“End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them.

Just like Blackberry, WhatsApp has claimed that they are end to end encrypted but in fact that is not trueWhatsApp (and Blackberry) decrypt all your texts on their servers and they can read everything you say to anyone and everyoneThey (and Blackberry) then re-encrypt your messages, to send them to the recipient, so that your messages look like they were encrypted the entire time, when in fact they were not

The only messaging app that has been proven, by an independent authoritative agency, is Apple’s Messages app (which uses Apple’s iMessage protocol that is truly end to end encrypted, Apple cannot read any of your texts which means that no one can read any of your texts)

content Gray Hat Python

Not merge the values of the keys.

GitLab will perform a reverse deep merge based on the keys

It’s an alternative to using YAML anchors and is a little more flexible and readable

Because the conditional connectives thus complicate the formal reasoning about programs, they are better avoided.

there’s 3 steps to building software: Make it work Make it right Make it fast

“Make it right” means that the code is maintainable and easy to change. Humans can read it, not just computers. New engineers can easily add functionality to the code. When there’s a defect, it is easy to isolate and correct.

In the examples below, we are using Docker images tags to specify a specific version, such as docker:19.03.8. If tags like docker:stable are used, you have no control over what version is going to be used and this can lead to unpredictable behavior, especially when new versions are released.

Moreover, common search practices miss information in the deep web—the parts of the web not indexed by standard commercial search engines

To understand and be understood, those are among life’s greatest gifts, and every interaction is an opportunity to exchange them.

Sometimes plugins can conflict with a theme or with each other.  Disable all your plugins and see if the problem persists. If everything is working once the plugins were disabled it means there's a conflict with a plugin or maybe even a set of plugins. Enable the plugins one by one to identify the one that is creating the conflict.

Right click on the /wp-content/plugins folder and rename it plugins.old. This will deactivate all of the plugins. In most cases, this will also lock the WordPress admin area as well.  You will still be able to perform these steps from within the File Manager.Reactivate the plugins folder by following the above instructions and renaming the folder plugins. This will allow you to reactivate each plugin individually to isolate the offending plugin and resolve the 500 Internal Server Error.  This should also allow access to the WordPress Dashboard again. From the WordPress Dashboard: Reactivate each plugin (one at a time) and refresh the website to see if the issue has been resolved.

“Extraordinary Commonplaces,” Robert Darnton

Now personal data exports include users session information and users location data from the community events widget. Plus, a table of contents!See progress as you process export and erasure requests through the privacy tools.

Given the massive amount of stars it had acquired on Github and the fairly quick and easy setup, it seemed very promising. When it comes down to its isomorphic functionality, it’s hard to match. But when it we started using the static export features, we were dropped on our faces with a very ungraceful transition from isomorphic to static that came with a cold side of faulty hot-reloading, strange routing strategies and highly bloated bundles:

To be fully compliant with GDPR, you would also need to enable Show Reject All Button setting.

managing yourself and others.

Requested Dormant Username Enter the username you would like to request, without the preceding URL (e.g., "User" instead of "gitlab.com/User")

The GitLab.com support team does offer support for: Account specific issues (unable to log in, GDPR, etc.) Broken features/states for specific users or repositories Issues with GitLab.com availability

Technical and general support for those using our free options is “Community First”. Like many other free SaaS products, users are first directed to find support in community sources such as the following:

Out of Scope The following details what is outside of the scope of support for self-managed instances with a license.

For general questions, use cases, or anything else that does not fit into one of the above cases, please post in the GitLab Forum or on a third-party help site.

If you're in a paid tier on GitLab.com or GitLab Self-managed, you're entitled to Support. Please open a support ticket after reviewing our Statement of Support

If you're a free user on GitLab.com and are having one of the following specific issues please file a support ticket after reviewing the Free Plan Users Section in our Statement of Support

Account Support If you haven't received your confirmation email, you can request to resend your confirmation instructions via our confirmation page.

We're closing the Support Forum issue tracker in favor of the Community Forum and support channels. We recognize that the Support Forum issue tracker has not received much attention in the last few months, and want to redirect our community members to locations that are regularly monitored by GitLab staff. As a result, this issue will be moved to the GitLab product issue tracker and triaged there.

What I think we're lacking is proper tooling, or at least the knowledge of it. I don't know what most people use to write Git commits, but concepts like interactive staging, rebasing, squashing, and fixup commits are very daunting with Git on the CLI, unless you know really well what you're doing. We should do a better job at learning people how to use tools like Git Tower (to give just one example) to rewrite Git history, and to produce nice Git commits.

These two are in my opinion the most problematic — the basically go against each other. Typically, I try to work in increments over a feature and commit when I reach whatever techinical milestone I want to "checkpoint" at. It can also be out of the need to expose some idea or architecture and push it.

If we can encourage people to create clean commits as they go, the example as you showed above should be far less common, because cleaning up such history as an after-math is most of the time almost impossible.

I think this goes against the Keep It Simple mentality and the Low Level Of Shame that we should have when we contribute.

With a recognisable, ever present icon, user's can easily manage their consent at any time.

Many also question how the average user with little knowledge of the GDPR will react to being asked so many questions regarding consent. Will they be confused? Probably at first. It will be up to each business to create a consent form that is easy to understand, while being at the same time comprehensive and informative

to remove the force or effectiveness of

If you update your pages and push to github, people revisiting the pages who have already got cached copies will not get the new pages without actually cleaning their browser cache. How can a script running in a page determine that it is stale and force an update?

for me it was because the browser use cached data(old styles) so i opend other brwser

The "'strict-dynamic'" source expression aims to make Content Security Policy simpler to deploy for existing applications who have a high degree of confidence in the scripts they load directly, but low confidence in their ability to provide a reasonable list of resources to load up front.

Although it can minimize the overhead of third-party tags, it also makes it trivial for anyone with credentials to add costly tags.

A "tag" is a snippet of code that allows digital marketing teams to collect data, set cookies or integrate third-party content like social media widgets into a site.

Eric Schmidt, former Google CEO and Chairman, famously said “Google’s policy on a lot of these things is to get right up to the creepy line, but not cross it.” But for most people, that line was crossed by Google, Facebook, and others long ago.

This depends on the legal jurisdiction applicable to your site.

Consent means offering individuals real choice and control. Genuine consent should put individuals in charge, build trust and engagement, and enhance your reputation.

Instead of having a task like “write an outline of the first chapter,” you have a task like “find notes which seem relevant.” Each step feels doable. This is an executable strategy (see Executable strategy).

However, since problems are only addressed when they arise, maintenance is reactive rather than proactive. Small problems left unaddressed can balloon into major failures due to focus on cost.

What a lot of people don't realize is that a source control system is a communication tool. It allows Scarlett to see what other people on the team are doing. With frequent integrations, not just is she alerted right away when there are conflicts, she's also more aware of what everyone is up to, and how the codebase is evolving. We're less like individuals hacking away independently and more like a team working together.

Google encouraging site admins to put reCaptcha all over their sites, and then sharing the resulting risk scores with those admins is great for security, Perona thinks, because he says it “gives site owners more control and visibility over what’s going on” with potential scammer and bot attacks, and the system will give admins more accurate scores than if reCaptcha is only using data from a single webpage to analyze user behavior. But there’s the trade-off. “It makes sense and makes it more user-friendly, but it also gives Google more data,”

For instance, Google’s reCaptcha cookie follows the same logic of the Facebook “like” button when it’s embedded in other websites—it gives that site some social media functionality, but it also lets Facebook know that you’re there.

examples, listing both the conventional systems and their counterpart systems: Conventional schooling Home schooling Encyclopedia Britannica Wikipedia Microsoft Office Open Office Taxicabs Uber Hotel chains Airbnb Big-box stores Ebay National currency Cryptocurrency

Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.

It’s always best practice to either simply follow the most robust legislations or to check the local anti-spam requirements specific to where your recipients are based.

In the EU, the ePrivacy directive sets overall guidelines that are individually implemented by member states

Under the FTC’s CAN-SPAM Act, you do not need consent prior to adding users located in the US to your mailing list or sending them commercial messages, however, it is mandatory that you provide users with a clear means of opting out of further contact.

Be clear and unambiguous. The average user should be easily able to understand what they’re consenting to;

they sought to eliminate data controllers and processors acting without appropriate permission, leaving citizens with no control as their personal data was transferred to third parties and beyond

the compelling legitimate interests pursued

While there are no legal precedents to spell out specifically what the actual terms mean, it can be interpreted from the testimony of people like Professor Mark Lemley from Stanford University, in front of the United States Senate Committee on the Judiciary that the individual terms are defined as follows

“Until CR 1.0 there was no effective privacy standard or requirement for recording consent in a common format and providing people with a receipt they can reuse for data rights.  Individuals could not track their consents or monitor how their information was processed or know who to hold accountable in the event of a breach of their privacy,” said Colin Wallis, executive director, Kantara Initiative.  “CR 1.0 changes the game.  A consent receipt promises to put the power back into the hands of the individual and, together with its supporting API — the consent receipt generator — is an innovative mechanism for businesses to comply with upcoming GDPR requirements.  For the first time individuals and organizations will be able to maintain and manage permissions for personal data.”

Its purpose is to decrease the reliance on privacy policies and enhance the ability for people to share and control personal information.

make it as easy to withdraw consent as to give it. The latter gets particularly interesting when considering that in some contexts, consent may be obtained “through only one mouse-click, swipe or keystroke” and therefore “data subjects must, in practice, be able to withdraw that consent equally as easily” per the WP29.

it is a question of balance — if one mouse-click was all it took to consent, is it appropriate to require a phone call during business hours to withdraw that consent? Probably not.

You have the right to withdraw from this contract within 14 days without giving any reason.

a person can withdraw from research at any point of time and it is no binding of participant to reveal the reason of discontinuation

This exemption is may not be applicable for all regions and is therefore subject to specific local regulations.

An entity not established in the EU offers goods or services (even if the offer is for free) to people in the EU. The entity can be government agencies, private/public companies, individuals and non-profits;

In the US, there is no single comprehensive national body of data regulations; there are, however, various laws on a state level as well as industry guidelines and specific federal laws in place. Since online site/app activity is rarely limited to just one state, it’s always best to adhere to the strictest applicable regulations.

Determining your law of reference Generally, the laws of a particular region apply if: You base your operations there; or You use processing services or servers based in the region; or Your service targets users from that region This effectively means that regional regulations may apply to you and/or your business whether you’re located in the region or not. For that reason, it’s always advisable that you approach your data processing activities with the strictest applicable regulations in mind.

they’ve contested its accuracy

This scope effectively covers almost all companies and, therefore, means that the GDPR can apply to you whether your organization is based in the EU or not. As a matter of fact, this PwC survey showed that the GDPR is a top data protection priority for up to 92 percent of U.S. companies surveyed.

it buys, receives, sells, or shares the personal information of 50,000 or more consumers annually for the business’ commercial purposes. Since IP addresses fall under what is considered personal data — and “commercial purposes” simply means to advance commercial or economic interests — it is likely that any website with at least 50k unique visits per year from California falls within this scope.

Please note that users enjoy a specific right of opposition to ADM processes

the data controller shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

I have seen that, but there is no cheaper alternative? Or even better an open source altenative?

This is it. I'm done with Page Translator, but you don't have to be. Fork the repo. Distribute the code yourself. This is now a cat-and-mouse game with Mozilla. Users will have to jump from one extension to another until language translation is a standard feature or the extension policy changes.

While there are security benefits to disallowing unsigned extensions by default, it is not clear why there is no option to turn off this behavior, perhaps by making it configurable only with administrator rights.

It would be best to offer an official way to allow installing local, unsigned extensions, and make the option configurable only by root, while also showing appropiate warnings about the potential risks of installing unsigned extensions.

I reckon that it was: less a communication failure more a failure to pay attention – no disrespect intended. Given the unfortunate coincidence, it's almost entirely understandable that everyone concerned lost sight of Mozilla's forewarning.

What I don't like is how they've killed so many useful extensions without any sane method of overriding their decisions.

I know, you don't trust Mozilla but do you also not trust the developer? I absolutely do! That is the whole point of this discussion. Mozilla doesn't trust S3.Translator or jeremiahlee but I do. They blocked page-translator for pedantic reasons. Which is why I want the option to override their decision to specifically install few extensions that I'm okay with.

None of these methods are ideal and honestly, I'd only blame Mozilla for this. They dismiss all our efforts as incorrect but refuse to provide the correct solution.

Mozilla will never publicly ask users to circumvent their own blocklist. But it's their actions that are forcing people to do so.

What's terrible and dangerous is a faceless organization deciding to arbitrarily and silently control what I can and can not do with my browser on my computer. Orwell is screaming in his grave right now. This is no different than Mozilla deciding I don't get to visit Tulsi Gabbard's webpage because they don't like her politics, or I don't get to order car parts off amazon because they don't like hyundai, or I don't get to download mods for minecraft, or talk to certain people on facebook.

They don't have to host the extension on their website, but it's absolutely and utterly unacceptable for them to interfere with me choosing to come to github and install it.

So to me, it seems like they want to keep their users safer by... making them use Google Chrome or... exposing themselves to even greater danger by disabling the whole blocklist.

I appreciate the vigilance, but it would be even better to actually publish a technical reasoning for why do you folks believe Firefox is above the device owner, and the root user, and why there should be no possibility through any means and configuration protections to enable users to run their own code in the release version of Firefox.

I appreciate the vigilance, but it would be even better to actually publish a technical reasoning for why do you folks believe Firefox is above the device owner, and the root user, and why there should be no possibility through any means and configuration protections to enable users to run their own code in the release version of Firefox.

We must consider introducing sensible default options in Firefox, while also educating users and allowing them to override certain features, instead of placing marginal security benefits above user liberties and free choice.

Add-ons must function only as described, and should provide an appealing user experience. Based on the description of the add-on, a user must be able to understand and use the add-on’s features without requiring expert knowledge.

Starting your answer with a word commonly associated with equivocation automatically weakens your answers and makes you sound less sure of yourself.

Implementing prior blocking and asynchronous re-activation Our prior blocking option prevents the installation of non-exempt cookies before user consent is obtained (as required by EU law) and asynchronously activates (without reloading the page) the scripts after the user consents.To use, you must first enable this feature: simply select the “Prior blocking and asynchronous re-activation” checkbox above before copy and pasting the code snippet into the HEAD as mentioned in the preceding paragraph.

Whether it's "better" for your implementation is up for you to decide.

f.ex.

Take a moment to consider the alternative. No, not the IT department's fantasy world, that never-gonna-happen scenario where you create a strong, unique password for every account, memorize each one, and refresh them every few months. We both know it's not like that. The reality is that in your attempts to handle all those passwords yourself, you will commit the cardinal sin of reusing some. That is actually far more risky than using a password manager. If a single site that uses this password falls, every account that uses it is compromised.

In particular, I, quite accidentally, became a maintainer of ActsAsTaggableOn, a Rails tagging engine, after bumping a long-stale, minor, pull-request I had written.

Becouse of CanCan, StateMachine and others I deside to create OpenSource organization to maintain gems. People disappear, lose their passion about coding, get new interests, families, children. But if us many we can support gems much longer. I dont pretend to be an expierenced ruby developer, but I can do administarative work: managing teams, members, approve simple pool-requests. If you think it good idea and want to support some inactive gems, not life time, maybe just a little - welcome to organization.

There's actually discussion among the rubygems team about a process for putting gems "up for adoption" that you might be interested in: http://www.benjaminfleischer.com/2014/08/17/rubygems-adoption-center/

For instance, one recent blog entry from the Irish Data Protection Commission discussing events at schools borders on the absurd:“Take the scenario whereby a school wants to take and publish photos at a sports day ­– schools could inform parents in advance that photographs are going to be taken at this event and could provide different-coloured stickers for the children to wear to signify whether or not they can be photographed,” the Commission suggested. The post goes on to discuss the possibility of schools banning photographs at a high school musical, but suggests that might be unwieldy.

But now, I think there’s still some lack of clarity from consumers on exactly what they need to do

I think that the importance of people understanding what is going on with their data, and not having a surprised reaction that somebody has their information.

Allows you to autodetect and limit prior-blocking and cookie consent requests only to users from the EU – where this is a legal requirement – while running cookies scripts normally in regions where you are still legally allowed to do so.

Enables the blocking of scripts and their reactivation only after having collected user consent. If false, the blocked scripts are always reactivated regardless of whether or not consent has been provided (useful for testing purposes, or when you’re working on your project locally and don’t want pageviews to be counted). We strongly advise against setting "priorConsent":false if you need to comply with EU legislation. Please note that if the prior blocking setting has been disabled server side (via the checkbox on the flow page), this parameter will be ineffective whether it’s set to true or false.

Please note that at the moment the Cookie Solution is optimized to comply with very strict Italian implementation regulations (this can only improve compliance in other jurisdictions).

Such languages may make it easier for a person without knowledge about the language to understand the code and perhaps also to learn the language.

One thing is certain when it comes to navigation trends, users and designers seem to be fed up with completely hidden styles and demand options that work in similar formats on desktops and mobile devices. This might be one of the reasons a vertical pattern is trending.

Non-traditional navigation styles can be a fun way to break up some of the same old design patterns.

Potential for political focus on building new features over technical improvements (such as refactoring)

the phrase up to is used to convey the idea that some objects in the same class — while distinct — may be considered to be equivalent under some condition or transformation

"a and b are equivalent up to X" means that a and b are equivalent, if criterion X, such as rotation or permutation, is ignored