Can you mention this in your article?
I make and sell BusKill laptop kill cords. Monero is accepted.
- 75 Posts
- 41 Comments
Joined 1 year ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Personally I wouldn’t run a lemmy instance because of this (and also many other concerns)
I recommend [a] letting the lemmy devs know (eg on GitHub) that this issue is preventing you from running a lemmy instance and [b] donating to alternative projects that actually care about data privacy rights.
The fines usually are a percent of revenue or millions of Euros, whichever is higher.
So if your revenue is 0 EUR then they can fine you the millions of Euros instead. The point of the “percent of revenue” alternative was for larger corporations that can get fined tens or hundreds of millions of Euros (or, as it happened to Meta, in some cases – billions of Euros for a single GDPR violation).
The fines usually are a percent of revenue or millions of Euros, whichever is higher.
So if your revenue is 0 EUR then they can fine you the millions of Euros instead. The point of the “percent of revenue” alternative was for larger corporations that can get fined tens or hundreds of millions of Euros (or, as it happened to Meta, in some cases – billions of Euros for a single GDPR violation).
That would be true if their instance wasn’t federating. If the instance is federating, then it’s downloading content from other users, even if the user isn’t registered on the instance. And that content is publicly available.
So if someone discovers their content on their instance and sends them a GDPR request (eg Erasure), then they are legally required to process it.
It’s definitely not impossible to contact all instances; it’s a finite list. But we should have a tool to make this easier. Something that can take a given username or post, do a search, find out all the instances that it federated-to, get the contact for all of those instances, and then send-out a formal “GDPR Erasure Request” to all of the relevant admins.
42·4 months agoDid you read the article and the feedback that you’ve received from your other users?
Any FOSS platform has capacity issues. I run my own FOSS projects with zero grant funds and where I’m the only developer. I understand this issue.
What we’re talking about here is prioritization. My point is that you should not prioritize “new features” when existing features are a legal, moral, and grave financial risk to your community. And this isn’t just “my priority” – it’s clearly been shown that this is the desired priority of your community.
Please prioritize your GDPR issues.
2·4 months agoVery nice. Unfortunately it doesn’t look like Boost is available on F-Droid.
Fortunately, in my case, my image was “orphaned” and never actually attached to a post or comment, so it wouldn’t have federated.
If the image has already federated then that’s a whole next level problem :(
Unfortunately, the Lemmy devs literally said it would take years to fix this issue. If you think this should be a priority for them, please advocate for them to prioritize it on GitHub:
Hi, unfortunate author here 😅
The issue happened in Jerboa. I opened a few tickets in the Jerboa app’s GitHub to address this:
- jerboa #1361: UI for deleting uploaded files
- jerboa #1362: Setting to hide "upload media" button
- jerboa #1363: Add "confirm upload" step to UX
Can you please tell us which Lemmy client apps you use that store the delete token and have a UI to delete uploaded images?
This seems to suggest that you have to get it from lemmy when you first uploaded the image
Thanks, but I’m asking because I didn’t find the reference documentation especially helpful.
It says I need the “delete token” or “alias”. How do I get that for a given URL?
I’m looking for an example that describes how to construct the commands for the API calls knowing only the URL of the image.
You definitely can do that, but if you’re afraid that you might stand-up and forget you’re using it, then you probably shouldn’t.
It’s probably enough to just use the default trigger that locks your screen. Or, once you get comfortable with it, set it to shut down your computer. Most people don’t need to shred their FDE keys, unless they’re facing torture.
In fact, we make it difficult to use “destructive” triggers (like the LUKS Header Shredder that wipes the FDE header) and intentionally do not include the ability to switch to it in the app. To use it, you have to do a lot of extra work. So most users don’t have this issue.
Why? It defaults to just locking your screen. So you stand-up, the magnetic breakaway cable separates, and then you just have to type your password…
If you’re the type of person that would forget to lock your computer before standing up and walking away, then it’s exactly what you’d want.
Thank you for your input, but I think it’s worth mentioning that that’s absolutely not true.
To be clear: I’m not asking for a no-KYC solution. I’m happy to auth with my company’s official government-issued registration records, with my personal government-issued ID, etc.
I’m not aware of any regulations that require a phone number. There are regulations (eg UK’s PSD2) that effectively require 2FA – and many banks chose to implement this requirement via phone numbers.
Hopefully one day the regulations will explicitly prohibit 2FA OTPs from being transmitted at all (ie so banks are forced to use secure 2FA methods like TOTP or U2F instead of insecure methods like SMS, email, etc). But currently I’m not aware of any KYC regulations that require a phone number from the customer.
513·7 months agoYou associate everything that can be bought with cryptocurrency as a scam? It sounds like you haven’t even read the post. I spent a lot of time making it easily accessible here on Lemmy. You don’t even have to click the link. Just scroll-up and read :)
33·7 months agoYes, it’s clearly disclosed in my profile that I am the founder of the BusKill project.
This is a PSA that our sale has started. I’ve had inquiries from members of our community asking about Black Friday sales.
10% off is barely any discount anyway.
Sorry, we’re a very small open-source shop. I’ve paid myself nothing so-far. The price just barely breaks-even for the business.
All of this is explained in-detail in “The Finances” section here.
Prices would drop dramatically if we could do production runs (and actually sell) >10,000 units at a time. Currently we only sell a few cables per month. If you want to help, please tell all your security-conscious friends about BusKill :)
How exactly did you come to the conclusion that this is a scam? We’re a fully open-source hardware & software project that’s been around for a few years. If you don’t want to buy from us, we go out of our way to help users build their own 3D-printed BusKill cables (currently in prototype stage).
Our software is free as in speech and free as in beer under the CC BY-SA and GNU GPL licenses.
Hi, Michael Altfield here. I was the sysadmin for OSE from 2017-2020.
Everything OSE does is transparent, so you can just check the OSE websites to see what everyone is currently working-on. OSE contributors log their hours in a worklog called “OSE Dev”. There you can quickly see who is working on what.
The above graphs show 4 contributors in the past ~10 weeks (one is me; we had some issues with the apache config recently). There’s no direct link, but you can then check the wiki to see people’s work logs (just search for the person’s name and
Log):I also like to look at the MediaWiki “Recent Changes” page to peak at what people are up-to as well:
I told Marcin about Lemmy back in June 2023. Another OSE contributor even created an OSE community on the slrpnk.net instance, but it appears to have been abandoned. I’ll email him about this thread to see if he’ll bite and publish updates in this community since there’s clearly interest :)
Also, shameless plug: I started an org that’s very similar in spirit to OSE called Eco-Libre, with a focus on projects to sustainably enfranchise human rights in smaller communities. We’re currently accepting volunteers ;)