It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionWould you kindly stop with this data-mining crap?(102 posts)(102 posts)
(102 posts)
Pages:
1
2
3
4
5
6
7
This is my favourite topic
Posted May 20, 2016
avatar
So which part exactly is so deluded or irrational in your opinion?

The fact that huge companies gather as much data as they can from online visitors? That somebody is willing to pay a lot (and therefore has to find some intrinsic value in said data)? Because at this point I'm just going to point at either Facebook or Google that made billions on data mining.

The only part that you can try to question is whether or not the presence of such huge databases will have any detrimental effect on the society. In which case I'll start pointing out all the historical records where personal information was used to subvert individuals, or allow heavy-handed population control. And most of these records are from situations where obtaining and working with that amount of information was vastly more costly than it is currently possible.

The existence of such depositories goes against the very foundation of Western societies. There is a reason why voting records for general elections are not open to public scrutiny. There is a reason for the Constitution of the United States to put such heavy stress on privacy of individuals under its protection (not that it matters nowadays, but the thought is there). There is also a reason why every despotic government ever had some form of vast apparatus used for information gathering and control.

So, yes, I do get quite vocal when people who, by own claims of professionalism, should know better start dismissing this all with flippant comments amounting to "if you have nothing to hide."

avatar
Darvond: Define old. There's been at least three versions of the site.
Anything prior to introduction of the cloudfront.net - until now, I could block all the elements I found offensive without it impacting usability of the site. Not so much now - you literaly cannot log in (or see images) without allowing cloudfront.net access.

avatar
Lukaszmik: You claim to be a programming professional, and your work practice does not include security check of code you are adapting from other sources?"
avatar
Fenixp: Now I'm confused, I was kind enough to waste my time doing just that for you (because... Well yes, I do) and your response was, aand I quote,
avatar
Lukaszmik: "Security audit of the code in memory or GTFO." Basically.
avatar
Fenixp: After the fact you're also using your insecurities to attack my professionality, which ... I don't actually much care about to be honest, but it is kind of rude.
I should have probably communicated better in that respect. I was mostly annoyed by this:
avatar
Fenixp: Anyway, I have checked where does it in any way connect to amazon or any other third party website and there's no such occurence, the code is fine.
You know any such requests give Amazon the IP and web-site association. At least.

Also, as a professional programmer you should know damn well that
a) any third-party code used may be changed without any notice and at any given moment,
b) without full security audit you cannot have full certainty that the code does what it appears to do. Too many possible ways of doing such fun things as pointer tweaking, buffer overflow, or even more complex ways of getting things that appear to be germane to do something unexpected by the end user. Again, this part is more theoretical than applicable to current discussion, but this is something I would expect a professional to be aware of and acknowledge.

Then there's your comment about the code not sending anything to Amazon, a statement completely ignoring the fact that the act of obtaining the code itself does send information to Amazon's network.

avatar
Fenixp: And no, checking all outgoing data won't help.
Define "checking." Because with sufficient effort it absolutely does. If anything, you can stop specific packets to cut out whatever information you want to prevent from leaving the system - and as long as it is something auxiliary to the data request rather than required to run whatever the third-party script is supposed to do, you can actually get away with it. Though this is more of a technical possibility than realistic method of dealing with such situations in real life, but I'm being pedantic here since we're discussing this as professionals.

avatar
Fenixp: As soon as any website receives any data from your browser they're free to do with it whatever they please server-side and you can't see shit.
So why would you be surprised when somebody objects to data-miner's presence on GOG, then?

avatar
Fenixp: But wait, you have tools to prevent any website from seeing any such information, so again: Why on earth aren't you using them?
Because you clearly missed something I stated several times - it is impossible to currently use GOG's site without allowing cloudfront.net access (blocking everything else, including the new scripts from newrelic is, for now, possible)

avatar
Fenixp: There are two kinds of people: Those who agree with you and those who are wrong :-P
This is a subject that has received so much detailed coverage, including all the associated societal and political ramifications, that I consider any technical person (or somebody with sufficient level of knowledge in the area of "social science") without a reasonable argument to dismiss the danger of data gathering on such scale (and I have yet to meet any such person) to be either unforgivably clueless on the subject, or utterly disingenuous. Take this as you will.

avatar
Fenixp:
Because clearly loading the reported 70kb file from cloudfront.net is going to speed things up...

Last I checked (which is right now), the images themselves are still hosted by GOG servers.

As to TOR, if your response to increasing encroachment on privacy is to recommend stop-gap measures with obscure tools, no wonder our society is headed the way it is.

It's not about what specific data is being mined. It's about what will happen if people remain indifferent to such mining. And for that, go read any distopian classic. Or watch Brazil and spend the activity of a neuron or two connecting the dots.

Lastly, for educational purposes:

http://motherboard.vice.com/read/lack-of-online-privacy-has-chilling-effect-us-department-of-commerce-says
Post edited May 20, 2016 by Lukaszmik
Posted May 20, 2016
avatar
USERNAME:immi101#Q&_^Q&Q#GROUP:4#Q&_^Q&Q#LINK:62#Q&_^Q&Q#i don't really want to interrupt the tin foil hat party here :p, but that bit got me curious ...

i always get annoyed when websites load their scripts from all over the internet instead of from their server. Never thought there could be a performance reason* for that. Naively I would think that establishing a new connection to another server would cost more time? But then, all this fancy asynchronous, dynamic web2.0 stuff is just black sourcery to me :)

* apart from the obvious reason if your server can't cope with the traffic and you shift part of your website to some cdn service#Q&_^Q&Q#LINK:62#Q&_^Q&Q#
avatar
i see, that makes sense. thx :)
though the above would still work if the script would be served from let's say timing.gog.com instead of *.cloudfront.net, right?
Posted May 20, 2016
avatar
Alternatively (2): Chew through the squirrel. It won't help with net privacy but they sure are tasty
Posted May 20, 2016
avatar
Darvond: This person seems like the type who thinks Deus Ex is a documentary rather than fiction. :V
You mean he's sane?
Posted May 20, 2016
low rated
avatar
Lukaszmik: So which part exactly is so deluded or irrational in your opinion?
You are forgetting the golden rule

People are morons
Half these retards actually work at fast food have IQ below 10 and feel big they can hide
on interwebz and talk shit.
Posted May 20, 2016
low rated
Has the OP gotten to the part about the Communist poisoning our drinking water with fluoride yet?
Posted May 30, 2016
So, two weeks later I am still unable to access my purchases without also allowing Amazon access.

Aside from one brief "we'll let web development team know" response from GOG, there was no further communication. I already sent them six e-mails (do note - over two weeks. That's not a a lot).

Seems like this shit is to stay, so I guess no GOG for me.

Meanwhile, I do wonder if EFF or some gaming/tech site might be interested in the precedent. After all, it shows just how few customer rights remain in digital age.

Also, thank you so very much for understanding, all you low-rating twits. Just because you are fine with having your own information spread all over the internet does not mean everybody else has to conform to your clueless indifference.
Posted May 30, 2016
avatar
Lukaszmik: Also, thank you so very much for understanding, all you low-rating twits. Just because you are fine with having your own information spread all over the internet does not mean everybody else has to conform to your clueless indifference.
Thanks! :D We try.
Posted June 02, 2016
high rated
I read through this thread post by post and I simply cannot understand the mentality of people.

The original poster of this thread has plenty of valid reasons for concern. There are so many ways to mine data from people ranging from full on mining scripts to the collection of IP addresses.

Amazon is not just a webhosting company, in case people forgot already they are also in pretty much the same business as Google and Ebay. Amazon profits from building profiles on people and selling this information (or making it accessible in some way for a price).

Since the majority of the posters do not seem to be technically inclined let me keep this simple:
Even IF companies like Amazon, Google, Facebook and the like are benign right now and would really just use the data they gather to improve services it does not guarantee what will happen with this data in the future.

The Dutch government kept preferences records (compare them to website cookies) of it's citizens to know where they wanted to be buried in the event of a sudden death with no next of kin. This data was gathered for completely benign purposes but guess what happened about a decade later?

WOII happened and pretty much overnight the country was now occupied by German troops.
Conveniently for the Nazi party the Dutch government had these graveyard records. Nazi Germany was interested in finding jews so now all they had to do was cross-reference these records with the locations of Jewish cemeteries and guess what? The vast majority of the jews in The Netherlands were eradicated without mercy.

And this happened over one simple preference checkmark. (yeah let that sink in)

Then when WOII ended there was East Berlin and the STASI government that tried to monitor as much as possible about each individual in order to keep them under control. People were being ratted out by their own parents, childhood friends and teachers because they were afraid that someone else was aware that they knew that someone else committed a 'crime' yet did not report it.

The current state of affairs with the data mining internet where people keep Facebook and friends inside their pockets with location services on their phones was the Stasi's wet dream.

If there is anything we should have learned from history by now is that it is important to look to our past AND future in order to prevent disasters in the making from happening.

In short Lukaszmik has plenty of valid reasons to be concerned with the current state of affairs. Now don't get me wrong, this is a 'free' world so people are free to do as they please. If you are not concerned with the matters at all then by all means go ahead and have your data mined. But also respect the views and opinions of others and don't call them paranoid or tinhats when they have plenty of valid reasons for concern.
Post edited June 02, 2016 by donvermo
Posted June 02, 2016
avatar
Lukaszmik: So, two weeks later I am still unable to access my purchases without also allowing Amazon access.

Aside from one brief "we'll let web development team know" response from GOG, there was no further communication. I already sent them six e-mails (do note - over two weeks. That's not a a lot).

Seems like this shit is to stay, so I guess no GOG for me.
I would suggest waiting a little longer.

I think the issue is where they try to connect the perfomance data with the logged in user. Depending on the way it's implemented, it could take sometime to fix the issue (depending on the process employed by the GOG, and the business decisions) and I am assuming with the recently announced GOG Connect and the issues relating to that, everything else is on low priority.
Posted June 02, 2016
avatar
avatar
Asbeau: Alternatively (2): Chew through the squirrel. It won't help with net privacy but they sure are tasty
Unless the squirrel was genetically modified by the government, in which case you could undergo a mutation, so be careful when chewing strange squirrels.
Posted June 02, 2016
<deleted>
Post edited June 02, 2016 by tacitus59
Posted June 02, 2016
high rated
I also noticed that GOG was needing an extra request to Amazon. I thought they had offloaded their images and other stuff to Amazon's cloud.

avatar
Oh, so that what it is. In that case, I consider this stupid. Performance analysis should be an acessory that should not be intrusive or alter in any significant way the customer's experience.

Yes, this piece of code can track me. If it was hosted by GOG I would not mind as much. As it is, I regret that it appears lazy and unconsidered. I think they should either do without it (as they did before), allow me to ignore it or integrate it into the website.

avatar
Fenixp: I am one of those ... Ehm ... Rare professionals. And the rest of my office. ... Yeah, we're almost extinct.
Then you are likely aware that "You can't trust code that you did not totally create yourself." That was what Ken Thompson said on his Turing Award acceptance speech, which you can read online: [url=https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html]Reflections on Trusting Trust[/url].
You may also be aware of the Underhanded C Contest. JavaScript is in no way immune to this sort of problems. That particular library certainly has many lines of code.

I'm not advocating that we each should implement our tools from zero, but being conscious and aware of possible problems can prevent significant problems down the road. And most of the time we don't even have to sacrifice that much.
By being selective with what you pull from the internet you not only increases the load speed of websites and improve your privacy, but you also reduce your surface area exposed to attacks.
Objectively that cloudfront host is a much juicier target than GOG. That is why hosting it makes more sense.


I think that Lukaszmik could have expressed himself better, but that does not give people the right to make fun of him just because they don't agree with his views. That is very unpolite, and I expected better from this community.
Posted June 05, 2016
avatar
Gede:
Thank you.
Posted June 05, 2016
avatar
donvermo:
Bah we do not need to wait in the future to see the bad effects of data mining.

Online shopping charge users at a higher price if they can build a profile on you.

http://www.wsj.com/articles/SB10001424052702304458604577488822667325882
http://www.johnnyjet.com/2013/02/why-you-should-delete-your-cookies-when-booking-travel/
Pages:
1
2
3
4
5
6
7
This is my favourite topic
Community
General discussionWould you kindly stop with this data-mining crap?(102 posts)(102 posts)
(102 posts)