*15 new emails*

We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy
We have updated our privacy policy

Next thing you know, you're getting an email from your oven about it's updated privacy policy.

So, recently, a person in the US was arrested for stalking people.

The evidence was some data from google, a work computer and from a VPN provider.

Let's take a quick look at that VPN provider. It (PureVPN) says on their privacy policy page that they do NOT store logs.

Guess from what VPN provider the FBI got those logs? Yes, PureVPN!

Althouh I'm happy they got this creep off the street, it still means that PureVPN has been lying to its entire customer base.

I personally hope that their reputation will be destroyed now because this should never happen.

A screenshot I took from their privacy policy page is attached below.

Keep your eyes open when choosing a VPN provider!

This one wins

I've given up hope a long time ago...

for (email in inbox) {
if ( email.contains("policy") ||
email.contains("privacy") ||
email.contains("GDPR")) {
email.delete();
}
}

The best privacy policy update meme

*Sighs opening email*

*steps into the coffee shop

"WE'VE UPDATED OUR PRIVACY POLICY!!!"

Privacy Policy done right

Suddenly everyone is updating their privacy policy.

Unpopular opinion about Microsoft buying GitHub.

Just putting it out there that when you made your github repos you did so under their privacy policy and terms and will be protected under those in the future, and that both GitHub and Microsoft are corporations with the goals of making money.

Are people seriously mad that their code has gone from one capitalist corporation to another, with no foreseeable change in privacy or data policy? I have respect for those that switched to self hosted long ago since that's going from corporate to private, but if you throw away the UX and community GitHub has developed because a multinational corporation (with so many branches, products and divisions, which happens to have a few products you don't like) will soon own it, are you actually making a rational, guided decision?

Also just throwing it out there that GitLab is also a company. They've also had issues with keeping data intact in the past. They do, however, have free private repos (although I can't ever trust someone who gives me "free" privacy) as well as builtin CI. There are some definite upsides to it, although the UX has a ton of differences. If you're expecting the same dashboard and workflow you've used on GitHub, don't, GitLab has cool features but the bells and whistles aren't the exact same.

If you're switching to GitLab solely because of Microsoft, step back and think, regardless of how popular it might make you to hate Microsoft, is it really worth changing your development ecosystem to go from one corporate entity to another solely because you don't like the company?

I use GitLab and GitBub as well as Bitbucket and selfhosted git on a daily basis. They each have their upsides and downsides; but I think switching from one to the other solely because of Microsoft is not only totally irrational, but really makes light of/disrespects the amazing tools and UX the teams behind each one have carefully developed. Pick your Git hosting based on features and what works out for your use case, not because of which corporate overlord has their name plastered on it.

(Also just throwing it out there that lots of devs love VS Code, and that's Microsoft owned too... They did also build and pioneer a bunch of really cool shit for devs including Typescript so it's not like they're evil or incapable in any sense?)

Guys, I've been thinking.

When I get married I'm gonna make my partner agree to terms of service and my privacy policy instead of the lame wedding vows 😛

Instead of 'I do', it'll be 'I agree'.

Should also probably make him sign an NDA incase things go south.

Edit:
Also, probably a code of bathroom conduct. (I just remembered that football while peeing rant)

I just got a text from T-Mobile telling me about their updated privacy policy and that I can “opt out.” So, naturally I do exactly this.

After a little bit, I land on their “Do not sell my data” page and discover that, not only does it have 175+ trackers,
it doesn’t even fucking work. Also, on the desktop version of the site, the very control allowing the user to opt out of having their data shared/sold doesn’t even render.

These are all absolutely inexcusable.

Prank calls then:
"Is your refrigerator running?"
"Yes? Why?"
"Well... you better go catch it! Hehehe-" *click*

Prank calls now:
"Is your server running?"
"Yes? Why?"
"Well... you better update your privacy policy! Hehehe-" *click*

*Email*
"We updated our Privacy Policy"
"We updated our Privacy Policy"
.
.

*opens devRant*
**Rants on Privacy Policy**

-_-

Thank you GDPR because of you we know who has our email and sent us "We're updating our Privacy Policy".

Time to delete some accounts.

So I just booted up my laptop.

WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.
WE'VE UPDATED OUR PRIVACY POLICY.

I agreed to all of it.

And continued my day.

Have a nice day everyone.

P.S no I'm not talking about emails

Discord knows the spam that is happening

I realize I've ranted about this before, but...

Fuck APIs.

First the fact that external services can throw back 500 errors or timeouts when their maintainer did a drunk deploy (but you properly handled that using caching, workers, retry handlers, etc, right? RIGHT?)...

Then the fact that they all speak a variety of languages and dialects (Oh fuck why does that endpoint return a JSON object with int keys instead of a simple array... wait the params are separated with pipe characters? And the other endpoint uses SOAP? Fuck I need to write another wrapper class around the client...)

But the worst thing: It makes developers live in this happy imaginary universe where "malicious" is not a word.

"I found this cloud service which checks our code style" — hmm ok, they seem trustworthy. Hope they don't sell our code, but whatever.

"And look at this thing, it automatically makes database backups, just have to connect to it to DigitalOcean" — uhhh wait...

"And I just built this API client which sends these forms to be OCR processed" — Fuck... stop it... there are bank accounts numbers on those forms... Where's that API even located? What company?

* read their privacy policy *

"We can not guarantee the safety of your personal data, use at your own risk [...] we are located in Russia".

I fucking hate these millennial devs who literally fail to get their head out of the cloud.

Somehow they think it's easier to write all these NodeJS handlers and layers around some API, which probably just calls ImageMagick + Tesseract on the other side.

If I wasn't so fucking exhausted, I'd chop of their heads... but they're like hydra, you seal one privacy breach and another is waiting to be merged, these kids just keep spewing their crap into easy packages, they keep deploying shitty heroku apps... ugh.

😖

Root rents an office.

Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.

Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.

So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.

AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.

Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.

Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄

Desk? What desk?
Fucking hell.

!!privacy
!!political

I had a discussion with a coworker earlier.

I owed him for lunch the other day, and he suggested I pay him back either with cash (which I didn't have), Venmo, or just by him lunch the next time (which I ended up doing).

I asked about Venmo, and he said it was like paypal, but always free. that sounded a bit off -- because how are they in business if it's always free? -- so I looked it up, and paid special attention to their privacy policy.

The short of it: they make money by selling your information. That's worth far more than charging users a small fee when sending $5 every few weeks. Sort of what I expected when I heard "always free," but what surprised me is just how much they collect. (In retrospect, I really shouldn't have been surprised at all...)

Here's an incomplete list:
* full name, physical address, email, DoB, SSN (or other government IDs, depending on country)
* Complete contact list (phone numbers, names, photos)
* Browser/device fingerprint
* (optional) Your entire Facebook feed and history
* (optional) all of your Facebook friends' contact info
* Your Twitter feed
* Your FourSquare activity
(The above four ostensibly for "fraud prevention")
* GPS data
* Usage info about the actual service
* Other users' usage info (e.g. mentioning you)
* Financial info (the only thing not shared with third parties)

Like, scary?

And, of course, they share all of this with their parent company, PayPal. (The privacy policy does not specify what PayPal does with it, nor does it provide any links that might describe it, e.g. PayPal's "info-shared-by-third-parties" privacy policy)

So I won't be using Venmo. ever.

I mentioned all of this to my coworker, and he just doesn't understand. at all. He even asks "So what are they going do with that, send me ads? like they already do?"

I told him why I think it's scary. Everything from them freely selling all of your info, to someone being able to look through your entire online life's history, to being able to masquerade around as you, to even reproducing your voice (e.g. voice clips collected by google assistant), to grouping people by political affiliations.

He didn't have much to say about any of them, and actually thought the voice thing was really cool. (All I could think of was would happen if the "news" had that ability....) All of his other responses were "that doesn't bother me at all" and/or "using all of these services is so convenient."

but what really got me was his reaction to the last one.

I said, "If you're part of the NRA, for example, you'd be grouped with Republicans. If they sell all of this information, which they do, and they don't really care who buys it or what they do with it... someone could look through the data and very very easily target those political groups."

His response? "I don't have to worry about that. I'm a Democrat, and have always voted Democrat. I'll tell anyone that."

Like.
That's basically saying every non-democrat is someone you should be wary of and keep an eye on. That's saying Democrats are the norm and everyone else is deviant and/or wrong.

and I couldn't say anything after this because... no matter what I said, it would start a political conflict, and would likely end with me being fired (since the owner is also a democrat, and they're very buddy-buddy). "What if they target democrats?" -> "They already do!" or "What if democrats use it against others?" -> "They deserve it for being violent and racist, but we never would" (except, you know, that IRS/tea-party incident for example...)

But like, this is coming from someone who firmly believes conservatives are responsible for all of the violence and looting and rioting and mass shootings in the country. ... even when every single instance has been by committed by democrats. every. single. one.

Just...
jfl;askjfasflkj.

He doesn't understand the need for privacy, and his world view is just... he actually thinks everyone with different beliefs is wrong and dangerous.

I don't even know how to deal with people like this. and with how prevalent this mindset is... coupled with the aforementioned privacy concerns... it's honestly *terrifying.*

Sad story!
She : i am breaking up with you because I love another guy.
Me : since when?
She : 6 months.
He : why you didn't tell me then?
She : we have updated our privacy policy!!

I am from Germany.
And I wanna make a (new) website.

This is fucking exhausting 😩
(Do I have to translate it to english as well? The site will be bilingual).

I miss the time when I was a careless teenage who would just code and not care about bureaucracy...

Everyone is updating their privacy policy because of GDPR while my mom still busts into my room without knocking.... She hasn't read the GDPR has she?

Another one.

*logs out of Google on Android*
*has this persistent Google search bar on launcher which I keep on accidentally tapping*

Alright, so I'm not logged into Google to see how it goes. Kind of an experiment to see just how intertwined Android and my life are with Google. And it's going quite well actually, except for my prime apps that I can't seem to get around.

*reads Google privacy policy*
"We protect your data by keeping it secure!"
Hmm, yeah.. you and 3 letter agencies are keeping it secure and out of the hands of other individuals.. that makes sense.
Don't be evil.. unless you're the devil, right?
Fuck you, I won't login like this.

*accidentally opens Google*
*le trending results show up*

- KSI vs Logan Paul weigh-in!
- KSI vs Logan Paul Manchester!
- KSI vs Logan Paul arena fight!

*opens up NewPipe in which I am not logged in either*
- KSI vs Logan Paul!!!
- Did you see the KSI vs Logan Paul stuff yet?!

*logs back into Google straight away*
Personalized search engine.. many hate it, but boy do I fucking love it.

9 days.
9 fucking days without internet.
9 fucked up days with access to a national intranet with the only accessible things being websites with privacy-respect policy of facebook, with all your unencrypted data streaming under dictator hands.

*runs into underground bunker*

wew i'm safe!

*door creeks open*

someone whispers: "Psst, we've updated our privacy policy"

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

PO: Here's a small cool feature I thought of, should be easy enough *shows very basic draft spec*
Me: Cool, how does it work for logged out users? What about customers in Spain? Does it work with US sales tax? Do we need to update the privacy policy? Do we have translations? What's the fallback if it breaks? Who will be maintaining the content?
PO: ...
PO: I'll get back to you

*never hears about feature again*

Seen more about GDPR, privacy and policy here than in my mailbox.

Um.. yea I've published a GDPR contact email on our website, for issues about our privacy policy. Not sure if you Chinese marketing fucks behind the GFW know what this regulation is about though. I'm not interested in your stupid moulds.
Perhaps that firewall of China could use some further tightening... 😒

So we send a quote out to a client to update his website to make it compliant with the new privacy guidelines: SSL encryption, removing external libraries, removing Facebook Plug-ins, all that stuff. We didn't get a response.

On Monday, he called in a panic. "The website does not work, fix immediately!"

I check out the server, what do I see? An SSL cert installed the Friday before... Client decided to do it himself, on a Friday, without testing. He broke something, but cannot tell me exactly what he did.

And somehow he thinks all that is my fault :D

Hopefully seeing the app that I've been working on for months officially released and on both the App store and google play store.

I say this because I've been waiting months and months for my boss and some other people at this company to be done with the privacy policy + terms of use for the app (which is needed due to how the app works) and I want to resign soon due to minimum wage + 2 hour commute twice daily + want a proper development culture (get treated as the IT guy at work)

Son of a... insurance tracker
You hit delete and I’m stuck with this reply!?!

Stuff it, I’ll rant about it instead of commenting.

How’s an insurance e company any different to google tracking your every move, except now it’s for “insurance policy premiums” and setting pricing models on when, how, and potentially why you drive.

Granted no company should have enough gps data to be able to create a behaviour driven ai that can predict your where and when’s with great accuracy.

The fight to remove this kind of tech from our lives is long over, now we have to deal with the consequences of giving companies way to much information.

- good lord, I sound like a privacy activists here, I think I’ve been around @linuxxx to long.

" this page uses cookies"
"We've updated our privacy policy"
*30 sec full screen ad* OR "please turn off your adblocker and refresh"
"Would you like to take a survey?"
"Click to read more"
"You've reached your free articles for the month. Please subscribe!"

Jesus fucking Christ! Is it such a sin to read articles in peace? How does anybody use your shitty site. How does anybody PAY for your shitty site?! Fuck your articles. Why do companies think this is a good model?!

🤔🤔

With the recent mark zuckerberg hearing, a ton of websites have actually changed their privacy policies and terms of service, to be much more transparent, so it did have a good impact, but the thought that it took that, to implement those changes is infuriating

All these 'We updated our privacy policy" mails remind me on how many (unnecessary) sites I am actually registered on...

Fairly fitting I'd say. No one is safe from the GDPR madness.

Last year at the the Xmas party CEO slips in that he wants the app done by end of February, I freak because I thought he meant both iOS and Android (only dev working on both :/), anyways he wanted specifics for locking out specific people that haven't paid for some in-house training (like in app persons just not in the app lol) it required web development which I'm horrible at, I spend a whole week and managed to scrape together the right functions to do a user lock out, pretty all things considering.

A couple weeks before deadline I'm done :D, I've done a lot of testing, some in-house user testing, changes made all bugs visually possible are fixed.

Now I've been sitting here waiting, it's an iOS app that is currently completed aside from some legal work, which I kept going to boss "hey, we need that disclaimer and privacy policy", he becomes busy for the next few weeks, pester him more, pester another co-worker, only a week ago did they contact a lawyer...

I'm here stuck waiting at a roadblock, developing the Android app sure but for their iOS app that they want released first, I'm stuck on hold, so annoyed, it's not like I can just put on a lawyer hat and just right some shit that says don't use x unless you agree and such.

So annoying, for about 2 weeks I just played games on my phone, I was not expecting to waste that much time lol, I was really expecting the legal stuff to be ready.

Just a side note co-worker and boss that needed to get this legal stuff knew I needed to get this done, since I mentioned it leading up to my completion.

I don't think it'd take too long with Apple when it comes to the review, it's just an update but I wouldn't put my faith in that as an answer. Just hate that I'm on hold, was wanting to finish this app and apply for a new job (nothing against the company more so because I want to go a company where I could get a but of mentoring). But I sit here waiting, working on the Android app, it'd be sad if finish the Android app before their lawyers get back to me with the legal stuff, though Android is a lot easier for me (I did iOS after completing majority of the features they wanted on Android because I was more comfortable working on it).

:/ What a drag

Most times I've my phone's location switched off. Every time I open some random app, which doesn't require any location service, a toast pops up saying location unavailable. This is simply bonkers.

Wow! Google's update in its privacy policy is impressive. Still too lazy to read it though. I trust Google. LOL

GDPR at its finest.

Pulled this from a web site's privacy policy. Remember, just because there's a switch doesn't mean anyone has to abide to that rule.

Browser “Do Not Track” Signals:  Most browsers contain a “do-not-track” setting.  In general, when a “do-not-track” setting is active, the user’s browser notifies other websites that the user does not want their personal information and online behavior to be tracked and used, for example, for behavioral advertising.  As required by recent Shine the Light law amendments we are required to inform you that, as is the case with most websites, we do not honor or alter our behavior when a user to one of our Websites has activated the “do-not-track” setting on his/her browser.

Added our new Terms of service and privacy policy to website today, copy and paste from word doc....15 pages of legalese with formatting. BLergh!!

"We updated our privacy policy"

-expression, english. Usually used in place of "we gave zero shits about our users privacy" or "we str8 up boolin on u lol".

I feel I should open a github repo, for people to contribute privacy policy parts into, have say folders like "google analytics" and then whenever people encounter those in the wild, add examples there, so people could fetch together a full privacy policy for free, as all those new cashgrab websites are just fucking insane. But I am not really sure, if that would find any contributors tbh sadly.

P.S: I seem to have developed now a third sense, when the devrant post cooldown is down, so I can rant more lol, because whenever I feel like posting the thought or rant, the cooldown is just about to expire

corporate emails and what they mean
- “changes to our privacy policy” — we raised capital, time for you to leave! good times are over.
- “changes to our pricing” — we are basically acquired, leave now.
- “blah blah community help blah blah” — fuck you, we can't even be bothered to fix bugs in our product.
- “blah blah 30% off blah blah” — yup, the unsubscribe button was broken last time you clicked it.

*enters random page*

To continue, you must accept all cookies or click here to see our Privacy Policy.

*clicks to see privacy policy*

*in privacy policy page*
To continue, you must accept all cookies or click here to see our Privacy Policy.

I am calling this a premonition rant, of more rants to come.
I have a feeling in my bones.
We have a newly acquired fat cat customer with bucks to blow who we have done some digital work for already and swag bag of marketing perkiness.
I will call the CEO of this whale "The Porcupine"
The Porcupine has a business degree and industry experience, nothing to do with websites or applications.
It claims to be a visual perfectionist yet never delivers an overall coherent review.
It likes to fixate on minor brand style differences in websites and apps we have built.
The Porcupine seems to be always busy with policy and legal and other things rather than participating in their own projects.
Procrastination on feedback or reviews until the day before release is common.
Many overtime hours worked, not a sliver of thanks. The haughty attitude indicative of somebody who thinks web development is like desktop publishing.

"It's just code" in response to a crash production server change they were warned was a risk that borked all of our responsive templates and took 3 hours to fix.
Their entire brand is shades of pea green, grey and lime. No serif fonts because they are suck. Arial and Helvetica are boss.
One of my devs missed a CSS style on privacy policy hyperlink text that went times new roman and I had various account directors and our CEO on phone telling me how embarrassing it was for us to let this happen.
Anyway. They pay on time and the cost estimates for all the upcoming work are juicy.
We have shitloads going on for an upcoming hard date conference and everything is already compressing.
Therefore I can already smell doom and feel those porcupine quill getting closer to my ass as I beg their AD today if we have any feedback on the 10 or so project reviews yet?
Nope.

Audacity repository being on fire for the new privacy policy is something I just can't stop watching ... I love it.

@dfox @trogus Hi, I was just wondering how to find the privacy policy? If I am missing it, sorry!

My question is about who owns the rants. It doesn't matter either way, I am just curious.

Get lost.

FUCK!
After submitting a registration form I noticed the site is served over plain HTTP. Their marketing site is served encrypted, but login and register are not! What the fuck!!!

Fuck everyone who does this stupid fucking shit with disregard to basic security features! Their goddamn bullshit privacy policy is bragging about how it's top priority to protect their customers' information and shit like that. Get the fuck out, cunts!!

I contacted them so I might have a continuation to this rant if I'm not satisfied with their answers.

Goddamn it!

So I just bought an iubenda GDPR privacy policy, and literally filled it with any services I ever used, ever seen, ever could come in handy and have a genuine laugh how it would look like, if one single website used all the services, with all the options.

Great 9$ for sure, now I'll probably make myself a template generator, that removes and adds things, depending on what services I use.

My app's privacy policy!

Wow, if this isn't a "Fuck GDPR, making money is our interest if I have ever seen one".

Screenshot is from the Speedtest Apo and yes I also live in the EU.

Facebook in 2030: we deleted our privacy policy

GDPR is about to happen.
Has anyone read the provisions?
It's like they put some flat earther anti-vaxers in a room and made them scribble up a law.

For those who don't know - it's a new, EU-wide "data privacy" law that's about to take effect on May 25th.

The gist of it is that if you fuck up even a little bit, you get to personally pay a fine of up to 10 Million Euros (for companies there's a separate clause, this is for employees only), or/and 2-3 years in jail if that fuck-up has caused material damages.
That little fuck-up can be as simple as losing a tiny amount of data between back-ups, or entrusting a third party with full access to some data (which is not prohibited) without controlling 100% what he can do with that data (which IS prohibited).

I shit you not, these are the explicit articles of that law.

If it is enforced in this way, it is the swift death of European economy. Just because some retards didn't read the privacy policy before agreeing to it, and then made a shit storm, everyone has to suffer.

With all M$ buying GitHub thing i really hope some good things will come out of it like:

- Better version control inside Visual Studio.
- Microsoft making its projects more open source, since it now has an official platform for itself.
- Faster and better service from GitHub since there is now a much bigger budget for servers and other things.

But there are some things that i think are worth thinking about:

- Will this be another one of Microsoft's paid services?
- Will there be "intergration" into the Office apps along Skype, Word and others?
- Will the privacy policy change?

Most likely, none of the bad things happen but me being paranoid as i am, I'd prepare. I always try to be optimistic and just ignore it for now until Microsoft start doing things.

Kinda annoys

maybe, that's a minor update to your policy, but it's a major update to my privacy. No, thanks.

That moment when you read this in the privacy policy page of a vpn company...

Why the fuck are you making me put in my email to look at a computer desk? I saw an ad and was curious about it and the price, so I clicked the ad. I don't give a shit and don't actually plan to buy anything, just let me look asshats.

Shit like this is why you have an email inbox with 650,087 emails about a fucking privacy policy update.

facebook in 2025: “we deleted our privacy policy”

ARGH!
Since that privacy cookie policy change thingy, every goddamn site pops up the dialog asking about it.

I just want to fucking read the page, quickly; get off my screeeeeeen!

There should be a standard to add something that lets the browser tell the page if you accept cookies or not, and which options to use; or at least make all the sites use a specific attribute for the elements of the div, so it can be automated (I know this is a dream).

Because everyone else is ranting about this too:
I'm not afraid of Microsoft wanting to monetize everything or that they will restrict site access to Microsoft Edge only. What I am afraid of is that they change the privacy policy.
Who knows what they are up to?
I hope GitHub is awesome enough to decline the offer.... Let's see.

Boss of the company I'm working in flew in from Morroco to Paris to discuss what to do about GDPR (yeah today). One of the sysadmin was fired last month and the other barely knows anything. Since I work on system administration as an intern I was expecting some serious work. The meeting with the tech team went on for two hours (which I didn't attend). At the end of it, I went to the only guy in the office who speaks English and asked him, "Hey, so what are we doing about GDPR?".
He replies, "Well, the boss just decided that we're not going to tell the auditors about our offices in two other countries (which is outside Europe and hosts most of the servers)".

Just funny to see how a lot of campanies send emails because of their changed privacy policies.

Some explain it to you and are quite pleasing (e.g. Tapatalk), but most are quite neutal about it and add sugarcoated reasons for updating their policies (besides that they're forced by law).

Quite funny to watch how every coorp explains the same thing in their way.

-----

Maybe we can make this post into a collection of funny, weird or otherwise remarkable mails regarding this policy update.

-----

Image: Some of those mails and the content of the Tapatalk one:

I think the " we've updated our privacy policy" is a meme now

Ugh, all these mails about updated privacy policies really annoy me.

Luckily it'll be over soon.

If there's any page on a website that DESPERATELY needs a WebVR interface, it's the Privacy Policy. Imagine navigating in 3D to section 8.2

Excuse me what the fuck? I deny your access to collect my data and you won't show me any content? Fine. Time to leave your shitty site then

Salespeople telling clients "Your site doesn't need a privacy policy/cookie policy since you don't actually sell anything on your site."

Wrong wrong wrong WRONGITY WRONG WROOONNGGGG!!!!!

Client to PM to me: "Well Jim said we don't need those on this site."

Me: "Well Jim is misinformed, since we use Google analytics, Facebook Pixel, and contact forms, you need to have both a privacy and cookie policy."

PM to client: "We'll find you a template you can use to get started, it'll cover most of what you need."

Me to PM: "we will do no such thing, we can send them a few links explaining why they need these, but they should consult a legal professional and cover their asses for their own business practices. I can provide any technical details they may need like what data the cookies collect if necessary."

PM to me: "well I'll just find something for them then."

*In my head* please just go crawl in a hole and die.

I just used booking.com and good fucking god is the whole website a shit infested hell hole. They use scammiest and pushiest techniques to make you book a place asap without giving you space to breathe and read details.

They try to obfuscate what's actually necessary with what they want to take from you. For example just before reserving a room there's a checkbox that's close enough to words "terms and conditions" and "privacy policy" for unsuspecting user to habitually check it to proceed. However, you clicking "reserve" is considered your consent and that checkbox simply adds your email to their spamming list.

There are countless examples of absolute asshole design within every inch of that place and I don't even want to imagine what they do with my data.

Suffice to say this was the first and last time I will use their services and if I were to give any advice, is "don't be the dick responsible for website/app/service similar to booking.com"

Am I the only one who genuinely appreciates all the updated privacy policies and opt-in notices I'm getting? The GDPR seems like an unequivocally good thing, to me.

Along with the usual sheet of our contact data that our school gives us to check if it is still correct, we now also get a nice, thick layer of privacy policy because of the GDPR. Nice!

3 weeks after the GDPR panic I tought there would be no more annoying mails and stuff. But then I had an appointment at the dentist.

"Hi, I have an appointment"
"Wait a minute. We updated our privacy policy. Did you already signed it?"

Brave Browser.

There’s a reason why brave is generally advised against on privacy subreddits, and even brave wanted it to be removed from privacytools.io to hide negativity.

Brave rewards: There’s many reasons why this is terrible for privacy, a lot dont care since it can be “disabled“ but in reality it isn’t actually disabled:

Despite explicitly opting out of telemetry, every few secs a request to: “variations.brave.com”, “laptop-updates.brave.com” which despite its name isn’t just for updates and fetches affiliates for brave rewards, with pings such as grammarly, softonic, uphold e.g. Despite again explicitly opting out of brave rewards. There’s also “static1.brave.com”

If you’re on Linux curl the static1 link. curl --head
static1.brave.com,
if you want proof of even further telemetry: it lists cloudfare and google, two unnecessary domains, but most importantly telemetry domains.

But say you were to enable it, which most brave users do since it’s the marketing scheme of the browser, it uses uphold:

“To verify your identity, we collect your name, address, phone, email, and other similar information. We may also require you to provide additional Personal Data for verification purposes, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification
Uphold uses Veriff to verify your identity by determining whether a selfie you take matches the photo in your government-issued identification. Veriff’s facial recognition technology collects information from your photos that may include biometric data, and when you provide your selfie, you will be asked to agree that Veriff may process biometric data and other data (including special categories of data) from the photos you submit and share it with Uphold. Automated processes may be used to make a verification decision.”

Oh sweet telemetry, now I can get rich, by earning a single pound every 2 months, with brave taking a 30 percent cut of all profits, all whilst selling my own data, what a deal.

In addition this request: “brave-core-ext.s3.brave.com” seems to either be some sort of shilling or suspicious behaviour since it fetches 5 extensions and installs them. For all we know this could be a backdoor.

Previously in their privacy policy they shilled for Facebook, they shared data with Facebook, and afterwards they whitelisted Facebook, Twitter, and large company trackers for money in their adblock: Source. Which is quite ironic, since the whole purpose of its adblock is to block.. tracking.

I’d consider the final grain of salt to be its crappy tor implementation imo. Who makes tor but doesn’t change the dns? source It was literally snake oil, all traffic was leaked to your isp, but you were using “tor”. They only realised after backlash as well, which shows how inexperienced some staff were. If they don’t understand something, why implement it as a feature? It causes more harm than good. In fact they still haven’t fixed the extremely unique fingerprint.

There’s many other reasons why a lot of people dislike brave that arent strictly telemetry related. It injecting its own referral links when users purchased cryptocurrency source. Brave promoting what I’d consider a scam on its sponsored backgrounds: etoro where 62% of users lose all their crypto potentially leading to bankruptcy, hence why brave is paid 200 dollars per sign up, because sweet profit. Not only that but it was accused of theft on its bat platform source, but I can’t fully verify this.

In fact there was a fork of brave (without telemetry) a while back, called braver but it was given countless lawsuits by brave, forced to rename, and eventually they gave up out of plain fear. It’s a shame really since open source was designed to encourage the community to participate, not a marketing feature.

Tl;dr: Brave‘s taken the fake privacy approach similar to a lot of other companies (e.g edge), use “privacy“ for marketing but in reality providing a hypocritical service which “blocks tracking” but instead tracks you.

"We have updated our ... "
Well, guess what, nobody gives a fuck!
#noFucksGiven

Isn't apple privacy policy bad for developers too?

God Damn Privacy Regulations

Changes to our privacy policy
We've updated it privacy policy
New terms of service for your account
GDPR

Sigh...if i we're EU citizen it would be for the best, except for those businesses that can't bother to update but I'm not even EU.

Email filter activated!

I’ve been complaining about the privacy policy update emails since last week but I just realized that I won’t get a better chance to unsubscribe from all the services that I don’t use or that I won’t need anymore.

No, I am updating my Privacy Policy.

User: Hey, guys. I'm uploading those docs you requested to your website, but I noticed that my connection to your site is not private.

Company: Thank you for your question. Please, don't worry, we have a privacy policy on our website.

User: ...

So, against like 90% of all odds, we (I) managed to submit the application to Apple for review at the ripe old time of 21.27 last night.
Events of the day included:
- fighting with appstoreconnect (turns out they just return a 500 if you haven't paid your Apple developer membership)
- legal being over an hour later than our absolute deadline for getting the Terms and Conditions and Privacy Policy
- said T&C's and Privacy Policy being delivered in Word, and having to manually format those for our app (thanks guys, please don't use tables again)
- removing FAQs altogether because "it would have taken too long to make those today" (ticket in Jira for this for ~4 months)
- our app was targeting both iPad and iPhone, so we had to rebuild the app for iPhone only because "we don't have app store images for iPad".

On the bright side, that leaves 3 days next week to get the rest of the backend finished for actual go live on Monday 16th, so long as Apple don't reject the app.

Side note: adding the target-device preference affected the android build somehow? despite the preference being iOS only, and wrapped in a platform="iOS" section.

First Privacy policy, now this..

WHAT THE FUCK IS GOING ON??

We haven't updated our privacy policy. We did it just right before.

Problably Reposting (like 10M times)

Fking Playstore
Uploading my first app
took me almost a hour to make the App
Its taking FOREVER to create everything required to post an App
Privacy Policy only to use the cam to read a qrcode...
Damn

Gmail > create new rule > Subject contains "Privacy Policy" > move to [Privacy Policy BS]

Hooray! I was going fucking mental from the daily Privacy Policy e-mails. Computaas help us.

I'm currently sitting in a hockey arena owned by my city, they offer free wifi, and cause I'm privacy conscious, I try to download a VPN for my computer. The motherfuckers block the download under the vague "violation of use policy" bullshit. Even better, I read the ToS they give you when you connect, and it says sweet fuck all about prohibiting downloads. What the fucking fuck do you have to gain from me not using a god damn VPN. It just makes no god damn sense.

I am so pissed at all the shit I have to do to publish a simple app on the playstore. Every 2 phrases is a threat to ban my account, and target audience, and privacy policy, all of this for an app that is absolutely not serious. And I am not even started with the Apple Store because I am too broke this month to throw $100.

Safari refuses to load images on some websites lately.

I thought about resetting the browser / clearing the cache, but this will also result in millions of shitty privacy policy popups bugging me for months.

Honestly, I'm not quite sure if I prefer a broken browser, or useless shit I don't care for... :/

Opening your inbox in anticipation of updates on projects you're watching and instead receiving privacy policy updates

!rant
For a project we have to formulate political viewpoints and laws about digitalisation. It's not for a computerscience class, but for a additional class on politics. We have to formulate laws or guidlines/goals for the politicians to work towards in regards to "digitalisation" for the society/country we would like to live in.

For example stuff like "there should be net neutrality to guarantee free information and equal oportunities for all" and such stuff or "programing should be taught in school to prepare people for the economy of tomorrow" so it isn't limited to anything.

If you where a kind of king/ruler/what ever, what policy (in regard to "digitalisation") would you define and why? (Note: they doesn't have to be realistic for now. They shouldn't end in a dystopian future, but in a "better" future for all of humanity.)

What I thought of so far would be:
- Government use and promote Opensource and practice Opendata
- strong rights to privacy, you can request your data and demand it being deleted
- basic programing/IT education in school
- "reschool" program for people currently in the workforce that want to learn new things
- develope a policy on AI
- promote that Computer Science isn't just for boys but for every one
- less working hours per week due to automatisation/splitting the work among the whole population/basic income

*yes I'm lazy, thanks for doing part of my project ;)

DevRant has many privacy-conscious people and honestly just people who don't like when their personally identifiable data gets shared.

Yet, DevRant uses Carbon Ads owned by BuySellAds. Here's what their privacy policy reads:

"Some Personally Identifiable Information may also be provided to intermediaries and other Third Party Service Providers (defined in part (4) below) who assist us with the Services"

You know what's the funniest thing? In "part 4 below" they never actually state which companies do they share personally identifiable information with.

Just a quick reminder that when you use DevRant, your personally identifiable information may be shared with any amount of third parties, and you could bet a lot of money that the list includes Google and Facebook because of remarketing. Remarketing is a fancy term that means not selling personal data but instead giving it away for free.

Use AdGuard or any other browser extension that blocks analytic scripts. Buy a Raspberry Pi Zero W and make yourself a PiHole. When you're using DevRant mobile app, use analytics-blocking VPN.

Never seen this detailed an info on Google Analytics cookies before

Fucking lazy pieces of shit over at steam didn't even include a link to their updated privacy policy or as far as I can tell not even a single link.
"Lol, just search it up on our webpage"

Fucking Hetzner, I am definitely not sending you copy of my ID after I read the privacy policy. Data-hungry cunts. I just hope you send back that 20 euros, you requested on account creation.

Why do they update their privacy policies?

!dev

Me (Yesterday): I'm going to start reading things before just checking checkboxes in future!

Me (Today): I'll start that checkbox thing later...

🤬So I spent half an hour at my post office to pick up a certified letter. It turned out to be a paper version of „we have updated our privacy policy” from a company I last dealt with 5 years ago. 🤬🤬🤬
I want to thank my EU lawmakers for always thinking about our logging industry. I still don’t see why I need gdpr, though. I still dont know how the voters can stop this kind of non democratic nonsense in the future.

This is a continuation of my previous rant about admob being not very informative when it comes to invalid traffic and the resulting restriction in ad delivery.

I then wanted to use admob mediation to hang in facebook ads. My app is written with Xamarin.Forms.

So first I needed to make some facebook configuration - create an account, let my app review, create some ad placements and other shit. I came to the point where I had to put in a link to my privacy policy and the link could not be accepted due to some SSL fuckup -.-'

I then found out that there is an issue with my SSL Chain. With the help of whatsmychaincert.com I solved that issue. Little side note here: I have limited knowledge of that stuff and my cousin helped me set up my homepage so I had no idea what I was doing. Did a snapshot and luckily I did not needed that as everything worked :)
This took me around half an hour just so I can paste the fucking link to activate my app in facebook developer portal.

After that I made the whole mediation configuration shit - not an issue as google documented this quite well but it took some time.

Now comes the shitty part. To use admob mediation you need adapters to the other ad network. I found a nuget package with exactly what I needed just to find out that it is outdated. So I pulled the repo and saw that this thing is an aar binding library. Never did that stuff so I read some docs again. Updated the package and consumed it in my app.

The google docs then said "Use this mediation test shit to check if you did everything correct before going prod" - aar binding nr. 2 (but I am now familiar with that :P). This thing then told me that facebook ads could not be loaded because the SDK version is outdated -.-' SDK version comes from another nuget package which is referenced by the first aar thingie. I tracked that thing back to a repo where I found out that they are indeed totally behind. So I downloaded the aar, made a binding lib and bound that to my first aar binding lib as that depends on this.

Put that all back in my app - tested mediation and fucking finally after 6 hours everything comes together! all lights are green and things work.

Sorry if this is not quite a rant but it was quite a journey and I just had to share it.

Hello,

are you ready for the GDPR? Do you have a Privacy Policy. DPA, Cookie Banner etc.?

We need to create simple form for colection few particular people data for some bounty programme.

We have ready-made website that does similar stuff, but it was outsourced and we have compiled javascript (sidenote - im only person in this place who understands f**ng javascript but hates it deeply)

Anyway, they come to me, and say that creating this google doc will take them few minutes and it seems that editing few divs in the site and creating second one with another subdomain will do the trick.

I tell them that it will take a lot of time to reverse engeneer that compiled react.js website to change few divs. But they insist.

So we start out, I pop up the terminal, copy over site, add nginx config for it, apply SSL to it, we are already good 5-10 minutes in, first roadblock - CORS. At this point I tell them that with google form they would be already done.

What I hear?
But we will need to make again privacy policy

Me:
Can you just link privacy policy from this site?

They:
Oh... it makes it easy now.

My internal voice:
next time try to use brain....

When a company makes changes to their Privacy Policy, they just have to provide the diff of the agreement.

Had to add a privacy policy to my app because of some google ads identifier bullshit. No one is going to read it anyway.. However, I found a beautiful privacy policy generator so I didn't have to read it myself.

tldr: I am looking for recommendations for a basic website for my parents. GOTO question;

Pre-Story:
My parents have a small (offline) business. They have a website to give some general information and list their weekly offers.
When I felt that what has come out of the website-building tool (you know, clicky clicky stuff) looked a bit too early 2000's and is a total ripoff for what you get (almost 20€ per month), I created something with Google Sites for them. Feel free to roast me, but web development is not my field and now it looks much more modern, is mobile friendly and does what it is supposed to do. Weekly offers are edited in a google sheets file, which is embedded in the website. Not great, but this way my mom doesn't have to deal with editing a tables on the page - trust me, it won't look good. This also meant they could downgrade the hosting package to discard the clicky-tool and just the domain (maybe 1€ per month). The website itself is hosted for free by Google.

Some time ago GDPR became a thing and then I was tasked to have a look at it. (side note: I don't want to rant about being responsible for it, that's fine. My parents don't really ask me to do a lot for them.) You can't enter any data on the website, it's just very basic stuff and data protection wise there's just the "usual" stuff (cookies, embedded tools, logs). I added another site with a halfway complete privacy policy. Regarding the whole cookie issue (do not enforce unnecessary cookies) I couldn't find an easy solution. It's not 100%, but what can you really expect from a small business like this? I've seen worse.

Now to the question:
Can you recommend a good alternative to the current solution (Google Sites)?
It should be cheap (<3€/month incl. domain) and my parents should be able to make some basic changes (just text in predefined locations). I am not afraid to get my hands dirty - I can deal with some HTML, CSS, JS - but I don't want to sink a lot of time into this. No need for analytics or the like. Maybe a newsletter would be cool (with the weekly offers), but that's just a random thought of mine and definitely not necessary.

Thanks for reading :)

So I’ve been wanting to build my own web apps for a while now, but I can’t seem to find any info on the legal stuff that goes into that. I know at minimum I’ll need a privacy policy.

Like do I need a lawyer to get everything set up? I’m not talking about creating a startup. Just web apps that people can use, e.g. a casual budget app or content aggregator. Just looking for a side hustle for a little extra cash and some experience.

What about compliance with the tech I use? If I setup a freemium app, am I out of compliance with open source tech I’m using? Anyway sorry for the long post 😅

Privacy policy legalese is cancer

so i got offers to work as game developer,i think they are not a company but small indie dev and want me to join their team,the work is remote and they are using revenue share to pay me,my question is how to avoid or sue them if they gonna scam me,like when the project is done and they just dissappears,they give doc to sign and inside all is all abour privacy policy,work details and my signature