((so I currently can't log into this blog on desktop and mobile isn't fully loading so um. Not too sure what's gonna happen ahah

((okay so idk if anyone else is having this issue? But I can't sign into weariedwight or museannex on desktop (I'm using firefox if that is affecting anything atm - it did just update), and when I sign into either blog on mobile tumblr just keeps loading the following tab but won't show any posts, though the for you and your tags seem to be working. Plus I can get to my notes and blog itself, and I can post, but uhhhh this is making me nervous sdfgkhjdfs

In terms of the hummelverse.com website, it's online again by the way! Been online for a couple months again already actually after the catastrophic failure and year-long downtime caused by moving it over from my previous hoster. But I didn't have any time to do much needed post-move maintenance so far, which I am slowly catching up with now.

Notes:

The website is now SSL-enabled (using https instead of http), but this doesn't really change anything except that some browsers/extensions should now be less likely to act like it's a malicious page trying to steal your credit card data... (This was genuinely the main reason why I had to change hosters, since the previous one would have charged me 10€ per month extra for it when most others out there have it as a free default for your contract???)

I thought the newsletter signup form was broken, but it only doesn't show up when I use Firefox on my desktop PC so maybe my adblocker is overly zealous. I haven't been writing any newsletters lately partly because of that, but now that I know the signup form isn't actually broken, I'll try to get back into the habit. That means if you cannot see it either on the homepage, please try a different browser or check if one of your browser extensions might be blocking it!

The art gallery works again, but uploading the images is very tedious and time-consuming. I forgot to move over the folder that contained all the images on the server, so I had to wipe the database and have to re-upload them all. It shouldn't interfere with the functionality of the website otherwise, though.

The tumblr post feed on the website is broken and I don't really know how to fix it since the API seems to have changed and I am not fully able to wrap my head around the new code. There's a chance that I'll figure it out eventually but it's very low priority for me right now, especially since I set up a webhook for the HV discord server that does the same job but in a more convenient manner.

The pages for the LEGENDS card game are there on the server, but I have to rework and update them with more current content/info. I'll do that as soon as I'm able and will add a link to the homepage once that's done. But it leads me to the next and last point:

As I've mentioned before I want to look into alternative solutions for selling/distributing both my books and my trading card game and the merchandise (bet most people didn't even know there IS merchandise....look, I'm very bad at this whole marketing think, ok?). There's also other Hummelverse things floating around like the free short horror video game I made ages ago and the pen&paper ruleset, for example. I am thinking of adding a sort of "hub" to the homepage that either provides a proper and complete list of links to all these miscellaneous things, or maybe even find a way to consolidate them onto my own website as completely as possible. This is still in the early musings phase, so don't expect to see much of this until a couple months down the line...

Did you install EFF's brilliant Privacy Badger or any other smart HTTP Cookie management tool? Or did you simply pick the privacy preference in your browser that ignores all third-party cookies? Did many websites you visit annoy you with permission-to-use-cookies pop-ups because of European legislation?

Guess what, it's all been useless.

Hamburg university researchers have examined closely how web browsers implement so-called TLS session resumption and how the top million popular websites make use of that feature. They found that 80% of websites make a correct use, unsuitable for tracking repeat visitors — just resuming an existing session within the last ten minutes.

Unfortunately though, Google is present on 80% of these websites in form of Analytics, Fonts or other third-party inclusions. And among 10% of sites that do not respect reasonable resumption times, Google sticks out as one of the most greedy ones — it allows for a web browser to stay offline for over a day, and still be recognized as the same web browser the next day. Considering that it is nearly impossible to surf the web without accessing some Google content, this means that Google can track all your surfing habits without any need for HTTP Cookies!

As Facebook isn't as pervasively present in all of the web, it went even further. It is enough for you to visit any website bearing a Like button every second day to allow Facebook to profile you, even if you never dreamt of logging into that service. Could it be our researchers just caught these companies with their hands deep in the cookie jar (pun intended)? For how long have they been collecting user data this way?

TLS stands for 'Transport Layer Security'. It is the protocol standard formerly known as SSL that powers the encryption in HTTPS. With the post-Snowden initiative of encrypting all web traffic, we inadvertedly introduced a new method of bulk surveillance.

The problem of TLS session tracking isn't news, actually. Back in 2010 fippo aka Philipp Hancke wrote a proof-of-concept implementation of such a tracking mechanism while he was refining the TLS implementation in psyced. We discussed the problem in the chatroom, but failed to make it public, thinking it was obvious. And back then only high security applications like banking and shopping were using HTTPS. Stuff you log into with all your data, anyway. Using encryption just to protect the privacy of regular websurfing was considered paranoid.

Eight years later, everyone in the business seems keen to point out that TLS version 1.3 will finally address this issue by encrypting session data, but that would only protect us from passive observers in the network — it doesn't help if the server itself is trying to figure out who we are.

Only those of us who have systematically usedTorbrowser or blocked Faceboogle domains on their firewalls or routers are exempted from yet another privacy failure. And those who happen to shutdown their computers completely each day, or otherwise maintain a habit of restarting their browser each day anew.

Even Tor users that have been surfing the web using any browser but the appropriate Torbrowser must now face the evidence that Google may not know where they were physically located, but it was granted data about most of the websites visited, possibly over the course of years. A scoundrel who thinks they would actually collect that data and use it according to their business model (like they have done before).

This time the breach is particularly painful, because it is affecting those people who thought they had taken measures against it. How many more times will we try our luck with band aids and hotfixes rather than demand an Internet that just cannot spy on usby design? We should demand this from technologists, but most of all from politicians. And we should go to the streets bearing banners. This is no small thing. We are losing our democracies.

Consider also how the Snowden revelations informed us that the Google cookie was NSA's way to identify targets, about a decade ago. Since Cookie filtering became commonplace, the NSA certainly needed new ways of identifying people on the net. To comply with the Freedom Act, the NSA still has PRISM running and companies such as Facebook and Google are simply obliged to collaborate. We may have no proof, but we know the current state of legislation. NSA just wouldn't be doing its job, if it wasn't exploiting this loophole.

Thanks to the Hamburg researchers for systematically looking into this problem and exposing the corporations that silently may have been poking fun at our anti-Cookie legislations and protection tools. If this breach is now uncovered, it only means that there are dozens more this broken Internet is capable of, that we haven't become aware of.

Expect to be tracked anyway, in ways you never conceived of. Don't let this carry on. Speak up. Do something.

—lynX.

Appendix

Did you turn on that 'Block dangerous and deceptive content' feature in Firefox' security tab? It works by downloading a database from Google when you start the browser. Occasionally a website you visit can appear like it is contained in that database, so your browser will ask Google again to make sure the website isn't in there. In practice, your browser may consult Google fairly often behind your back. Theissue was raised in 2006, that 'Safe Browsing' shouldn't send the regular Google "PREF" Cookie as if the user had intentionally wanted to visit Google, but odd argumentations made sure that the bug never got fixed, possibly related to NSA's mission to keep entire humanity in check and depending on "PREF" for that purpose. Unfortunately even GDPR doesn't impede this business, as the user "intentionally" installed Firefox by "free will", as if they knew what they are getting themselves into. This whole ideology of people making choices while technology does whatever it wants behind their backs, as if the precondition of transparency and understanding could ever be met, is utter madness making dystopias come true. Thanks Ashkan, lixtra and others.

In 1996 I was worried about HTTP ETags becoming a tool for tracking, They still are today. And legislators are once again completely unaware of them. Thanks, Chris Morgan.

HTTPS session identifiers can be disabled in Mozilla products manually by setting 'security.ssl.disable_session_identifiers' in about:config. Thanks, gruez. Torbrowser simply has this and dozens of other settings configured to put privacy and security first.

Thanks toast0 for details on TLS 1.3.

Also breaking news: activists and local population have requisited the Google Campus in Berlin. No wait, police already intervened.

Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales. Google found the perfect way to link online ads to store purchases: credit card data. "People don’t expect what they buy physically in a store to be linked to what they are buying online.”

Questions & Answers

“"Those session resumption tokens save you redownloading 1- 10kb of certificates every fresh connection and the multiple round trips for the TLS handshake. Its a bandwidth and latency optimization." says tlarkworthy.”

So should we always trade in our privacy and civil rights for performance optimizations? And did anyone even ask us? Is it enough if some of us opt out, if in the end result most of humanity becomes individually predictable and easily subject of micro-invasive mass manipulation? Understand how these performance optimizations nibble at the foundations of what's left of democracy?

“_jal suggests, "This is why you block the surveillance shops' IP space. They are professional panty-sniffers, dependent on doing so for their dinner. Like trolls and narcissists, your only value to them is instrumental. Assuming you care about these things, communicating with them in any way is against your interests. The internet is a much nicer, safer place when you blackhole the commercial-Stasi-wannabes."”

Would be nifty to have ready to use tools and configs for average people to block all webservers that abuse HTTPS sessions for surveillance. Oh wait, the folks from 'Occupy Google' have a list of recommendations. Then again, it doesn't help humanity if only a bunch of aware intellectuals opt out.

“stubish says, "Google needs to be perceived as the best place to spend your advertising budget. What business case is there for Google to work hard at tracking people, defeating anti-tracking measures?"”

Faceboogle have become the best places to spend your advertising budget because despite the high price they can target just the people you need. And most of all you can't afford not to do this type of unethical surveillance targeting, because all your competitors are doing it. This creates a massive market distortion in which Faceboogle are the two mind-reading monopolists. Since this approach isentirely unethical and of no value for society, it would be reasonable to bring back equal conditions for advertising by making mass surveillance impossible again, as it was before 1995.

“yuhong asks, "I'm under the impression Firefox intends to do DNS over HTTPS with Cloudflare shortly. If X and Y are Cloudflare fronted domains, can they now pair sessions? I'm guessing a DOH session queries for domain X and immediately an HTTPS connection appears for X, then queries for Y and another appears at Y. Then the whole DOH session becomes identifiable once Cloudflare fronts any service with email sign-in."”

Sounds very realistic to me and worth a closer examination, maybe in form of an upcoming university study?

More trivia on the issue of so-called 'Safe Browsing':

“manicdee illustrates: "You issue quest on hash A then hash B. Google guesses that because of other activity it has seen today, visits to a site marked by hash A followed by visits to site marked hash B means you are following a link from Alex Jones’ blog to a flat earth holocaust denial web site, and thus prepares to serve your IP address ads for tin foil hats and prepper magazines. The chances of your traffic pattern of hash A then hash B colliding with, say, my browsing of the MLP fan club and following a link to cosplay photos from Dragon Con are pretty slim, even though the MLP fan club URL hash collided with the Alex Jones blog hash. Google aren’t just looking at the one thing you viewed, they are following you everywhere."”

How likely is it, that visiting two partitions of the worldwide web subsequently is giving clues on which specific websites you probably were visiting? And even if in a certain percentage of cases this assertion is wrong, does it matter commercially? Or is a certain percentage of algorithmic failure irrelevant to Google, just not irrelevant to you? Will it have political consequences in your life, if you are stored as an Alex Jones visitor when you are actually just an MLP fan? Sounds like another fine case for a scientific research paper to be written — to find out if 'Safe Browsing' is a threat to liberty even if cookies and TLS session identificators were eliminated.

Last Change: 2018-09-10

Further discussion on Ycombinator (We are not endorsing that site, it's just that the attention economy chooses its own data agglomeration centers).

[ANSWERED] Troubleshooting Facebook Issues Like “No Photo Description Available” Or Photos Not Displaying

SocMedSean - Social.Media.Sean [ANSWERED] Troubleshooting Facebook Issues Like “No Photo Description Available” Or Photos Not Displaying

Okay, I have had several questions today about this one.

The reality is Facebook, and therefore Instagram and WhatsApp are experiencing issues today.

But for those of you who are experiencing this later than this publication date, I thought I’d jot down a few ways for you to troubleshoot Facebook and it’s owned apps when things are going wonky.

By “wonky” I mean:

Photos aren’t displaying

You are seeing text instead of photos that says something like “No photo description available” or “image may contain: one or people sitting outside” or something like that (I’ll cover what that is later).

You can’t add a new post to Facebook or Instagram

You can’t edit or update an existing post on Facebook or Instagram

You are getting timeout errors in WhatsApp

Facebook Messenger tells you there is an unread message when there isn’t (click for this fix)

Facebook is acting…well…wonky.

If Facebook, WhatsApp, or Instagram are acting all wonky on you, here are some tips to troubleshoot the problem. Click To Tweet

For today, the issue is really one related to Facebook’s network and their ability to render photos. So, users are seeing a few photos but lots of boxes with text in them that look like this:

NOTE: In the case of this specific outage, it is interesting to see a glimpse of the Facebook meta that its algorithms are trying to apply to specific photos. In this case, we can see that the algorithms are trying to identify what is going on in the photo, whether the photo contains people, pets, etc…and the location of the photo. An interesting side-effect to the outage.

For those of you who are reading this in the future, maybe this is the same issue you are experiencing. In this case, it’s a Facebook issue and you just have to wait it out. 

If your issue isn’t the same, here are the steps I take to troubleshoot Facebook, Instagram, or WhatsApp issues.

Step 1 – Check To See If Facebook Is The Problem

Before you waste a bunch of time troubleshooting your browser and/or computer, check to see if the problem is actually just with Facebook. There are a number of ways I do this:

Check The Facebook Developer Site

You would think that Facebook would tell us if there is an issue, right?

Sometimes they do…sometimes they don’t. If you think about it, it’s not really in their best interest to tell everyone there is a problem. Users might start tweeting instead. Shareholders might start questioning whether they should own Facebook stock. The board might start questioning whether they have the right leadership in place.

Basically, I there eyes it’s not a good idea for Facebook to tell us when there are issues.

Sometimes, though, they do announce issues to the developers at https://developers.facebook.com/status/dashboard/. It’s pretty hit or miss, though.

For instance, earlier today there were no issues:

Facebook developer site was reporting no issues when clearly there were.

This afternoon, however, because they couldn’t fix the issue and cover it up quickly, there is an announcement:

Since they couldn’t fix it quickly without announcing it, they have opened a ticket with the Facebook issue.

Check DownDetector To See If Facebook, Instagram, Or WhatsApp Aren’t Working

A little more reliable way to see if a site is down is to check Down Detector. This site pays attention to the APIs and services of a lot of major sites, as well as monitoring popular channels like Twitter to see if users are reporting outages.

Down Detector is a good tool check to see if a major network is down

Personally, I find Down Detector to be a little more reliable and more expedient when it comes to reporting major issues. Here are some quick links to some of the Facebook-owned channels:

Facebook Down Detector

Instagram Down Detector

WhatsApp Down Detector

DownDetector is often a better way to check for major network outages that checking with Facebook. Click To Tweet

Check Twitter To See If Facebook Is Down

Yeah, I know is sounds weird to check Twitter to see if Facebook, Instagram, or WhatsApp aren’t working, but it works. Check out these hashtags and you’ll be able to tell whether these sites are misbehaving:

#FacebookDown

#InstagramDown

#WhatsAppDown

Just check out this screen capture from today. Yes…there are definitely issues.

Twitter hashtags can tell you when Facebook, Instagram, or WhatsApp are down.

If there are no issues reported through those various services, it’s time to start looking more closely at your PC or Mac to see if there are other issues that might be causing problems.

Step 2 – Restart Your Browser

It’s possible that it’s not Facebook at all. When browser cache’s get full or too many windows/tabs are chewing up your CPUs, it’s possible that you just need to restart Chrome, Firefox, Safari…whatever browser you use.

If you restart your browser and the issue still persists, then it might not be your browser. To validate this, though, try opening Facebook in a different browser and see if the problems still exists.

If Facebook misbehaves in Chrome, but works in Firefox…then the issue might be a problem with a Chrome extension or Ad Blocker that you have installed.

If restarting the problem doesn’t fix it, move on to the next step.

Step 3 – Restart Your Browser In Safe Mode To Disable Any Extension or Ad-Blockers

OK, so the problem still persists in your browser of choice. The next step is to restart that browser in safe mode and see if it still is giving your the errors.

To restart your browser in safe mode, the steps are:

1) Close all open browser. All of them. Honestly, I would close every application and just focus on troubleshooting your browser issue.

2) For Chrome, just open Chrome and then click the “New Incognito Window” option from the menu in the upper-right corner.

To start Chrome in safe mode, just open a new Incognito window.

By starting a new Incognito window, Chrome will load the browser without any active plugins or extensions. Now, just browse to Facebook and see if the issue still exists.

Starting your browser in safe mode can sometimes help you troubleshoot problems with sites like Facebook, Instagram, and WhatsApp Click To Tweet

3) For Firefox, the best way is to open Firefox and then choose “Restart with Add-ons Disabled…”. By doing this, Firefox will restart and none of your plugins or extensions will be enabled. Once restarted, browse to Facebook and see if there are still problems.

Starting Firefox in safe mode can help you troubleshoot issues.

4) Unfortunately, Safari doesn’t really have a “safe mode” like Chrome and Firefox do. Instead, reboot your Mac and hold the shift key while it boots. That will start your operating system in safe mode and will allow you to troubleshoot to see if Safari is the issue.

Once rebooted into safe mode, just open Safari and then browse to Facebook to check whether the issue still exists.

If the problem still exists despite restarting the browser in safe mode, the next step is just restarting your computer.

Step 4 – Restart Your Computer

I know, I know…it seems like such a simple task. However, I am guilty of leaving my PC on and using sleep mode for weeks at a time. After I’m done at work, I just put my laptop to sleep,  go home, and wake it up.

Then, when I leave for work I just put it to sleep again and go to work.

Lather. Rinse. Repeat….for weeks at a time.

Unfortunately, this isn’t really a good strategy for overall stability. So, if your computer is acting up just restart it.

Step 5 – Switch From WiFi To A Wired Connection Or Vice-Versa

It’s possible that the problem isn’t Facebook, Instagram, or WhatsApp at all. Maybe it’s your internal network or Internet Service Provider (ISP).

If your network ISP is having issues, it’s more likely that you’re going to see issues that span beyond just Facebook. Google searches might fail, Twitter might give you crazy errors. You might see browser errors that the site has timed-out.

If you are seeing issues like across multiple sites, it might be your network or ISP.

If you are using a wired connection using a network cable that connects your computer to a jack in the wall, you might try switching over to a WiFi network. If that resolves the issue, then you might need to check your adapter, connections, or router.

If you’re on WiFi, try switching to another WiFi network or connecting via a wired connection. If switching networks helps, then it’s possible your router might be the issue.

If you’re at home on a PC that doesn’t have a WiFi adapter, then you can always check to see if Facebook is experiencing issues using your mobile device. Just be sure you aren’t connected to WiFi.

Try testing Facebook over a 4G connection and if no issues are present, it’s likely your network or ISP are having issues.

Step 6 – Restart Your Router

If you followed the steps above and you think your network or ISP might be the issue, then first try restarting your router.

My XFi router is a fan-powered and a bit dusty. Not a good combination. Time to dust it off so it doesn’t overheat.

Just like your PC, it does need to be restarted occasionally. While you’re at it, dust it off and give it a good cleaning with a can of compressed air.

If you don’t keep your router clean, it can overheat and that will definitely degrade performance and cause issues.

Step 7 – Check With Your Service Provider To See If There Are Issues.

I know.

I hate calling my ISP too. Long wait periods, cruddy support, just a dissatisfying experience. Sometimes, though, it’s a necessary evil.

If you have determined that there are no reported issues and nothing seems to be wrong with your local network or WiFi connections, then you might just need to contact Comcast, Cox, Time Warner, or whoever your Internet Service Provider is.

Give them a call, open a chat, or tweet at them. Hopefully, they can help you out.

Step 8 – Wait It Out

If you have tried everything else, maybe just wait a while.

Go outside. Read a book. Talk to your family.

Do something non-internet related.

Who knows, it might fix itself in a few hours.

I hope these tips help folks who are troubleshooting issues with Facebook, Instagram, or WhatsApp. If you have a tip that seems to work for you, be sure to share it in the comments. It’s always great when we help each other.

Cheers!

–Sean

Share This Post With A Pin!

[ANSWERED] Troubleshooting Facebook Issues Like “No Photo Description Available” Or Photos Not Displaying Sean R. Nicholson.

This post originally posted at SocMedSean.com - SocMedSean – Social.Media.Sean http://bit.ly/2JlmVm4