7 Matching Annotations
  1. May 2020
    1. Related concepts in other fields are: In natural language, the coordinating conjunction "and". In programming languages, the short-circuit and control structure. In set theory, intersection. In predicate logic, universal quantification.

      Strictly speaking, are these examples of dualities (https://en.wikipedia.org/wiki/Duality_(mathematics))? Or can I only, at strongest, say they are analogous (a looser coonection)?

    1. ssh-add <(echo "$PRIVATE_KEY")

      Does this have any advantage over simply saving that key to a key file under ~/.ssh?

      Like they do on https://stackoverflow.com/a/61944004/47185:

      mv "$DEPLOY_KEY_PRIVATE" ~/.ssh/id_rsa
      
    1. Mojofication, Onion Souping, and the Network Service.

      What is Mojofication?

      What is Onion Souping?

    1. The consent provided by the user is saved in some cookies within the host page’s domain. By verifying the presence or the absence of these cookies you can determine whether the user has given their consent or not.

      But how do you check if they've given consent to a specific category??

    1. Make it clear that signing up is optional. Consent must be “freely given”; you may not coerce users into joining your mailing list or make it appear as if joining the list is mandatory. For this reason, you must make it clear that signing up is optional. This is especially relevant in cases where you offer free white-papers (or e-books) for download. While the user’s email address is required for the delivery of the service, signing up for your newsletter is not. In such a case, you must not make it appear as if signing-up to the newsletter list mandatory and must make it clear that it is optional.

      Question (answer below)

      Are they saying that it's not allowed to make signing up for a mailing list a precondition/requirement for anything? This was surprising to me.

      So if you have a newsletter sign-up page that sends a digital bonus gift (like an e-book) to new subscribers, are required to completely change/repurpose your "newsletter sign-up page" into a "download e-book page" (that has an optional checkbox to also sign up for the newsletter, if you want)? That seems dumb to me, since it requires completely reversing the purpose of the page — which was, in my mind, primarily about signing up for the newsletter, with a bonus (an essentially optional one) thrown in for those who do so. Are you required to either repurpose it like that or remove the free bonus offer that would be sent to new subscribers?

      The irony of this is that it requires websites that have a newsletter sign-up page like that to change it into a "newsletter sign-up page" where the newsletter sign-up part is optional. Which make you look kind of stupid, making a page that claims to be one thing but doesn't necessarily do what it says it's for.

      Does this mean, in effect, that you may not lawfully provide any sort of incentive or reward for signing up for something (like a mailing list)? As long as it's very clear that some action is required before delivery of some thing, I don't see why this sort of thing should not be permitted? Would this fall under contract law? And as such, wouldn't such a contract be allowed and valid? Are mailing lists a special class of [service] that has special requirements like this? Or is it part of a broader category to which this requirement applies more generally?

      Why is requiring the user to provide an email address before they can download a digital reward allowed but not requiring signing up to a mailing list? Why isn't it required that even the email address be optional to provide? (To answer my own question, probably because it's allowed to allow a user to request a specific thing to be sent via email, and an email address is required in order to fulfill that request. But...) It seems that the website could just provide a direct link to download it via HTTP/FTP/etc. as an option for users that chose not to provide an email address. (But should they be required to provide that option anytime they / just because they provide the option to have the same thing delivered via email?)

      Answer

      Looks like my question was answered below:

      Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.

      So the case I described, where it is made very clear that the incentive that is offered is conditional on subscribing, is listed as an exception to the general rule. That's good; it should be allowed.

  2. Apr 2020
    1. Chrome first sends an encrypted, 3-byte hash of your username to Google, where it is compared to Google's list of compromised usernames. If there's a match, your local computer is sent a database of every potentially matching username and password in the bad credentials list

      Why do they only send password matches if username also matches?? A password should be deemed compromised and never used again if the password is found in a breach/paste anywhere, even if in connection with a different username/email.