Yeah. There’s literally nothing you can put on a prompt that will truly work. It’s still a good idea to prompt cause it will reduce how many people approve the prompt, but there is a significant number of people who don’t read prompts at all and just insta-confirm.

At best, I think you could design it so there’s no way for an app to request certain permissions themselves. They’d have to be opted in from the system settings and apps could only tell you how to do it. But that’s a usability nightmare that is quite frustrating for legitimate usages. There’s already some super sensitive permissions that do this. I think the ability to install apps, ability to display over other apps, and password managers for android.

Same. It’s frustrating that my legitimate prescription has to jump through so many hurdles and face skepticism because of its usefulness as a recreational drug (or occupational, I guess?).

There’s a lot of common patterns, but you have to understand how URLs work. You have to recognize which URL parameters are tracking ones or even just might be tracking. And that means you have to know how they work and that takes a moment.

In brief, URL parameters start after a ? in the URL and are formatted like key1=values&key2=value2. You can’t usually remove all parameters because not all are tracking. To further complicate things, URLs can also have an anchor starting with a # character which will be after the URL parameters. You often don’t want to remove that (though theoretically the anchor could in fact contain tracking details).

It’s often trial and error to see which parameters you can remove. I do this a lot since I write a lot of technical documentation. Clean URLs make the documentation more compact and less likely to break. It’s not just tracking stuff, but sometimes you need to remove temporal data that makes a page display data from a specific time when you want it to just default to the current time (etc).

I find this very unconvincing. Ads don’t offer a service. They’re not like a search engine or the likes. So why should ads have to target all groups equally?

Do people even use that? I’ve literally never. Even if I want to search something, I’d rather just use my browser where I have tabs. Relatedly, why don’t more apps have tabs? Like apps for Reddit or Lemmy. Literally none that I ever tried have tabs. I know they don’t perform that great, but not even an option?

Yeah, what the fuck is that number? Are we just straight up lying in court now?

I decided to see how long it would take me to find out how to change it with no help. Took about 30 seconds. In mobile Chrome, it’s basically the first setting on the settings page. So the steps are (1) open chrome, (2) hamburger menu, (3) settings, (4) search engine. Even if I have to count turning my phone on and opening Chrome if it wasn’t on my home page, it still wouldn’t even add up to 10 steps.

I checked Firefox and it has one extra step. There’s still a search option literally at the top of the settings, just it goes to a page with multiple search related options (default search engine is still at the top). The fact that it worded it as “default” also made me immediately realize you can tap the Google icon in the address bar to choose another option, which must be what you used. 2 steps in that case.

Come on mate, there’s no way you’d be aware of crypto in an online space like this without being well aware of why most people consider it a scam.

K3s? What did you do to the other 5 letters??

Yeah. GitHub makes sense because most users are writing code that can be executed by others. That makes GitHub accounts security critical.

But a Lemmy account? Naw, you lose almost nothing if that gets compromised. A little bit of history and subscriptions, mostly.

I’m in a discord that for some reason “requires” 2FA. Based on searching, I think they give everyone some kinda admin role or something? It doesn’t actually require 2FA, but it shows a very annoying warning that covers up a bunch of the channel selection screen. But despite that, I don’t really wanna deal with the hassle of 2FA on a chat app that’s basically consequence free for me if it gets exploited.

Yup. And to add, your browser will send things like:

1. Your IP address. Technically this is sent by the OS doing networking and is unavoidable. At best, a VPN can hide this, because the VPN sits in the middle.

2. Various basic request headers, which most notably contains user agent (identifies browser) and language headers, both which you can fake if you want to.

3. Cookies for that domain (if you have any). Those can track you across multiple requests and thus build up a profile of you.

Proxying external images means that instead of the image being downloaded from the original link, your Lemmy server would download it and serve it for you. The Lemmy server acts as a proxy.

But it means performing a lot of extra traffic. And realistically you’d want to cache the image because otherwise your server will likely get banned for the high volume of requests you send. But caching the images requires more storage and can have potential for legal issues.

And images are one thing, but literally any content is the problem. Images are just the most obvious because they often load without even having to click on the image and thus you’ll get far higher volume of user data. Literally anything you link to has this issue and you cannot proxy all of it.