#article #read
In reply to nevent1q…kw8j
_________________________
[...] The Going Dark initiative, or ProtectEU as the Commission now calls it, wants to “enable law enforcement authorities to access encrypted data in a lawful manner”. This is a Chat Control 3.0 attempt.
The EU Commission and several member states are also looking for new rules on data retention. In a new ”Presidency outcome paper”, the member states discuss metadata retention: which websites you visit, and who is communicating with whom, when and how often. The ambition is “to have the broadest possible scope of application” and this time some member states also want the proposal to include VPN services. [...]
https://mastodon.online/@mullvadnet/115742530333573065
via Nostr@cxplay_clip
In reply to nevent1q…kw8j
_________________________
[...] The Going Dark initiative, or ProtectEU as the Commission now calls it, wants to “enable law enforcement authorities to access encrypted data in a lawful manner”. This is a Chat Control 3.0 attempt.
The EU Commission and several member states are also looking for new rules on data retention. In a new ”Presidency outcome paper”, the member states discuss metadata retention: which websites you visit, and who is communicating with whom, when and how often. The ambition is “to have the broadest possible scope of application” and this time some member states also want the proposal to include VPN services. [...]
https://mastodon.online/@mullvadnet/115742530333573065
via Nostr@cxplay_clip
#article #read
Problem when navigating routing - Support - Netlify Support Forums
https://answers.netlify.com/t/problem-when-navigating-routing/98037
via Nostr@cxplay_clip
Problem when navigating routing - Support - Netlify Support Forums
https://answers.netlify.com/t/problem-when-navigating-routing/98037
via Nostr@cxplay_clip
#article #read
In reply to nevent1q…x0kd
_________________________
Range header is ignore on large files - General - Cloudflare Community
https://community.cloudflare.com/t/range-header-is-ignore-on-large-files/650787
via Nostr@cxplay_clip
In reply to nevent1q…x0kd
_________________________
Range header is ignore on large files - General - Cloudflare Community
https://community.cloudflare.com/t/range-header-is-ignore-on-large-files/650787
via Nostr@cxplay_clip
#article #read
cloudflare缓存与绕过缓存 | 雪饼的狗窝
https://zhouxuebin.club/blog/posts/cloudflare-bypass-cache/7fd52515/
via Nostr@cxplay_clip
cloudflare缓存与绕过缓存 | 雪饼的狗窝
https://zhouxuebin.club/blog/posts/cloudflare-bypass-cache/7fd52515/
via Nostr@cxplay_clip
#article #read
The Impossibility of Perfectly Caching HTTP Range Requests - Kevin Cox
https://kevincox.ca/2021/06/04/http-range-caching/
via Nostr@cxplay_clip
The Impossibility of Perfectly Caching HTTP Range Requests - Kevin Cox
https://kevincox.ca/2021/06/04/http-range-caching/
via Nostr@cxplay_clip
#article #read
In reply to nevent1q…qqet
_________________________
TikTok Deal Done And It’s Somehow The Shittiest Possible Outcome, Making Everything Worse | Techdirt
https://www.techdirt.com/2025/12/19/tiktok-deal-done-and-its-somehow-the-shittiest-possible-outcome-making-everything-worse/
via Nostr@cxplay_clip
In reply to nevent1q…qqet
_________________________
TikTok Deal Done And It’s Somehow The Shittiest Possible Outcome, Making Everything Worse | Techdirt
https://www.techdirt.com/2025/12/19/tiktok-deal-done-and-its-somehow-the-shittiest-possible-outcome-making-everything-worse/
via Nostr@cxplay_clip
#article #read
Understanding email encryption | Fastmail
Here’s the honest truth: if you are a journalist trying to protect a source, or face nation-state adversaries, you probably shouldn’t use email — use an encrypted messaging app instead. But for the vast majority of communications, modern email security offers substantial protection while maintaining the features that make email indispensable.
https://www.fastmail.com/blog/email-encryption/
#电子邮件
via Nostr@cxplay_clip
Understanding email encryption | Fastmail
Here’s the honest truth: if you are a journalist trying to protect a source, or face nation-state adversaries, you probably shouldn’t use email — use an encrypted messaging app instead. But for the vast majority of communications, modern email security offers substantial protection while maintaining the features that make email indispensable.
https://www.fastmail.com/blog/email-encryption/
#电子邮件
via Nostr@cxplay_clip
Fastmail
Understanding email encryption
A comprehensive overview of how email is encrypted, the benefits, and the trade-offs.
#article #read
Banning controversy reveals Bluesky’s federation isn’t there yet
https://plus.flux.community/p/banning-controversy-reveals-blueskys
#Bluesky
via Nostr@cxplay_clip
Banning controversy reveals Bluesky’s federation isn’t there yet
https://plus.flux.community/p/banning-controversy-reveals-blueskys
#Bluesky
via Nostr@cxplay_clip
plus.flux.community
Banning controversy reveals Bluesky’s federation isn’t there yet
Bluesky’s protocol is so complicated that not even the biggest alternative network has figured out how to become independent
#article #read
Intercepting traffic on Android with Mainline and Conscrypt
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
via Nostr@cxplay_clip
Intercepting traffic on Android with Mainline and Conscrypt
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
via Nostr@cxplay_clip
NVISO Labs
Intercepting traffic on Android with Mainline and Conscrypt
A deep-dive into Conscrypt updates via Mainline and the impact on Android 11 to Android 16.
#article #read
Manufacturer Remotely Bricks Smart Vacuum After Its Owner Blocked It From Collecting Data - Slashdot
https://yro.slashdot.org/story/25/11/02/2241201/manufacturer-remotely-bricks-smart-vacuum-after-its-owner-blocked-it-from-collecting-data
via Nostr@cxplay_clip
Manufacturer Remotely Bricks Smart Vacuum After Its Owner Blocked It From Collecting Data - Slashdot
https://yro.slashdot.org/story/25/11/02/2241201/manufacturer-remotely-bricks-smart-vacuum-after-its-owner-blocked-it-from-collecting-data
via Nostr@cxplay_clip
#article #read
Can you really reach anyone in 6 steps?
https://youtube.com/watch?v=CYlon2tvywA
#社交媒体
via Nostr@cxplay_clip
Can you really reach anyone in 6 steps?
https://youtube.com/watch?v=CYlon2tvywA
#社交媒体
via Nostr@cxplay_clip
#article #read
Bear is now source-available | ᕕ( ᐛ )ᕗ Herman's blog
https://herman.bearblog.dev/license/
via Nostr@cxplay_clip
Bear is now source-available | ᕕ( ᐛ )ᕗ Herman's blog
https://herman.bearblog.dev/license/
via Nostr@cxplay_clip
#article #read
(2021/09/06) HTTP/3: Practical Deployment Options (Part 3) — Smashing Magazine
https://www.smashingmagazine.com/2021/09/http3-practical-deployment-options-part3/
via Nostr@cxplay_clip
(2021/09/06) HTTP/3: Practical Deployment Options (Part 3) — Smashing Magazine
https://www.smashingmagazine.com/2021/09/http3-practical-deployment-options-part3/
via Nostr@cxplay_clip
Smashing Magazine
HTTP/3: Practical Deployment Options (Part 3) — Smashing Magazine
After almost five years in development, the new HTTP/3 protocol is nearing its final form. In this part 3, Robin Marx will look at how to practically use and deploy QUIC and HTTP/3, by looking at most best practices and lessons learned from HTTP/2. You’ll…
#article #read
访谈: Twitter前信任与安全主管 Yoel Roth 谈SNS Trust & Safety
Yoel Roth on Banning Trump, Battling Bots & the Difficult Job of Trust & Safety - YouTube
https://www.youtube.com/watch?v=yS_cXVrkyVE
Roth 的主要观点:
1. content moderation decisions are like assholes. Everybody's got one. 这句话我解读为世上人人都有屁股,每个屁股的位置不尽相同,所以理论上做出任何审核决策都会有人觉得你屁股歪了,这份工作需要平衡截然不同的意见,做出公平且保护用户的决策,因此极其困难
2. 目前许多去中心化平台(如Mastodon)的信任与安全工具远不如中心化平台成熟,例如,缺少批量封禁功能,难以有效应对大规模spam(说起来上一次Fedi Spam也是过去很久了,联邦宇宙之鸡下次究竟何时回归让我们拭目以待)
3. 许多去中心化平台在审核方面的透明度甚至不如中心化平台(a.k.a 管理员原来你真的是土皇帝): 相比 Twitter 在封禁事件后发布详细的决策理由,许多去中心化平台甚至不会通知用户被封禁,或内容被删除后没有任何提示,这削弱了决策的可信度。
4. 资金与可持续性:最严峻的问题之一,负责构建去中心化生态信任与安全工具的组织(例如IFTAS)因缺乏资金和持续的经济模型而难以为继。运行复杂的模型(如 CSAM 检测)需要高昂的计算成本,志愿服务无法长久。
5. 因为注重隐私,去中心化平台的可用风控判断要素远少于中心化平台: 中心化平台因保存 IP、设备 ID 等数据,能够进行复杂的行为分析和溯源。而许多去中心化平台出于隐私考虑,不收集或不让管理员访问这些数据,这极大地增加了识别虚假账户和协调行为的难度
6. 基于2-5,当 Meta 的 Threads(尽管是一个中心化产品)在处理反垃圾信息等方面反而比部分去中心化平台更有效时,这表明去中心化项目的目标可能未能完全实现。
7. 虚假信息正从单纯的fake news转向意图煽动情绪的内容(举了2016美国大选的例子),因此,应对策略应从判断 “内容真伪” 转向识别 “行为的真实性/非真实性”,例如账号注册地、账号行为模式(批量发布、特定发布时间等)。
8. LLM让Spam伪装程度得到空前提升:LLM 能生成高度流畅、有说服力的内容,使得内容本身的判断更加困难。对抗 LLM 的关键在于关注其底层 行为模式(如账户创建、自动化操作、发布规律),而非仅与内容本身竞争。
9. 小型社区能够带来别样的社区凝聚力:拥有数十亿用户的平台(如 Instagram)面临着全球前所未有的治理难度,几乎不可能形成一个像样的“20亿人政府”。相比之下,语言、文化、社交联系更紧密的小型社区(如 Maori Twitter, Black Twitter)在自我治理方面表现出更强的能力。Black Twitter 的“Your slip is showing”标签即是社区自我浄化的实例。但即使是小型社群,也需要警惕并防御外界的恶意行为者。不能因社群规模小而放松警惕,威胁是普遍存在的。
10. 个人权利(如过滤掉不希望看到的内容)与集体/他人权利(如不被 Doxing 的保护)之间可能存在冲突。当内容被过滤,用户(受害者)可能并未意识到危险,这时需要明确谁负责执行保护性权利。
11. 审核团队应该多元化:很多平台的创始人是白男,其经验无法代表所有用户
12. 是否应推广民主:Roth称他个人支持民主,但不同社区可能有更高的优先级,如社区凝聚力。硅谷公司本质上是资本驱动的商业实体,而非民主实践场所。
13. 技术和工具会变,但人的基本需求、社会互动模式变化不大。理解历史和人性是构建任何社交技术的基础。
—— https://scg.owu.one/@cdn0x12/statuses/01K39E025ZQHCAQ12JQBXMXGSJ
#社交媒体 #信任与安全
via Nostr@cxplay_clip
访谈: Twitter前信任与安全主管 Yoel Roth 谈SNS Trust & Safety
Yoel Roth on Banning Trump, Battling Bots & the Difficult Job of Trust & Safety - YouTube
https://www.youtube.com/watch?v=yS_cXVrkyVE
Roth 的主要观点:
1. content moderation decisions are like assholes. Everybody's got one. 这句话我解读为世上人人都有屁股,每个屁股的位置不尽相同,所以理论上做出任何审核决策都会有人觉得你屁股歪了,这份工作需要平衡截然不同的意见,做出公平且保护用户的决策,因此极其困难
2. 目前许多去中心化平台(如Mastodon)的信任与安全工具远不如中心化平台成熟,例如,缺少批量封禁功能,难以有效应对大规模spam(说起来上一次Fedi Spam也是过去很久了,联邦宇宙之鸡下次究竟何时回归让我们拭目以待)
3. 许多去中心化平台在审核方面的透明度甚至不如中心化平台(a.k.a 管理员原来你真的是土皇帝): 相比 Twitter 在封禁事件后发布详细的决策理由,许多去中心化平台甚至不会通知用户被封禁,或内容被删除后没有任何提示,这削弱了决策的可信度。
4. 资金与可持续性:最严峻的问题之一,负责构建去中心化生态信任与安全工具的组织(例如IFTAS)因缺乏资金和持续的经济模型而难以为继。运行复杂的模型(如 CSAM 检测)需要高昂的计算成本,志愿服务无法长久。
5. 因为注重隐私,去中心化平台的可用风控判断要素远少于中心化平台: 中心化平台因保存 IP、设备 ID 等数据,能够进行复杂的行为分析和溯源。而许多去中心化平台出于隐私考虑,不收集或不让管理员访问这些数据,这极大地增加了识别虚假账户和协调行为的难度
6. 基于2-5,当 Meta 的 Threads(尽管是一个中心化产品)在处理反垃圾信息等方面反而比部分去中心化平台更有效时,这表明去中心化项目的目标可能未能完全实现。
7. 虚假信息正从单纯的fake news转向意图煽动情绪的内容(举了2016美国大选的例子),因此,应对策略应从判断 “内容真伪” 转向识别 “行为的真实性/非真实性”,例如账号注册地、账号行为模式(批量发布、特定发布时间等)。
8. LLM让Spam伪装程度得到空前提升:LLM 能生成高度流畅、有说服力的内容,使得内容本身的判断更加困难。对抗 LLM 的关键在于关注其底层 行为模式(如账户创建、自动化操作、发布规律),而非仅与内容本身竞争。
9. 小型社区能够带来别样的社区凝聚力:拥有数十亿用户的平台(如 Instagram)面临着全球前所未有的治理难度,几乎不可能形成一个像样的“20亿人政府”。相比之下,语言、文化、社交联系更紧密的小型社区(如 Maori Twitter, Black Twitter)在自我治理方面表现出更强的能力。Black Twitter 的“Your slip is showing”标签即是社区自我浄化的实例。但即使是小型社群,也需要警惕并防御外界的恶意行为者。不能因社群规模小而放松警惕,威胁是普遍存在的。
10. 个人权利(如过滤掉不希望看到的内容)与集体/他人权利(如不被 Doxing 的保护)之间可能存在冲突。当内容被过滤,用户(受害者)可能并未意识到危险,这时需要明确谁负责执行保护性权利。
11. 审核团队应该多元化:很多平台的创始人是白男,其经验无法代表所有用户
12. 是否应推广民主:Roth称他个人支持民主,但不同社区可能有更高的优先级,如社区凝聚力。硅谷公司本质上是资本驱动的商业实体,而非民主实践场所。
13. 技术和工具会变,但人的基本需求、社会互动模式变化不大。理解历史和人性是构建任何社交技术的基础。
—— https://scg.owu.one/@cdn0x12/statuses/01K39E025ZQHCAQ12JQBXMXGSJ
#社交媒体 #信任与安全
via Nostr@cxplay_clip
