XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Fri Dec 14, 2018 4:45 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 78 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
PostPosted: Mon Jun 04, 2018 5:51 am 
Offline
User avatar

Joined: Sun Nov 27, 2011 1:55 pm
Posts: 2220
Anonymous wrote:
Completely shutting down the site would solve the problem because all the personal data would be deleted. This is, however, not a good solution.

Instead, BDAqua is taking over official management of the site. This is convenient because if some raving European bureaucrat wishes to sue...

- Anonymous


Huzzah!

Thank you Anon and BDA and everyone else involved in preventing a shut-down.
I was already beginning to suffer from withdrawal symptoms.

(I hope it's OK to post here - nothing seems to be stopping me except the note above)

_________________
Mrs H


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 8:08 am 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
Yes, the privacy policy needs a bit of updating because it was semi-automatically generated by a tool that creates such things. I guess it included the shopping cart bit because all web sites have shopping carts or something. I don't actually mind that much. The point of a privacy policy is to cover your ass, so it's good to put in all kinds of absurd BS that you're never, not in a 1000 years, actually going to do, but then if you mess up somehow at least there's some clause in the privacy policy to cover it. Fortunately no one reads these things anyway, so it probably doesn't matter much.

This site's current privacy policy is wildly divergent from the reality of what this site actually tries to do with personal data, but all that divergence is focused on saying we do terrible things that we don't actually do, so all is good.

- Anonymous


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 9:48 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10197
Location: Caught between the moon and NYC
Oh. I figured it was a copy & paste from some other site's GDPR policy, one that included a shopping cart.

They recently updated the terms & conditions of Kerbal Space Program that includes Take2's boilerplate terms & conditions including things that completely don't apply to it (e.g. multiplayer), leading to torches and pitchforks and wailing and gnashing of teeth. I honestly don't care all that much, though I did read through it and mentally highlight all the things that completely never applied or will ever apply to KSP. I might have pointed out one of them in the announcement of the change.


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 12:36 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
In a not so awfully humorous, or maybe it is awfully humorous, a way to fall asleep using GDPR...

https://www.theverge.com/2018/6/3/17413 ... -jefferson

No luck on taking full responsibility yet. :(


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 1:33 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
Whois records should be in your name, at least internally at the registrar: they're whoisguard protected so you're not inundated with spam. You'll probably be getting an email to your gmail account asking you to click a link to confirm the change.

- Anonymous


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 1:43 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
I got that email, but the link is missing... forwarded it to you @704.net.

And clicking the link below that asking for user & PW that Im not sure of.


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 4:08 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
The link is down at the bottom of the email. It'll be something like "http://raa.namecheap.com/ConfirmProfile.aspx?VerificationKey=<some uuid>", but the link has expired by now so I'll resend it this evening.

I'll separately send you a piece of paper by snail mail with the account management details if you've lost track of that info in the days since this incarnation of the forum was reborn (we have rebuilt a few times).

- Anonymous


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 4:51 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
Thanks Anon.
Quote:
Please click the link below to verify the Registrant email address and confirm the change request. You have until 06/11/2018 to verify the email address. After 06/11/2018, the request will be canceled and no changes to the Registrant contact details will be processed.

Please note that if your domain name was registered less than 15 days ago, you need to verify your contact details within 15 days from the registration date. If you don't complete verification within the specified timeframe, your domain will be suspended.


Click here to verify your email address.

If the above link does not work, please copy and paste the following URL into an open web browser to complete the verification process:

There is no "above link/click here" as far as I can see, but below this is a link like you mention but requires some login details I'm not sure of.


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 5:30 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
It should be further down. Do a text search for "raa.namecheap.com" -- it's just below "if the above link does not work, please copy and paste..." with no login required.

I'd post a screen shot, but only have your forwarded email on my phone.

The link has, however, expired by now so I'll need to resend either way.

- Anonymous


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 8:09 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
I've reapplied those whois changes...

- Anonymous


Top
 Profile  
 
PostPosted: Mon Jun 04, 2018 9:29 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
The privacy policy has been updated!

https://x704.net/bbs/viewtopic.php?f=3& ... 94#p108794

- Anonymous


Top
 Profile  
 
PostPosted: Tue Jun 05, 2018 5:27 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
This time the lower link worked without needing login... thanks again.


Top
 Profile  
 
PostPosted: Tue Jun 05, 2018 12:51 pm 
Offline
User avatar

Joined: Sun Nov 27, 2011 1:55 pm
Posts: 2220
Anonymous wrote:
The privacy policy has been updated!

https://x704.net/bbs/viewtopic.php?f=3& ... 94#p108794

- Anonymous


I actually read a lot of it.
Gets more entertaining the further into the document I got.

(I noticed a typo - do you care?)

_________________
Mrs H


Top
 Profile  
 
PostPosted: Tue Jun 05, 2018 2:54 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
Mrs H wrote:
(I noticed a typo - do you care?)

In all truth, no. But I'm supposed to care, so let's pretend I do. Of course that opens a whole can of worms: on that basis I should probably re-read it to figure out whether or not it makes any sense at all, never mind the typos.

Edit: have re-read and made minor, non-substantive, changes.

- Anonymous


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 8:15 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6304
Location: NYC
Pop-ups gone! :coffee:


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 10:03 am 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
...or so you think, bwahahaha! :fishsmack:

In order to track that you've allowed your personal data to be hoovered up for every imaginable nefarious purpose, such as voluntarily posting things that may at your sole discretion identify you, and that you've allowed the site to set cookies, it sets cookies. As soon as you clear your cookies, you'll be pointlessly harassed to once again acquiesce to such monstrous notions are reading your IP address.

Perhaps the authors of the GDRP simply don't realize that without sending your IP address you cannot communicate over the Internet!? And that logging is pretty much a requirement for any site? Just like the authors of the cookie notification law didn't realize that HTTP is a stateless protocol and without cookies it's IMPOSSIBLE, yes literally impossible, to log in or have a session on a web site? I'm really not sure about that, since for purposes of the law a "cookie" is anything that allows you to track state, not just limited to conventional browser cookies, so it's almost like they had some inkling of a clue. So did it all come about out of well-meaning ignorance? Malice? Bureaucratic bikeshedding? Or "octogenarian lawmakers who couldn't use a mouse"*? Does it even matter? Is the irony of using a cookie to track whether or not users can be tracked by setting cookies completely lost on these people?

Fuck me.

- Anonymous

* And no, that was a premature announcement: the cookie law is definitely not dead. Like any flesh dripping zombie it always rises again after unloading three magazines in to its shambling corpse.


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 10:15 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6304
Location: NYC
Quote:
As soon as you clear your cookies, you'll be pointlessly harassed to once again acquiesce to such monstrous notions are reading your IP address.

Cookies cleared--as I do regularly-- but still no popup. Did I misunderstand? Great links, btw, especially bikeshedding. Never knew that one. Haven't and never will take the time to read the full GDPR--barely pay attention to the available summaries (probably applies to 99% of affected website owners), but what perfect bureaucratic idiocy.

Quote:
“In a fully developed bureaucracy there is nobody left with whom one can argue, to whom one can present grievances, on whom the pressures of power can be exerted. Bureaucracy is the form of government in which everybody is deprived of political freedom, of the power to act; for the rule by Nobody is not no-rule, and where all are equally powerless, we have a tyranny without a tyrant.” -Hannah Arendt*




*Don't want to trivialize what she wrote; she obviously had in mind far more sinister forms of bureaucracy than the one governing Internet privacy.


Last edited by WZZZ on Wed Jun 06, 2018 10:45 am, edited 2 times in total.

Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 10:41 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
LOL, bikeshedding... I think in simpler days we'd've called it "Busy Work". :)


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 11:49 am 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
It's also possible that you've disabled JavaScript for this site. The popups are actually JavaScript "confirm" dialog boxes because they were easy to add to the header of the most popular (Default) theme without retooling the entire site in some obscure way, despite the fact that you can 100% avoid them by simply not running JS. You can also change your theme to something other than subsilver2 and avoid them, but you probably won't be able to do so without logging in, which requires cookies.

- Anonymous


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 12:04 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6304
Location: NYC
Will check again when back on Mac, but both with Mac and now iPad with iCab mobile, JS is allowed. In fact, with iCab, no way to disable JS. Theme is usual subsilver 2.

Edit btw, perfectly ok by me if it stays this way.


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 1:24 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
Here's a fun one: the GDPR doesn't allow you to block access for not allowing cookies, but requires that you obtain consent to set cookies, but in order to know that consent was obtained you have to set a cookie, which if not allowed will prevent you from accessing the site because the display of the cookie opt-in depends on the existence of a cookie, which will then be a violation of the GDPR.

- Anonymous


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 1:33 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15246
Somebody should ask them how their "roundabouts" would work with no entrances or exits! :bonk:


Top
 Profile  
 
PostPosted: Wed Jun 06, 2018 3:56 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
After dozens of hours of reading, the issue that still concerns the most in terms of basic operation of the site (although there are lots of other things that are nearly impossible to comply with) is that the site primarily handles unstructured data. For example, WZZZ could hypothetically post a photo of a cool looking building in Berlin, and in front of that building could be Bob Schmutz getting out of his red car with a distinctive "I love cats" bumper sticker on it. Bob's face isn't visible, but since the building happens to be a herpes treatment clinic, and since Bob could be identified by his very distinctive bumper sticker, this site is now on the hook for widely sharing and failing to protect highly sensitive personal data, along with a vast raft of obligations to Bob even though we never wanted his data and don't know we have it.

Or perhaps as a more mundane example, Bob simply registers for this site, posts something that qualifies as personal data about himself, like the fact that he has the only red car in Berlin with a particular distinctive bumper sticker, later quoted by another user, then five years pass and Bob gets pissed off about something and demands we delete all traces of him, which we cant do because we can't identify that the quote relates to Bob -- yet someone browsing the site might be able to figure it out.

Literally anything could be lurking in a decade of forum comments posing GDPR risk that cannot be assessed in any sane way.

With that mechanism the GDPR has the effect of outlawing forum sites, or any sites that are built on long-lived user posts, uploads, or comments. So it appears that you can turn your site in to 4chan (since the comments/posts get killed very quickly), or you have to stop accepting visitor-contributed content, or you have to just hope no random comment or upload happens to refer to personal data directly or tangentially -- where even if you read and carefully assess absolutely everything hitting the site you still couldn't know that no personal data were present with any confidence because separate pieces of otherwise innocuous data might be combined to become personal data in the future.

The final choice is to hope you don't get sued/fined to oblivion, ignore the extraterritorial law, make an honest effort not to serve people from/in countries subject to it, and as a last resort hope that US courts won't find personal jurisdiction to serve a European judgement on you if someone does attempt to fine/sue you in to oblivion.

- Anonymous


Top
 Profile  
 
PostPosted: Thu Jun 07, 2018 7:25 am 
Offline
User avatar

Joined: Sun Nov 27, 2011 1:55 pm
Posts: 2220
Anonymous wrote:
It's also possible that you've disabled JavaScript for this site. The popups are actually JavaScript "confirm" dialog boxes ... you can 100% avoid them by simply not running JS...

- Anonymous


I don't get the pop-ups on Firefox.
I keep JS disabled until I get here and then enable JS via NoScript. I don't get the pop-ups after I enable JS.
I got them days ago on Safari, but no more.

_________________
Mrs H


Top
 Profile  
 
PostPosted: Thu Jun 07, 2018 11:37 am 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9927
Location: North of the State of Jefferson
The "I agreed" cookies is good for two years, so if you don't regularly purge cookies you should be fine on that count as well. The popup code is, however, in the site header so unless you log in without JS, change your theme, and only then turn on JS, you should still see it if you don't have the cookie.

Oh, and just so you know it's not just this site:
https://forums.macrumors.com/threads/gd ... r.2120084/

- Anonymous


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 78 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group