substrberry wrote (edited )

Several of the things posited in this article are technically true, but the overall message completely misses the mark, and as it currently stands, serves to be misleading to readers.

Yes, end to end encryption is not perfect, and any implementation being provided over the web would, fundamentally, rely on trust. However, this is ultimately true of any implementation of software, not just cryptography and encryption, and any method of distribution for services and software that could feasibly currently exist.

When people use a service, provided online or otherwise, they must trust the entity providing that service, and that it is what it claims to be. At this level, it's an inherently social problem, and no amount of platitudes or technology is going to change that for people.

As an example, consider this website, a selfhosted instance of Postmill: when we use this site, we have to trust that Postmill, among other things, handles the the implementation of passwords to a reasonable extent. We have to trust that the selfhosted instance, whether the original codebase or a modified fork, maintains that security. And lastly, we have to trust that the people running that instance will not abuse their users, in a countless number of ways.

None of these things would ever make it worthless to host this site or use it. If this site was something that implemented end to end encryption, such as any of these:

People who use these things must put their trust in them, in all the same ways, in order to use them. And if your threat model allows you to do this, then end to end encryption is totally fine for you, and can do a lot.

With file hosts, I personally take E2E as a commitment that they do not wish to view or do anything unexpected with my files, that they have taken steps to prevent it from being possisble. With password managers, E2E is a basic necessity to offer it as a service, and anything less is patently absurd.

Not understanding other people's threat models, or services which are tailored to them, is not an excuse to dismiss them outright as snake oil, incoherent, and worthless.

There is a trend amongst certain authors writing on the topics of security, spyware, etc. to look at things with such a narrow view, as to make any effort to be better worthless. And I find that annoying.


substrberry wrote

yo, those look rad! I have a bunch of old gameboy colors and an advance, but haven't gotten into modding. Do you have any resources, guides, or relevant sites you could link?


substrberry OP wrote (edited )

The overall conclusion drawn in the video is that if you want people to not use ad blockers on your website, the quantity and quality of the ads has to be tolerable.

I want to share some projects and companies worth praising for taking this into account and showing it with their actions, as paying attention to how advertisements work behind the scenes is a very niche topic that generally goes unnoticed.

  • Acceptable Ads Standard is a project laying out requirements and specific measurements for ads to be considered acceptable. Most of what I list below meets their guidelines, and I appreciate what they've done in definitionally differenciating between acceptable and non-acceptable advertising.

  • The now long gone Project Wonderful, which lasted from 2006 to 2018. It allowed website owners to auction ad space on their site, as opposed to advertisers paying for clicks. This model featured incredibly good UX, not only for users, but for website owners and advertisers, too:

    • Because specific space was being auctioned, advertisers were largely intentional about where they advertised. By allowing advertisers to find similar niches to what they were offering, this created a bias towards relevancy, the largest example of which is how with over 5,000 websites for webcomic using project wonderful, the vast majority of the time you went on those sites, you would see ads for other webcomics, which you might go on to read and enjoy :)

    • Website owners could control what bids they accepted, handling quality control in addition to Project Wonderful, and trust that what was shown on their site was acceptable because of that

    • As an advertiser, the time you paid for only ticked while your ad would be shown to users, so it didn't matter if someone out bid you for a while, your ad would still eventually be shown. This, obviously, also benefited website owners, as the price would be driven up in correlation to how valuable people thought your site was.

    Currently, their website is a small memorial.

  • Adrinth, the gaming advertising network counterpart to Modrinth, a community built & open source mod hosting platform for minecraft. They built their own service for ethical advertising on their platform <3

    The arinth page is pretty bare atm, and their ads are discussed in more detail here, which links to the Acceptable Ads Standard mentioned above.

    An example of an adrinth advertisement:

  • Dragonfruit Ads, which requires some background: There is a furry adult content oriented image board named e621, which is owned and ran by certain people in the furry fandom through a company named Dragonfruit. Those people also run a company named Bad Dragon, a manufacturer of fantasy-themed sex toys. Between the two endeavors, they're a massive, if somewhat behind the scenes, presence in the adult furry fandom.

    This brings me to how e621 does ads: similarly to adrinth/modrinth, they made own advertising infrastructure using the domain, with absolute control over ads, and strict requirements for what counts (only jpgs and gifs of certain sizes). The details are on this page; (which doesn't have anything nsfw on it, but be warned that 18+ content is only a few clicks away)

    As with project wonderful, this results in the vast majority of ads being relevant to e621 users, whether they're ads for bad dragon, furry video games, furry artist's patreons, etc.

    Of course, there is some real slop that gets advertised on adult sites, but by doing their ads like this, they've enabled plenty of good advertising too, which is absolutely worthy of praise. Ads can even be meta about common tropes in porn ads.

    As an example of what e621 users may see, the video game Hedon Bloodrite, a retro fps, runs this banner advertisement on e621 (warning for suggestive faces/artwork)

  • Carbon Ads, an advertising company specializing in minimally intrusive ads for technology and development related fields, being ran on sites for those fields. You can see their ads in the bottom left of, for example, though they will be blocked by firefox's enhanced tracking protection as well as ublock origin. Here are some screenshots:

  • Ethical Ads, which is very similar to carbon ads, and has the same business model. I honestly can't remember what site I saw these on, but I enjoyed their minimally intrusive UX enough to make note of them, similarly to carbon ads.

Note that some of these sites may be blocked by your ad blocker or network/pihole filter lists.


substrberry wrote

yo, this zine is great, good work. some images loaded pretty slow, but it wasn't a problem for me, as I don't mind in order to view art in as close to source quality as possible


substrberry wrote (edited )

been working on a handful of things lately

  • a currently private attempt at writing an SSO and identity provider with some bells and whistles, like integrating with this nginx module, and supporting adding multiple accounts via oauth belonging to the same service, to allow people with multiple discord accounts or twitter accounts to use features I want to provide with all of them
  • a y2k themed news timeline with search and filters, like, but about current day websites (youtube, reddit, twitter, furaffinity, pillowfort, discord, etc) doing bad or good things for their users, changes to their guidelines/tos/policies, etc. as well as information on how to bulk download/archive their content. not ready for the public yet.
  • a github actions workflow using npm packages and node.js javascript code to download the xml dump from the wiki and process it into json data with a more usable structure, repository here
    • made this so I could start work a different project using it, a searchable index of fortnite cosmetics with tags based on color/texture/theme, purely so it's easier to put together matching loadouts, because in fortnite, cosmetics can have alternate styles you can't see from the initial list in your inventory, and I wanted a view with all of them + filtering based on color. i am a petty power user.
  • a private browsing extension with various things, the most important being bulk archiving tools for Discord. and as a browser extension, it doesn't break Discord ToS by modifying the client or using your user token with the api, as it won't need to do those things.
  • about 4 months ago, I made a javascript package named data wrappers to simplify the handling of options/user data in my projects. works well with anything from many users' settings (for example, in a discord bot), to a single person's options in a browser extension or static web app saved with browser storage methods