A community for Lemmy users interested in privacy
Rules:
Very good point in this article that third-party cookies can be deleted but fingerprinting - like fingerprints themselves - cannot be. And quoting Google in 2019 before they decided to be even more evil than they are now.
This might be the best article I've seen about the change, and it's posted on a company blog.
The article appears to be high on repetition and low on detail. I saw very little evidence supporting the claims and even less external resources.
What I did see was lots of links to their products.
I'm not saying that the article is wrong, just that it's not great.
This BBC article cites several organisations and explains how it's done for example:
Edit: Added link
Touche. I didn't realize how many of the links in Tuta's blog post were to their own blog.
Digital fingerprinting collects and analyzes multiple data points from a user’s device - such as screen resolution, installed fonts, browser settings, and even battery status - to create a unique profile
Why is all this information available in the first place? Why the hell does a website need to know which fonts are installed, which browser settings are active, and why the hell would it require the battery status? Why are browsers sharing that much information in the first place?
Because Javascript was a cancerous mistake. Web browsers should never have been scope-creeped to allow executable "apps" instead of "pages" of document markup.
I am curious, what do you think would've been the better solution?
There was no problem requiring a solution. Just like cars functioned perfectly fine as cars for decades before becoming gross, always online, data harvesting privacy invasion devices, the "solution" would have been to just not do that. Cars used to let you drive places just fine before jamming internet connections in them. Similarly, browsers used to let you browse the web just fine before we decided to abandon stand alone software development to jam everything in a browser.
I'm not sure what the solution is that you're proposing. Web documents with links to download software instead of web apps? Am I understanding that right?
We used to do server side stuff
Web apps don't need to exist, so yeah. A website should just be a website. If there's something that NEEDS a whole ass application to run, that should be something you have the choice to download and install, not implemented in an invasive way in unrelated software meant to show some interactive text, images, and video.
You're shouting at clouds old man. I thought you were going to propose an actual solution, not just weather against the times.
🙄
Your post asking for a solution was in the past tense. I answered in that context. Anyone following the discussion is able to see that. If you changed your frame of reference in your mind to the present day, you sure didn't communicate that here, so that's on you. How would we solve this problem today? I don't think we can. Javascript and the like are way too entrenched and web apps are a way of life now. We're stuck with this privacy invading nonsense until something drastic changes, but I don't know that that change would look like.
I didn't change the frame of reference. Those technologies are 30 years old. Back when I started using computers, you had to download every little thing and websites looked like shit. That was the problem that needed solving. Your "solution" was to basically just keep doing that. In fact, you don't even think it was a problem.
Viruses and malware didn't exist in your world, did they? You were happy loading up any old program onto your DOS machine to test it, right? No sandboxing, no nothing. The world was perfect back then. Java applets were a treat too, right? Running right in your user environment with access to the full disk. Why ever change that? There wouldn't ever be a problem with drive-by infections. Nooo, full-disk access is not a problem to solve.
GIFs were an amazing technology too. We should've stayed with that instead of streaming or upload videos to watch them in the browser. Yeah, I loved having to download everything then hope the video format was playable locally.
Bro, your "proposal" to just stay stuck in Y2K is garbage and you expect me to just nod along. Good old days my ass. Web apps exist for a bloody reason and solve real problems. If you seriously think they're just here to flash ads at you and track you, then you stopped thinking years ago. Think about a real, alternative solution instead just "we don't need it". It might actually get some dust off the cog~~s~~ in that machine of yours instead of just storing old memories and wishing times hadn't changed.
The fuck are you on about? This post is such an extreme overreaction. You've successfully made up a bunch of shit that you think I'm advocating for and then gotten super mad about your own bullshit. I didn't say that nothing should have changed or evolved from back then. I said that Javascript was a bad way forward and that I don't think there's anything wrong with separation of software by function instead of making one bit of software an all in one solution. But go ahead and rant and make personal attacks. I don't even know why I'm trying to clarify my position to someone who's intent on demonstrating they're clearly not someone worth discussing things with.
I suppose it queries for the fonts in any given website's stylesheet font stack but I would not know better.
saw tutanota in the title and was worried I'd have to switch email providers again
Same, I'm still in the process of switching over to Tuta from proton
Not really a replacement
If i only used proton for email, how is that not a replacement?
Because with proton you can send encrypted email to people off proton with PGP. Tutanota only sends encrypted mail to other people on tutanota.
posteo.de is a better replacement for proton. They support PGP
I'm personally more worried about what a company is doing with my data. I.e. Google reading your emails for "personalized ads" or just straight up selling my data.
I feel confident that Tuta is not selling my data, and that's what's important to me.
On top of this, I also use my own domain, posteo does not support custom domains.
But every time you email someone else on gmail, google reads your data. Including all the companies using Google Workspace.
But if you send PGP encrypted to a gmail user with a service that supports it (tutanota does not), then the recipients email provider can't read it
Man I wish Tutanota would add PGP support
I'm gonna be honest, I'm skeptical of the claims this article makes. Tuta has a history of using fake emails and "updates" from competitors in order to sell their product. Last year, they spread a screenshot on their Mastodon account of a fake email allegedly from Google, announcing that Gmail was shutting down. They were told in the post that their claim was inaccurate and that the "email" they were sharing was fake, but they left their post up anyway.
It wasn't until they were told that they could be sued for false advertisement that they removed the post. Their response was effectively "Oops, we forgot to fact-check it before going to bed", which I'm not sure I believe, because how do you write an entire post based on a screenshot, with the intention to sell your product, and not think even for half a second "Hmm maybe I should confirm some of these wild claims I'm about to make"? It's either malice or incompetence, neither of which instill trust.
I'm not saying this to defend Google, just to highlight that Tuta doesn't take issue with lying to potential customers, and that's something you should know before you give them your money. If they're willing to spread such a stupid and easily-disproven lie before you're even a customer, what are they willing to lie about once you give them your credit card?