This DuckDuckGo audit by @purism is a sobering read:
Remember that DuckDuckGo is venture capital-funded which means that they must exit—either become a publicly-traded multi-billion-dollar company (sell to the public) or sell to one of the incumbents.
(What we need is a publicly-funded but independently run search engine. The EU could create such a thing… if they didn’t have they heads firmly entrenched up Silicon Valley’s bumhole.)
@aral @firstname.lastname@example.org @koherecoWatchdog uff, i wouldn‘t call this an audit but an opinion piece. Nevertheless , seeing this put together in a single document is food for thought at least. The first part reads more like a personal attack to the ceo though. How do you „audit“ the motives of a Person?
@lvdd_ @aral If we were auditing a FOSS security tool, then indeed the background & motivations would be irrelevant clutter & opinion. But the audit is of a cloud /service/, where trust cannot be disregarded. It would be reckless not to take history & motives into account when assessing trustworthiness. Weinberg's motives where established by his own words in an interview.
1) A series of allegations with varying quality of sourcing is *not* an audit. As @lvdd_ said, it's just an opinion.
2) It is not the #EU's job to provide commercial services. Not that you'd want them to, considering how useless they are.
3) Fully agree with your observation about the EU having their heads up Silly Valley's arse. Like, guess who runs their cloud infrastructure?
> what is missing though?
Competence (#EU politicians are on the whole functionally illiterate) and willingness (EU politicians are on the whole have beens / never wills enjoying a cozy job courtesy of their national parties).
But to the point: we don't need the EU for this.
That has resulted in the #GaiaX Franco-German project.
For the current state of play in #France, ask anyone here from the #Etalab instance. Or look at page 18 (PDF: 20) here: https://www.modernisation.gouv.fr/sites/default/files/guide_teletravail_et_travail_en_presentiel.pdf
More info: https://www.numerique.gouv.fr/
@0 @purism @lvdd_ @aral 1) it's both fact & opinion & the factual elements are cited. There's nothing wrong w/opinion, even scientific studies have them. There is a bug tracker for lack of citation issues. 2) I don't think Aral implied that the service need be commercial. The EU was handing out grant money a few years ago for decentralization projects. #YaCy would be eligible for that kind of grant.
@koherecoWatchdog @aral @lvdd_ @purism @0 By the way I agree that having outside repos like that on source.puri.sm is confusing and I admit that until now I didn't realize we allowed it. I believe this is simply an oversight in permissions we granted people who requested accounts so they could file bugs and contribute to *our* projects.
It's something we are looking to address now because we don't intend source.puri.sm to be an open-access repository ala Github.
One thing to consider is that the only other freedom-privacy-netneutrality respecting public Gitlab forge is framagit, and they may be shutting down or or restricting access in a few months. Purism could serve to fill that gap. It'd be worth considering keeping it open for like-minded projects even if they aren't related to Purism products.
@kyle As someone who has used the possibility of having my own (forks of) repos at source.puri.sm I would like to say: please don't remove that completely, it really helps a lot for someone who wants to contribute. Maybe forks of existing repos there could still be allowed, just say it's not allowed to have repos for completely separate projects there? It's a shame if it becomes harder to contribute.
@eliasr I totally agree and that was the kind of thing we were going for originally, not expecting (perhaps naively) that it would be abused.
woah, hold on. You're calling the CEAP repo "abuse"? On what basis? That accusation is a bit harsh considering no restrictions are posted anywhere. Reg. page says: "Sign in to create issues, write comments, review contributions, and more."
what's "and more"?
Legal page points to a Cloudflare site: https://source.puri.sm/help/legal/index.md
You can't really call any registrations or repo creations "abuse" until Purism publishes their expectations. Otherwise it's just another framagit to ppl.
@koherecoWatchdog @eliasr That's fair. I didn't really have a better word at hand to use for it and "abuse" is too extreme, especially since, as you say, we didn't publish any restrictions or policies. Maybe "unexpected use" ?
To be fair I wasn't just thinking of this case when I wrote that (although I didn't make that clear in my reply) but was also referring to a lot of the gitlab spam that our administrators have had to deal with as well.
If Gitlab does not give you granular access controls that enable you to block all unwanted activity while not restricting the desirable activity, the the very least you can do is post intentions.
Otherwise it's like having an open wifi with welcoming SSID, and then getting angry when people use it.
@dsfgs @eliasr @kyle Indeed if you use #Gitlab software, it's a good idea to remove non-essential references to gitlab.com. https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-04/msg00041.html
Purism has made that repo private. The public replacement URL is here:
@hankg @purism @aral there are more than 3 choices here: https://codeberg.org/attachments/248b4a4c-101d-47b2-be3f-7c1ffa7ffc88
Personally I found the non profit German based Metager much better.
It has a v3 onion address too which duckduck has updated to yet.
Plus I can become a member with voting rights that's.
Metager and @codeberg
Are too of the actually good democratic EU alternatives out there.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!