In addition, if the option, An administrator must always approve the comment, is set in Administration > Settings > Discussion, this e-mail address will receive notification that the comment is being held for moderation. Please note this is different than the address you supplied for the admin user account; the admin account e-mail address is sent an e-mail only when someone submits a comment to a post by admin.

Measure your success by engagement not the number of followers.

No need for DatabaseCleaner (rolling back transactions are usually faster than truncate).

The Paradox of Abundance: The average quality of information is getting worse and worse. But the best stuff is getting better and better. Markets of abundance are simultaneously bad for the median consumer but good for conscious consumers

Sometimes, the line between 'bug' and 'feature' is a hard one to draw. Generally, a feature is anything that adds new behavior, while a bug is anything that causes incorrect behavior. Sometimes, the core team will have to make a judgment call.

“allow/deny are simply clearer terms” — now that’s an actual, technically useful argument.

but it launched with a plethora of issues that resulted in users rejecting it early on. Edge has since struggled to gain traction, thanks to its continued instability and lack of mindshare, from users and web developers.

I know you acknowledged your response was late and you're just trying to help but please don't resurrect very old threads.

Using OpenBTS, which we will be including in FreedomBox soon, and with cheap additional hardware, a FreedomBox can talk directly to GSM handsets, to provide alternatives to commercial mobile services.

The app was still stuck in beta testing years after its debut, and the creators had to ignore bug reports and feature requests due to the limited resources.

Some large tech behemoths could hypothetically shoulder the enormous financial burden of handling hundreds of new lawsuits if they suddenly became responsible for the random things their users say, but it would not be possible for a small nonprofit like Signal to continue to operate within the United States. Tech companies and organizations may be forced to relocate, and new startups may choose to begin in other countries instead.

Bad people will always be motivated to go the extra mile to do bad things.

Meanwhile, criminals would just continue to use widely available (but less convenient) software to jump through hoops and keep having encrypted conversations.

As billions of conversations transition online over the coming weeks and months, the widespread adoption of end-to-end encryption has never been more vital to national security and to the privacy of citizens in countries around the world.

Proponents of this bill are quick to claim that end-to-end encryption isn’t the target. These arguments are disingenuous both because of the way that the bill is structured and the people who are involved.

For a political body that devotes a lot of attention to national security, the implicit threat of revoking Section 230 protection from organizations that implement end-to-end encryption is both troubling and confusing. Signal is recommended by the United States military. It is routinely used by senators and their staff. American allies in the EU Commission are Signal users too. End-to-end encryption is fundamental to the safety, security, and privacy of conversations worldwide.

The EARN IT act turns Section 230 protection into a hypocritical bargaining chip. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee “best practices” that are extraordinarily unlikely to allow end-to-end encryption. Anyone who doesn’t comply with these recommendations will lose their Section 230 protection.

Matrix provides state-of-the-art end-to-end-encryption via the Olm and Megolm cryptographic ratchets. This ensures that only the intended recipients can ever decrypt your messages, while warning if any unexpected devices are added to the conversation.

More than two billion users exchange an unimaginable volume of end-to-end encrypted messages on WhatsApp each day. And unless an endpoint (phone) is compromised, or those chats are backed-up into accessible cloud platforms, neither owner Facebook nor law enforcement has a copy of those encryption keys.

users will not want to see data mining expanding across their WhatsApp metadata. But if that’s the price to maintain encryption, one can assume it will be a relatively easy sell for most users.

Security agency frustration at the lack of lawful interception for encrypted messaging is understandable, but the problem with global over-the-top platforms is that once those weaknesses are inbuilt, they become potentially available to bad actors as well as good.

They also argue that it cannot fall to them to determine good actors from bad—not all governments are forces for good, and who decides how each one should be treated.

“End-to-end encryption,” NSA says, “is encrypted all the way from sender to recipient(s) without being intelligible to servers or other services along the way... Only the originator of the message and the intended recipients should be able to see the unencrypted content. Strong end-to-end encryption is dependent on keys being distributed carefully.” So, no backdoors then.

On April 24, the U.S. National Security Agency published an advisory document on the security of popular messaging and video conferencing platforms. The NSA document “provides a snapshot of best practices,” it says, “coordinated with the Department of Homeland Security.” The NSA goes on to say that it “provides simple, actionable, considerations for individual government users—allowing its workforce to operate remotely using personal devices when deemed to be in the best interests of the health and welfare of its workforce and the nation.” Again somewhat awkwardly, the NSA awarded top marks to WhatsApp, Wickr and Signal, the three platforms that are the strongest advocates of end-to-end message encryption. Just to emphasize the point, the first criteria against which NSA marked the various platforms was, you guessed it, end-to-end encryption.

And while all major tech platforms deploying end-to-end encryption argue against weakening their security, Facebook has become the champion-in-chief fighting against government moves, supported by Apple and others.

While this debate has been raging for a year, the current “EARN-IT’ bill working its way through the U.S. legislative process is the biggest test yet for the survival of end-to-end encryption in its current form. In short, this would enforce best practices on the industry to “prevent, reduce and respond to” illicit material. There is no way they can do that without breaking their own encryption. QED.

One thing that would certainly be a game-changer would be some form of standardized RCS end-to-end encryption that allows secure messages to be sent outside Google Messages.

You should not use a messaging platform that is not end-to-end encrypted, it really is as simple as that.

The answer, of course, is end-to-end encryption. The way this works is to remove any “man-in-the-middle” vulnerabilities by encrypting messages from endpoint to endpoint, with only the sender and recipient holding the decryption key. This level of messaging security was pushed into the mass-market by WhatsApp, and has now become a standard feature of every other decent platform.

Despite its opposition, EARN-IT is the clearest threat yet to end-to-end encryption, given this clever twist in pushing the onus onto the platforms to avoid transmitting illegal content, rather than mandating a lawful interception approach.

The US president has claimed the social media platform is "interfering in the 2020 presidential election" and "completely stifling FREE SPEECH" after it added a warning to two of his tweets on Tuesday.

OK, so what about regular messages? Turns out they are not encrypted after all. Where Signal implements the security and privacy protocols right from the start, Telegram separates the two and offers an additional option. The problem is that not everyone is aware of the Secret Chat option and first-time users may send sensitive information in the regular chat window unknowingly.

“We have a responsibility to protect your data,” said Zuckerburg, in March. “And if we can’t, then we don’t deserve to serve you.”

“End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them.

Just like Blackberry, WhatsApp has claimed that they are end to end encrypted but in fact that is not trueWhatsApp (and Blackberry) decrypt all your texts on their servers and they can read everything you say to anyone and everyoneThey (and Blackberry) then re-encrypt your messages, to send them to the recipient, so that your messages look like they were encrypted the entire time, when in fact they were not

The only messaging app that has been proven, by an independent authoritative agency, is Apple’s Messages app (which uses Apple’s iMessage protocol that is truly end to end encrypted, Apple cannot read any of your texts which means that no one can read any of your texts)

content Gray Hat Python

Not merge the values of the keys.

GitLab will perform a reverse deep merge based on the keys

It’s an alternative to using YAML anchors and is a little more flexible and readable

Because the conditional connectives thus complicate the formal reasoning about programs, they are better avoided.

there’s 3 steps to building software: Make it work Make it right Make it fast

“Make it right” means that the code is maintainable and easy to change. Humans can read it, not just computers. New engineers can easily add functionality to the code. When there’s a defect, it is easy to isolate and correct.

In the examples below, we are using Docker images tags to specify a specific version, such as docker:19.03.8. If tags like docker:stable are used, you have no control over what version is going to be used and this can lead to unpredictable behavior, especially when new versions are released.

Moreover, common search practices miss information in the deep web—the parts of the web not indexed by standard commercial search engines

To understand and be understood, those are among life’s greatest gifts, and every interaction is an opportunity to exchange them.

Sometimes plugins can conflict with a theme or with each other.  Disable all your plugins and see if the problem persists. If everything is working once the plugins were disabled it means there's a conflict with a plugin or maybe even a set of plugins. Enable the plugins one by one to identify the one that is creating the conflict.

Right click on the /wp-content/plugins folder and rename it plugins.old. This will deactivate all of the plugins. In most cases, this will also lock the WordPress admin area as well.  You will still be able to perform these steps from within the File Manager.Reactivate the plugins folder by following the above instructions and renaming the folder plugins. This will allow you to reactivate each plugin individually to isolate the offending plugin and resolve the 500 Internal Server Error.  This should also allow access to the WordPress Dashboard again. From the WordPress Dashboard: Reactivate each plugin (one at a time) and refresh the website to see if the issue has been resolved.

“Extraordinary Commonplaces,” Robert Darnton

Now personal data exports include users session information and users location data from the community events widget. Plus, a table of contents!See progress as you process export and erasure requests through the privacy tools.

Given the massive amount of stars it had acquired on Github and the fairly quick and easy setup, it seemed very promising. When it comes down to its isomorphic functionality, it’s hard to match. But when it we started using the static export features, we were dropped on our faces with a very ungraceful transition from isomorphic to static that came with a cold side of faulty hot-reloading, strange routing strategies and highly bloated bundles:

To be fully compliant with GDPR, you would also need to enable Show Reject All Button setting.

managing yourself and others.

Requested Dormant Username Enter the username you would like to request, without the preceding URL (e.g., "User" instead of "gitlab.com/User")

The GitLab.com support team does offer support for: Account specific issues (unable to log in, GDPR, etc.) Broken features/states for specific users or repositories Issues with GitLab.com availability

Technical and general support for those using our free options is “Community First”. Like many other free SaaS products, users are first directed to find support in community sources such as the following:

Out of Scope The following details what is outside of the scope of support for self-managed instances with a license.

For general questions, use cases, or anything else that does not fit into one of the above cases, please post in the GitLab Forum or on a third-party help site.

If you're in a paid tier on GitLab.com or GitLab Self-managed, you're entitled to Support. Please open a support ticket after reviewing our Statement of Support

If you're a free user on GitLab.com and are having one of the following specific issues please file a support ticket after reviewing the Free Plan Users Section in our Statement of Support

Account Support If you haven't received your confirmation email, you can request to resend your confirmation instructions via our confirmation page.

We're closing the Support Forum issue tracker in favor of the Community Forum and support channels. We recognize that the Support Forum issue tracker has not received much attention in the last few months, and want to redirect our community members to locations that are regularly monitored by GitLab staff. As a result, this issue will be moved to the GitLab product issue tracker and triaged there.

What I think we're lacking is proper tooling, or at least the knowledge of it. I don't know what most people use to write Git commits, but concepts like interactive staging, rebasing, squashing, and fixup commits are very daunting with Git on the CLI, unless you know really well what you're doing. We should do a better job at learning people how to use tools like Git Tower (to give just one example) to rewrite Git history, and to produce nice Git commits.

These two are in my opinion the most problematic — the basically go against each other. Typically, I try to work in increments over a feature and commit when I reach whatever techinical milestone I want to "checkpoint" at. It can also be out of the need to expose some idea or architecture and push it.

If we can encourage people to create clean commits as they go, the example as you showed above should be far less common, because cleaning up such history as an after-math is most of the time almost impossible.

I think this goes against the Keep It Simple mentality and the Low Level Of Shame that we should have when we contribute.

With a recognisable, ever present icon, user's can easily manage their consent at any time.

Many also question how the average user with little knowledge of the GDPR will react to being asked so many questions regarding consent. Will they be confused? Probably at first. It will be up to each business to create a consent form that is easy to understand, while being at the same time comprehensive and informative

to remove the force or effectiveness of

If you update your pages and push to github, people revisiting the pages who have already got cached copies will not get the new pages without actually cleaning their browser cache. How can a script running in a page determine that it is stale and force an update?

for me it was because the browser use cached data(old styles) so i opend other brwser

The "'strict-dynamic'" source expression aims to make Content Security Policy simpler to deploy for existing applications who have a high degree of confidence in the scripts they load directly, but low confidence in their ability to provide a reasonable list of resources to load up front.

Although it can minimize the overhead of third-party tags, it also makes it trivial for anyone with credentials to add costly tags.

A "tag" is a snippet of code that allows digital marketing teams to collect data, set cookies or integrate third-party content like social media widgets into a site.

Eric Schmidt, former Google CEO and Chairman, famously said “Google’s policy on a lot of these things is to get right up to the creepy line, but not cross it.” But for most people, that line was crossed by Google, Facebook, and others long ago.

This depends on the legal jurisdiction applicable to your site.

Consent means offering individuals real choice and control. Genuine consent should put individuals in charge, build trust and engagement, and enhance your reputation.

Instead of having a task like “write an outline of the first chapter,” you have a task like “find notes which seem relevant.” Each step feels doable. This is an executable strategy (see Executable strategy).

However, since problems are only addressed when they arise, maintenance is reactive rather than proactive. Small problems left unaddressed can balloon into major failures due to focus on cost.

What a lot of people don't realize is that a source control system is a communication tool. It allows Scarlett to see what other people on the team are doing. With frequent integrations, not just is she alerted right away when there are conflicts, she's also more aware of what everyone is up to, and how the codebase is evolving. We're less like individuals hacking away independently and more like a team working together.

Google encouraging site admins to put reCaptcha all over their sites, and then sharing the resulting risk scores with those admins is great for security, Perona thinks, because he says it “gives site owners more control and visibility over what’s going on” with potential scammer and bot attacks, and the system will give admins more accurate scores than if reCaptcha is only using data from a single webpage to analyze user behavior. But there’s the trade-off. “It makes sense and makes it more user-friendly, but it also gives Google more data,”

For instance, Google’s reCaptcha cookie follows the same logic of the Facebook “like” button when it’s embedded in other websites—it gives that site some social media functionality, but it also lets Facebook know that you’re there.

examples, listing both the conventional systems and their counterpart systems: Conventional schooling Home schooling Encyclopedia Britannica Wikipedia Microsoft Office Open Office Taxicabs Uber Hotel chains Airbnb Big-box stores Ebay National currency Cryptocurrency

Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.

It’s always best practice to either simply follow the most robust legislations or to check the local anti-spam requirements specific to where your recipients are based.

In the EU, the ePrivacy directive sets overall guidelines that are individually implemented by member states

Under the FTC’s CAN-SPAM Act, you do not need consent prior to adding users located in the US to your mailing list or sending them commercial messages, however, it is mandatory that you provide users with a clear means of opting out of further contact.

Be clear and unambiguous. The average user should be easily able to understand what they’re consenting to;

they sought to eliminate data controllers and processors acting without appropriate permission, leaving citizens with no control as their personal data was transferred to third parties and beyond

the compelling legitimate interests pursued

While there are no legal precedents to spell out specifically what the actual terms mean, it can be interpreted from the testimony of people like Professor Mark Lemley from Stanford University, in front of the United States Senate Committee on the Judiciary that the individual terms are defined as follows

“Until CR 1.0 there was no effective privacy standard or requirement for recording consent in a common format and providing people with a receipt they can reuse for data rights.  Individuals could not track their consents or monitor how their information was processed or know who to hold accountable in the event of a breach of their privacy,” said Colin Wallis, executive director, Kantara Initiative.  “CR 1.0 changes the game.  A consent receipt promises to put the power back into the hands of the individual and, together with its supporting API — the consent receipt generator — is an innovative mechanism for businesses to comply with upcoming GDPR requirements.  For the first time individuals and organizations will be able to maintain and manage permissions for personal data.”

Its purpose is to decrease the reliance on privacy policies and enhance the ability for people to share and control personal information.

make it as easy to withdraw consent as to give it. The latter gets particularly interesting when considering that in some contexts, consent may be obtained “through only one mouse-click, swipe or keystroke” and therefore “data subjects must, in practice, be able to withdraw that consent equally as easily” per the WP29.

it is a question of balance — if one mouse-click was all it took to consent, is it appropriate to require a phone call during business hours to withdraw that consent? Probably not.

You have the right to withdraw from this contract within 14 days without giving any reason.

a person can withdraw from research at any point of time and it is no binding of participant to reveal the reason of discontinuation

This exemption is may not be applicable for all regions and is therefore subject to specific local regulations.

An entity not established in the EU offers goods or services (even if the offer is for free) to people in the EU. The entity can be government agencies, private/public companies, individuals and non-profits;

In the US, there is no single comprehensive national body of data regulations; there are, however, various laws on a state level as well as industry guidelines and specific federal laws in place. Since online site/app activity is rarely limited to just one state, it’s always best to adhere to the strictest applicable regulations.

Determining your law of reference Generally, the laws of a particular region apply if: You base your operations there; or You use processing services or servers based in the region; or Your service targets users from that region This effectively means that regional regulations may apply to you and/or your business whether you’re located in the region or not. For that reason, it’s always advisable that you approach your data processing activities with the strictest applicable regulations in mind.

they’ve contested its accuracy

This scope effectively covers almost all companies and, therefore, means that the GDPR can apply to you whether your organization is based in the EU or not. As a matter of fact, this PwC survey showed that the GDPR is a top data protection priority for up to 92 percent of U.S. companies surveyed.

it buys, receives, sells, or shares the personal information of 50,000 or more consumers annually for the business’ commercial purposes. Since IP addresses fall under what is considered personal data — and “commercial purposes” simply means to advance commercial or economic interests — it is likely that any website with at least 50k unique visits per year from California falls within this scope.