Jump to content

Bartholomew Gallacher

Resident
  • Posts

    21
  • Joined

  • Last visited

Everything posted by Bartholomew Gallacher

  1. And here you got it wrong: if really somebody files a complaint at a DPA, which is taking its job seriously and really thinks they need to act, first thing they would do is go to the hosting provider and ask who's paying for that machine.
  2. And here I disagree. The site is using Cloudflare as service. Cloudflare is really everywhere on the web nowadays, mostly as CDN as well reverse proxy to real web servers to offer security, most notably protection against DDoS attacks. You might be aware about this here, this is Cloudflare in action: Also Cloudflare is running a DoH DNS server, which is the default in Firefox and some others. They are a company offering tons of services to anyone for free. This always is suspicious, and indicates that you are not the customer, but the product. In other words I don't trust Cloudflare at all, and they are probably a big data collector and hoarder. And since they are everywhere, they can collect tons of data about you without you even noticing it. They are in the position to do it, and I am pretty sure they do it. This is why I view using Cloudflare's CDN without notice as very problematic. Anyway talking about the GDPR: the GDPR also gives users the right to request and get a copy of all their data saved on a web site.
  3. Well, might be that most people don't care about it. My take on it is simple: Primfeed's aim is to be a fully fledged social network including adult rated material, so over time it will gain more and more data automatically. So this become over time a very big pile of data, some of it might be very sensitve, which could be used/mined for all types of purposes. On top of it since additional services are being offered so it is a business site. So meeting the legal minimum meaning knowing who is running the show, where my data might get exposed/is being shared with, which data is being collected etc. is stuff that I want to know. Especially the part "Primfeed does not share or sell any information to third parties." is probably true, but then again also only half the picture. What is not being told is that Primfeed used different 3rd party services, and is exposing my IP address/web browser to them. Cloudflare recently came into the focus when their DNS over HTTPS (DoH) Server became the default without upfront notice in Mozilla Firefox. Let's just say many people were not happy about that suddenly Cloudflare was put into a position to log every DNS query of them without them knowing before reading some articles. Also Bert Hubert ranted against is with passion: https://labs.ripe.net/author/bert_hubert/centralised-doh-is-bad-for-privacy-in-2019-and-beyond/ So when viewing pictures over cdn.primfeed.com my IP clearly gets exposed to Cloudflare systems, who are doing whatever they want do with it. At least I would like to know about that without having to take a look at Live HTTP Headers. When using the Feedback system https://canny.io/sdk.js is being invoked, so a Javascript. So again being exposed to another 3rd party system, which is delivering a script for whatever purpose I do not nothing know about because not mentioned in the ToS. Again I should ideally know about why again. To make it clear: I am not against using CDNs or other stuff a site owner wants/needs to run the show; but I want to be informed about it, namely which 3rd party services are being used for specifically what purpose, which clearly is not happening in the ToS/data protection paragraph of Primfeed.
  4. Hi, another "negative nelly" here. IMHO you should add 3 more points to your list, namely: 1. Undisclosed usage of Cloudflare Using Live HTTP Headers it clearly shows that Cloudflare is being part of the internal infrastructure of the system. The IP address of cdn.primfeed.com is 104.26.8.111 and does clearly belong to Cloudflare (Check: https://search.arin.net/rdap/?query=104.26.8.111). This means that Cloudflare is at least used here as CDN. Having said that, the usage of Cloudflare is something which under EU legislation must be disclosed and as well explained in the ToS, which clearly is missing right now. 2. Undisclosed usage of Canny.io This is the system powering the feedback page. Even when just watching primfeed.com it is being called frequently. Therefore the same like above for Cloudflare does apply. 3. Missing cookie banner on landing page Another must under the legislation of the EU: people must be informed upfront about the usage of cookies, be given a choice and have to approve it. This is clearly missing as well.
  5. Well when running such a site there are always several different aspects you need to pay attention to. Technical wise it is a really great achievement Luke has done here, no doubt about it. Also the way he's steering it, and quite transparent about changes and developments is great. But that's only one of the important aspects when doing such a thing. The other most important one is to abide the law. ToS looks to be resolved by now, just tested it with a new account. The other thing are legal mentionings. Here I strongly disagree with the identity being shrouded in a mist of obscurity. This site is meant to be a social network, so lots of sensitive data is being saved and accumulated over the time here. There's a reason why law is like it is. And the least thing people can expect is to know who is running the show, not by avatar name only but how the law requires it to be by my understanding. Going with this to authorities would be just *****ting on the carpet, and malicious. I've adressed my worries, that's enough for me. Take it or leave it.
  6. My AV scanner is turned off. The previous FS release works normal in terms of rezzing speed while the PBR does not. As matter of fact I've decided to just throw the PBR FS version in the bin and wait for the next one coming out sometime. And frankly said: I am convinced that you think the PBR FS was not rushed. But when talking to my friends more than enough are not exactly happy campers with the less than stellar experience it gives at the moment, for many it is a huge step backwards. In other words too many of them are having issues with it, and see it as "just another FS release with major new features one should skip until the major bugfix release comes out." Since too many people in my friend circle are not happy with it, but complaining I do believe otherwise: the release was rushed, because the LL viewer only has a miniscule market share, so that LL really depends on Firestorm to roll out their newest and shiniest features on order to put them on track. And since it was pushed so quickly out before SL21B, this really just makes this train of thought very much plausible.
  7. I am totally disappointed with the Firestorm PBR release. Rezzing now takes 4x longer than it did before, and is a PITA. I switched back to an older version, because this release is too annoying. It just feels like it was rushed out so that for SL21B all people finally can bath in the PBR glory, because the LL viewer market share is so low. And rushed with no regard given on the amount of bugs it still has in it.
  8. Sounds like the OP wants to pipe all imagery through DLSS. Ah yeah that must be it.
  9. And now for some stuff I do consider as legal pitfalls: No approval of ToS required to use the system: when creating an account I have to approve the ToS. When just using "Login with in-world code", which enables me to use the platform using my SL identity without having a prior account on Primfeed, there is no ToS tick mark in that dialogue. Undisclosed identity: by my understanding of the GDPR the name of data controller must be disclosed. This includes real name including address plus way of contact. Since this is within Luke Rowley's authority he is by my understanding the data controller. Furthermore also by French law the real name, address and way of contact must be mentioned by my understanding on the web site (Source: https://www.economie.gouv.fr/entreprises/site-internet-mentions-obligatoires).
  10. 30 days is in full compliance with the GDPR, just look here: https://www.edpb.europa.eu/sme-data-protection-guide/faq-frequently-asked-questions/answer/how-do-i-respond-request-erasure_en The GDPR states that deletion requests should be answered with no undue delay, but at latest 30 days after reception of the request. Of course yes, having just such a button in the account management system of the platform would make life easier for everybody.
  11. Oh the Lindens had such a thing in the past and its name was Avatars United. This was acquired around 2010 by Linden Lab. It was a social network for avatars. After a few months Linden Lab shut down the public network, and integrated the technic into Second Life as web profiles and such.
  12. Hahaha before you make such statements you really should first have taken the time to look me up on Flickr. The simple answer is: no, because I don't do Flickr and I don't make pictures in SL! I don't like walled gardens and data silos. To me Primfeed is just another walled garden, like so many others out there. Its just leaving one walled garden to seek refuge in another one is something, which kind of seems paradoxical to me because nobody knows what the future might bring some day. Personally I prefer to run stuff, which is important to me, on my own. If I would see the need for a pixel dump of my own I would probably use either Pixelfed or Friendica.
  13. And here's now why Primfeed at the moment is no dropin alternative for free Flickr accounts: with free Flickr accounts you can upload high resolution images to your hearts content. Primfeed on the other hand at the moment only allows 1500x1500 pixels, which I totally do understand because HDD space comes with a price tag, backup space even more so. At least the more ambitious and aware Flickr users will definitely want more than that artificial limit. Luke Rowley knows that, that's why it is there as motivation for subscriptions. But: they can also just give their money to Flickr, and SHAZAM - stuff becomes visible again, because partial nudity is allowed with pro accounts on Flickr. Furthermore the subcription fee with Pixelfeed is roughly in the same range as Flickr is. My point is: these people don't give money to Flickr for reasons, so why should they do it suddenly with Primfeed?
  14. Somewhere during 2007. I still remember being on the beta grid back then, I've never seen so many Lindens at the same place and same time ever after this again.
  15. If you want my sympathy for that your business is now running down the hill, go looking somewhere else. Business is business, it sometimes calls for tough decision and sympathy brings you nowhere. Linden Lab understands this good enough, because they are still in business. So the question is do you? Whatever.
  16. A welcome and long ov Well Linden Lab has always been acting that way. Welcome to Second Life! Furthermore: the only constant in business is constant change. If you are unable to adapt and it hurts you, then it's your fault to have not diversified your income streams in time upfront.
  17. Oh this is wrong on so many levels, really... first of all Opensim does not scale well. It's pretty much unlikely that with the current code base it would be possible to run a grid as large as SL on Opensim base. Then Opensim has stuff, which SL has not and sounds good in theory, in reality it's just an utter mess. Like Hypergrid teleports, three or so different iterations around, and all of them have their own set of problems which lead to a big fragmentation of the Opensim space. Indeed something which SL has not, but fragmentation makes it painful to use and pretty useless. And of course there's stuff SL has, which Opensim has not, like a good and quick physics engine. SL uses Havok, Opensim's physics engines are really low quality compared to that. SL has pathfinding, which Opensim has not. And most of all Opensim is was too fragmented overall, and has not really a lot of people. So that's the most important thing SL has which Opensim has not: lots of people. Nice try of derailing, but no one forgets about that. It's not about that LL tries to make money, which always is quite clear in that world. It's about that they are increasing fees in a type of manner and scale which is completely unparalleled before without providing any visible added value to the platform, so it just makes them look like the money grabbers which at the moment they are.
  18. I don't care with which quirky and skewed lie fairy tale justification the lab might come up with in order to justify this increase. For me this is just pure money grabbing, nothing more and nothing less. I am unwilling to buy any L$ at all as long as this ridiculous scheme is in place!
  19. It's good that it has finally been launched, by the price tag coming with it is just ridiculously overpriced. Especially for something which you would get 10 years ago for free, and nobody asked for its removal back then anyway. It's pure insolence. LL should have instead made it maximum around the average price of a common state of the art mesh head or body for every resident, and cutting the fee in half if you got three month or longer premium status. Something like that. For comparison: if you want to rename one of your characters in Blizzard's cash cow MMORPG World of Warcraft you've got to pay 10US$ for it.
×
×
  • Create New...