debanqued

joined 3 years ago
sorted by: new top controversial old
📧 Email self hosters can use the GDPR fight big mail hosters who block you in c/SelfHosted@europe.pub
[–] debanqued@beehaw.org 1 points 2 months ago* (last edited 2 months ago)

It means that for more than 30 days, you’ll be unable to send or receive emails that have to do with that email provider.

I’m not sure how you arrive at that. Whether you file a GDPR Art.77 complaint is independent of how you ultimately decide to reach the other party.

This is not what I would do but this is what most activists would do:

  1. Use a residential dynamic IP address to attempt to send an email to a recipient whose data processor (email provider) is Microsoft.
  2. Keep the logs of the MS server refusing you.
  3. File an Art.77 GDPR complaint against MS.
  4. In parallel, use a different webmail account to email your correspondent. Ideally wait a week or two after filing the GDPR complaint.

The fact that your webmail provider can reach MS does not obviate your Art.77 complaint.

Personally, I have indeed quit sending email. When I need to reach an MS recipient, I use fax or snail mail and I do not give them an email address, thus forcing them to respond by snail mail. Most people will not elevate ethics above convenience like that, but to each his own.

but not being able to receive them gets really problematic.

That’s a separate matter and it depends on what email address you supply. You can attempt to send from your own server using any email address you want, even an @gmail.com address if that’s your thing. The email address you share with the other party need not be one that associates to your mail server.

I personally do not even share an email address with MS users, so those users can only reach me by postal mail. But of course this move requires a higher level of discipline on your part.

Email is dead to me. How should I tell govs and companies to reach me? in c/xmpp@slrpnk.net
[–] debanqued@beehaw.org 1 points 2 months ago (2 children)

Thanks. That may indeed be a good answer.

I’m confused because it claims to work offline yet it’s also p2p and uses no centralised server. Perhaps mgs queue up until both parties are simultaneously connected at some point? Guess I’ll have to study it more.

📧 Email self hosters can use the GDPR fight big mail hosters who block you in c/SelfHosted@europe.pub
[–] debanqued@beehaw.org 1 points 4 months ago (2 children)

Fighting for your rights… with gdpr, yeah, I’m sometimes doing it, but the problem is, sometimes tcompanies fail to respond … and if they take 30 days… or longer to give a response you’re really at a huge loss

Not sure what you mean by being at a huge loss. Filing a GDPR complaint is gratis, by law. It’s indeed typical that data controllers ignore complaints. After 30 days of ignoring your request, you have a sound case for an art.77 complaint. The DPA will also likely do nothing, but you’re not at a loss for complaining. If the DPA decides to simply contact the data controller, they will dance. The case will still go nowhere, but the data controller will respond to the DPAs inquiry, if they make one.

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago)

The options (1) use black box, (2) start a tech company, as you presented in the bakery case, is a false dichotomy. Managed open source is the middleground.

It’s a false middleground. It is still taking on the burden of tech knowledge. It’s a true dichotomy, as follows:

① use a black box
② become technical

(or trichotomy if you figure the baker can nix email)

You still have to understand what’s going on in the FOSS box even if it’s managed -- otherwise you are in the same position. The point in being managed is to perform the work you don’t understand. That managed box is still likely to use a Spamhaus gatekeeper or the like which the baker has no clue about. The baker is still unlawfully using AIDM, unwittingly, because he just saw the ad for the managed service saying “spam free” -- thinks that’s good but has no idea what questions to ask or how it can go badly. He could just as well ask the relevant questions to the blackbox provider. Just the same, his business carries on uninformed about GDPR infringement.

BTW, you’re also wrong about managed open source services giving you the needed info, even if the customer is highly technical. I use a managed service of FOSS s/w. I can see the source code that runs on the box but I cannot see how it is installed or configured. The account dashboard I get is nannied subset of control. I can do basic tasks like create users, but I cannot see the backend configs or even an inventory of other software running on the host. There could be all kinds of snooping and shenanigans on that host and I have no way of verifying it. It could be littered with AIDM abuses, but I don’t have a root shell account on that host.

It’s the same problem in the end. The data processors have no legal accountability for the logic that they control. At the same time, they are not even required to disclose the AIDM logic, or even the existence of it, to the data controller. Yet the controller is exclusively liable for what they potentially do not control -- or even have awareness of. This is all still possible if the processor runs a managed open source service.

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago) (2 children)

Exactly: don’t use the black box.

That is not what I said. I never said don’t use it. I said black boxes bring problems that require sensible policy.

Of course it makes sense to use black boxes. Someone running a bakery does not have the competency and resources to deploy an email service. Outsourcing email is the only option that makes the business case viable, unless they discard email entirely, in which case they lose business from customers who insist on emailing orders. From there, all processors are black boxes. There is no email provider who gives you the keys to castle. And even if they did, as a baker you wouldn’t know what you’re looking at anyway. Your choice is, use the black box or get into the tech business.

Not even Microsoft can handle email alone. They outsource to Spamhaus, another black box. And Spamhaus outsources to Cloudflare -- yet another black box.

9
Ireland basically tossed out GDPR Art.18 and 21, or something (beehaw.org)
 

Ireland has their own data protection act which largely mirrors the GDPR. I first have to wonder why. Why rewrite an EU regulation, if not to do something twisted? IIUC, Ireland is part of the EU thus automatically obligated to enforce the full GDPR as-is. (Unlike Great Britain, who left the union but decided voluntarily to keep the GDPR, so they had to mirror it and rewrite some parts that are irrelevant to an EU outsider). Or is Ireland somehow outside the EU too, yet with the Euro?

Art.18, the right to restriction of processing, has been expanded from a ½ page to several pages full of loopholes and exceptions watered down to the point of data subjects not really getting this right.

Art.21, the right to object, has been torn out completely (not mirrored at all), but there is a blurb about removing the right to object specifically giving policians an exemption on election matters, and postal service matters.

If they add a restriction on the right and say nothing more on it, then I suppose that implies the art.21 right is otherwise in force, correct? It’s bizarre because other GDPR sections have been redundantly rewritten to very similarly reflect the GDPR. So I’m trying to make sense of what it means when redundancy is in place sometimes and not others. And what happens when a redundant section of code has a silent omission with no language to explicitly state intent to dishonor the omitted part.

There are some peculiar omissions from the duty of data processors as well.

I have not read it completely but I did not notice any Irish law that strengthens data protection. I only see shenanigans that work against data subjects.

Is it fair to say that tech giants love Ireland and put their HQ there for tax purposes, where the EU’s version of Silicon Valley is expected to be established, which then effectively pressures Ireland to weaken the GDPR as much as possible to maintain that attraction?

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago) (4 children)

It’s a black box. You can’t know what you don’t know when the information is concealed. Blackboxes can be tested (we call it blackbox testing). But it is inferior to clearbox testing. It’s too costly and ineffecient to wholly rely on. The giant processor has the resources to disclose their use of AIDM. The micro-controller (as in small data controller) does not have the resources to exhaustively simulate hundreds or thousands of demographics of people. They don’t even have the competency to be aware of all the demographics. It’s guesswork and it’s a non-starter. If the controller had that kind of resources, they would not be outsourcing the first place. Not only is it impractical, it’s also inefficient. To have thousands of small businesses and agencies carry out duplicated tests is an extremely wasteful use of resources and manpower. It just makes no sense. The processor already knows who they discriminate against.

The blackbox testing happens to some extent regardless. But there is no incentive to do the testing before deployment. The shitshow we call /GDPR enforcement/ ensures that data controllers do their testing on the public. Which means people are harmed in the process of testing because it’s cheaper for the controller (who knows their chances are low of getting penalised by DPAs who are up to their necks in 10× the workload they can handle).

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago) (6 children)

They should! That’s the point! They shouldn’t use bad products, regardless of if it’s home made, from a small 3rd party, or a large 3rd party.

Yes they should, but investigative journalists are not a competent way to have that information disclosed. When the processor secretly uses AIDM and conceals that from the controller, holding the controller EXCUSIVELY¹ responsible is reckless because the controller does not have right to inspect the servers and code of the processor. It’s a black box. The GDPR requires processors to disclose a lot of GDPR factors in their contract with the controller. But AIDM is not one of them. It is perfectly legal for a processor to (e.g.) write an algorithm that treats black people different, and not tell the controller. Putting the responsibility on controllers to investigate and discover unlawful practice is not a smart system.

If a restaurant buys nails and puts it in their food, it’s not the nail manufacturer that’s at fault. The argument “but it’s a large nail manufacturer” doesn’t take away one’s own responsibility.

For this analogy to work, the nail mfr would know that the nails are being put in the food. With knowledge comes responsibility. If the nail manufacturer is aware of the misuse, the nail mfr is willfully complicit in the abuse. But also to make the analogy work, the restaurant would have to be also unaware that the nails were ending up in the food (because AIDM is undisclosed in the case that you are trying to make an analogy for).

(update) Europe does not have the machinery to bring thousands of small mom and pop shops into court. It just makes no sense from a logistical standpoint and it’s a non-starter economically. Though I do not oppose controllers having liability. They should retain liability. But processors should also have liability, when you have one giant processor who is the cause of hundreds of thousands of people’s rights being infringed by way of thousands of controllers. To neglect the giant is to fail at data protection.

¹ added that word late! Controllers should be accountable, but not exclusively.

(Europe) email self hosters can use the GDPR fight big mail hosters who block you in c/selfhosting@slrpnk.net
[–] debanqued@beehaw.org 2 points 4 months ago* (last edited 4 months ago)

Depends on how you define the goal. It’s not going to work like magic, all in one motion. Indeed you are right that the DPAs are not going to take remedial action on the spot. The DPAs ignore most cases that get filed by individuals no matter how solid the law and evidence is.

After dealing with deadbeat DPAs, I’ve lowered my expectations quite a bit. The DPA cannot legally ignore the complain wholly. They must file it and acknowledge it. Then they will ignore it, sure. For me, it’s about getting the valid complaint on record. Then it gets reported in the stats and metrics in annual reports and the 4-year report that the EDPB prepares for the Commission. It helps add to the collossal embarrassment of DPA inaction.

(Europe) email self hosters can use the GDPR fight big mail hosters who block you in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago)

Indeed it may very well be in vain to file an article 77 complaint. I am saying you might as well do it, if you have the urge and the time. It is gratis. Technically the DPA must accept the complaint and file it. The reality is they will do that much but then the case will rot.

From there, I’m not sure it’s entirely useless. If you file an art.77 complaint against Google and it gets mothballed, then the DPA has another case against Google for another reason, perhaps they will add the art.22 reports into the mix.

I also think the reports are tracked for metrics and stats. By filing a complaint, you add to the overall stats which will add to the embarrassment of GDPR inaction by the DPAs who will look bad in the face of the EU eval every 4 yrs. Perhaps it would have the effect of increasing figures that prove the DPAs need more resources. If you don’t file a complaint, they don’t even know there is a problem. So it’s about getting light on a problem not necessarily going as far as to fix it.

Some folks are happy to take the art.78 route and directly sue. I heard a Brit say he does that. Costs him £50 or something which he does not get back, but for him it’s worth the satisfaction of getting a symbolic win.

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago) (8 children)

Yes, but I think you’ve missed the point. Indeed one course of action is to file a GDPR complaint against the small controller to force them to change suppliers. But note that GDPR penalties are limited to 4% of revenue and if the controller is a gov agency I don’t even know what determines the penalty. I have also noticed a reluctance of DPAs to act on complaints against other gov agencies.

When the processor is a tech giant Google, Microsoft, or Cloudflare, the AIDM abuse is centralised on them. There are thousands of small businesses and small gov agencies using the services of MACFANG (the various tech giants). It’s a bit misguided to put accountability on each small business who does not even necessarily know the processor they outsourced to uses unlawful AIDM. It would be far more sensible to hit Microsoft or Cloudflare with the liability rather than have a separate article 77 complaint against all the small users.

10
📧 Email self hosters can use the GDPR fight big mail hosters who block you (beehaw.org)
submitted 4 months ago* (last edited 4 months ago) by debanqued@beehaw.org to c/SelfHosted@europe.pub
4 comments fedilink
 

cross-posted from: https://beehaw.org/post/21500261

If you’re not in Europe, move along. You’re stuffed and this thread can’t¹ help you.

European email self hosters--

Tech giants screw self-hosters over by crudely blocking email on the sole basis of IP address (e.g. if the IP is residential). Before 2016, we were as fucked as everyone (in fact worse b/c European ISPs tend to block² egress port 25).

Post 2016, we have the GDPR which has an Article 22 that gives us rights against Automated Individual Decision Making. It has become unlawful to profile people on a crude discriminatory basis without human intervention. The motherfuckers “predict” that you’re a baddy/spammer based on your personal information, which wholly consists of nothing more than your IP address. It’s as unsophisticated and prejudiced as it gets. They’re not using anything intelligent like spamassassin (as the cheap bastards want to save money for their greedy shareholders by reducing processing power at your expense).

Why let them get away with it? And unless you’re a boot-licker, you don’t dance for them either. Well, to some extent you may have to implement DKIM, SPF, DMARC, etc, but it’s debatable. Either way, you do you, and if in the end MS or Google or whatever imperial tech giant empire blocks you from sending email to their server on the blunt basis of your IP address, consider filing an Art.77 complaint to the relevant DPA citing Art.22 violations.

¹ Exceptionally, some non-EU regions have created their own variant of the GDPR like Brazil and some US states (e.g. CCPA in California). But AFAIK, they are all very watered down, weak and mostly useless. Just there for show. I don’t imagine that Art.22 sentiment has been adopted outside of Europe but plz correct me if I am wrong.
² If egress port 22 is blocked by your ISP, then you’re probably fucked anyway but there are some tricks to get the block disabled (free and non-free).

4
(Europe) email self hosters can use the GDPR fight big mail hosters who block you (beehaw.org)
 

cross-posted from: https://beehaw.org/post/21500261

If you’re not in Europe, move along. You’re stuffed and this thread can’t¹ help you.

European email self hosters--

Tech giants screw self-hosters over by crudely blocking email on the sole basis of IP address (e.g. if the IP is residential). Before 2016, we were as fucked as everyone (in fact worse b/c European ISPs tend to block² egress port 25).

Post 2016, we have the GDPR which has an Article 22 that gives us rights against Automated Individual Decision Making. It has become unlawful to profile people on a crude discriminatory basis without human intervention. The motherfuckers “predict” that you’re a baddy/spammer based on your personal information, which wholly consists of nothing more than your IP address. It’s as unsophisticated and prejudiced as it gets. They’re not using anything intelligent like spamassassin (as the cheap bastards want to save money for their greedy shareholders by reducing processing power at your expense).

Why let them get away with it? And unless you’re a boot-licker, you don’t dance for them either. Well, to some extent you may have to implement DKIM, SPF, DMARC, etc, but it’s debatable. Either way, you do you, and if in the end MS or Google or whatever imperial tech giant empire blocks you from sending email to their server on the blunt basis of your IP address, consider filing an Art.77 complaint to the relevant DPA citing Art.22 violations.

¹ Exceptionally, some non-EU regions have created their own variant of the GDPR like Brazil and some US states (e.g. CCPA in California). But AFAIK, they are all very watered down, weak and mostly useless. Just there for show. I don’t imagine that Art.22 sentiment has been adopted outside of Europe but plz correct me if I am wrong.
² If egress port 22 is blocked by your ISP, then you’re probably fucked anyway but there are some tricks to get the block disabled (free and non-free).

5
(Europe) email self hosters can use the GDPR fight big mail hosters who block you (beehaw.org)
 

If you’re not in Europe, move along. You’re stuffed and this thread can’t¹ help you.

European email self hosters--

Tech giants screw self-hosters over by crudely blocking email on the sole basis of IP address (e.g. if the IP is residential). Before 2016, we were as fucked as everyone (in fact worse b/c European ISPs tend to block² egress port 25).

Post 2016, we have the GDPR which has an Article 22 that gives us rights against Automated Individual Decision Making. It has become unlawful to profile people on a crude discriminatory basis without human intervention. The motherfuckers “predict” that you’re a baddy/spammer based on your personal information, which wholly consists of nothing more than your IP address. It’s as unsophisticated and prejudiced as it gets. They’re not using anything intelligent like spamassassin (as the cheap bastards want to save money for their greedy shareholders by reducing processing power at your expense).

Why let them get away with it? And unless you’re a boot-licker, you don’t dance for them either. Well, to some extent you may have to implement DKIM, SPF, DMARC, etc, but it’s debatable. Either way, you do you, and if in the end MS or Google or whatever imperial tech giant empire blocks you from sending email to their server on the blunt basis of your IP address, consider filing an Art.77 complaint to the relevant DPA citing Art.22 violations.

¹ Exceptionally, some non-EU regions have created their own variant of the GDPR like Brazil and some US states (e.g. CCPA in California). But AFAIK, they are all very watered down, weak and mostly useless. Just there for show. I don’t imagine that Art.22 sentiment has been adopted outside of Europe but plz correct me if I am wrong.
² If egress port 22 is blocked by your ISP, then you’re probably fucked anyway but there are some tricks to get the block disabled (free and non-free).

Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? in c/gdpr@sopuli.xyz
[–] debanqued@beehaw.org 1 points 4 months ago* (last edited 4 months ago) (10 children)

Can you give more context? Why not simply choose other 3rd parties?

I’m not sure what you mean. Do you mean the data subject should choose a different controller, or that the controller should choose a different processor? Both such cases are consumer actions, which everyone in the world can do without a GDPR. But this does not make the GDPR redundant. The GDPR /theoretically/ ensures all market choices are up to a certain standard so we are not forced into a marketplace of all shit choices.

The insideous problem with AIDM is you often do not even know it’s in play. You don’t necessarily know that an adverse decision to deny you service was due to a robotic algorithm. Denials can do damage, after which point it may be too late to choose not to approach a controller. You don’t have all year to do trial and error with different suppliers.

We also have no other choice in some cases because monopolies exist. E.g. there may be only one credit bureau in a consumer’s country and it may be governmental (like a national bank). If that bank uses Cloudflare for their website, then Cloudflare’s AIDM denies some consumers web access to their credit worthiness records. The national bank may not even be aware of CF’s use of AIDM. But in any case, you cannot just choose a different supplier because it’s a monopoly.

Or if an important email to gov agency X is blocked because they use Microsoft and MS uses AIDM, you cannot simply change governments.

2
Do data processors have any accountability for discriminatory use of automated individual decision making under Art.22? (beehaw.org)
 

Art.22 ¶1 declares:

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

without stating who is liable for infringements. Paragraph 3 says

the data controller shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

That assumes the data controller is aware of and in control of the AIDM. Often data processors implement AIDM without the data controller even knowing. Art.28 ¶1 says:

Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.

Of course what happens in reality is processors either make no guarantee or the guarantee is vague with no mention of AIDM. So controllers hire processors blindly. When the controller is some tiny company or agency and the processor is a tech giant like Microsoft or Amazon, it’s a bit rich to put accountability on the controller and not the processor. The DPAs don’t want to sink micro companies because of some shit Amazon did for which the controller was not even aware.

As a data subject I have little hope that a complaint of unlawful AIDM will play out. It’s like not even having protection from AIDM. Article 29 Working Party wrote AIDM guidelines in 2017, but they make no mention of processors.

1
Should you CC your GDPR Art.77 complaint to a data controller when the DPA is a deadbeat agency, as a legal strategy? (beehaw.org)
 

cross-posted from !gdpr@sopuli.xyz : https://beehaw.org/post/21385410

As I mentioned in another post, many data protection authorities are deadbeats. Knowing that my Art.77 complaints are in vain, my question is how the complaints might be made useful. Suppose we just use the DPA as a prop. We file an Art.77 complaint and CC the data controller a copy of the complaint.

Normally it might be a bad strategy to show the data controller your hand. But when you essentially expect the DPA to be a dead-end anyway, perhaps our best move among shitty options is to use art.77 to get the data controller’s attention on the off chance that the data controller does not know the DPA is a deadbeat.

-1
Should you CC your Art.77 complaint to a data controller when the DPA is a deadbeat agency, as a legal strategy? (beehaw.org)
 

As I mentioned in another post, many data protection authorities are deadbeats. Knowing that my Art.77 complaints are in vain, my question is how the complaints might be made useful. Suppose we just use the DPA as a prop. We file an Art.77 complaint and CC the data controller a copy of the complaint.

Normally it might be a bad strategy to show the data controller your hand. But when you essentially expect the DPA to be a dead-end anyway, perhaps our best move among shitty options is to use art.77 to get the data controller’s attention on the off chance that the data controller does not know the DPA is a deadbeat.

3
The GDPR gives us a right to complain for free. But we get what we pay for. So we need a right to a free appeal, no? Or do we have that already? (beehaw.org)
 

cross-posted from !gdpr@sopuli.xyz : https://beehaw.org/post/21385256

Many data protection authorities are deadbeats. They do the legal minimum, which is to accept complaints, file them, and acknowledge them. Then do nothing. So stale cases just rot.

Data subjects have a right to complain (Art.77) at no cost, but they apparently do not have a right to a free appeal and the art.78 right to sue is not gratis either.

Unlawful inaction can legally be appealed but appeals are costly. DPAs know this, so they enjoy getting away with neglecting to act on Art.77 complaints.

So first I wonder if my legal theory is sound: If we have a right to complain under art.77 at no cost and the DPA neglects to investigate, then by extension we could argue that a right to complain at no cost implies a right to appeal inaction at no cost. Is that a weak argument? Do we need to ask EU lawmakers to specifically guarantee the right to a free appeal of DPA inaction?

4
The GDPR gives us a right to complain for free. But we get what we pay for. So we need a right to a free appeal, no? Or do we have that already? (beehaw.org)
 

Many data protection authorities are deadbeats. They do the legal minimum, which is to accept complaints, file them, and acknowledge them. Then do nothing. So stale cases just rot.

Data subjects have a right to complain (Art.77) at no cost, but they apparently do not have a right to a free appeal and the art.78 right to sue is not gratis either.

Unlawful inaction can legally be appealed but appeals are costly. DPAs know this, so they enjoy getting away with neglecting to act on Art.77 complaints.

So first I wonder if my legal theory is sound: If we have a right to complain under art.77 at no cost and the DPA neglects to investigate, then by extension we could argue that a right to complain at no cost implies a right to appeal inaction at no cost. Is that a weak argument? Do we need to ask EU lawmakers to specifically guarantee the right to a free appeal of DPA inaction?

3
Look at gnucash to see the best example in the world on how to document a program (beehaw.org)
submitted 5 months ago by debanqued@beehaw.org to c/foss
2 comments fedilink
 

The documentation of every FOSS tool I encounter leaves something significant to be desired. The state of docs in software (FOSS and non-FOSS both) are mostly a shit-show across the board.

But exceptionally, the gnucash project demonstrates exceptionally good docs. There is a separate package for the docs in Debian (gnucash-docs), which is what the Debian project suggests when the docs are significant in size. The /usr/share/doc/gnucash-docs dir has:

AUTHORS
changelog.Debian.gz
changelog.gz
copyright
gnucash-guide-de/
gnucash-guide-de.pdf.gz
gnucash-guide-en/
gnucash-guide-en.pdf.gz
gnucash-guide-it/
gnucash-guide-it.pdf.gz
gnucash-guide-ja/
gnucash-guide-ja.pdf.gz
gnucash-guide-pt/
gnucash-guide-pt.pdf.gz
gnucash-help-de/
gnucash-help-de.pdf.gz
gnucash-help-en/
gnucash-help-en.pdf.gz
gnucash-help-it/
gnucash-help-it.pdf.gz
gnucash-help-pt/
gnucash-help-pt.pdf.gz
NEWS.gz
README.gz

PDFs are great because web browsers and HTML have become such a shit-show. PDFs nearly guarantee you will see the doc as intended by the creator, without any dependency on a functional cloud with hosts that never change. There is also an HTML version that simply works offline, images and all (unlike ImageMagick, where the offline HTML is totally dysfunctional). The app’s built-in help goes straight to the topic seamlessly. It’s quite thorough documentation. They have 184 figures.

The only thing they seemed to have missed:

$ man gnucash
No manual entry for gnucash

Oops! Can’t get everything right.

One of the shittiest things I’ve seen on a lot of projects are docs that reference Cloudflare sites. 🤦 So you not only need Internet access, but you also need to lick Cloudflare’s boots, dance for the captchas, etc. And the Debian project is okay with that - yikes! I don’t think gnucash does that anywhere.

Anyway, before documenting a FOSS package, please look at gnucash for a good example (but of course there should always be a man page).

5
If gate-keeping receptionists are going to act like robots, they should probably be replaced with robots (beehaw.org)
submitted 5 months ago* (last edited 5 months ago) by debanqued@beehaw.org to c/rant@lemmy.sdf.org
3 comments fedilink
 

Front-desk receptionists installed in the buildings of gov agencies, news offices, and large companies sometimes have (or act like they have) a strict protocol of tasks that they can or cannot do. If I ask them to page/call relevant staff for something, or to sign for a delivery, they answer to the effect of:

“That is not in my job description…”

or

“Nope, not on my list… I have no scripted process or procedure for that…”

Some receptionists will say “do you have an appointment?”, to which I answer “if an appointment is needed, please make one for me”. They can never handle that. They say call or email, which of course excludes¹ people.

It’s increasingly more common for the outsourced security receptionist to be dumbed down to know nothing about the org they are keeping a gate for, to have no visibility on schedules and no ability to page people. These “people” typically have no capability beyond writing a call center phone number or URL on a post-it note.

I have to wonder, if these unskilled people are going to be so stripped of basic capability, unable to cater for the needs presented in a situation, why even have them? They are good candidates to be replaced by robots, or even just a sign-posting with a QR code on it².

It’s in everyone’s interest for that threat to be looming, and for such receptionists to come to realise that their own job security relies on being customer oriented (not their boss as a customer, but the ultimate customer, who won’t give a shit if a robot replaces a human that acts just like a robot anyway).

Consider the insideous #forcedBanking dimension to this. Making the front desk helpless enables the org/agency to essentially maintain a non-physical presence, which they use as an rationale for refusing cash payments. The outsourced recepionist can be passed off as someone who does not represent the org/agency and thus cannot handle cash payments.

¹ Calling excludes people because call centers have a limit number of languages they can handle, and even if you’re lucky enough to get someone with a compatible language, you lose the possibility of body language, a bad quality signal makes rough language rougher, and if one side gets tired of speaking a non-native language it’s easy enough to just hang up. Calling also is not free. And email is also exclusive

² (in fact I’ve seen it happen.. a gov office receptionist got replaced with a QR code pointing to a dysfunctional website)

Call to action

Maybe print this rant on a flyer that starts with “Dear receptionist…” and keep a copy when you approach a front desk. If they turn out to be a human acting like a bot, give them the flyer. Suggest they read it and share it with their boss.

Email is dead to me. How should I tell govs and companies to reach me? in c/xmpp@slrpnk.net
[–] debanqued@beehaw.org 0 points 5 months ago* (last edited 5 months ago) (1 children)

no, the government doesn’t serve the people it serves power.

First of all, you’re wrong, unless you have limited your comment to a particular gov where votes in an election don’t count -- which is not the situation I am in. I’m in a jurisdiction where not only is there a decent voting system, the reps in gov also take public surveys and sentiment into account for operational design. I’m also in a jurisdiction where civil disobedience has effect. E.g. so many cyclists were unlawfully turning right on red that they decided to scrap the prohibition for cyclists.

You also seem to misunderstand the fact that my drop-in-the-ocean action need not change anything, just as my drop-in-the-ocean election vote is never the one vote that makes a difference.

Unless power thinks you as a group are worth the effort, they will ignore your mailed documents, state you failed to file paper work and you now have to deal with (problems incurred due to not having completed the paper work).

This assumes a scenario where I not only have an obligation to submit something but I also have an obligation to supply an email address. Obviously my form of submission accounts for these factors. The inquiry in the OP does not inherently cover such scenarios, and that’s deliberate.

Paper processes are going away.

Only in regions that are largely populated pushovers and digital zombies, without a right to be analog movement (or the rights to have a movement).

But the point was, there are no good XMPP libraries that would enable a willing government to easily onboard that support. If there were, it would be a very different discussion.

Keyword there is /easily/. It was not easy for Munich to replace all their Windows PCs with linux, but difficulty of deployment was not a show-stopper.

The question is essentially: if e-mail is scrapped, what is the next most qualifying replacement for the given requirements? If XMPP is not the answer, what is?

2
Email is dead to me. How should I tell govs and companies to reach me? (beehaw.org)
 

cross-posted from: https://beehaw.org/post/20493770

^ indeed this is cross-posted back to the same community it originated, because slrpnk.net was offline when the post was introduced and Lemmy is not advanced enough to sync caches with original communities.

Email is a non-starter for reasons such as not being in control over who the other party chooses as an email supplier (thus resulting in Microsoft being fed all email traffic).

So snail-mail is the winner. My snail-mail obviously gives a mailing address. From a practical standpoint, that’s all I need. But it would be good to show some kind of electronic means of communication in the letterhead. Not directly for practical use but more of an expression that says “I’m not a luddite but you need to fix your shit” (in so many words).

Requirements:

  • must be secure. A low standard of security is fine; it just cannot be so shitty that giant surveillance capitalists can see and exploit the payloads.
  • must not rely on any non-standard or proprietary protocols.
  • must have at least one FOSS toolchain available.
  • must be suitable for documents sent asynchronously.
  • ideally a different unique address can be furnished to each recipient.

Candidates:

  • XMPP
  • onion e-mail (email service by surveillance capitalists cannot send to @*.onion addresses)
  • (hypothetical) clearnet email address hosted by a server that blocks inbound MS & Google server connections
  • fax number

One problem with the above candidates is I don’t think the 1st two options have any kind of aliasing (I only know of one onion email service that deliberately lacks a clearnet alias, and it does not have aliasing on the userid portion). So I would have to create many accounts and they would never actually get traffic. They would just be symbolic. And the third candidate does not even exist AFAIK.

Problems with the fax number: these are not cheap and I would need a fax number for different countries. Also fax services are gatewayed so some senders send an email to a fax service the dispatches a fax, in which case Microsoft would still see the payload.

view more: next ›