I’ll admit this feature should have definitely been opt-in. But when the update came out there was a big pop-up on your screen when you logged in. Where you just turned all of this off and hit save. It is super easy to disable.
The sharing what I watch with friends part is dumb. But it is pretty cool how you can recommend stuff to friends.
I followed the instructions and opted out yet I’m still seeing what my users watched along with getting emails listing the same. I’m certain none of my users are interested in this and likely skipped through the pop-up without reading/comprehending it.
I got the pop up. I disabled it. But I just got an email from Plex telling me everything my family member watched in the last week. This is complete shit!!
I thought I was opting out of my account and my server. But nope, Plex is scraping up everything that’s on my server and shipping it in an email to other people including me.
It’s not perfect, but at least you’re only seeing others’ activity.
There’s hopefully a “discover” email notification you can disable. I haven’t been bothered enough to check yet. Worst case, it could be filtered out pretty easily.
This is where you clearly see Apple is all about privacy posturing and not much about actual privacy.
If they really cared about their customers’ privacy, they would require notification servers registered with APN to push notifications encrypted with a key that only the recipient apps have the private key to. This would be true end-to-end encryption, and Apple would only relay encrypted notifications across, enabling them to deny all subpoenas and any kind of snooping requests from law enforcement on the simple basis that they plain can’t even decode the notifications in the first place.
The very fact that they do have access to the notifications in clear-text is undeniable evidence that they actively want and do collaborate with law enforcement.
Meaning Apple’s stance on privacy is utter BS - something anybody with a modicum of critical thinking suspected from the start, but now the evidence is crystal-clear.
This is a win indeed, but what people don’t see is that most times “exaggerated and abrasive” regulation like that is only proposed to hide up other clauses and proposals that are equally bad or even worse - get the public distracted and thinking they made a difference and that the EU listens to them.
Another thing that people miss, and that most Americans folks would lose their minds about while reading this, is the fact that eIDAS also brings an unique electronic identification for each European citizen company, “a digital solution for proof of identity of citizens or organizations” backed by asymmetric cryptography with the end game of replacing paper documents.
To be fair this isn’t a new thing, most countries in Europe already provide standardized smartcards as citizen identity cards that use asymmetric cryptography so you can electronically sign documents and login to gov services with them. Said signatures have legal value and in some cases - such as lawyers and doctors - you’re required to sign documents and prescriptions with the card. eIDAS just pushed it even further.
Just imagine the potential for a govt/EU to revoke your oficial / legal identity at any time :)
regulation like that is only proposed to hide up other clauses and proposals that are equally bad or even worse - get the public distracted and thinking they made a difference
But IMO this bit was superfluous POV. An alternative theory is that nobody is secretly scheming to do anything, least of all the chaotic EU apparatus, and that most politicians are not experts and they are simply responding to various competing stimuli, as humans do. Notably elections and media hype and lobbyists. Personally I don’t get why so many people attribute to malice what can easily be explained by incompetence, but whatever, I’m in the minority and that’s fine.
Interesting detail about the eID certificates. You’re right that Americans will find this crazy in the way that we Europeans might not. Perhaps Americans are right.
An alternative theory is that nobody is secretly scheming to do anything, least of all the chaotic EU apparatus, and that most politicians are not experts and they are simply responding to various competing stimuli, as humans do. Notably elections and media hype and lobbyists.
Yeah that’s a very big possibility for the state of the EU, I’m not gonna deny it.
You’re right that Americans will find this crazy in the way that we Europeans might not. Perhaps Americans are right.
Yes, I’ve seen a TON of American propaganda and people flipping out about central / govt issued IDs, driving licenses and whatnot. I also know that most US states use still use rudimentary paper-only documents to identify citizens… I mean the situation is so bad that even Apple is trying to digitize them.
Meanwhile here in Europe most countries / people have smartcards (that in some cases combine multiple documents, like the actual ID, social security ID, tax number, driving license etc.) and are using it to login to govt websites and to sign documents. It’s just crazy fun to see that in the US there are tons of companies offering ways to digitally sign documents in “a safe way” and even again, Apple, creating the means to scan a signature while here those things have little to no value and people are required to actually use their identity cards to sign docs. lol
Yes the PDF-“signing” mascarade is beyond ridiculous but that’s definitely a thing in Europe too, certainly France and Germany. Maybe only for private businesses at this point, yeah. Personally I have a whole production line up and ready for photoshopping sigs and initials and even handwritten dates onto PDFs in order to comply with dumb instructions. It’s as if a handwritten signature, even in PNG form, has a magical superpower to make a document authentic. A bit like the security theater at entrances to buildings and transport. What’s important is to go through the motions of securing something, to prove that you really want it to be secure, rather than actually to secure it. A rite, basically.
But yes, having said all that, the alternative is maybe even worse! We’re gonna find out.
It’s as if a handwritten signature, even in PNG form, has a magical superpower to make a document authentic. A bit like the security theater at entrances to buildings and transport.
While Germany cards doesn’t seem to have a digital / smartcard component, French ones do. In Portugal and Spain at least you’re required to sign digital documents with your identity card, using a smartcard reader + a small utility app provided by the gov. Only those have legal value and this is enforced. Scanned handwritten signatures have zero value, and I know this also applied for other EU countries.
A government doesn’t need to take away your papers to deny you its services.
Yes, people just need to be dumb enough to vote the typical half communist and half socialist parties to power and they’ll take care of ruining public services for everyone in equal measure. :)
Seems someone doesn’t understand how OAuth works. It does not automatically give full access to your social media accounts, location history, and device cameras as the video says.
Using the Google button for instance will tell you exactly what permissions are being requested every time you login. Generally, it will be name, email, language, and sometimes profile picture. Aside from the profile picture you would give all the same information anyway to create an account. At least with OAuth there is no worry about passwords, especially for people who don’t have good password practices and reuse passwords between different sites.
I’ve always had this question. When I login with Google, I know what data the website will get from my Google account. But what data can Google get from the website and my usage of it, if any? (besides, of course, that I have an account on said website).
What caught me most off guard was him saying that OAuth somehow grants sites access to your camera. That's a permission controlled by the browser and not at all related to OAuth.
And this is why having true ownership over our own devices is so important, so that they can’t force this on everyone and if they try, we just replace the root certs.
This is why “trusted computing” has been pushed for so long, to remove control from the user specifically to enable bullshit like this
Even if it’s as simple as choosing which Root CA’s we want to trust, how many people will know to do that and be able to do that? A couple percent at most.
Of course we need full ownership of our devices, and trusted computing has always referred to the trust of for-profit corporations, but this in itself doesn’t help the vast majority of people who either don’t know that they’re compromised, think they have nothing to hide, are unable to do anything about it, or a mix of all three.
Privacy and security are already a privilege. Proposals like eIDAS only make it even more unaccessible.
privacy
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.