FWIW, as someone working in fintech in the EU, that “KYC over-achievement” is not as overzealous as you think it is.

It is not as reckless in the EU as it is in the USA, but still overzealous in the EU. Examples:

• Guy in Finland was refused a home mortgage because his bank transactions revealed that he buys a lot of wine. Alcohol consumption was tracked and seen as a risk for lending.
• Some banks’ privacy policies openly admit that they keep records of the IP address for the purpose of tracking geolocation. Yes, in Europe. And yes, it violates GDPR Art.5 (data minimisation).
• No GSM number? No account. Some banks don’t even just accept what number you give them – they demand proof from the GSM carrier that the number belongs to the applicant (even in a region that mandates GSM registration).
• ID card on file at a bank expired. What does the bank do? They simply cut off the card, even if it’s a Friday and the bank doesn’t reopen until next week. That is how they communicate to the customer that they need to provide an updated document. No, people’s identity does not change. It is still the same person.
• Some EU banks now refuse to give customers a statement of account on paper, thus forcing them online.
• Some EU banks collect frivilous data for marketing purposes which they treat as “legitimate interest”. They write this in the privacy policy. People can opt-out, but for me it’s an abuse that it’s not the other way around. It should be opt-in.

Not KYC but still an abuse: All EU banks with mobile apps force customers to obtain their closed-source app from Google or Apple, who then collects the IMEI number of the user, their GSM number, and tracks which apps they download so Google or Apple has a record of where people do their banking. Likewise, some banks choose Microsoft or Google for their email service and they never provide a PGP key. In this case MS or Google sees where people bank and their msg payloads.

None of that privacy abuse is legally necessary or required to execute the contract.

And, at least at my place of employment, we take the PII protection very seriously because of GDPR.

You could only express that in terms of your own place of employment. The DPAs in most member states report annually being understaffed. They are up to their necks in an unsurmountable ocean of Art.77 complaints because the GDPR is widely ignored.

I’m definately in the corpo AI hating group myself because it really looks bleak for LLMs controlled by NGOs and tiny operations. It looks like we must choose between licking the boots of a tech giant to get chatgpt-like service, or be excluded.

There are exceptions though for some services. I run argos-translate to do offline language translations using FOSS. It’s entirely free world stuff. I wonder if the answer is to promote argos-translate while spotlighting that it’s an LLM that you can self-host.

I think there is also widespread support for KYC-overachieving banks – because there seems to be no pushback from consumers. I think most people believe only criminals need privacy and they are happy to let banks snoop without warrant or restraint to catch the bad guys. They give banks whatever data they ask for and answer their interrogations without hesitation.

So I really can’t be sure to what degree the contempt for my idea is anti-AI hysteria or pro-KYC boot licking.

Thanks! I noticed python3-unearth is a debian pkg so that looks like a good first approach for me to try.

Sounds feasible for a python dev, which I am not. The situation is that end-users of Python apps (who are not necessarily programmers of any kind) are put in a position of grappling with developer tools.

I’m not only looking for a better approach for my own installation of argostranslate but I also intend to publish the improved approach. Although I could probably work out how to patch pip, it gets messy when putting that patch in an argostranslate installation guide for end users. So patching pip would be high effort with low return (collectively, unless the patch gets a PR, but then only an MS Github user could do a PR).

AI? Why AI? Why not use a script written in any language like Python?

You tell me. Does python have a library that equates synonymous phrases and patterns in natural languages without AI?

Python is what the researchers used, but they only strictly looked at the standard privacy tables with cells that contain yes, no, or sometimes/depends.

Use a decent custom ROM to control the permissions. That’s it, you can do it now.

You’ve misunderstood. I would never use a bank’s proprietary closed-source spyware exclusively distributed by Google for Google patrons. I envisioned harvesting Exodus Privacy reports to use as input in the assessment of bank’s privacy hostility and abusiveness.

At the same time, the app proposed would obviously not just be for me. Countless boot-licking people are happy to use bank apps. But some may want to know which bank exploits them relatively less. It is not sensible to think all such people have competency to handle custom ROMS. Also, bank apps tend to detect when they are running on a VM or custom ROM and terminate.

I hate banks as much as anyone, but they have legal responsibilities and TOR is the worst pain in the ass for them, and easiest thing to block on their end.

Not my problem. The banks staffed by those with a higher level of competency to handle Tor users should get praise and recognition. What are you claiming is the benefit to the app ignoring the Tor accessibility factor?

You can complain about it but it will never change.

Exactly why the app should look for it. Complaints are useless. Vote with your feet and switch to a bank that has their shit together. Money talks.

Also they already have your identity and financial data, there is no need to hide your identity or location from them.

Nonsense. They potentially¹ have customers’ residential address, not their realtime geolocation at every login. And your ISP does not know where you bank unless you are foolish enough to access your bank from home over clearnet. Note that Trump has ensured that ISPs do not need your consent to collect and sell that data. So today under Trump an ISP can sell where you bank to prospective debt collectors, for example.

¹ E.g. in the US, they need an address, not necessarily a residential address. A homeless person can legally open a bank account using a family member’s address, for example.

Also you can use a VPN most of the time. Why TOR?

Cloudflare treats VPNs with the same hostility as Tor. VPNs also require trust that Tor does not.

Use uBlock Origin, is it not enough?

When your bank asks you for income info face to face, uBlock Origin cannot protect you.

Consumers don’t care.

The app would not be for all consumers. The app can only serve the small minority of consumers who care about privacy. I’m fine with that.

Some redundancy is useful because some moderators suck. So it’s good to have some moderation diversity. But 15 forums in the decentralised non-Cloudflare part of the fedi is a bit too much redundancy.

I was thinking about how there is not a single community specifically for the “public money → public code” movement that Italy initiated. The FSFE has a PMPC campaign. Not even the centralised big tech portion of the fedi (LW, sh.itjust.works, programming.dev, etc) has a community for that. And I think the PMPC principle has not spread outside of Europe.

OTOH, PMPC may be slightly too narrow to get much posting action. It’s disturbing that European govs push closed-source proprietary phone apps with trackers, but because they merely promote an existing program, it escapes PMPC applicability. PMPC only applies when the gov directly writes code. They can buy MS Windows licenses all they want.

So it might be useful to have a community that’s broadly focused on public (gov) divestment from non-free software. Though that would not be so specific to Europe.

*@europe.pub communities should be Europe focused. There are way too many general all-purpose instances in the fedi and precious few that have a constitution (in effect), whereby the instance is subject matter focused in some way.

Thanks for the insight. Certainly having a human look at the raw data of 6000 banks is a non-starter. I’ve not studied AI, so if I were going to take this project on I would have to (for example) look at what banks charge for paper statements (because offline banking options are a refuge from copious privacy abuses). I would want to short-list banks that offer gratis paper statements.

The phrase “free paper statements” can be worded in many different ways. I might expect an LLM to be good at that sort of thing. In my non-AI approach, I would have to look at a large sample to get an idea of all the different ways that something is expressed then try to write a regular expression to cover them. Is that still the best way?

Phrases like “we value your privacy” and “we only use your data as legally permitted” (which tries to deceive readers into thinking of data minimisation when it really means the opposit) – these can also be worded in many ways, all of which could elevate a /bullshit/ score, of sorts.

One tool I find quite useful for language translation comes from these two sites:

• https://context.reverso.net/
• https://www.linguee.com/

It’s not just a translation of a blob of text, but you enter a short phrase in one language and it finds real instances of the same phrase in the other language, so you can see how one idea can be expressed in many ways within a language. I assumed an LLM was in play but I don’t really know.

Of course what we need is not translation from one language to another but a tool that detects different ways within 1 language to express the same idea; almost like synonyms but for phrases.

Open source software is not dependent on country lines.

The discussion certainly can be if you define it that way.

Did you not notice you are on the europe.pub domain? Have a look at the landing page sidebar:

European hosted decentralized Network Welcome to Europe Pub! 🇪🇺

A social network dedicated to everything European. From culture and traditions to current events and daily life across our diverse continent. Share your experiences, discuss news, and connect with fellow Europeans and friends of Europe. …

Otherwise what’s the point in fracturing the topic? There are already 14 general FOSS communities in the decentralised free world (i.e. outside of Cloudflare):

• baraza.africa/c/foss “free and open”
• chachara.club/c/FOSS “SoftwareLibre”
• hilariouschaos.com/c/foss “FOSS”
• jlai.lu/c/opensource “[🔒] Open Source”
• lemmy.casasnow.noho.st/c/theopensourcecantina “The Open Source Cantina”
• lemmy.helvetet.eu/c/opensource “Open Source”
• lemmygrad.ml/c/foss “FLOSS (Free/Libre and Open-Source Software)”
• infosec.pub/c/foss “Free OpenSource Software ”
• diggita.com/c/opensource “Open Source Italia - Progetti Liberi”
• beehaw.org/c/foss “Free and Open Source Software”

OpenSource@europe.pub is rediculously redundant if not to bring a European focus.

Seems like a good place to plug the scientific research finding that Google Playstore security is lousy compared to f-droid:

https://nsl.cs.waseda.ac.jp/wp-content/uploads/2018/04/submitted_wama2017.pdf

Can uv solve my problems described here:

https://lemmy.sdf.org/post/47854595

?

I must say I hate the name. “uv” is not searchable. But hopefully it can serve as the first decent pkg manager.

I generally don’t even look for an email address because a vast majority of GH users do not list one on their profile and I can’t be bothered to fish email addresses out of their git commits, which would not generally be reliable. Bernát Gábor is exceptional in this regard and happens to have an email address – at gmail. I wouldn’t do gmail but perhaps i’ll reach out to one of the other maintainers.

Nonsense. Not on Github. I’m done dancing for Microsoft, who locked me out when my email address was no longer good. I’m not a Microsoft boot licker. The time it takes to login every time with all the 2FA bullshit is longer than that taken to write this thread – longer yet to find a disposable email service that MS does not regard as such.

BTW, you seem clueless about the purpose of this community. Read the sidebar.

As explained, it’s a bug. And no I am not free to fix it. Only people with an MS Github account to can even attempt to fix the manpage bug. And from there, the dev still must accept the pull request.

Also, it’s wrong to frame this as a labor issue. WHO does the fix is immateral. A bug report is for capturing the existence of a bug. Whether someone is assigned or not or whether there is a volunteer is independent of the determination of whether you have a bug. If the dev decides “not a bug”, you’re wasting your time with a pull req.

No, it’s a bug.

It’s unclear why the discipline has eroded to lose sight of the mantra: software should work as documented and the docs should express what the software does. Whenever there is an inconsistency between the docs and the code, it’s a bug, plain and simple. As far as WHERE the bug is, that can be debated.

Either the bug is in the man page, or it is in the code. But there is a bug nonetheless. Perhaps the problem is that devs do not realise that bug reports cover the docs too. If the code is doing what they think it should do, they close the bug report instead of fixing the docs.

Beko

I like the idea. I am facing this problem right now. I have been washing my clothes by hand because my washing machine is kill-switched. Every component works (proven by hotwiring) but the controller refuses to run programs.

Though it must be a huge project. An ESP32 is just the microcontroller. So I would have to buy several relays that it controls and write all the software from scratch, correct? I suppose the relays are the easy part… but the sensors are likely somewhat unique. Different pressure sensors probably give different voltages. And different tachometers probably give different voltages too, I would think.

I think that’s an easy choice today. But what happens when your washing machine breaks, and it has a kill switch that artificially blocks you from repair, so you are forced into the marketplace to buy a machine – and you find that non-smart washing machines no longer exist? Would you buy this manual crank machine or a washboard?

I think I might oppose the appliance getting an upgrade directly from the cloud. Is that what’s happening? I assumed (and hope) the app is getting the upgrade and then the app is pushing it to the appliance. But I also have some doubt that it’s working that way because the appliances are apparently spewing data directly to the cloud – so the updates could indeed also be bypassing the apps.

Does anyone know?

What would be the point?

To prove motivation that supports your bizarre claim. The printers are not made by the government. They are made by a profit-driven corporation. You described a government motivation for an action taken by a private enterprise. That makes no sense¹ – unless you can find a law that compels the tracking. In which case the law would be the motivation, not the tracking.

¹(edit: caveat: assuming a non-communist regime. Of course if the companies are gov owned and controlled, then your claim is feasible. Are you in China? Note that Xerox, Canon, and HP are not HQd in China)

Wasting yellow ink for fun?

For profit.

By extension: Profit = fun for the shareholders

How are you failing to grasp that the printer business is actually a distraction from the ink and toner business? The printer is just the mechanism by which they exploit the sale of consumables. They hope to fool consumers like yourself into thinking the transaction is about the printer, not the consumables. The marketing has worked wonders on you but some consumers (most?) see more clearly that it’s all about selling ink at 10+ times its cost.

update: printer ink costs as much as ~$12,000 per gallon, 6× more than human blood. So of course printer makers are happy scatter yellow ink all over every page of every black document that gets printed. It cheats consumers out of 100s of thousands of dollars, if not millions.

From another source:

Back in 2013, Consumer Reports determined the ink inside inkjet cartridges cost between $13 to $75 per ounce!* That’s more expensive than the world’s finest perfumes!