Category: Tech

Posted on
by

Phishers: Hi, we’re your bank, please click on this attachment for important information.

Security experts: Never click on an unexpected attachment in an email even if you think you know who it’s from. It’s likely to be malware or a scam to steal your login credentials.

Actual banks: Hi, we’re your bank, please click on this attachment for important information. 🤦‍♂️

Seriously, I HATE these systems. The way they keep phishing and malware techniques believable — and have for years! — is worse than any supposed security advantage in not just using email. Half the time the info isn’t any more sensitive than a receipt would be. Or heck, even just “There’s a new message in your account, please log in to see it and use your own bookmarks to get there.” That’s actually more secure!

:sigh:

It’s really too bad all the schemes to add end-to-end security to email over the years have been either too cumbersome to take off for general usage or vendor-specific.

Posted on
by

While I’m griping about Instagram, why the heck are the detailed notification preferences split between the app and the system notification UI?

That’s terrible design.

Well, if it’s intended for usability, anyway.

If your goal is to make people see more notifications, though… 🙄

Yeah.

IMO there are two sensible ways to handle granular push notification preferences:

  1. Use the system’s per-app settings for all of it. (Tusky does this, even putting your per-account preferences in the system UI.)
  2. Use the app’s settings for all of it, and let the system just be an on/off toggle for what you’ve chosen in the app (like it was before Android even had UI for it).

Either way, everything’s in the same spot so you know you haven’t missed anything you want to turn off. Or anything you want to turn on, for that matter.

Posted on
by

One of the things I like about Mastodon and Pixelfed and the rest of the Fediverse vs commercial social networks is that they don’t TRY TO GET MY ATTENTION every time I open the page or app and offer ALL THESE THINGS I SHOULD BE LOOKING AT that might be relevant to what it thinks my interests are, to make sure I stay online and don’t stay away again for sooooo long! (Even if it’s only been a few days.)

Seriously:

  • I opened Instagram for the first time in at least a month and I was bombarded with more ads and recommendations than photos from people I was actually following.
  • I opened an alt profile in Twitter yesterday to post something off the cuff, and all the trending topics, pushing new features, etc. were like walking onto the Las Vegas Strip when all you want is a sandwich.

Never mind the normal “You haven’t logged onto Twitter in a few hours, here’s all the stuff you missed, and look, people are posting new stuff while you’re catching up, you’d better keep scrolling! What, you switched to another app for five seconds? Here, I’ll scroll it for you!”

Compared to Mastodon just showing you the latest that you’re actually following. And if you want to fill in what you missed, that’s up to you.

(There’s also the posting culture. On Twitter, people are used to discussing DOOOOOM all the time, so even curating your timeline isn’t always enough if you want to follow people talking, I don’t know, astronomy or whatever, because they’re also talking doom. And the algorithm reinforces it at both ends in a vicious circle, encouraging doom-posting and encouraging doom-scrolling.)

Choice Complaints

None of these complaints is inherent to the structure or functionality of Twitter, Instagram, Facebook etc. They’re deliberate UI design choices to optimize for the company’s targets. A third party client could bypass it all (which of course is why they basically don’t allow those anymore).

Similarly, Mastodon and Pixelfed and so on could implement UI like this, but they don’t. The project goals aren’t engagement at all costs. And each instance can have its own goals.

Or someone could add an ATTENTION-GRABBING EXPERIENCE on top of the code and launch their own service. And those of us on other instances, running different software, wouldn’t be affected. Unless the site injected ads into the ActivityPub streams going out to people following its users, in which case I imagine a lot of instances would block them really quickly.

Or they could write an app that adds extra popups and keep-scrolling incentives to the phone experience!

I’m not sure many people would consider that an improvement.

Then again, people do use Yahoo mail. 🤷‍♂️

Expanded from Mastodon.

Posted on
by

This looks cool: Mozilla has released a translation tool as an add-on for Firefox that can do web page translation locally instead of sending data to the cloud! It’s based on Project Bergamot and implemented in WebAssembly.

IMO translation is one of those things like speech recognition that ideally should have always have been local (for obvious privacy reasons), but the processing and data just wasn’t there yet when Google Translate and similar services launched.

Posted on
by

In response to girrodocus’s question: #PersonalWebsite creators… what’s your rationale for deciding when to use a subdomain or a subdirectory?

I usually prefer to put sections in subdirectories. That makes it possible to make the entire site portable (depending on authoring tools, anyway). Ideally, I want something that could be zipped up and moved. Or sent to Archive Team. (One of the downsides of dynamic site generators is that you can’t do this.)

When I use subdomains, it’s typically because I want some sort of isolation between the content, or the server apps, etc. But in those cases I’m as likely to use another domain entirely.

I put my main blog in a subdirectory (/journal), but if I set up my own git repository or something like that, I’d probably put it in a subdomain.

That said, I’m currently trying to sort out what I want to keep at the domain I’ve had for the last 20 years and what to move to my IndieWeb identity site.

IndieWeb and Identity

It took 4 or 5 years from me discovering IndieWeb to actually building support into my website(s), because Hyperborea.org, named after a fictional place, felt like a digital home, but not an identity. So I set up KVibber.com as my digital identity instead.

I’ve been considering several approaches:

  • New stuff on KVibber, leave old stuff where it is.
  • Professional stuff on KVibber, fun stuff on Hyperborea.
  • Original work on KVibber, fandom stuff on Hyperborea.

I might move my scenic and nature photos over to KVibber but leave the funny and comic-con photos on Hyperborea, or move my tech articles over but leave the personal posts.

I’m also planning to put together a light microblog, probably on KVibber, to be the canonical location for short posts on Mastodon/Twitter/etc that I want to keep, but don’t feel big enough for a full blog entry. That’ll probably go on KVibber, even though it’ll blur the pro/fun and original/fan distinctions.

Originally on Wandering.shop (and a followup post).

Update September 2022: I guess I’ve tabled the whole question at this point. For now, I’m just using KVibber as a profile page and putting everything else on Hyperborea, like I was doing before.