4 Matching Annotations
  1. Jul 2017
    1. generate fake FCC filings, or advance their big government agenda.

      Most evidence I've seen online indicates that there's been a fair amount of fake filings from everyone, with the majority of spam likely coming from the "against" side.

      This is (one of the reasons) why it's better to do controlled studies rather than asking people to voluntarily submit their own opinions. Most of the studies I have seen suggest that both Republicans and Democrats broadly support a data agnostic Internet.

    2. Under these regulations, government bureaucrats can decide what websites they can prioritize or punish and what broadband infrastructure investments are worth.

      That is quite literally the opposite of what Network Neutrality does. A common carrier, by definition, does not prioritize or punish any content.

      Net Neutrality advocates want the exact same thing you do - an Internet where no one, even the government, can arbitrarily decide that one website or service gets an artificial competitive advantage over another.

    1. For notifying the user of events (e.g. calendaring sites), the Notifications API should be used.

      That is a heck of a large privilege to grant a site just so it can avoid showing you a popup on the page itself.

    1. And again, this is just checking client-side, third-party JavaScript libraries for known vulnerabilities.

      Which is why this needs to be taken with a grain of salt. These numbers are frightening until you realize how little impact the actual vulnerable parts of code are going to have on most websites.

      Of the jQuery vulnerabilities linked, 4 are XSS attacks and 1 is a denial of server attack against sites that use jQuery to compile templates on the server.

      In all cases, the site is only vulnerable to the extent that it accepts user input and uses it either serverside or clientside across multiple users.

      Do you really think that all of these libraries are doing that? Absolutely, some of them are. But most sites are using jQuery because they don't know how document.querySelectorAll works, not because they're loading user-submitted comments from a server.