Monica

Some updates on Glassdoor's privacy violations:

Use https://help.glassdoor.com/s/privacyrequest?language=en_US to request deletion of your data. Deactivating your account doesn't delete data. This might not either (no way to verify), but it's the strongest request you can make.

Media coverage: Ars Technica: Users ditch Glassdoor, stunned by site adding real names without consent, Wired: Glassdoor wants to know your real name. The Ars story is more detailed.

It seems that Glassdoor updated its terms of use on February 17, 2024. I did not receive email notification (my last TOS update from them was December 2022). Some salient bits from the current version:

We may update your Profile with information we obtain from third parties. We may also use personal data you provide to us via your resume(s) or our other services. You can read more about how we collect and process your data in our Privacy Policy.

I never provided a resume. I never typed my name into their site, nor did I use a social-media or Google identity. I created the account with an email address (~10 years ago). That part about "obtain from third parties" means they can try to match you up with LinkedIn, use your email headers if you should ever send them email, try to reconcile your account with Indeed if you're there (the same company owns both Glassdoor and Indeed), and whatever else they come up with.

Also, sometimes the information they add is incorrect. From Ars Technica:

As Monica's blog spread widely online, another Glassdoor user, Josh Simmons, commented to confirm that Glassdoor had "already auto-populated details" on his account, too. But instead of correcting Simmons' information, Glassdoor seemed to be adding mistakes to his profile.

Simmons, who requested to use his real name and share his employer information, is a managing director of Matrix.org Foundation. He discovered that Glassdoor had not only messed up his employer's name but also claimed that he was based in London, while he is actually located in California.

"It was bizarre, because I had never provided that information, and it was a somewhat incoherent mix of details," Simmons told Ars.

Back to the terms of use:

We may attempt to verify your employment history or status through various methods, including third party integrations or services. We may also utilize signals we receive from your current or former employer. Glassdoor is not responsible to you or any third party if we are unable to or inaccurately verify your employment history or status.

I don't know what "we may utilize signals we receive from your employer" means, but it sure sounds like "we might ask your employer if you work there", because your employer knowing you've posted Glassdoor reviews to prompt that question would be a "you" problem, not a "Glassdoor" problem.

(This information is repeated in the privacy policy.)

In order to provide you with access to features across our services, we may create and link different services’ accounts for you.

This is the part about them automatically creating a Fishbowl (social media) account on your behalf, without you explicitly doing anything and apparently without direct notification.

A portion of your Profile on our community and conversation services (e.g., Fishbowl and community and conversation features across our services) is always public. Therefore, your profile picture, company name, title, and other general information (but not including your semi-/anonymous Content submissions) will be visible to the public and available via search.. Content submitted with semi-/anonymous identifiers such as your company name or job title is not associated with the publicly-visible portion of your Profile.

So they added my name to my Glassdoor profile without consent, then propagated that to Fishbowl, and the Fishbowl profile was public?!

Glassdoor responded to Ars:

"We vigorously defend our users’ right to anonymous free speech and will appear in court to oppose and defeat requests for user information," Glassdoor's spokesperson said. "In fact, courts have almost always ruled in favor of Glassdoor and its users when we’ve fought to protect their anonymity. With the addition of Fishbowl’s community features to Glassdoor, our commitment to user privacy remains ironclad, and we will continue to defend our users from employers who seek to unmask their identity."

They "vigorously defend" privacy, yet they collect and store information that violates privacy. Also, note that what they're saying is that they'll defend outside requests for data ("almost" always successfully), but they say nothing about their own proactive use of that data -- like selling it to employers.

That data-deletion link once again: https://help.glassdoor.com/s/privacyrequest?language=en_US.

I've been using pobox.com since (checks...) 1996, when I needed to change email addresses and wanted to avert the hassle of getting updates pushed out the next time I had to do that. Pobox does two things: it gives me an email address that I can redirect wherever I want, and it gives me URL forwarding: a Pobox account comes with the ability to redirect http://www.pobox.com/~your-name to wherever you want.

I got email from Pobox today announcing that URL redirection will be discontinued in a couple months:

[...] Pobox alias URLs once served the same purpose as Pobox email aliases: you could get one URL and have it follow you as your web page moved. Over time, though, personal domains have taken over this use case, and Pobox’s URL redirection service is almost entirely unused. Upcoming changes to our web interface make this feature much harder to continue offering, and we have decided to retire it.

Your account’s URL is one of the few that has seen traffic in the last six months. Maybe that’s a fluke, and you’ve stopped using this URL, and it redirects to some long-abandoned page you owned in the 1990s. On the other hand, you might still be using this URL. If that’s the case, you should begin updating links to your Pobox URL and instead link directly to the target resource, or some other redirection service. [...]

As it happens, I am using that URL, and updating links kind of depends on knowing where the links are. (I mean, updating my own links is easy, but that's not why one uses redirection.) I use the domain I acquired in 2017 for all new stuff, and I've been migrating old stuff intermittently. But I didn't finish and cut over, because there are links to my old SCA stuff (in particular) all over the place out there, and I couldn't figure out how to cleanly make all the URLs work -- Pobox gives me one top-level redirect, but if I can't exactly preserve the structure under that, I'm into the realm of individual redirects and that's a big hassle.

Well ok, then -- Pobox is forcing my hand (and I don't really blame them if usage is that low), so I'll just rip that band-aid off and not worry about making the soon-to-be-dead URLs work on the new site. I also hit the Wayback Machine and archive.today with some pages I know are linked, and I asked Pobox if they could give me referrer logs so I can see if there's anyone I ought to notify. Beyond that, I'll just have to assume that search engines will eventually index the new locations and anyone who really cares will search.

Tonight I migrated my SCA pages, which are mainly the page (and many pictures) for the Pennsic house, since Greg Lindahl is already hosting most of my music (and Joy & Jealousy). I also had a bunch of stuff related to the Board crisis of 1994; rather than port all the individual pages, I archived it online and then dropped a ZIP file on my site. It was 30 years ago; I suspect very few people are interested, and those who are won't mind downloading the bundle.

My Pobox account next renews in 2029. I have email through my domain but, again, a lot of people use my Pobox address and updates are hard. But perhaps in the next five years I should attempt to put that change in place, because who knows if email forwarding will go the way of URL redirection by then?

The Supreme Court will soon hear a case that -- according to most articles I've read -- could upend "Section 230", the law that protects Internet platforms from consequences of user-contributed content. For example, if you post something on Facebook and there's some legal problem with you, that falls on you, as the author, and not on Facebook, who merely hosted it. This law was written in the days of CompuServe and AOL, when message boards and the like were the dominant Internet discourse. While there's a significant difference between these platforms and the phone company -- that is, platforms can alter or delete content -- this still feels like basically the "common carrier" argument. This makes sense to me: you're responsible for your words; the place you happened to post it in public isn't.

osewalrus has written a lot about Section 230 over the years -- he explains this stuff better and way more authoritatively than I do. (Errors are mine, credit is his, opinions are mine.)

When platforms moderate content things get more complicated, and I'm seeing a lot of framing of the current case that's rooted in this difference. From what I understand, that aspect is irrelevant, and unless the Supreme Court is going to be an activist court that legislates, hosting user-contributed content shouldn't be in danger. But we live in the highly-polarized US of 2023 with politically-motivated judges, so this isn't at all a safe bet.

The reason none of that should matter is that the case the court is hearing, Gonzales vs. Google, isn't about content per se. It's about the recommendation algorithm, Google's choice to promote objectionable content. This is not passive hosting. That should matter.

The key part of Section 230 says:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider. (47 U.S.C. § 230(c)(1)).

The court can rule against Google without affecting this clause at all. The decision shouldn't be about whether Google is the "publisher" or "speaker". Rather, in this case Google is the advertiser, and Section 230 doesn't appear to cover promotion at all.

I'm not a lawyer, and I'm not especially knowledgeable about Section 230. I'm a regular person on the Internet with concerns about the proper placement of accountability. Google, Twitter, Facebook, and others choose to promote user-contributed content, while platforms like Dreamwidth, Mastodon, and many forums merely present content in the order in which it arrives. That should matter. Will it? No idea.

Moderation is orthogonal. Platform owners should be able to remove content they do not want to host, just like the owner of a physical bulletin board can. In a just world, they would share culpability only if objectionable content was brought to their attention and they did not act. At that point they've said it's ok, as opposed to saying nothing at all because nobody can read everything on a platform of even moderate size. This is how I understand the "safe harbor" provision of the Digital Millennium Copyright Act to work, and the same principle should apply. In a just world, as I said, which isn't the world we live in. (I, or rather my job title, am a registered agent for DMCA claims, and I have to respond to claims I receive.)

I really hope that the court, even a US court in 2023, focuses on the key points and doesn't use this case to muck with things not related to the case at hand.

If you are using your Twitter account to sign in to other sites ("the "sign in with Google/Facebook/Twitter/etc" system), you should stop doing that now. Also, if you are using SMS for two-factor authentication with Twitter, that same article has advice for you. Some parts of their 2FA setup have stopped working, and apparently SMS validation is now unreliable.

There is an outstanding thread -- on Twitter, natch -- about the kinds of things that SREs (site reliability engineers, the people who keep large systems running) worry about. Parts of large systems fail all the time; in a healthy setup you'll barely notice. Twitter is, um, not healthy.

Debirdify is a tool for finding your Twitter friends on the Fediverse (Mastodon), for those who've shared that info. It looks for links in pinned tweets and Twitter profile ("about") blurbs.

I'm at https://indieweb.social/@cellio, for anyone else who's there. I'm relatively new there, like lots of other folks, but so far the vibe takes me back to the earlier days of the Internet -- people are friendly, help each other, presume good intent, and have actual conversations. It is not Twitter; some intentional design choices appear to encourage constructive use and hinder toxicity. I hope to write more about Mastodon later.

I've participated in a lot of online communities, and a lot of types of online communities, over the decades -- mailing lists, Usenet, blogging platforms like Dreamwidth, web-based forums, Q&A communities... and social media. With the exception of blogging platforms, where readers opt in to specific people/blogs/journals and the platform doesn't push other stuff at us, online communities tend to end up with some level of moderation.

We had (some) content moderation even in the early days of mailing lists and Usenet. Mostly[1] this was gatekeeping -- reviewing content before it was released, because sometimes people post ill-advised things like personal attacks. Mailing lists and Usenet were inherently slow to begin with -- turnaround times were measured in hours if you were lucky and more typically days -- so adding a step where a human reviewed a post before letting it go out into the wild didn't cost much. Communities were small and moderation was mostly to stop the rare egregiously bad stuff, not to curate everything. So far as I recall, nobody then was vetting content that way, like declaring posts to be misinformation.

On the modern Internet with its speed and scale, moderation is usually after the fact. A human moderator sees (or is alerted to) content that doesn't fit the site's rules and handles it. Walking the moderation line can be tough. On Codidact[2] and (previously) Stack Exchange, I and my fellow moderators have sometimes had deep discussions of borderline cases. Is that post offensive to a reasonable person, or is it civilly expressing an unpopular idea? Is that link to the poster's book or blog spam, or is the problem that the affiliation isn't disclosed? How do we handle a case where a very small number of people say something is offensive and most people say it's not -- does it fail the reasonable-person principle, or is it a new trend that a lot of people don't yet know about? We human moderators would examine these issues, sometimes seek outside help, and take the smallest action that corrects an actual problem (often an edit, maybe a word with the user, sometimes a timed suspension).

Three things are really, really important here: (1) human decision-makers, (2) who can explain how they applied the public guidelines, with (3) a way to review and reverse decisions.

Automation isn't always bad. Most of us use automated spam filtering. Some sites have automation that flags content for moderator review. As a user I sometimes want to have automation available to me -- to inform me, but not to make irreversible decisions for me. I want my email system to route spam to a spam folder -- but I don't want it to delete it outright, like Gmail sometimes does. I want my browser to alert me that the certificate for the site I'm trying to visit isn't valid -- but I don't want it to bar me from proceeding anyway. I want a product listing for an electronic product to disclose that it is not UL-certified -- but I don't want a bot to block the sale or quietly remove that product from the seller's catalogue.

These are some of the ways that Twitter has been failing for a while. (Twitter isn't alone, of course, but it's the one everyone's paying attention to right now.) Twitter is pretty bad, Musk's Twitter is likely to be differently bad, and making it good is a hard problem.[3]

Twitter uses bots to moderate content, and those bots sometimes get it badly wrong. If the bots merely flagged content for human review, that would be ok -- but to do that at scale, Twitter would need to make fundamental changes to its model. No, the bots block the tweets and auto-suspend the users. To get unsuspended, a user has to delete the tweets, admit to wrongdoing, and promise not to do it "again" -- even if there's nothing wrong with the tweet. The people I've seen be hit by this were not able to find an appeal path. Combine this with opaque and arbitrary rules, and it's a nightmare.

Musk might shut down some of the sketchier moderation bots (it's always hard to know what's going on in Musk's head), but he's already promised his advertisers that Twitter won't be a free-for-all, so that means he's keeping some bot-based moderation, probably using different rules than last week's. He's also planning to fire most of the employees, meaning there'll be even fewer people to review issues and adjust the algorithms. And it's still a "shoot first, ask questions later" model. It's not assistive automation.

A bot that annotates content with "contrary to CDC guidelines" or "not UL-certified" or "Google sentiment score: mildly negative" or "Consumer Reports rating: 74" or "failed NPR fact-check" or "Fox News says fake"? Sure, go for it -- we've had metadata like the Good Housekeeping seal of approval and FDA nutrition information and kashrut certifications for a long time. Want to hide violent videos or porn behind a "view sensitive content" control? Also ok, at least if it's mostly not wrong. As a practical matter a platform should limit the number or let users say which assistance they want, but in principle, fine.

But that's not what Twitter does. Its bots don't inform; they judge and punish. Twitter has secret rules about what speech is allowed and what speech is not, uses bots to root out what they don't like today, takes action against the authors, and causes damage when they get it wrong. There are no humans in the loop to check their work, and there's no transparency.

It's not just Twitter, of course. Other platforms, either overwhelmed by scale or just trying to save some money, use bots to prune out content. Even with the best of intentions that can go wrong; when intentions are less pure, it's even worse.

Actual communities, and smaller platforms, can take advantage of human moderators if they want them. For large firehose-style platforms like Twitter, it seems to me, the solutions to the moderation problem lies in metadata and user preferences, not heavy-handed centralized automated deletions and suspensions. Give users information and the tools to filter -- and the responsibility to do so, or not. Take the decision away, and we're stuck with whatever the owner likes.

The alternative would be to use the Dreamwidth model: Dreamwidth performs no moderation that I'm aware of, I'm free to read (or stop reading) any author I want, and the platform won't push other content in front of me. This works for Dreamwidth, which doesn't need to push ads in front of millions of people to make money for its non-existent stockholders, but such slow growth is anathema to the big for-profit social networks.

[1]: It was possible to delete posts on Usenet, but it was spotty and delayed.

[2]: The opinions in this post are mine and I'm not speaking for Codidact, where I am the community lead.

[3]: I'd say it's more socially hard than technically hard.

As the whole Internet knows, Facebook and other stuff they own were all down for several hours a few days ago. They were off the network entirely: DNS couldn't resolve their host names. A post from Cloudflare describes what happened from the outside, including explaining how some of the key parts work (like BGP and Autonomous Systems, terms I learned this week), and a post from Facebook explains what happened inside.

From Cloudflare:

Due to Facebook stopping announcing their DNS prefix routes through BGP, our and everyone else's DNS resolvers had no way to connect to their nameservers. Consequently, 1.1.1.1, 8.8.8.8, and other major public DNS resolvers started issuing (and caching) SERVFAIL responses.

But that's not all. Now human behavior and application logic kicks in and causes another exponential effect. A tsunami of additional DNS traffic follows.

This happened in part because apps won't accept an error for an answer and start retrying, sometimes aggressively, and in part because end-users also won't take an error for an answer and start reloading the pages, or killing and relaunching their apps, sometimes also aggressively.

[...] So now, because Facebook and their sites are so big, we have DNS resolvers worldwide handling 30x more queries than usual and potentially causing latency and timeout issues to other platforms.

Also, today I learned that Cloudflare owns 1.1.1.1. They don't seem old enough to have been issued that; did they buy it from someone?

From Facebook:

When you open one of our apps and load up your feed or messages, the app’s request for data travels from your device to the nearest facility, which then communicates directly over our backbone network to a larger data center. [...] The data traffic between all these computing facilities is managed by routers, which figure out where to send all the incoming and outgoing data. And in the extensive day-to-day work of maintaining this infrastructure, our engineers often need to take part of the backbone offline for maintenance — perhaps repairing a fiber line, adding more capacity, or updating the software on the router itself.

This was the source of yesterday’s outage. During one of these routine maintenance jobs, a command was issued with the intention to assess the availability of global backbone capacity, which unintentionally took down all the connections in our backbone network, effectively disconnecting Facebook data centers globally. Our systems are designed to audit commands like these to prevent mistakes like this, but a bug in that audit tool prevented it from properly stopping the command.

This change caused a complete disconnection of our server connections between our data centers and the internet. And that total loss of connection caused a second issue that made things worse.

To ensure reliable operation, our DNS servers disable those BGP advertisements if they themselves can not speak to our data centers, since this is an indication of an unhealthy network connection.

And then the measures that protect their data centers from tampering kicked in when engineers tried to fix it.

They don't say, and I don't know, what the command was that was meant to query the network and actually shut it down. Yes they had (faulty) auditing, but I have more fundamental questions, like: was there no "this will take down the network; are you sure? (Y/N)" check in that command?

Edited to add: I just came across a good explanation by mdlbear.

Someone who can self-identify if desired shared Google's summary of the recent email outages (PDF). This is the outage that caused my address (and many others) to start sending permanent bounce messages.

Background: The Gmail SMTP inbound service uses a configuration system that allows specific service options and flags to be changed while the service is already deployed in production. The "gmail.com" domain name is specified as one of these configuration options. An ongoing migration was in effect to update this underlying configuration system to meet Google internal best practices.

A configuration change during this migration shifted the formatting behavior of a service option so that it incorrectly provided an invalid domain name, instead of the intended "gmail.com" domain name, to the Google MTP inbound service. As a result, the service incorrectly transformed lookups of certain email addresses ending in "(at)gmail.com" into non-existent email addresses. When the Gmail user accounts service checked each of these non-existent email addresses, the service could not detect a valid user, resulting in SMTP error code 550.

[...]

To guard against the issue recurring and to reduce the impact of similar events, we are taking the following actions:

• Update the existing configuration difference tests to detect unexpected changes to the SMTP service configuration before applying the change.
• Improve internal service logging to allow more accurate and faster diagnosis of similar types of errors.
• Implement additional restrictions on configuration changes that may affect production resources globally.
• Improve static analysis tooling for configuration differences to more accurately project differences in production behavior.

Ouch.

Fixing things in production systems is hard. I've been there; things can go wrong, sometimes badly wrong. I'm used to thinking of Google as having near-infinite resources, including a replica of their production system to test changes on. Perhaps that's unrealistic.

Dear brain trust,

On my domain, I have email addresses that collect a local copy (i.e. I can use webmail on my domain to read them) and also forward a copy to my Gmail address. This is particularly helpful for low-volume addresses that I might not otherwise check frequently.

Today somebody with whom I'd been corresponding contacted me via another channel to report that his email was now being rejected -- by Gmail. Sure enough, the copies are sitting in my domain mailbox just fine, but there's no sign of them at Gmail -- not in trash, not in spam, just not there. Gmail seems to have decided to reject them and not even tell me.

I have questions.

1. How do I get Gmail to stop doing that, at all? If email is sent to my Gmail address, especially by my own forwarder!, I want it to show up there. In the spamtrap is fine if Google thinks it is. Silent deletion is Not Ok.

2. If I can't get Gmail to stop doing it, can I get notifications somewhere?

3. I expected the forwarding from my domain to Gmail to be a private matter between those two parties. Why did the Gmail rejection get all the way back to the sender? Why did I not receive a notice of the rejection at my domain address, which is what sent it along to Gmail? Is there something I can do, presumably via CPanel, to intercept rejections by forwarding addresses?

4. Gmail has filters, which can be used to process incoming email in various ways. I've used them to whitelist a few senders that Gmail thinks are spammers that aren't. When in the pipeline do filters get applied? I think it's after this rejection it's doing, since the message goes nowhere that I can see, but I've whitelisted this particular address now in any case.

A long time ago, I created a YouTube account to post a video to which I hold copyright. Later, Google bought YouTube. Time passed and I mostly forgot about that video.

Recently it's attracted attention and a troll. I would like to take it down.

Old YouTube accounts no longer work; you can't sign in with them. They have a way to claim old accounts, but it is not accepting the password I used (and recorded) at the time, nor any plausible variants. I can prove it's my account; I get email when somebody interacts with it (which is how I was alerted to the newer attention).

I've long since learned my lesson about relying on third-party media-hosting services (yeah, still have a lot of pictures hosted at LJ and Google that I haven't yet cleaned up on this journal). But I need to repair this error from the past.

I could file a DMCA takedown request, but that's the nuclear option and I don't know what repercussions it will have for the account owner, i.e. me.

Does anybody reading this know a better path? No, there's no "contact us" form, and their Twitter responder doesn't do anything other than send links to help I've already read.

Steven Bellovin, one of the creators of Usenet 40 years ago, has written a retrospective and history of the project. I've actually had this open in a tab for a while; when I first came across it about half the articles had been posted and there were placeholders for the rest. He's now finished it.

This is a mix of technical and political history. At the time I was using it (I gained access around 1983, I think), I didn't know any of the background; to me as a student, ARPANet and Usenet were just two different networks that moved stuff around. (My experience of ARPANet at the time was limited to mailing lists.) I knew that Usenet was decentralized (unlike ARPANet, a government network), but I didn't at the time know the extent to which it was put together by a scrappy band of grad students with limited resources and an attitude of "it's easier to ask forgiveness than get permission". Or so it seems to me in reading this series of posts, anyway.

I learned a lot about the behavior of networked communities on Usenet. I made lots of mistakes, of course; I mean, not only was it a new concept to me, but I was an undergrad without a lot of broad, cultural experience outside my own. And even though I was a bumbling student learning the ropes, I could participate alongside everyone else there -- what you wrote and how well you communicated mattered a lot more than who you were. I -- a lowly undergrad and relative newcomer -- was taken seriously by the architects in planning the Great Renaming. Later the New Yorker would publish that famous cartoon about how on the Internet nobody knows you're a dog; even before that, I had already learned that on Usenet nobody knows (or cares) that you're an undergrad, or insert-demographic-here, or whatever. In retrospect, this might have been somewhat formative for me online.

Technologies change and communities change. Spammers got more aggressive, some of the communities I participated on either scattered or moved elsewhere, and the web emerged as a new way of interacting online. I preferred mailing lists to web forums (because email is push and web sites are pull; this was before syndication was a thing), and then I discovered blogs and LiveJournal. I gradually drifted away from Usenet. And over time I drifted away from some of those other things in favor of yet other things; online communities aren't done evolving by a longshot. (And then there's social media, which feels...different from intentional communities to me. Less cohesive, more episodic and sound-bite-ish.) I imagine that looking back to today in 40 more years will seem just as foreign and quaint as looking back to the beginnings of Usenet must seem to those who weren't around at the time.

The last couple times I've tried to have a Google Hangout from my desktop computer, we have had audio problems. Specifically, the other people could hear me just fine, but I couldn't hear them. The "test" button in the Hangouts settings produced sound just fine, and other applications produced sound. The last time this happened I resorted to joining the call from both my computer (for video and screen-sharing) and my phone (for audio). That felt stupid. I had previously used Hangouts on this computer just fine.

Tonight I got Dani's help (needed another call participant) while I tried to debug it. Same symptoms and no bright ideas. (We tried the phone thing; that worked fine again.) This time my searches led me to this thread, where I saw that somebody else solved the problem by using a different browser. Specifically, Safari.

I was using Chrome, figuring that Google's browser and Google's conferencing application ought to play well together. But nooooo, that was a mistake. I don't know whether the fault lies with Google or Apple, but sheesh! (No, there was nothing relevant in my Chrome settings. Chrome offers to prevent sites from using your input devices, like your camera or microphone, but this was output.) Switching to Safari worked, after I installed and enabled a plugin.

I suspect that, the last time it worked, I was using Firefox instead of Chrome and that made the difference. But once I found a solution I stopped taking up Dani's time with experiments, so I haven't tested.

WTF is wrong with Chrome + Hangouts + Mac? I found lots of other people who had this problem; it's not just me.

If you use Patreon, a site that connects creators (writers, artists, musicians, cartoonists, anybody) with people who'd like to support their work, then you probably already know that they're about to start charging the patrons (funders) for the credit-card transaction fees. (So you signed up to pay somebody, say, $1/month, and you'll now be charged $1.38.) What you might not have noticed is that they're charging a little more than what the credit-card companies charge them, and they're charging for each individual transaction even though they charge your card once for all the creators you support each month. Uh huh. siderea did some money math on their current practices.

One of the complications in trying to do online financial match-making, whether that's Patreon or PayPal or others, is that actually holding money is messy, legally speaking. So creators who have income and support other creators don't get to pay from their income (which is just bookkeeping); each transaction has to start with a credit card and end with a deposit. Or so it sounds.

Back in 1995 when the web was still young, I went to work for a micro-payment research project at CMU, NetBill. The idea was that consumers used a credit card to load some small amount, like $20, into a NetBill wallet, and merchants could sell digital goods for a nickle or a dime or $1/month or however they wanted to structure things. There was a secure protocol with escrow so nobody got screwed, and nobody was paying transaction fees on ten-cent sales. Since this was a university research project it was never set loose in the wild, so nobody ever had to decide what NetBill's fees would be. What made me think back to that now is that I have no idea how the financial regulatory stuff was supposed to work; we were holding money, after all. What I do know is that the project had Visa and a major bank on-board from the start to make sure it would be legal. Now I wonder how they planned to do that. I assume the rules have changed since then anyway, but I now realize that this was a part of the business model that I had no real insight into.

(I joined the project in part because it sounded interesting and in part because it sounded like something that could launch a start-up and that sounded interesting. Instead, two years after I joined, CyberCash licensed the technology and that was the end of that.)

Making small payments was hard then and it hasn't gotten much easier since. If you want to publish through Amazon Kindle or iTunes you can still make some income that way (and of course the platform takes a large cut), but self-publishing for small amounts is still hard. And supporting people without going through the "make a sellable thing on Amazon or iTunes" is even harder.

Edited to add: Some donation-processing systems give donors the option to pay the transaction fees. For example, Jewcer, the site we used to raise funds for "Days of Awe - Mi Yodeya" a couple years ago, was like that, and most donors tacked on the fees. My congregation asks members to kick in the fees when we make credit-card payments and, again, it's optional. Sometimes I do, sometimes I don't -- depends on what the payment is for. But the key is that it's optional. If Patreon had offered patrons the choice instead of imposing the change, this might have gone over better -- but they couldn't do that, because they're using this to overcharge for those fees so people who know that won't go along with it.

My Mac has been bugging me to let it install some updates for several days now (requiring a reboot), so since I was going out for the afternoon anyway, I let it do so.

I completely forgot that this would cause Firefox to update to version 57. Oops. (At work I both turned off automatic updates and did some prep work to update to add-ons that will continue to work in 57. I hadn't gotten around to updating add-ons at home, and I forgot that I hadn't turned off browser auto-updates.)

I've lost my Stylish CSS overrides. Some I shared between home and work (or between Firefox and Chrome at home), so those ones I have, but some sites I only visit at home so I didn't have those at work. I found some stuff about how to find them on a Windows machine, but the filenames mentioned there don't exist on my Mac.

For the most part I'm going to just live without them and migrate more of my browsing activity to Chrome. The main reason I limit Chrome is that the tabs display is totally unreadable if you have too many tabs, unlike Firefox which sets a minimum size and gives you scrolling and a drop-down menu to see all of them. I just found a Chrome extension that provides that drop-down menu, so I can at least find stuff, though I haven't yet found a way to get Chrome to stop trying to show all of them anyway.

I also found these instructions for doing some of the things that Classic Theme Restorer did.

I've updated my earlier post about Firefox 57 with other workarounds I've found. For userscripts, I installed TamperMonkey, which I'm already familiar with from Chrome. For both scripts and CSS, I decided that at home I'll just do all my Stack Exchange stuff in Chrome -- I mostly was anyway, and now that it'd be actual work to get those scripts and styles back, time to just commit to it. Firefox is now almost exclusively for blog-reading (mainly Dreamwidth and those few people still on LJ), and everything else I do in Chrome. (That's at home; at work I do a lot more in Firefox.) I tend to have a lot of DW tabs open, so keeping that activity in the browser that handles tabs better makes sense.