![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
LJ -> DW? (poll)
Lately, every time LJ pushes a new update they break legibility and accessibility a little more. This is becoming a problem. It's beyond my ability to correct with browser adaptations.
One of the reasons I haven't moved over to DreamWidth is that a lot of the people I interact with are still here. I'm concerned that y'all might not comment as much if I went there (you can log in with OpenID, but that may be a barrier to some), and the discussions in comments are a lot of the value of LJ to me. I don't need to post my stuff out into the silent void for my own amusement.
If I move there, then I could use Dreamwidth's cross-poster to post entries here too (to make it easy on my remaining LJ readers). Doing that requires giving DW my LJ password, which might cause some people to want to remove me from some or all of their filters, an outcome I don't want. (You're not just trusting me any more; you're trusting DW.) Since you all aren't moving to DW with me, I'd still need to come here to read the LJ-only people; what access would the cross-poster cost me?
So, poll time!
[Poll #1902385]
One of the reasons I haven't moved over to DreamWidth is that a lot of the people I interact with are still here. I'm concerned that y'all might not comment as much if I went there (you can log in with OpenID, but that may be a barrier to some), and the discussions in comments are a lot of the value of LJ to me. I don't need to post my stuff out into the silent void for my own amusement.
If I move there, then I could use Dreamwidth's cross-poster to post entries here too (to make it easy on my remaining LJ readers). Doing that requires giving DW my LJ password, which might cause some people to want to remove me from some or all of their filters, an outcome I don't want. (You're not just trusting me any more; you're trusting DW.) Since you all aren't moving to DW with me, I'd still need to come here to read the LJ-only people; what access would the cross-poster cost me?
So, poll time!
[Poll #1902385]
no subject
How is a rec based on personal knowledge of a person's goodness or kindness or honesty different than, say, discouraging someone from shopping at Wal-Mart (a corporation that is, after all, a person according to the US Supreme Court) because it's a bad corporate citizen? Or Whole Foods because of what the CEO has espoused re health care and the like?
We make decisions all the time on whether or not we "like" some person or some entity or some color, e.g. I might say, "This company is dedicated to re-investing its profits into the community so I like them and choose to spend my money with them" or "This person who is running this company is trampling on their workers' rights so I don't like them and choose not to spend my money with them".
How is that different than my saying "I know the people behind Dreamwidth and they are good and honest and kind and nice and supportive of what they believe in so I choose to support them?"
My apologies to
no subject
What you did above was precisely not encouraging people to "support" a business because you approve of their business practices, and is not at all analogous to the cases you bring up.
Let us recap. The OP raises the issue of security for her collaterals of using a feature that spreads risk beyond herself. Your response is, "I can assure you that your password is completely safe with them, as much as such a thing is possible", which is:
1) False. It is an unsolved technological problem, how to store passwords securely with a third party. I have no idea if you have the technical chops to follow that discussion, but the upshot is that the way encryption works, the party ultimately authenticated against (in the case of the DW->LJ crossposter, LJ) can be secure in a way no third party (i.e. DW) you store your password with can ever be. The character of the people involves is immaterial in the face of the math of hard-to-factor numbers: until there is a technological solution it will always be less secure to provide your LJ password to DW. Your LJ password cannot be stolen from LJ; if you use the DW crossposter, your LJ password can be stolen from DW.
2) Misleading, which I assume is because you didn't understand the previous and were sharing from your ignorance. You assumed the risk in the crossposter is one thing, and it's actually something else. You assumed the risk was of the people running the crossposter being bad people who do nefarious things. While that is a risk, it's not only not the only one, it's not even a primary one.
3) Shuts down a discussion about security concerns. Let's get back to your proposed analogies. You wrote: That's a statement about a thing that the company does or has done. Behavior. Deeds. Your other examples are also about things companies and highly placed company reps do, but instead of commendations, they are criticisms. In all cases, your proposed analogs are, "Here are some facts to factor into your decision how/whether to do business with this business, and this is the conclusion I encourage you to consider."
Well, (A) nobody was discussing whether to do business with DW. It was a discussion whether to use a specific feature of their software with problematic security ramifications. "The founders are great people" may be an argument for doing business with a company, but it is an appallingly misleading response to the question of whether to use a feature with negative security ramifications.
And (B) you made it about character, not actions. Oh, you raised actions too, in the next paragraph, but none of them had anything to do with their conduct around security. If you had written, instead, "I think the founders are fabulous people with great integrity because they instituted the following security practices around storing passwords: [list]", I would still have plenty to argue with you about, but that would at least have some integrity of its own.
What you did -- telling someone not to be concerned about the security implications to collaterals of using a known problematic software affordance, because in your personal opinion the authors are great folks -- is a hair's breadth from emotional blackmail: "What's wrong, don't you like my friends?"
[continued]
no subject
I gotta tell you, my first and most visceral reaction to your comments is to want to write you a nice, public screed about what terrible people Denise and Mark are -- "Oh, you think they're trustworthy, do you? Well, have I got news for you...." -- since you made expressing calm rational concerns about security ramifications of one fleeping feature of their software a public referendum on whether people like them, like some kind of loyalty test. But that would be incorrect; that's not how I feel about Denise and Mark. I think they've made a number of ethically problematic choices, but I hardly think they're terrible or criminal human beings.
But that is the kind of response your comment invites. It degrades a rational discussion of whether or not to use a software feature into a discussion of Denise and Mark's characters. There's nowhere good that can possibly go.
And for your information, one of those ethically problematic choices is the crossposter, which they have heard from me -- indeed, heard from me when they discussed the issue way back on the dev list before DW ever went live. Well before DW was announced, I'd been looking into the technical problems that underly the crossposter, so I participated in that discussion, and set out what I had figured out, and explained, Look, I don't see any way to do this that isn't at least slightly evil. And, long story short, they did it anyway.
I understand why they did it -- DW couldn't have survived without the crossposter. Those ethical problems remain.
One of those ethical problems is that, even if DW is utterly perfect in all ways -- even if it had perfect rectitude of all its staff and volunteers and perfectly hard security (which is actually impossible as per above, but grant it anyway) -- the end users, such as yourself, have no way on the outside to tell the difference between such a perfect company as DW and other, imperfect, companies. And thus, by offering the crossposter, they're legitimizing and normalizing a user behavior that's actually very dangerous to users.
I'm sure that you've heard companies -- whether banks or employers or other high-security applications -- say things like, "We will never ask you for your password over the phone; if someone claims to be us and asks for your password, it's not us." If you've been around the net long enough, perhaps you've encountered services for which sharing your password is a ToS violation.
This is that.
There are tons of web apps which request your login credentials to other services (e.g. LinkedIn). And this is increasingly recognized as a huge social problem. There is an entire movement to encourage implementation of OAuth and OpenID as ways to attempt to address this problem (I make no comment as to whether I think that's a great way to go about it).
DW is participating in this problem. It is doing the exact opposite of being the change we want to see in the world.
P.S. And, and, and. I haven't even touched on how infuriating it is that the discussion you attempted to shut down was one which was about informing other parties so they can make informed decisions for themselves about what risks they want to run and how an ethical problem of the crossposter is that the risk isn't just to the person who elects to take it (as they are perfectly entitled to do) but to everyone who has friended them, which likely includes people who aren't active on LJ any more and have sensitive materials still here. And I'm sure other things. I'm just stopping here for lack of time.
P.P.S No, one more thing. As I alluded in my comment above, I am beyond tired of the fact I keep having to have this discussion. I am not really impressed with the cult mentality growing up around DW that so many of its users cannot tolerate any discussion of any fault with DW without feeling like their personal friends are being dissed. There are apparently a lot of people who think DW is above reproach. Ironically, I don't think either Denise or Mark can't handle criticism, whether of themselves or their business. But the fanboys and fangirls....