playing on PC, as opposed to console or mobile, because the latter - despite falling under the "digital natives" aegis - are really shockingly ignorant of even basic concepts.

Ok, can you give me a plausible example of what that harm could be? This seems in line with the exact thing I said in my comment; every time I ask how it could harm me, I am given vague statements about tracking and data. Charging me more if they think I can afford it is surely a thing to worry about, but there are so many ways to do that without tracking that I already need to take actions to defend against that (comparison shopping, price history tools, etc).

I am not saying I don’t think companies can take data they have access to and use it to extract more value from me… I am saying I don’t thing opting out of cookies is going to do much to change that, for better or worse.

Conspiracy theories are gossip for men.

My kids will know way less about filesystems than I do, because I had to learn DOS commands to navigate around the operating system if I wanted to play computer games, which led to a lifelong interest in how computers actually work at a level they can (and, so far, do) happily ignore.

They know app silos, not file system hierarchy. Ask a teenager where a file is on their phone and the will tell you the name of an app. Ask them how to copy it somewhere else, and they'll use the share sheet and send it to another app.

High adoption doesn't equate to high literacy.

I still have the same question… how is my life going to be made worse by that happening?

They'll get it one way or another

With IP tracking, you don't really need cookies much anymore

I, as an individual, am not going to have any effect on a business if I opt out or not. No business decision is going to be made because I opt out.

You might argue that it will matter if enough of us do it. Sure, that is true... but again, it won't matter if I do it or not. If N number of people opting out is enough to ruin the business model, then N-1 is surely enough as well. There is a 0% chance that I am the one who finally causes the system to collapse.

I do use an ad blocker, and never click on ads. I feel like that action has a bigger return on investment than no clicking the cookie banner.

If having more information about me allows the website to charge more to show me an ad, and I never click any ads, then I am hopefully helping decrease the return advertisers get by using personal information.

I am fully aware that my standard fake birthday is now used by me in some many places, that I have started to have a fake fake birhday. I should really just randomise and store it in my password manager.

But obviously the context of this OP story ruins all that.

Or they may install keyloggers (including hardware loggers) to get the parents' password and then go update their account.

Certainly this may help hinder them, but it won't take long for them to learn the basics of curcumvention, and the cost is regulated speech for OS manufacturers.

Outside of that, there's increased traffic and the US as a whole is way too car centric. Suburbs are horribly designed, and we prioritize moving cars instead of moving people, and any kind of infrastructure design that might slow down traffic, reduce the need to drive, or mildly inconvenience a driver gets shot down.

There is a very real danger of getting killed by a distracted idiot in a car, and that risk is much higher today. I commute on I5 every day for work and every single day I see multiple people, going 80MPH watching tiktoks on their phone on the dash mount, or obviously looking down texting. I can't blame anyone for not wanting their kids running around the neighborhood when we can't even be responsible enough to pay attention when we are driving 2 ton death machines.

That being said, it was very early regulation in this field, and more recent approaches are already better, e.g., GDPR, DMA.

https://www.youtube.com/watch?v=sSxG8WHMw1g

Corrections: the channel was not demonetised, the video was removed

This accounted for most of the risks on the wild west internet, but the worst case scenario of permanently losing data or having to reinstall Windows was actually rarer than it was made out to be imho.

These days the common risks are the same, except they're no longer risks - all of those have been built into the fabric of everyday internet usage and criminals have been replaced by businesses. It's like the cliche about Vegas being better when it was run by the mob.

However, I'm just suggesting a modest improvement to browser extension security (that doesn't completely break ad blockers like Chrome's approach).

In practice, I run an ad blocker, and just trust that it won't exfiltrate bank passwords and stuff. Imagine the blast radius for a successful and undetected UBlock Origin supply chain attack!

My "pick one" approach (ad blockers would pick the middle option) would mean that comparable supply chain attacks would also need to include a sandbox zero day in the web browser.

Maybe not, but does that matter when they use an advertising profile to make your life hell before determining you're not in the problem group? Will they even bother to check? They already have been hassling and detaining citizens on similar sloppy suspicions around immigration.

Even if you're a perfect aryan and think you're safe from the current regime... will the next one have the same notion of perfect?

There are countless ways the data collected about you can be used against you. Companies are using this data for everything from setting prices, to deciding which policies they'll apply to you, what services they'll offer or deny you, even shit as trivial as deciding how long they should leave you on hold when you call them on the phone. It's been used to deny people housing, or employment. It's even resulted in innocent people being arrested and investigated by law enforcement. This guy (https://www.nbcnews.com/news/us-news/google-tracked-his-bike...) wasn't worried about Google tracking everywhere he went until he had to get his parents to clean out their savings to pay for a lawyer in order to prove his innocence.

AI is only going to make it easier for companies to leverage the massive amounts of data they've collected against us. Companies have been trying to get consumers to accept discriminatory pricing practices this data enables for a very long time (https://link.springer.com/article/10.1057/s41272-019-00224-3) and it looks like they're starting to wear us down. Digital price tags are becoming increasingly common. So are demands that consumers scan QR codes to get prices. Prices don't have to be set so high that they become unaffordable to you, they can just slowly eat away at more and more of your earnings.

The system is set up so that you will never know when or how the data being collected about you is used against you, but every company is looking to leverage that data to their advantage every chance they get. I get that it's easy to feel defeated and think "My ISP already sells my browsing history, Google chrome already collects all by browsing history, so who cares if I let 30 other random companies collect it too by accepting their tracking cookies on every website I visit?" but those companies collecting your data care very much and it's not because they have your best interests in mind. They aren't going through all the trouble to track you across every website you visit because it doesn't matter. Taking a few basic steps to help protect yourself is just the smart thing to do, especially when it's something as simple as using an ad blocker or an add-on to auto-reject the countless "Can we track you" requests.

And easily get sold add-on services. How many people hit the 5GB iCloud limit for backups and just pay without stopping to think that it might be possible to do local backups to your computer and you don't really have to pay for extra storage?

Just hit them with the scary language "You are at risk of losing your photos forever if you don't pay!" because that concept of "Oh, photos are just files in a directory and I can copy those anywhere I want" doesn't exist. To many, those photos are part of the gallery app, not a separate file from it and since that app only runs on the phone, surely it must not be possible to copy them anywhere unless I pay for the storage.

Also, gig workers get paid less when in a poor financial position. Harassed, detained when crossing borders.

These are the start, not the end.

I understand there's a clever phrasing here but I didn't get it. English is only my second language.

This proposal may have been updated since I read it previously, so I could be wrong now, but it didn't read as a true zero-knowledge proof as key steps in the flow still required a level of trusting the government as the central authority to do the right thing and not track requests, both today and in the future.

Then make it the point.

The Internet is already all but dead. We could fix it (as I propose). Or we let it die.

I'm fine with either outcome.

> criminalizing dissent

When has that not been true? Serious question.

Socrates was compelled to commit suicide. Jesus was nailed to a cross. Journalist and activists are routinely murdered. How many political prisoners are there right now?

The outcome you fear happened a long time ago.

Hell, cellphones these days ship with spyware pre-installed. Samsung being the one of the worst for filling their phones with their own apps which spy on you constantly.

That stuff is still there if you look for it, but it's not on your social media feeds or in any of the apps provided through app stores.

The data collected about us online is extensively used against us both online and offline. The multi-billion dollar industry around collecting and selling every scrap of data about you and your personal life didn't spring up because nobody was making money from it.

As a non-Apple user, this is not something that happened to me. I literally have a "Files" app on my Android phone and my laptop/desktop.

To be fair, at least Android and presumably iOS grant apps by default no access to your files in modern versions.

The only way to get, e. G., an attachment downloaded via Thunderbird to a PC or another app is the share dialogue. A user does not access to the isolated app storage by default on an unrooted Android phone. For better or worse the young user is actually making the right choice here for their platform.

(This is also why making a backup of an Android phone is a nightmare when you aren't using a first party option. ADB is sometimes able to bypass it)

https://gdpr.eu/eu-gdpr-personal-data/

People already pay for things like Kagi to try to get out from under the mountains of SEO adspam. I have to pay in time and aggravation to stay sane in the face of ever escalating tactics to shove ads in my face and manipulate my online behavior. So I don't think a smaller web would be a bad thing.

But I don't see that as likely to happen anyway; companies have found out that advertising and data harvesting is far more profitable, and governments have found the same to be very useful for exercising control.

Arguably, clicking on the ad but never buying would have a stronger negative affect. The advertiser pays for your click but gets no return...

I use an adblocker too.

Saying you don't see an individual motive here to do anything just says that you don't see how interconnected everyone is in modern society.

On the contrary, the ads become worse, since they become better at trying to get me to buy some crap I don't need.

The more irrelevant to my profile they are, the better.

All of your data starts affecting everything your data is used for.

You may get worse rates for a mortgage, or not get one at all. You may be denied insurance or insurance claims. Cherry-picked details of your online activities may be used against you in a court of law, if you ever find yourself in one for any reason (think custody).

These are the very mild examples from a somewhat functional society. In the other end of the spectrum, where societal breakdown is imminent, you have things like getting disappeared, thrown in a concentration camp, executed on your own front yard.

Why should I give up my data to any private entity?

If their business model depends on ads, then I say it should die.

- CBP has admitted to buying location/advertising data from brokers to use in helping locate people to arrest

- Phishing and identity theft can be made easier due to cookies... security researchers have even demonstrated 2FA bypass techniques based on it

- Price discrimination - Consumer Reports found that flight prices can fluctuate based on your cookies. Sometimes they would even raise the price if you kept searching for routes, as an indication that you were in a hurry, thus likely willing to pay extra.

- Healthcare discrimination - Companies have been found to raise healthcare prices or deny coverage due to cookie data aggregated via brokers where external sites tracked a person's health conditions based on what pages they visited (examples: fertility, cancer and mental health support groups)

- AI models or automated systems using cookie data to predict housing stability, creditworthiness, and employment risk without ever seeing your resume or credit report directly

- ProPublica found that Facebook was allowing advertisers to target their housing ads based on specific age/race groups stored in cookies

- Some recruiting firms have used cookies to infer personality traits and political leanings. Your employment application could be rejected or deprioritized based on that

- Based on the previous examples, I think it is not a far-fetched idea that websites and services could deny you access altogether based on data revealed by a combination of things like your browser fingerprint + brokered cookie data, such as political affiliation, estimated income, race/gender, health situation, etc. Imagine for example, not being able to order pizza because you badmouthed their favorite president online.

It's also harder to change your mind later and go delete a bunch of specific cookies to opt out when you could have just said no from the beginning.

Its highly unlikely your vote will swing an election.

If you want easy things to do use cookie blocking extensions.

It may be you don't believe in democracy at all, and that's fair, but consumer action is the only way you can affect business decisions, by joining the decision-cohort you agree with more. Joining the opposite cohort because it's less work represents that you're okay with things continuing in that direction.

That said, I agree with the work it takes to navigate cookie banners being excessive (hence dark pattern), which is why my default browser config = ublock + consent-o-matic [1]

[1]: https://consentomatic.au.dk/

My own personal bend is that I do not want to be sold anything and I want anonymity where possible. We’re constantly being advertised to. Anything small action that I can take to deter that, or make the ads less personalized/interesting/distracting to me, is worth it. Even if I also will never knowingly click an ad.

It’s probably largely a control thing psychologically. With cookie banners specifically, I also don’t want to concede to dark patterns which make accepting easier than rejecting.

Right, but this is not solely about cookies or blocking ads. You also leave behind data which helps create a profile. AI is mass-creating profiles of everyone. Not everyone will have the same pattern, but information space is finite and they get more and more data about you over time. You may think this is not relevant for your use cases, but can you make this as prediction in the future?

I learned to code on a Sinclair ZX Spectrum machine!

"Those were the days, next n" ( https://m.youtube.com/watch?v=-d8UfQn3BEg&list=RD-d8UfQn3BEg... )

In terms of cybersecurity, I see it as "security first" culture means people rely on the system to keep them safe. "Safety third" (or security third) emphasizes that everyone should already know they are operating in a risky and dangerous environment and take security as a personal responsibility.

It's just a reminder that no one cares about your life more than you do, so stay vigilant and take personal responsibility.

edit just realized I didn't actually answer your question on the first and second priorities.

I suppose First would be the reason the system exists in the first place (buy something online, for example). Second would be the user experience of doing the thing. Security should help you take calculated risks rather than prevent you from taking any risks at all.

Anonymous age verification is technically possible, but it is as pointless as any other age verification system, it could easily be circumvented if someone older willing to help.

Probably there is a reason why nobody uses it.

https://en.wikipedia.org/wiki/The_purpose_of_a_system_is_wha...

My data point is persona.

In my files app i see "downloads" "images", "videos", "apps", "starred", "safe folder". In "images" i see pictures tagged "downloads", "camera", "DCIM", "screenshots" and one odd "2024-12-03_description_here" that I clearly names myself but don't remember doing that.

I have no clue how that maps to a physical phone filesystem, even though I know it's there. I'm sure teenagers don't know that too.

That's exactly the point!

The file system is hidden from modern users. Kids brought up on this now have no idea or concept of where their data resides.

Part 1: misrepresentation of fact

Part 2: harm or loss due to that misrepresentation

You must prove both.

https://definitions.uslegal.com/f/fraud/#:~:text=and%20upon%...

That's admirably honest, but the contents of your mind don't necessarily correspond to the world outside it.

It’s much easier in the US to lose your job for what you say as in the EU and in the US the consequences of losing your job are more severe if you don’t have enough money so you can afford to lose it.

US freedom of speech comes with a price tag that puts the censor inside your brain.

None of those are true in my area, and how did the "Karen" even get to your child on your private road?

I'm not the person who wants to redesign the browser extension ecosystem, but I can build Firefox from scratch and review the source code if I want, unlike Safari.

I thought this was just ignorance.

Then I checked the profile. They ”have lots of experience with digital advertising “

“It is difficult to get a man to understand something, when his salary depends on his not understanding it”

Believing you are more under threat from sophisticated government hackers rather than unsecured IOT devices, unvetted npm packages or hijacked download links is just LARPing for people who want to sound more important than they actually are IMO.

Yes there has been a Files app on iOS devices for well over a decade

Note taking apps are a prime example of this, using a proprietary localdb for notes, inside of app storage you can't access, forcing you to transact with your own data exclusively through the app (and whatever subscriptions or upcharges that come with it). We've trained out the idea that these could just be local text files in a directory you can access and do with what you want.

I've watched discussions around open file formats fade away into obscurity along with the rise of mobile, and now we have to fight on whether we should be so graciously allowed to install software on the devices we own or not.

Not everyone needs to be a computer science student, but some basic level of curiosity or education around how tech works should be required in school, at the very least a warning message of "Your data isn't safe if it's not under your control."

It's just not commonly used for the reason the other person mentioned (share buttons between apps that are file type aware)

If you aren't worried about the US government having this, it's a sign of significant privilege and safety a lot of others don't have.

It's not possible to be a ghost, but it is possible to reduce your surface area in these systems, which is what I focus on. Denying tracking cookies is a single tool in this quite large toolbox.

These are all related to the collective action problem (https://en.wikipedia.org/wiki/Collective_action_problem). This is why we have regulations and rules and laws about things like pollution, because we CAN'T rely on everyone wanting to live in a clean world to make everyone not pollute.

> It basically just powers product discovery in a giant global marketplace.

That is also incomplete. See how profiling led to ICE finding people - and ICE has a proven track record of executing US citizens. That is also a fact. It does not mean profiling led to the death of the people here, 1:1, but it meant that it is a contributing factor to the build-up of government troops killing people (which is very similar of Europe 1930s by the way).

I feel time has gone faster since I got a job, if that makes sense. Every day yearning for it to be 5o clock so I can check out, every week yearning for the weekend, every month yearning for the last day to get paid. Doing this is just asking for time to be over sooner.

I just don't think blocking cookies meaningfully protects anything that I want to hide. I feel like it is putting gloves on while you walk around naked, it isn't doing anything to protect your privacy.

> You may get worse rates for a mortgage, or not get one at all.

That is an interesting example, because getting a mortgage is going to require me to voluntarily give ALL my personal information to the company giving me the loan, and they will absolutely use all of that to determine if I get a better or worse rate. I am literally giving them my entire financial history, they don't need to try to piece it together using my browsing history.

Also, shouldn't mortgage companies determine rates based on personal information about you? How else should they manage risk? It would be awful for our society if banks were forced to give loans out at flat rates for everyone. There would be zero incentive to pay back loans, because they can't use you not paying it back to decide not to give you more money in the future. If banks had to give everyone the same rate, they would stop lending money entirely. There would be no way to avoid losing it all, why would you do that? No, we WANT loans to be based on personal information, because that is what allows us to have control over our own financial reputation.

> Cherry-picked details of your online activities may be used against you in a court of law, if you ever find yourself in one for any reason (think custody).

This one seems very nebulous, and a very unlikely and low risk. Courts can do discovery; they can obtain much more personal information than cookie based online tracking data. I can't see how this would be worth considering.

> These are the very mild examples from a somewhat functional society. In the other end of the spectrum, where societal breakdown is imminent, you have things like getting disappeared, thrown in a concentration camp, executed on your own front yard.

If this happens, browsing history is going to be the least of our worries. They might throw you into a camp because you DON'T have any browsing history and that is suspicious. If there is no rule of law, you can't expect plausible deniability to help with anything. If we get to that point, they are going to have a lot more than ad tracking data to work with. The added risk seems negligible.

Which is why those things need laws to create any meaningful change.

I mean, insomuch as any action I take is a consumer action, because I am a consumer, this is true. That's why Luigi'ing is a consumer action.

But 'vote with your wallet' is an illusion; you have no way of informing an entity why you are rejecting their service if you simply don't patronize them. On a ballot you're actively choosing another over them. As a consumer, you're otherwise 'invisible' to them.

Walking past Target out of rejection of their politics, for example, is no different to them than the person next to you walking by because they don't need anything from them at that moment (and realistically, they would probably prefer to just switch you for said politically/privacy-un-conscious person). It's still good to stick to your morals, but that alone isn't actually 'consumer action' in the way you mean it.

It requires a coordinated, public messaging campaign that a group is boycotting actively to have any impact on a business. Your individual action of not clicking on Accept Cookies does nothing to influence businesses.

> It may be you don't believe in democracy at all, and that's fair, but consumer action is the only way you can affect business decisions, by joining the decision-cohort you agree with more. Joining the opposite cohort because it's less work represents that you're okay with things continuing in that direction.

I actually believe even less in 'voting with your wallet' than in actual voting, for all the same reasons except the cost of 'voting' in this case is even higher (choosing an individually suboptimal option with my wallet hurts me directly even more than the cost of voting in an election does... e.g. choosing to pay more to avoid major corporations costs me every time I shop) I personally think the only way to avoid companies destroying the common good for profit is to price in the destruction to make it explicit (e.g. carbon taxes, pollution taxes, etc).

[1]: https://en.wikipedia.org/wiki/Paradox_of_voting

I'm not a revolutionary taking up arms I'm a voter and a citizen in disagreement. Unless I am seen and counted, then being any of those things is worthless as well.

There is no value in hiding from the system while the system goes to hell and attacks everyone else.

You can always choose this no matter what ads they show you. In some ways, choosing to not be sold AFTER being shown ads might be more effective at shutting down that behavior than simply avoiding the ads entirely; forcing the company to pay to show you the ad that you ignore is costlier to them than simply not being able to show you the ad at all.

You make a case that EU has better social safety nets and employee protection not that the US has weaker free speech laws. While you can't ignore the effect having wealth can insulate you from consequences, it still doesn't support your statement as written.

Is it true that someone who is retired on a pension in US can say more hateful things without government action vs a similar retiree in EU?

https://www.transportforireland.ie/getting-around/by-taxi/dr...

---

Additionally, in plenty of European Countries, it's pretty common to write your name on your address: https://c8.alamy.com/comp/B01RP4/personal-name-plates-at-blo...

But have you considered that a meaningful number of users actually want functionality that plain text simply can’t provide?

I understand files and file systems, I’ve worked in IT for decades, mostly in open source. I still choose a non plaintext note solution because it delivers capabilities that plain text cannot, especially across devices.

As long as the data can be exported to open formats, why would I voluntarily limit the value and functionality my tools can provide?

Yes, which gets autosynced to my immich instance

Though not quite the EU anymore, the UK arrests people based only on speech in a social media post. Why should I expect they would be interested in building a truly private, zero knowledge age verification system?

Maybe for a more direct example I could point to the discussions related to the EU wanting direct access to all private messages, pushing Signal to leave the EU if that were to pass?

Sorry mate, the GDPR is there for a bloody good reason; and legit companies obey the law.

I was referring to: https://en.wikipedia.org/wiki/Dead_Internet_theory#Claims

> Yet we discourse here just fine.

True. But what makes HN an outlier?

If I ever decide that it is no longer worth voting then I will probably leave the country under the expectation that other people like me giving up on voting are doing it for roughly the same reasons.

[1] https://www.localcdn.org/

Ignore at your own peril, and enjoy risk with no benefit.

That may be true, particularly in the short term, but you might be hurting everyone else including yourself in the long term. Opening your wallet sends a signal to the receiving business to keep doing what they're doing, even if we all know it's bad.

There's also a cultural aspect to consider. It's normalized to not think of anything other than cost. That's why we have CAFOs, toxic plastic children's toys, landfills full of junk, etc... Pricing in the destruction might help, but at some point our culture needs to change. Outside of the occasional voting, we're all pretty powerless to enact top-down change like taxes and regulations, but we can all build culture.

About voting with your wallet, I agree that it'd be best if companies actually had to pay for those externalities you mentioned. If you have spare money to spend, you can view not choosing the cheapest option as supporting or donating. That's what I sometimes do when e.g. buying locally instead of ordering from somewhere far for cheaper. I can get local faster and it's more convenient, so there's lazyness, but thinking about it as supporting helps me rationalize it further (and it is true). I don't think it really hurts me more than buying something else that I don't strictly need. I see indirect value in trying to uphold things I like.

And I think this is great. Often our convictions aren't, and those are what make us interesting! I also think it's interesting how/why we rationalize our irrational behaviors! For example, I generally feel the same way as you about voting, but I don't like living as (in my mind, at least) a defeatist. Also, I feel that if I didn't vote then I have no right to complain or have an opinion about the things I didn't vote on. So I go vote for those reasons.

In theory, the government doesn't need the ad exchanges which have very lossy information. They have access to the ISPs and cell service providers, etc, with a warrant. Dictatorships like China and Russia don't need ad network data to be police states, they just use the core phone, internet and computer data.

But in this case, the US gov are using the insecure private data as a run-around to the warrant process. This is definitely unfortunate, and I think laws should be amended to prevent this workaround.

That's not up to you to decide. It's up to whomever is in power and has the ability to label you as such.

But even prisoners get healthcare in the EU, so I guess some US citizens would even prefer a EU jail over dying in the US.

Given the recent deaths of two actors and their GoFundMes I can’t imagine the hassle of less fortunate people when they get hit by US medical bills.

The US are one step away from a show like the Running Man shows

Writing it down would give more information to everyone else at all times.

It also has no bearing on willingness to implement proof of age without additional disclosure.

But yeah not EU, one country in Europe is unlike another, etc.

These things don't happen on a liberal/conservative axis in my experience.

I've lived all over the place, though not as much with kids, and have had none of these issues (including having mixed race kids who look much more like their other parent than me).

You really need to look at why you're living where you do.

But at least we have cookie banners everywhere.

Once again, I'm not the one who said they would like to design a new browser extension framework, but I have created custom versions of Firefox that have all ability to phone home removed and modified extension support. So not verifying every single line of code, but making fairly substantial changes in the direction the parent poster wanted to go in.

I'm interested in a conversation about that, not you pestering me about whatever issue I seem to have triggered within you that resulted in your interjections in this conversation.

It could die if it becomes profitable to spamers. Or maybe it's dead now and one or both of us are llms.

But as long as the content quality meets my personal utility threshold, it makes sense for me to visit it, regardless of whether it is a victim of DIT. Ultimately it's probably up to webmasters to understand if the traffic on their site is either profitable or of a high enough quality to justify the operating costs of a hobby.

I do not think this should be analysed from the perspective of an individual but from the perspective of being part of a collective.

Individually we are pathetic naked monkeys, collectively we are mighty

See: US ICE telling people filming that they're domestic terrorists because they are filming.

See: the poem "first they came..." which happens every time

Would be nice if there was some other solution, like maybe encrypting the browser profile and then requiring a pin/password/biometric/something to unlock it on each start.

That is exactly my point, though. The signal from my personal transactions isn't going to be enough to change anything. It will be drowned out by everyone else.

Of course, you are right that if enough people closed their wallet, then the business would have to change. However, that is STILL true even if I keep my wallet open. If N people stopping their shopping at a store would cause it to close/change its practices, then surely N-1 people stopping their shopping would also cause it to change. I could still keep shopping their, get the benefits while they last, and then switch once it finally goes out of business.

Of course, you might reasonably say, "Well, if everyone thought like you, then the change would never happen!" True, but my decision does not change anyone else's decision. The other people won't even know my choice, it isn't going to make other people boycott.

You could argue that people will listen to what I say, and I could influence them. That is true, but that is again independent of whether I actually 'vote with my wallet' or not. The influence I have on other people is the same whether I tell them not to shop there and I also don't shop there, or if I tell them not to shop there but secretly shop there myself.

Obviously there is some other morality at play here, but it isn't as simple as invoking the direct signal I am sending by choosing to shop somewhere or not.

We spent money on goods/services we choose, and receiving money is a very strong signal to a business. Not spending money is an extremely weak signal.

Opposites.

Cooperation to the detriment of the individual in the animal world is exactly the same phenomenon in a much simpler system. That is widely and repeatedly evolved so we know for a fact that the game theory works out in a vacuum (ie without human cultural factors).

Any high trust cultural behavior is similar.

But it isn't because my individual vote actually matters.

Two other fine examples of thriving online communities are metafilter and ravelry.

I'm sure there's many more on the web. I just don't get out much.

And many, many not on the web. Using discord, telegram, old school BBSes, etc. But, as dead Internet theory notes, they're not publicly visible and therefore not discoverable, not being indexed.

https://www.thetimes.com/uk/crime/article/police-make-30-arr...

The GDPR does outlaw unnecessary collection of personal data without explicit opt-in consent. It's baffling you appear ignorant of this.

I get that it's supposedly about security, but this is not the only secure way. It is however the most convenient secure way for Apple, as now the only simple method of backing up and syncing files through all those isolated containers is iCloud.

Only Tor Browser can reliably fight with it.

[1] https://github.com/Cookie-AutoDelete/Cookie-AutoDelete

Is it effective? Probably not in the short term, at least for the intended purposes, but secondary effects like personal growth, satisfaction, and social dynamics might be realized.

https://abrahamjuliot.github.io/creepjs/

And yes it often results in endless captcha loops.

- Biology gives us the instinct to cooperate and the capacity for empathy.

- Capitalism provides the mechanism to scale that cooperation to millions of strangers.

- Institutions (laws/culture) provide the rules that prevent the "vacuum" from devolving into a state where the strongest exploit the weakest (which is actually what happens in nature when policing fails).

Therefore, in a capitalistic society, cooperation to the detriment of the individual (e.g., paying taxes, following labor safety rules) is not just a biological imperative; it is a social contract enforced by culture to allow the complex system to function. Without the cultural layer, the biological layer alone is insufficient to sustain a modern economy.

>We don't vote for a policy (although that is a common misconception.) The collective power of voting is often voting against a person/party : voting them out.

Few people get coffee to support union labor but knowing that a coffee shop is actively antagonistic toward unionization may cause you to choose a different shop. The collective power of voting with your dollar is to 'vote in' businesses. The businesses not receiving votes must change or find themselves voted out. Much like politicians, businesses can also look at where the money-votes are going.

If you only pay attention to national elections sure. Tons of local and state elections come down to a couple hundred votes all the time.

What about video games? They only have utility in pleasure and the sedentary lifestyle associated with over-playing them is extremely harmful.

Sounds to me like you have some random things you decided you don't like and want to ban ads for them, not that you've done any thinking about utility (other than as a bad attempt at rationalizing your anti-some things campaign).

It really was an extraordinary story without any extraordinary evidence.

So you can pretend that the law is effective or you can admit that all it gave the world were cookie banners.

Many sites I use force email or SMS-based 2FA, sometimes in addition to "security questions" and/or have other multiple steps of authorization (like captchas) required; it's often not just a simple username/password for me.

Now multiply that by 25 different sites. Not happening.

Also, that EFF site only checks against other people who visited the same site, so the results are skewed IMO. The other comment that links to creepjs is what I consider the best available open source tool.

Blame the parasitic ad-tech industry for their existence. Not the lawmakers who protect all our privacy.

As usual, just blame the victim, then complain they don't provide evidence knowing full damn well child and family welfare services complaints are sealed and hidden from public oversight. This is how vampires with these theories operate, first they make it illegal to get the records, then they make it illegal to even find out who the accuser is, then when you call them on it they say "ha ha, you don't have the evidence, that we made it illegal for you to get!" The whole system is designed to evade oversight, so what we are all left with is anecdotes that we have about our own childhood being so much different than the ones our children have after interactions with the authorities that have placed these restraints. But of course when you share them, they are only used against you by persons such as yourself (judging me for where I live, as if it's not going on all over the US). So people are reluctant to even share the anecdotes, and by law you generally cannot get the formal records (think of the children!) of these encounters nor the names of the accusers so basically they designed the whole legal structure to enable the muh citation crowd to be able to always pretend like the other side is just hiding from the evidence.

( If you look, at say, the problems with child abuse physicians in cahoots with CPS systematically victimizing families of children with brittle bone disease for instance, we basically had to wait for enough parents to tell their anecdotal stories of losing their kids until lawyers really started to step up to defend these cases as we now know doctors and CPS will systematically accuse children with multiple breaks of being victims of abuse, even when there is zero evidence the parents or child were inflicting an amount of force that would break healthy bones. The individual cases can't be scrutinized to bring these things to daylight because they're all sealed under child welfare laws, hence we just had to wait for a bunch of "extraordinary stories" with weak evidence to be told until someone finally believed them and others from society could step up to help these victimized families).

Personally I find it absolutely fucking hilarious that as much or more CPS induced restraint existed ... before CPS did.

>Yeah, except the now redacted comments didn't indicate that was the case which is why I was asking more questions.

Lol you responded to my comment saying it was an easement which meant I was not able to gate it. Although frankly your tone of questioning seemed to be more directed towards alluding I was a liar, than a genuine interest in the road.

You didn’t say this?

You don't have to compare your fingerprint with other visitors. Just have a look at the detailed information to understand which things reveal your identity the most.

I guess if your position really is votes don't count unless its the one to tip the scale no one would be debating you because its irrelevant. Maybe lead with that.

You seem to have replied to the wrong post.

> As usual, just blame the victim, then complain they don't provide evidence knowing full damn well child and family welfare services complaints are sealed and hidden from public oversight. This is how vampires with these theories operate, first they make it illegal to get the records, then they make it illegal to even find out who the accuser is, then when you call them on it they say "ha ha, you don't have the evidence, that we made it illegal for you to get!" The whole system is designed to evade oversight, so what we are all left with is anecdotes that we have about our own childhood being so much different than the ones our children have after interactions with the authorities that have placed these restraints. But of course when you share them, they are only used against you by persons such as yourself (judging me for where I live, as if it's not going on all over the US). So people are reluctant to even share the anecdotes, and by law you generally cannot get the formal records (think of the children!) of these encounters nor the names of the accusers so basically they designed the whole legal structure to enable the muh citation crowd to be able to always pretend like the other side is just hiding from the evidence.

I'm not blaming anyone. Your experience is so wildly different from anything I've seen or heard living in many different areas across the US that I'm interested to hear more about it, and then you go on a tirade that has virtually nothing to do with the topic at hand instead of providing any remotely relevant information.

> Lol you responded to my comment saying it was an easement which meant I was not able to gate it. Although frankly your tone of questioning seemed to be more directed towards alluding I was a liar, than a genuine interest in the road.

I don't have a gate on the private road to my house either, yet no one drives down it to interrogate my kid about my whereabouts.

Is it a neighbor who also shares the private road? If so, that makes some sense but it sounds like you need to have a discussion with them. Why didn't you trespass them if not?

If this Karen calls CPS because they were trespassing and weren't aware that you were nearby, so what, other than wasting some taxpayer dollars? Has anyone ever had their kid taken by the state because of a claim like this? Since the answer is no, why are you so freaked out about it, way beyond being annoyed at this Karen (who does sound annoying in this story)?

Like I said to the other person, it's a series of extraordinary claims that frankly make almost no sense, and then you rant about tangential topics when asked for more detail. It doesn't make your anecdote more believable.

> Your argument is basically well voting doesn't matter so we should have a dictatorship instead of democracy

I am actually not saying that at all, which is what makes this a paradox. I think democracy is important and that getting an accurate determination of the will of the people is important... but it still doesn't make sense, from a pure game theory perspective, to vote in an election.

It isn't REALLY a paradox, because both things are true - voting is a good way to get a representative sample, and a single vote isn't going to change that sample very much.

In many ways, this is just basic statistics, and we experience this every single election night - elections are called WELL in advance of every single vote being counted, because we already know with statistics what the result will be. Now, there are a few examples of this going wrong, but those are mostly times where the rush to call an election makes people call it when the statistics say there is still a reasonable chance for a comeback.

Honestly, it if was up to me, elections should be determined by a random sample. Randomly select N citizens from the country to be the voters that year, and use that result. If N is sized correctly, you will get the same result you would with an actual election, and we don't have to have everyone waste their time voting.

This would never happen, of course, and I honestly can kind of understand why; the results aren't the only thing that is important, feeling connected to the process and that your voice matters also is important. It is a bit of a agreed upon delusion, though.

A person driving down a private road and threatening to call CPS because they can't see the parent is not rare?

And the parent poster didn't just say someone threatened to call the cops, they said that they would be jailed in two very specific circumstances where jailing him would have led to very negative consequences for the arresting parties in anything beyond the immediate term.

Many people are stupid, and do stupid things like calling the cops for no valid reason at all. Those people are annoying and can be ignored, and I would not be remotely surprised by any pseudo-anonymous person doing something stupid. What would surprise me is the cops actually responding to the call and making the decisions that the other poster claimed, with a few exceptions where I would be much less surprised.

Since he only responds to questions with tangential rants, we'll never know for sure what happened.

Either you are disingenuous or incredibly sheltered. It's hard to tell which, but I suspect I know.

What the original poster was describing is exceptionally rare, which is why neither he nor you have anything meaningful to say about it.