The metadata in the headers can be avoided using Memoryhole and similar protocols which embed the headers inside the encrypted payload. The problem is again barrier to entry. Low-tech users generally can’t even handle app installs on desktops.

When you say “worry”, that’s not the right word for it. My boycott against Google is not fear-driven. I will not feed Google anything it can profit from as an ethical stance. Even if an expert linux tor user were on Google, I’m not sure we could exchange email in a way that ensures Google gets no profitable data. If we use PGP coupled with Memoryhole to strip out the headers, I’m not sure Google would accept a msg with a missing or bogus From: header. But if so, Google still possibly learns the user’s timezone. Though that may be useless if Google learns nothing else about that user. But we’re talking obscure corner cases at this point. Such an expert user would have no Google dependency anyway.

MS/google-dependent friends are generally extremely low-tech. They don’t know the difference between Firefox and the Internet. They don’t know the difference between Wi-Fi and Internet. Linux – what’s linux? They would say. At best, they just think of it as a mysterious nerd tool to be avoided. So what can I do wholly on my end to reach them via gmail without Google getting a shred of profitable data? Nothing really. So I just don’t connect directly with a large segment of friends and family. Some of them are probably no longer reachable. Some are in touch with people who connect to me via XMPP, so sometimes info/msgs get proxied through the few XMPP users. It’s still a shitshow because Google still gets fed through that proxied inner circle of friends and family. In the past when someone needed to reach me directly, they would create a Hushmail or Protonmail mail account for that temporary purpose (like coordinating a trip somewhere). But that option is mostly dead.

I just had to reach out to plumbers for quotes. All of them are gmail-served. All I could do is refuse to share my email address and push them to use analog mechanisms. They are not hungry enough for business to alter their online workflow or create protonmail accounts.

That’s exactly what I did with hushmail. I would tell low-tech folks to get a hushmail account then I would use hushtools.com to do all the key management, putting my key on the keyring and grabbing their key. So the other person did not need to know anything or take any special steps. That was best option of my time. But last time I checked hushmail was still entirely non-gratis.

Protonmail emerged when HM became non-gratis and messed with hushtools. But PM requires every one of their own users to do key management which creates a barrier to entry. I would have to walk a PM user through adding my key to my record in their address book and walk them through sending me their key. That effort is a show stopper for many. I might as well walk them through setting up a PGP-capable MUA. But then if they keep their gmail or MS acct the metadata still feeds those corps.

This simple answer is no doubt the most overlooked; probably as a consequence of the tyranny of convenience… people too lazy to go to the library.

I give out my XMPP address and offer Snikket accounts. Some go along with it and some do not. I lost touch with some friends. Some people are in contact via phone but that’s not ideal some connections are lost as phone numbers change.

I used to push some people toward Hushmail until they dropped the gratis plans. Then for a while I pressured people onto Protonmail but then distanced myself from PM when the brought in Google reCAPTCHAs and killed off Hydroxide. Tuta is a non-starter because Tuta’s variety of e2ee is incompatible with open standards, thus forcing me to periodically login to a web UI (also due to them sabotaging their Android app by way of forced obsolescence pushed in the most incompetent way).

So it’s a shitty state of affairs. 2024 and simply sending a msg to someone has become a total shitshow.

I refuse to fund my oppressors

Bingo. I live by this philosophy.

Although more precisely: I refuse to fund feed my oppressors. The reason for s/fund/feed/ swap is that our oppressors profit from our data too. So e.g. I won’t even email a gmail user because my data would then feed Google (an oppressor because of how they dictate e-mail terms among other oppressions).

The others are right. Trying to stream from a torrent seems wasteful and complex.

But if you must for some strange reason, perhaps it would work to use webtor.io to produce an http-reachable audio file which could be curl/wget-fetched and piped to an audio decoder/player. I doubt you could make webtor fetch pieces linearly from the beginning. You would likely have to wait until the last piece is fetched to start streaming.

I’ve not fetched subtitles in a while but back when I did, I recall all the websites hosting them were extremely protectionist… more so than any other category of content on the web.

Of course the fix is to have torrents for the subtitle collections, perhaps by language.

It basically is saying that if you have more money then you have more “votes”.

That’s simply true. It doesn’t do anyone any good to disregard the facts.

Or to put it in another way: If you have more money you matter more.

That abstraction doesn’t help much. And first of all, it’s more accurate to derive the statement “If you have more money then you have more influence”.

It’s still a shitty status quo, but it is what it is. The worse thing you can do is tell people not to boycott shit products on the basis of rejecting reality. It’d be like telling people not to vote in elections because their vote is a drop in the ocean.

Some people vote for democrats, then they cancel their own vote by getting their internet service from Spectrum, buying fuel from Chevron for their car, shipping their packages using FedEx, getting their phone service from AT&T, banking at PNC Bank, flying on Boeing planes, shopping on Amazon, doing their web searches on a Microsoft syndicate’s site (e.g. DDG), buying Sony devices… etc. They either have no clue that most of their voting is actually for the republicans, or they think that drop-in-the-ocean vote that comes once in 4 years somehow carries more weight than the daily votes they cast with reckless disregard.

Greg Abbott’s war chest is mostly fed by oil companies. If you buy fuel for a car, you help Greg Abbott and other republicans. And if you buy from Chevron, you give the greatest support to republicans (Chevron is an ALEC member).

You might let her know that she can borrow DVDs from the public library at no cost. Another little-known gratis option is freesat and terrestrial broadcast. I recently started using MythTV as a PVR to record broadcast TV and was pleasantly surprised to find no commercial interruptions (but if there are commercials in her region, MythTV can cut them out).

I didn’t see the OP’s pic but these groups generally work against enshitification of the world:

• !asshole_crappy_design@slrpnk.net
• !activist_investing@lemmy.whynotdrs.org
• !escapebigtech@lemmy.escapebigtech.info
• !cyber_activism@sopuli.xyz
• !netneutrality@sopuli.xyz
• !right_to_unplug@sopuli.xyz
• !buyitforlife@slrpnk.net
• !anticonsumption@sopuli.xyz
• !fightforprivacy@feddit.ch
• !offgrid@slrpnk.net
• !foss@beehaw.net
• !privacy@links.hackliberty.org
• !climate_action_individual@slrpnk.net

Notice that none of those communities are on Cloudflared instances (thus also avoid propagating the enshitified portion of the fedi).

Ending capitalism is not the /only/ way. Within a capitalistic system, you can boycott shit. Most consumers are pushovers but it doesn’t have to be that way. I’m boycotting hundreds of shitty companies. Off the top of my head:

• Amazon
• Cloudflare
• Microsoft
• Facebook
• Google
• Apple
• (surveillance advertisers in general)
• (all closed-source s/w)
• HP
• Proctor & Gamble
• Unilever
• all ALEC members (American Express, Anheuser Busch, Boeing, CenturyLink, Charter Communications, Chevron, FedEx, Motorola, PNC bank, Sony, TimeWarner)
• many shitty banks
• Paypal
• AT&T
• GMA members (Coke, Pepsi, Kraft - Heinz, Kellogg’s, General Mills, McCormick, Hormel, Smucker)
• BetterThanCashAlliance.org members (visa, mastercard, unilever) – war on cash
• Bayar-Monsanto
• Dupont
• Hershey
• Nestlé
• Exxon/Mobil
• Comcast
• Koch
• Home Depot
• Lowes
• …etc

Those are all shitty companies that significantly worsen the world. Giving money or data to any of them contributes to enshitification of the world.

Of course it’s an option to stop supporting assholes. Become ethical. Be the change you want to see.

Maybe you misunderstand the enforcement part of the GDPR. It’s not made for you to get personal enforcement out of it.

You obviously have not read article 77. This article entitles individuals to report GDPR violations to a DPA for enforcement. Article 77 does not distinguish violations against an individual (which I suppose is what you mean by “personal enforcement”) and violations against many. Some of the violations I have reported can only be construed as violations against the general public. E.g. an org fails to designate a DPO.

The problem is there is nothing to enforce article 77 itself. When a DPA neglects to act on an article 77 report, there is no recourse. There is only a provision that allows lawsuits against the GDPR violators. But then when someone did that, and then claimed legal costs, an Italian court decided for everyone in a precedence-setting case that legal costs are not recoverable. Which essentially neuters the court action remedy. So we have an unenforced article 77 and a costly & impractical direct action option.

It works on the basis of multiple infractions being recorded and then escalating the agencies response level.

It’s not even doing that much, in some cases. The report has to get past the front desk secretary and be submitted into the litigation chamber before it’s even considered as something that would indicate a trend. If it doesn’t get past the secretary it does nothing whatsoever. Some of my reports were flippantly rejected by a pre-screening secretary for bogus reasons (e.g. “your complaint is ‘contractual in nature’” when in fact there is no contractual agreement, apart from the fact that the existence of a contract does not nullify the GDPR anyway).

I work with many companies as IT consultant and I can assure you, that they all FEAR the GDPR

So you’re only seeing the commercial response. Gov agencies & NGOs are also subject to the GDPR, which is where you see the most recklessness (likely due to the lack of penalty). On the commercial side banks also don’t give much of a shit about the GDPR because when they violate it there’s a shit ton of banking regs they point to and the DPAs are afraid to act against banks because of the messy entanglement of AML/KYC laws that essentially push #banks to violate the GDPR.

Enforcement of GDPR does happen and you can review every enforcement on a public website called enforcement tracker.

Indeed I’ve browsed through the enforcement tracker. It’s a good prop for making the public believe that the #GDPR is being well enforced. They are cherry-picking cases to enforce to convince the public that something is being done, but people who actually submit reports know better. We see the reports that are clearly going unenforced.

I have also personally requested information about me and my family through the rights bestowed by the GDPR

I have had article 15 access requests denied which I then reported to the DPA, who opened a case but just sat on it. For years, so far.

(edit) By the way, I suggest you leave Lemmy·world for a different instance. If you care about privacy at all, you don’t use Cloudflare nodes. I cannot even see the msg I wrote (which you replied to) because #lemmyWorld blocks me (which I give some detail here: https://lemmy.dbzer0.com/post/1435972). I had to reply to you based purely on your msg without context.

The weapons you mention are quite basic. Those don’t even begin to scratch the surface unless you’re using the internet the way most normies do.

I was thrilled when #wiby.me was first introduced. Then for a while wiby.me was itself a Tor-hostile Cloudflare site. I’m glad you brought it up because it prompted me to check again & it seems at the moment wiby is a user-respecting non-Cloudflare site. Note there was another search engine similar to wiby which I can’t track down right now… but it’s possible I’m confusing that other one with wiby. Err… I think both were unusable for a while.

(edit) The other site is search·marginalia·nu. That’s the one that became a despicable CF site. I think wiby broke down for tor users for a while but glad to see at the moment that it’s still usable. I just got good results when searching for a recipe.

I would bet it’s a slim enough minority of students who pay public transport on a per-trip basis that theft would not be from arbitrary break ins. A student would have to (recklessly?) use a high-end phone for this & be spotted putting an uncovered phone in the locker.

The best security is a good insurance policy. Not sure if high-end phones tend to have an insurance policy because I avoid them myself.

Perhaps not at all.

But the limitation of using #Selenium is a big one. Being forced to work in java, forced to use the resource hog of a modern gui browser, forced to reveal more browserprint info, being browser-dependent, etc. Selenium is my last choice when desperation is sufficiently high.

The problem is search engines have proven not to keep up with our needs. Sites trashed up with cookie popups, subscription nags, and CAPTCHAs are making it into the highest ranks of search results. Cloudflare sites in particular.

It is indeed another attack on #openData principles.

luckily there will always be people fighting to keep the Internet free

Google’s move makes the fight much more uphill for freedom fighters. The real problem is the masses of pawns who fail to vote with their feet. Some of them voted with their feet merely because CAPTCHA is inconvenient. Eliminating the CAPTCHA puts these #tyrannyOfConvenience users on the wrong side of the fight.

lol… I see that the Facebook-addicted kids are down-voting me :) Probably as they sit in a boring class!

Do “good parents” really all have this level of robotic control over their kids?

Do you really give a zero to “nature” in the nature vs. nurture behavioral influence?