fsebugoutzone.org:9999

       Post ASVZ3D8wIZAcWZBozQ by filippo@abyssdomain.expert
 (DIR) More posts by filippo@abyssdomain.expert
 (DIR) Post #ASTN3ribqwMkbHV3Wy by filippo@abyssdomain.expert
       2023-02-08T13:59:49Z
       
       0 likes, 1 repeats
       
       Very excited to see Russ Cox&#39;s transparent telemetry proposal. It has a few fundamental properties that make it very different from current alternatives, and I think it makes a good model for open-source projects.It&#39;s simple enough to get an intuition for its privacy profile, and powerful enough to get important signals.https://research.swtch.com/telemetry-intro
       
 (DIR) Post #ASVZ3BLcyQ8CxL6vUO by filippo@abyssdomain.expert
       2023-02-09T00:18:43Z
       
       0 likes, 0 repeats
       
       It&#39;s sad to see a lot of pushback to this proposal come in the form of &quot;clever&quot; quips about Google.@arp242@github.com has a good take on Go vs Google, which is something I&#39;ve always wanted to talk about but always assumed would not be well received coming from me.Having a broken mental model of the &quot;other side&quot; doesn&#39;t help anyone&#39;s cause. It just leads to talking past each other.https://github.com/golang/go/discussions/58409#discussioncomment-4909183
       
 (DIR) Post #ASVZ3Bxug4kws51VAG by filippo@abyssdomain.expert
       2023-02-09T13:45:35Z
       
       0 likes, 0 repeats
       
       I&#39;ve read a lot of the feedback to the transparent telemetry proposal over the past 24h, and I&#39;m disappointed.This is a large unconventional design, there are a lot of tradeoffs worth discussing and details to explore. When Russ showed it to me I made at least a dozen suggestions and many got implemented.Instead: all opt-out telemetry is unethical; Google is evil; this is not needed. No one even argued why publishing any of *this* data could be a problem.Reminds me of Searchtodon feedback.
       
 (DIR) Post #ASVZ3CVEgBPYXQc76W by tedted@hachyderm.io
       2023-02-09T14:33:54Z
       
       0 likes, 0 repeats
       
       @filippo The knee-jerk reaction is sad. At the same time, seeing a proposal for telemetry in an entirely new context, without mentioning anything about serious privacy-enhancing techniques with formal guarantees… That&#39;s pretty disappointing, especially coming from Google.Your comment prompted me to post on the GitHub issue, though I don&#39;t know how optimistic I am that this is more useful than shouting into a void: https://github.com/golang/go/discussions/58409?sort=top#discussioncomment-4919511
       
 (DIR) Post #ASVZ3D8wIZAcWZBozQ by filippo@abyssdomain.expert
       2023-02-09T15:04:09Z
       
       0 likes, 0 repeats
       
       @tedted Thank you for posting that! I&#39;ll let Russ address it, hoping he can see it in the volume of responses, but I want to mention that we discussed differential privacy solutions. The two reasons I like this better for Go are: 1) differential privacy gets weaker as you add correlated datapoints, which is something we&#39;d have to keep in mind every time we add a new metric; and 2) this design doesn&#39;t have any &quot;toxic waste&quot;, everything gets published, it doesn&#39;t rely on deletion or non-collusion.
       
 (DIR) Post #ASVZ3E2axdgpJBEGjw by Rucknium@pleroma.rucknium.me
       2023-02-09T16:10:20.084098Z
       
       0 likes, 0 repeats
       
       @filippo @tedted &quot;Don&#39;t roll your own cryptography&quot; is an accepted guideline in software development. When will &quot;Don&#39;t roll your own statistics [especially when user #privacy is potentially at risk]&quot; be accepted? Most software developers and computer scientists only know enough #statistics to be dangerous. Have a statistician review this Go telemetry proposal. https://github.com/golang/go/discussions/58409
       
 (DIR) Post #ASVZ3FLm5ocrMxD6H2 by tedted@hachyderm.io
       2023-02-09T14:56:52Z
       
       0 likes, 0 repeats
       
       @filippo From a privacy perspective, the entire story boils down to &quot;we are removing identifiers&quot; and &quot;we are sampling the data&quot;. Like, c&#39;mon. It&#39;s 2023, and you have some of the best experts in the world on your payroll for this kind of stuff.
       
 (DIR) Post #ASb5HfLKY6K6UTc3Ae by ljrk@todon.eu
       2023-02-09T14:40:44Z
       
       0 likes, 0 repeats
       
       @filippo I don&#39;t think that people believe in Google being a homogeneous entity.  That&#39;s not it.  Due its structure, even if now good-natured, Google *can* take ownership to quite a vast degree.  We just had literally this with Twitter:  One change of leadership can be all that&#39;s required.And regarding data collection in general:   I see a culture clash b/w US-centric and EU-centric data approaches.  And I&#39;m firmly on the EU side of &quot;least possible data&quot;.  If *any* data beyond the technical requirement is collected about me, I want to be explicitly opting *in* to that.  The US mentality is to be ok with all data collection as long as it&#39;s not &quot;sensitive enough&quot; (or not yet proven to be sensitive).What&#39;s the problem with opt-in telemetry?  If we&#39;re frank:  Only that many more people would not opt-in.  Because they don&#39;t want to.  This means that all we do by making telemetry (or anything) opt-out is try hiding the option to turn it off and hoping we get more data through that.And if anything is unethical, then this.
       
 (DIR) Post #ASb5HfokmhrJxjNY24 by filippo@abyssdomain.expert
       2023-02-09T15:11:04Z
       
       0 likes, 0 repeats
       
       @ljrk &gt; Only that many more people would not opt-in.  Because they don&#39;t want to.Strong disagree. Most people don&#39;t care. If opt-out inaction is not agreeing with the default, why would opt-in inaction be? It&#39;s contradictory.Anyway, I agree we should discuss &quot;what capabilities does this give to a potential future leadership?&quot; What I don&#39;t like is that no one is doing that. I think this design gives nothing to a potential Elon Musk. No one is debating that, though :(
       
 (DIR) Post #ASb5HgMmkB55fHIj4q by khm@mastodon.sdf.org
       2023-02-10T08:23:04Z
       
       0 likes, 0 repeats
       
       @filippo Absolutely amazing how we need telemetry to understand what our users want but we don&#39;t seem to need telemetry to know whether most people care.What capabilities does this give future leadership?  Normalized surveillance.  There&#39;s no way you don&#39;t already know that; it&#39;s literally Google&#39;s business model.
       
 (DIR) Post #ASb5Hgo56gup1w4Wci by zenhack@mastodon.xyz
       2023-02-12T01:28:26Z
       
       1 likes, 0 repeats
       
       @khm @filippo to inject some data into the question of whether people care about data collection:https://www.pewresearch.org/fact-tank/2019/11/15/key-takeaways-on-americans-views-about-privacy-surveillance-and-data-sharing/TL;DR: they do, and are NOT ok with it. But they don&#39;t feel they have any control, so why bother? Caveat: it&#39;s a survey of Americans, not Go devs, so not the exact demographic.I have more sympathy for the Go team than much of what I&#39;ve seen; it&#39;s clear Russ put a lot of thought into the design. I don&#39;t think it&#39;s *malicious.* But it doesn&#39;t obviate affirmative consent.
       
 (DIR) Post #ASrl6Q1GUDw8NquCkC by delta_vee@mstdn.ca
       2023-02-09T14:02:00Z
       
       0 likes, 1 repeats
       
       @filippo I think these reactions are direct consequences of large tech companies squandering user trust. Any given proposal isn&#39;t seen on its own, but as yet another bait to be switched later, yet another data source to feed into the maw of machine learning.Quite frankly, regardless of the merits, it might be necessary to pull back on data collection of any kind for a while, until more trust can be rebuilt. I know I for one would prefer more local tools.