security and privacy

Substack Transmits User Email Addresses in Plain Text

the landing page for Brad Delong's Substack newsletter
Apparently Substack encourages open discussion threads once a week or month. This has been a common way of encouraging engagement with ‘chatty’ blogs for at least a decade, whether they are hosted by Substack or Blogger

At first I thought substack were just good self-promoters. They managed to convince people to lend them more than $80 million to launch a blog platform with 2010s aesthetics. Most blog platforms will deliver posts by RSS or email if you sign up, and paid and unpaid newsletters go back to the 19th century. Getting people with too much money to give you some is harmless, and convincing people to read and write blogs is good. But then @22@octodon.social suggested I should look at their source code and I saw something as beautiful as the tale of Emperor Norton of the United States.

Read more

Building a Website to Last in the 2020s

The site above was last updated in 1997. It still does everything it was designed to do. How many script-heavy, CMS-based websites from 2017 will still be readable in 2041?

My mental health has recovered to the point that I can work on moving the static part of my website onto its own domain name and server. That is good, because WordPress’ web interface has become even more intolerable. Automattic has other frustrating policies, like storing images on their domain not mine (so if I move the site links on other sites to the images break), and editing a customer’s site to stop them from using someone’s legal and most famous name. If you want to see how a computer scientist[1] thinks about this problem, read on!

[1] a scientist with a diploma that says CSC and a resume with “junior software developer” under work experience, at least

Read more

Some Thoughts on “The Smart Girl’s Guide to Privacy”

A snowy field with construction cranes in the distant background beyond a fence

Violet Blue, The Smart Girl’s Guide to Privacy: Practical Tips for Staying Safe Online (No Starch Press: San Francesco CA, 2015) Digita Publications

Writer and journalist Violet Blue is working on a new edition of The Smart Girl’s Guide to Privacy. So even though its a little bit late for Data Protection Day on 28 January, I think its time to dust off my review. Her book has a clear and distinct vision of its audience, and avoids the traps which most writers on security and privacy fall in to.

Read more


Cross-Post: Reddit Breaks Without Javascript

Seems functional at first, but none of the links work and that big sidebar at the left won’t go away! reddit in late April 2018 without scripts.

Sometime in mid-April 2018, Reddit joined the crowd of sites which don’t work without Javascript. Its pages do not appear blank, but none of the links work, and the start of each line in the main part of the page is covered by an almost completely empty column at the left which cannot be removed.

A number of blog hosts have joined this trend recently. Here is Confessions of a Community College Dean at https://suburbdad.blogspot.co.at/

Confessions of a Community College Dean without scripts, Note how the body text overlaps the sidebar rather than wrapping at the end of the column. Long paragraphs extend outside the browser window entirely so that only the first 100 or so characters are visible.

Read more