• 0 Posts
  • 8 Comments
Joined 4 years ago
cake
Cake day: February 15th, 2021

help-circle
  • Is “intent” what makes all the difference? I think doing something bad unintentionally does not make it good, right?

    Otherwise, all I need to do something bad is have no bad intentions. I’m sure you can find good intentions for almost any action, but generally, the end does not justify the means.

    I’m not saying that those who act unintentionally should be given the same kind of punishment as those who do it with premeditation… what I’m saying is that if something is bad we should try to prevent it in the same level, as opposed to simply allowing it or sometimes even encourage it. And this can be done in the same way regardless of what tools are used. I think we just need to define more clearly what separates “bad” from “good” specifically based on the action taken (as opposed to the tools the actor used).


  • I think that’s the difference right there.

    One is up for debate, the other one is already heavily regulated currently. Libraries are generally required to have consent if they are making straight copies of copyrighted works. Whether we like it or not.

    What AI does is not really a straight up copy, which is why it’s fuzzy, and much harder to regulate without stepping in our own toes, specially as tech advances and the difference between a human reading something and a machine doing it becomes harder and harder to detect.



  • It can be formatted “nicely” with no issue. But that doesn’t necessarily make it easy to understand.

    What that person posted was in a function named smb() that only gets called by rmb() under certain conditions, and rmb() gets called by AdB() under other conditions after being called from eeB() used in BaP()… it’s a long list of hard to read minified functions and variables in a mess of chained calls, declared in an order that doesn’t necessarily match up with what you’d expect would be the flow.

    In the same file you can also easily find references to the user agent being read at multiple points, sometimes storing it in variables with equally esoteric short names that might sneak past the reader if they aren’t pedantic enough.

    Like, for example, there’s this function:

    function vc() {
        var a = za.navigator;
        return a && (a = a.userAgent) ? a : ""
    }
    

    Searching for vc() gives you 56 instances in that file, often compared to some strings to check what browser the user is using. And that’s just one of the methods where the userAgent is obtained, there’s also a yc=Yba?Yba.userAgentData||null:null; later on too… and several direct uses of both userAgent and userAgentData.

    And I’m not saying that the particular instance that was pointed out was the cause of the problem… it’s entirely possible that the issue is somewhere else… but my point is that you cannot point to a snippet of “nicely formated” messed up transpiler output without really understanding fully when does it get called and expect to draw accurate conclusions from it.


  • It doesn’t really matter whether it was “targeted” at Firefox specifically or not, what matters is whether the website has logic that discriminates against Firefox users. Those are 2 different things. “End” vs “means”.

    I wouldn’t be surprised if the logic was written by some AI, without specifically targeting any browser, and from the training data the AI concluded that there’s a high enough chance of adblocking to deserve handicapping the UX when the browser happens to be Firefox’s. Given that all it’s doing is slowing the website down (instead of straight out blocking them) it might be that this is just a lower level of protection they added for cases where there’s some indicators even if there’s not a 100% confidence an adblock is used.


  • That’s out of context. That snippet of code existing is not sufficient to understand when does that part of the code gets actually executed, right?

    For all we know, that might have been taken from a piece of logic like this that adds the delay only for specific cases:

    if ( complex_obfuscated_logic_to_discriminate_users ) {
    
        setTimeout(function() {
            c();
            a.resolve(1)
        }, 5E3);
    
    } else {
    
        c();
        a.resolve(1)
    
    }
    

    It’s possible that complex_obfuscated_logic_to_discriminate_users has some logic that changes based on user agent.

    And I expect it’s likely more complex than just one if-else. I haven’t had the time to check it myself, but there’s probably a mess of extremely hard to read obfuscated code as result of some compilation steps purposefully designed to make it very hard to properly understand when are some paths actually being executed, as a way to make tampering more difficult.


  • No it is not, this is a myth. As you also can use free software on closed OS, which happens to be the standard

    Why does it “happen to be the standard”?

    Because people use it. At the end of the day, usage is what determines what’s standard.

    Whether a particular person can opt to go for something non-standard (eg. Linux) doesn’t make what I said any less true.

    And the problem is that the non-standard person can’t expect the same level of support (eg. Linux drivers for obscure hardware)… because devs and companies won’t care so much for any deviations from what’s standard.

    The point is that user generated or govt establish frameworks can b used as basis

    That would be useless if people (both end users and web developers) don’t use it.

    The Mozilla Foundation created their own browser. Yet they are dying since they are getting abandoned by both web devs and end users. Creating your own does not solve the problem.

    If web devs design for Chrome and Chrome adds Chrome-specific deviations from the standard, it’s gonna be extremelly hard to keep up, which is what is happening with Firefox… they can’t keep up, they keep receiving reports of problems because websites are developed for Chrome.

    This is already the case, you can choose not to use FLoC. Nothing changes here.

    Yes, In there I was just describing how things work. As I see it.

    Please learn the difference between Browser engine and web standards, nonsense you talk here

    Web standards are just a set of rules that hipothetically Browser engines follow.

    In practice, however, no browser engine actually follows the standard 100%, since they all have their very own extensions or try different optimizations that result in differences of implementation… Google keeps adding their own spin on things at a pace that is hard to keep up for any other browser.

    If it were possible for web standards to be really, truly, and fully respected, then indeed it wouldn’t matter what browser you use. But that’s not what the reality is. There are websites that work and look different in Chrome than in Firefox.


  • Nonsense video, underlying problem is monopolies and private companies who develop the standards, not what browser you use.

    It’s the other way around. Which browser you use is what directly determines whether monopoly and private companies develop the standard you use.

    You could write a standard independently of those companies, but then if everyone chooses to use browser engines from companies that don’t follow it, what’s the point?

    If everyone uses a particular browser then whatever that browser implements becomes the standard. It’s all about what browser you use.

    If the standards are fully open, transparent and not concerning then it would make no difference if you use chrome and firefox because everyone would use same basis.

    If what you want is everyone using the same basis, then what you need is to get everyone to use the same browser engine (which is what is happening already).

    However, focusing on that is likely to not result in it being “fully open” as long as the popular browsers are not interested in openness (in particular with a MIT-licensed basis that is allowed to be privately altered, extended and corrupted in proprietary forks by those popular browsers who don’t have to be “transparent” on what exactly they changed).

    If what you want is for it to be “fully open”, then you’d want people to be more careful and choose a browser with a “fully open” basis, instead of using whatever is more popular. It’s still all about what browser you use.