If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#31
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/10/2018 20.12, J.O. Aho wrote:
On 10/10/18 7:26 PM, Carlos E.R. wrote: On 10/10/2018 18.02, J.O. Aho wrote: On 10/10/18 2:46 PM, Carlos E.R. wrote: On 10/10/2018 06.45, J.O. Aho wrote: On 10/10/18 12:18 AM, Grant Taylor wrote: On 10/09/2018 03:17 PM, J.O. Aho wrote: then you know the one running the site don't care about your privacy. I disagree. I've run into *WAY* too many … barely competent (I'm being nice) webmasters that don't know that they need to change the TLS certificate. Their competency level does not directly correlate / translate to them not caring about your privacy. I'd bet that a lot of them will say something along the lines of "Oh REDACTED! I need to get this changed.Â* I wish I had known!!!" after browsers drop support for the Symantec CA. I would say it's a poor excuse, the information has been shared by the browser maintainers for a long time. And you assume that they read those? Why? Me, I found out this week. I do, as it's important for my employer that our customer can access our websites. I do spend at least 30 mins a day at work just browsing through article subjects to see if there is something happening that affects us. If you can't spend that time to keep yourself up to date with information, then do you really care about your customers? No, again, that does not follow. I'd pay someone with the knowledge to put up the web. Or use a service out there to create my own web. Hey, computers are just appliances, just like washing machines, they tell us. I do not need to read how they work inside. So you hire who ever, don't care if they are "experts" or some stranger from the streets of Calcutta? You know you get what you pay for, spending a buck or two and you get ****. No, I assume they are competent in their field. Who says I hire a nobody, you? They come with college or university degrees and years of experience. You are different, they pay you to do it. Sure I get paid, in the same way as the one you hire to setup your web site. -- Cheers, Carlos. |
Ads |
#32
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/10/2018 22.22, Andreas Kohlbach wrote:
On Wed, 10 Oct 2018 06:45:40 +0200, J.O. Aho wrote: On 10/10/18 12:18 AM, Grant Taylor wrote: I've run into *WAY* too many … barely competent (I'm being nice) webmasters that don't know that they need to change the TLS certificate. Their competency level does not directly correlate / translate to them not caring about your privacy. I'd bet that a lot of them will say something along the lines of "Oh REDACTED! I need to get this changed.Â* I wish I had known!!!" after browsers drop support for the Symantec CA. I would say it's a poor excuse, the information has been shared by the browser maintainers for a long time. If you manage to miss this for a such long time, you don't really care about anything, you just have a certificate as everyone else has it or there is a regulation that mandates you to have one without really knowing why. IMHO it's the same as not caring. Many don't care and that is okay in my opinion. You also DON'T check with your car dealer if there is a recall or something as customer. You will get informed if that happens. If you are a big corporation then you have a webmaster who likely will learn about this. But if you are a small business you might be you own webmaster and not look up what's going on with certs and other webmaster stuff. You expect you will get informed. What IMO should had happened is that cert issuers inform their customers what is about to hit them. They take care of it or inform their customers what is about to come. Going down the chain until the last authority who deals with certificates updates them. Exactly... It is like telling someone that owns a car that he should know that this particular brand of oil is bad for the car. -- Cheers, Carlos. |
#33
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/10/2018 16.31, Mayayana wrote:
"Carlos E.R." wrote | They pull in a 4.4 MB js file just to do basic things | like load pages from an anchor tag. The internal | links don't work without script! The script is coming | from Cloudfront. They also have Google-Analytics code. | So both Google and Amazon would be tracking me if | I allowed script. | | Is it not possible that those scripts are placed there by some web | designer tool kit out there? You just place the visual things and you | get all the crap besides? | Might be. But it's deeply integrated. Either way: A webmaster with a WYSIWYG toolkit or a webmaster collecting js libraries and code snippets because it's trendy. So many sites now are broken with script and load several MBs worth of that stuff. I think a lot of it is "widgets" that only require simple coding but must have the "library" loaded to use that code. In other words, webmasters who don't actually know how to code what they want. But stuff like Google Analytics and Google tag manager are separate snippets, deliberately added to the page. The site I detailed had Google Analytics, probably because they don't know how to process their own server logs to track visitors. So they let Google spy in exchange for a traffic report. I know of small sites that simply hire the space somewhere, and it is the hosters who puts the commercials, not the person that wrote the site, the real content. And nowdays having commercials to make some revenue and pay the hosting means all the google things. -- Cheers, Carlos. |
#34
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 2018-10-10, Andreas Kohlbach wrote:
On Wed, 10 Oct 2018 06:45:40 +0200, J.O. Aho wrote: On 10/10/18 12:18 AM, Grant Taylor wrote: I've run into *WAY* too many … barely competent (I'm being nice) webmasters that don't know that they need to change the TLS certificate. Their competency level does not directly correlate / translate to them not caring about your privacy. I'd bet that a lot of them will say something along the lines of "Oh REDACTED! I need to get this changed.Â* I wish I had known!!!" after browsers drop support for the Symantec CA. I would say it's a poor excuse, the information has been shared by the browser maintainers for a long time. If you manage to miss this for a such long time, you don't really care about anything, you just have a certificate as everyone else has it or there is a regulation that mandates you to have one without really knowing why. IMHO it's the same as not caring. Many don't care and that is okay in my opinion. You also DON'T check with your car dealer if there is a recall or something as customer. You will get informed if that happens. If you are a big corporation then you have a webmaster who likely will learn about this. But if you are a small business you might be you own webmaster and not look up what's going on with certs and other webmaster stuff. You expect you will get informed. What IMO should had happened is that cert issuers inform their customers what is about to hit them. They take care of it or inform their customers what is about to come. Going down the chain until the last authority who deals with certificates updates them. The cert issuer is incompetent. That is why they are being shut out. You expect them to notify customers that they are incompetent? |
#35
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/10/18 13:55, Mayayana wrote:
Anyone who knows enough to paste in Google tracking code has a basic idea of what's going on. No, they dont. In genereal websites are generated by computer illiterate 'creatives' who just use 'frameworks' of other peoples code and bugger with it till it looks good enough to get paid for. They have zero clue about code efficiency, privacy or whatever. They just use a template to include google **** because the customer asked them to because *she* gets money and stats for so doing, and SHE doesnt have a clue either. -- "First, find out who are the people you can not criticise. They are your oppressors." - George Orwell |
#36
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/10/18 15:10, Carlos E.R. wrote:
On 10/10/2018 14.55, Mayayana wrote: Last night I visited a site I found in a Michael Pollan book: csp.org. Council on Spiritual Practices. They're some kind of clearing house for ideas about psychedelic drugs and religious experience. Sounded interesting. It's people who want to experience life more fully, deeply and joyfully. And they think there might be a correlation between what chemicals like psilocybin do and what advanced meditation techniques do. A bit of a 60s, consumer-goes- shopping-for-spirituality-on-sale rehash. But I was curious what they're up to. Ironically, their webpage was entirely broken. Entirely unnecessarily. And they don't care about your privacy. They pull in a 4.4 MB js file just to do basic things like load pages from an anchor tag. The internal links don't work without script! The script is coming from Cloudfront. They also have Google-Analytics code. So both Google and Amazon would be tracking me if I allowed script. Is it not possible that those scripts are placed there by some web designer tool kit out there? You just place the visual things and you get all the crap besides? Exactly. Wordpress, Joomla, et al. You import their **** and you build using high level tools that rely on low level libraries that are often not even hosted on your server. -- "Nature does not give up the winter because people dislike the cold." ― Confucius |
#37
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 11/10/2018 15.24, Mayayana wrote:
"The Natural Philosopher" wrote | Anyone who knows enough | to paste in Google tracking code has a basic idea | of what's going on. | | No, they dont. | | In genereal websites are generated by computer illiterate 'creatives' | who just use 'frameworks' of other peoples code I think we all agree on that. As you clearly put it above, they're pulling in vast piles of external code. Its changing the definition of a webpage. But adding Google Analytics is a couple of lines that one specifically pastes in to get Google visitor reports. Pasting in Google Tag Manager is specifically done as part of advertising strategies. Those are not the same as the gobs of so-called libraries used to add pizzazz by WYSIWYG webmasters. In the example I gave, the page writer is using overproduced crap from Amazon, probably for the reason you detailed: They can make it look professional with a WYSIWYG editor tool. But they also, separately, added Google Analytics for tracking. That doesn't just show up by accident because people don't know what they're doing. It shows up because they want visitor tracking and don't care about your privacy. Not necessarily. Maybe they think different about privacy and don't consider it important. Like not thinking that doing this: "By choosing "I agree" below, you agree that NPR's sites use cookies, similar tracking and storage technologies, and information about the device you use to access our sites to enhance your viewing, listening and user experience, personalize content, personalize messages from NPR's sponsors, provide social media features, and analyze NPR's traffic. This information is shared with social media services, sponsorship, analytics and other third-party service providers." .... harms your privacy. After all, they are not asking for a nude photo of you. -- Cheers, Carlos. |
#38
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
"Carlos E.R." wrote
| It shows up because they want visitor | tracking and don't care about your privacy. | | Not necessarily. Maybe they think different about privacy and don't | consider it important. | Well, I guess I can't disagree with someone who argues with me by asserting my own point. I think you missed your calling in the field of law. |
#39
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 10/11/2018 2:40 PM, Andreas Kohlbach wrote:
On Wed, 10 Oct 2018 21:14:17 -0000 (UTC), William Unruh wrote: On 2018-10-10, Andreas Kohlbach wrote: On Wed, 10 Oct 2018 06:45:40 +0200, J.O. Aho wrote: I would say it's a poor excuse, the information has been shared by the browser maintainers for a long time. If you manage to miss this for a such long time, you don't really care about anything, you just have a certificate as everyone else has it or there is a regulation that mandates you to have one without really knowing why. IMHO it's the same as not caring. Many don't care and that is okay in my opinion. You also DON'T check with your car dealer if there is a recall or something as customer. You will get informed if that happens. If you are a big corporation then you have a webmaster who likely will learn about this. But if you are a small business you might be you own webmaster and not look up what's going on with certs and other webmaster stuff. You expect you will get informed. What IMO should had happened is that cert issuers inform their customers what is about to hit them. They take care of it or inform their customers what is about to come. Going down the chain until the last authority who deals with certificates updates them. The cert issuer is incompetent. That is why they are being shut out. You expect them to notify customers that they are incompetent? I understood that you, me and 70 year old grandma Gladys must know that the ISP of their private web site hasn't updated the certificate and take action like moving it elsewhere. As much as I agree with Chrome's need to do this I feel that way too many of the older crowd are going to see it as a failure of Chrome. Who knows how many people are going to switch to what ever browser lets them still access the sites they are used to... |
#40
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 2018-10-11, Andreas Kohlbach wrote:
On Wed, 10 Oct 2018 21:14:17 -0000 (UTC), William Unruh wrote: On 2018-10-10, Andreas Kohlbach wrote: On Wed, 10 Oct 2018 06:45:40 +0200, J.O. Aho wrote: I would say it's a poor excuse, the information has been shared by the browser maintainers for a long time. If you manage to miss this for a such long time, you don't really care about anything, you just have a certificate as everyone else has it or there is a regulation that mandates you to have one without really knowing why. IMHO it's the same as not caring. Many don't care and that is okay in my opinion. You also DON'T check with your car dealer if there is a recall or something as customer. You will get informed if that happens. If you are a big corporation then you have a webmaster who likely will learn about this. But if you are a small business you might be you own webmaster and not look up what's going on with certs and other webmaster stuff. You expect you will get informed. What IMO should had happened is that cert issuers inform their customers what is about to hit them. They take care of it or inform their customers what is about to come. Going down the chain until the last authority who deals with certificates updates them. The cert issuer is incompetent. That is why they are being shut out. You expect them to notify customers that they are incompetent? I understood that you, me and 70 year old grandma Gladys must know that the ISP of their private web site hasn't updated the certificate and take action like moving it elsewhere. All I am saying is that it is not to the cert issuer that one should look for a solution, or even notification. Maybe your web host is. |
#41
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
On 11/10/2018 20.12, Mayayana wrote:
"Carlos E.R." wrote | It shows up because they want visitor | tracking and don't care about your privacy. | | Not necessarily. Maybe they think different about privacy and don't | consider it important. | Well, I guess I can't disagree with someone who argues with me by asserting my own point. I think you missed your calling in the field of law. Well, English is not my first language, maybe I misunderstood. -- Cheers, Carlos. |
#42
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 On Thu, 11 Oct 2018 09:24:30 -0400 "Mayayana" wrote: I'm periodically getting a redirect from NPR.org to a page that insists I choose to allow them to spy on me. Have you tried: o https://thin.npr.org It's a no-graphics, no-script, text-only version of the NPR website that was set up for use during the hurricane season when many viewers' Internet bandwidth was likely to be severely restricted during bad weather and recovery from it. - -- .. Be Seeing You, .. Chuck Rhode, Sheboygan, WI, USA .. Weather: http://LacusVeris.com/WX .. 38° — Wind WNW 8 mph — Sky overcast. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlvBSskACgkQYNv8YqSjllLRsQCeMle2dm/DRs8e3vkjGjYDu7sg 1q4An3+qc+i+B4tGvY3ilpEQJf2AAJD9 =djBx -----END PGP SIGNATURE----- |
#43
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
"Chuck Rhode" wrote
| | I'm periodically getting a redirect from NPR.org to a | page that insists I choose to allow them to spy on me. | | Have you tried: | | o https://thin.npr.org | | It's a no-graphics, no-script, text-only version of the NPR website | that was set up for use during the hurricane season when many viewers' | Internet bandwidth was likely to be severely restricted during bad | weather and recovery from it. | Actually a text-only version is the option for anyone who doesn't want to accept the spying. Your link redirects to it: text.npr.org. There are two buttons on their "please accept our spying" page. One, requiring script, is to agree to spying. The other, to reject spying, sends one to the blank page with about 8 plain links. Each link then goes to a text-only story page. That's not really so bad. Most of the pictures used on news sites are of little or no value to the story. At best, on a major news site, a story about Trump will probably at least have a picture of Trump. So it *seems* sort of visual. Often it's not relevant at all. An article at a tech site about, say, Microsoft might just have a photo of a keyboard -- something easy and royalty-free to make it look like the article comes with pictures. But it really doesn't. And I often end up turning off CSS on sites because the design of most has become horrendous. With 18-20px text and triple spacing, many sites are all but unreadable without CSS disabled. But still, NPR's dual option feels like a bit of a tantrum on their part: "Oh, you don't like spying? OK, wiseguy. See how you like this stripped down version!" Apparently they hope people will relent and decide they'd rather allow spying than to be cast into the dreary graphical world of Internet circa 1996. |
#44
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 On Fri, 12 Oct 2018 22:05:55 -0400 "Mayayana" wrote: the dreary graphical world of Internet circa 1996. Hah! I was surprised how good Navigator looked compared to green-screen terminals. I still am. We ought to remember where we've been and offer a little tribute to our forebearers from time to time. After all, *html* was the basis for all that has come along since. Somebody needs to close the circle and make plain gray backgrounds fashionable again. - -- .. Be Seeing You, .. Chuck Rhode, Sheboygan, WI, USA .. Weather: http://LacusVeris.com/WX .. 28° — Wind SSW 3 mph -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlvB5+QACgkQYNv8YqSjllIcygCdGY76MxF8iI 7wplU4+zEPwQOr BVkAnirIJE56sgq6mgT4gztfnaZnCwEL =1X7g -----END PGP SIGNATURE----- |
#45
|
|||
|
|||
With Chrome 70, hundreds of popular websites are about to break
"Chuck Rhode" wrote
| | the dreary graphical world of Internet circa 1996. | | Hah! I was surprised how good Navigator looked compared to | green-screen terminals. I still am. | | We ought to remember where we've been and offer a little tribute to | our forebearers from time to time. After all, *html* was the basis | for all that has come along since. Somebody needs to close the circle | and make plain gray backgrounds fashionable again. | Yes. I wouldn't mind a bit if no-nonsense design became fashionable. But no-nonsense design doesn't have to be bad design, or lack of it. Actually, I see very little in terms of design these days. It's more like a sales flyer meets Miracle Mile: Lots of white space, imprudent font properties, pages that break without script, and *lots* of flashing lights and jumping around if script is enabled. I've even had to block a lot of CSS just to stop pointless movement while I'm trying to read. I've got all this in my userContent.css file for Firefox and Pale Moon: /* stop CSS animation */ * {transform: none !important; -moz-transform: none !important; transition-property: none !important; -moz-transition-property: none !important; -moz-transition-duration: none !important; animation: none !important; -moz-animation: none !important; -webkit-animation: none !important;} :before {display: none !important;} :after {display: none !important;} The top section was mostly to stop forced slideshows. The latter two lines are to stop clever inventions like jiggling, chartreuse ooze wrapping text characters. But with their text-only page NPR have gone out of their way to make it unattractive. There's no CSS at all, link lines are jammed up next to each other vertically, and unlike the normal page, there's no blurb describing each link. None of that needs to be left out for a text-only version. A 1 KB page can afford to be 2 KB. If someone on a slow connection can load a 100 KB article they can certainly handle 1 KB of formatting and descriptions on the homepage. It's just spiteful on the part of NPR. And probably deliberately misleading -- hoping that people will be fooled into believing that what they're presenting is the inevitable result of eliminating "modern technologies" like script, cookies and spying. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|