Hmm, it seems like it was perhaps not engineered for large numbers of pedestrians, but it still seems like the article is a bit hyperbolic (that said, I’m an Australian and don’t know the area, and am going off things like Google Street View and maps).

It looks like there is a road, “Patterson Plank Road”, that actually has a footpath, and has a speed limit of 40 (presumably miles per hour, so 64 kph - about the same speed as most arterial roads in Australian suburbs), and connects to the local area. Then there is a “Rd A Plaza” that seems to go around the outside of the complex, that has a footpath for most of the way, up until there are vehicle barriers. From that point, there is a wide grass verge that looks relatively well drained, and runs all the way to the start of the car park (which presumably has to be walkable to the actual entrance). It would take crossing a 4 lane road that seems to mainly serve the stadium, and isn’t well engineered for pedestrians (no pedestrian refuge islands or anything) - but people do that all the time in Australia and areas are still considered walkable.

Now if the intent is to make it harder to access on foot specifically so they can increase profits (create a problem for people and then sell them the solution), then it is possible they’ll throw up more obstacles. I think Americans might be much more tolerant of what is called ‘drip pricing’ in Australia (and is illegal), where a low initial price is presented, but then lots of additional unavoidable expenses are presented (see also, some American retailers apparently exclude taxes from pricing, many Amercian hospitality providers underpay waitstaff and then demand that customers pay a ‘tip’ or ‘service fee’ that wasn’t reflected in the menu price, and so on). In Australia, the law that is for sales to consumers, the total price has to be displayed up front at least as prominently as any other price - so unavoidable additional charges from the same (or a related) company wouldn’t fly.

I host my mail server on a VPS.

I suggest making sure you get DMARC / DKIM / SPF working, and having an anti-spam strategy (greylisting helps, but there are a few ASNs that just exist to send spam). Also make sure your IP is not on any public spam list.

The next problem you might face is that Microsoft and especially Google like to make it hard for anyone not using their services. With Microsoft, you fill in a form and jump through some hoops and they’ll start accepting your email enough to land it in spam. Unless you are regularly sending to Microsoft, it is hard to keep them accepting mail, but just sending to a free Hotmail address (owned and occasionally marked as read and deleted by you!) on cron is enough to keep occasional mail deliverable as long as none of your mail ever gets marked as spam. Google can be more of a pain to small email servers in terms of not landing in spam, but I think occasional reports of not spam will help you.

In terms of keeping down spam:

• postgrey or similar for greylisting keeps out the least serious spammers.
• The notorious spammers / bulletproof hosting is best blocked by ASN since they regularly shift IP addresses. Try a script like this on daily cron (assuming you jump to the custom BAD_AS table from your INPUT iptables rule) - please don’t run it too often since routeviews is a free public service and you should be respectful of them:

#!/bin/bash -e

TEMPDIR=$(mktemp -d)
trap 'rm -r "$TEMPDIR"' EXIT

curl https://archive.routeviews.org/oix-route-views/oix-full-snapshot-latest.dat.bz2 -Lo "$TEMPDIR/snapshot.bz2"
bzgrep -e " (15828|213035|400377|399471|210654|46573|211252|62904|135542|132372|36352|209641|7552|36352|12876|53667|138608|150393|60781|138607) i" $TEMPDIR/snapshot.bz2 | cut -d" " -f 3 | sort | uniq > $TEMPDIR/badranges

iptables -N BAD_AS || true
iptables -D INPUT -j BAD_AS || true
iptables -A INPUT -j BAD_AS
iptables -F BAD_AS

for ROUTE in $(cat "$TEMPDIR/badranges"); do
    iptables -A BAD_AS -s $ROUTE -j DROP;
done

• Despite Google being so hostile to very infrequent emails from IPs that have years of never sending spam, just because they are small, Gmail and Firebase are one of the most significant spam sources. I find client-side filtering works best for things like that which get through your other defences.
• Another spam source is Docusign. These types of companies tend to shut down individual scammer / spammer accounts, but then allow them back in for the same scam with another account.

Note that of the spam that gets through if you have the basic defences, it’s probably a similar level to big corporate hosted mail, so don’t let this deter you (I just hate spammers).

idea of requiring attribution is specifically called out in Section 7, item B.

But requiring that the logo be retained is not.

Now, it’s not entirely clear what they even are asking for. If the ask is that the OnlyOffice logo be included in a ‘credits’ page (which is perhaps a reasonable interpretation of “you must retain the original Product logo when distributing the program”) then it is much less problematic, although perhaps still beyond requiring attribution, than if they are trying to demand that, say, the favicon of the webapp must not be changed (especially if their intent is also to say that you can’t distribute the program if you don’t change the favicon because it would be a trademark violation).

Now of course, if they have written all of OnlyOffice in house, and not had any external contributors or used any external copyleft code, then they can re-license OnlyOffice on whatever terms. If they were bound to the licence by including other people’s AGPL contributions, then they have to follow the licence themselves, and cannot add arbitrary additional restrictions.

deleted by creator

is it technically possible to accurately verify someone’s age while respecting their privacy and if so how?

With your constraints yes, but there are open questions as to whether that would actually be enough.

Suppose there was a well-known government public key P_g, and a well protected corresponding government private key p_g, and every person i (i being their national identity number) had their own keypair p_i / P_i. The government would issue a certificate C_i including the date of birth and national identity number attesting that the owner of P_i has date of birth d.

Now when the person who knows p_i wants to access an age restricted site s, they generate a second site (or session) specific keypair P_s_i / p_s_i. They use ZK-STARKs to create a zero-knowledge proof that they have a C_i (secret parameter) that has a valid signature by P_g (public parameter), with a date of birth before some cutoff (DOB secret parameter, cutoff public parameter), and which includes key P_i (secret parameter), that they know p_i (secret parameter) corresponding to P_i, and that they know a hash h (secret parameter) such that h = H(s | P_s_i | p_i | t), where t is an issue time (public parameter, and s and P_s_i are also public parameters. They send the proof transcript to the site, and authenticate to the site using their site / session specific P_s_i key.

Know as to how this fits your constraints:

Let the service know that the user is an adult by providing a verifiable proof of adulthood (eg. A proof that’s signed by a trusted authority/government)

Yep - the service verifies the ZK-STARK proof to ensure the required properties hold.

Not let the service know any other information about the user besides what they already learn through http or TCP/IP

Due to the use of a ZKP, the service can only see the public parameters (plus network metadata). They’ll see P_s_i (session specific), the DOB cutoff (so they’ll know the user is born before the cutoff, but otherwise have no information about date of birth), and the site for which the session exists (which they’d know anyway).

Generating a ZK-STARK proof of a complexity similar to this (depending on the choice of hash, signing algorithm etc…) could potentially take about a minute on a fast desktop computer, and longer on slower mobile devices - so users might want to re-use the same proof across sessions, in which case this could let the service track users across sessions (although naive users probably allow this anyway through cookies, and privacy conscious users could pay the compute cost to generate a new session key every time).

Sites would likely want to limit how long proofs are valid for.

Not let a government or age verification authority know whenever a user is accessing 18+ content

In the above scheme, even if the government and the site collude, the zero-knowledge proof doesn’t reveal the linkage between the session key and the ID of the user.

Make it difficult or impossible for a child to fake a proof of adulthood, eg. By downloading an already verified anonymous signing key shared by an adult, etc.

An adult could share / leak their P_s_i and p_s_i keypair anonymously, along with the proof. If sites had a limited validity period, this would limit the impact of a one-off-leak.

If the adult leaks the p_i and C_i, they would identify themselves.

However, if there were adults willing to circumvent the system in a more online way, they could set up an online system which allows anyone to generate a proof of age and generates keypairs on demand for a requested site. It would be impossible to defend against such online attacks in general, and by the anonymity properties (your second and third constraints), there would never be accountability for it (apart from tracking down the server generating the keypairs if it’s a public offering, which would be quite difficult but not strictly impossible if it’s say a Tor hidden service). What would be possible would be to limit the number of sessions per user per day (by including a hash of s, p_i and the day as a public parameter), and perhaps for sites to limit the amount of content per session.

Be simple enough to implement that non-technical people can do it without difficulty and without purchasing bespoke hardware

ZK-STARK proof generation can run on a CPU or GPU, and could be packaged up as say, a browser addon. The biggest frustration would be the proof generation time. It could be offloaded to cloud for users who trust the cloud provider but not the government or service provider.

Ideally not requiring any long term storage of personal information by a government or verification authority that could be compromised in a data breach

Governments already store people’s date of birth (think birth certificates, passports, etc…), and would need to continue to do so to generate such certificates. They shouldn’t need to store extra information.

More likely that change.org provides information about who signed (including emails unless opted out) to the person running the petition. Information gathering from informal petitions is more likely to undermine trust and make people less likely to sign, but then you can’t build a database of people sympathetic to some cause and spam them afterwards.

The “20,000 petition signatures” feels like straight up manipulation - there’s no magic number to force a debate at parliament, and as MisterFrog@aussie.zone points out, an official petition would be needed for it to be tabled. If an official petition with a lot of signatures is tabled, that is a signal to politicians that the public care about it, and can overcome lobbying in the other direction and apathy, so it increases the chance a bill is put up for debate.

This comes from an ad agency; they don’t list any gambling companies as clients, but I’m sure they’d find information like a list of people who signed useful for something.

That said, it’s still a good idea to regulate in a losing sound if there is no political will to do anything more drastic. Better yet would be to require linking play to a one-per-person card, and having hourly, daily, monthly and annual loss limits per card, after which the owner cannot allow any more losses for that card holder.

In most jurisdictions, part of the definition of a not-for-profit (of which a charity is a more restricted subset) is that it doesn’t exist for the benefit of the members / shareholders, or a specific person.

So creating a charity / NFP and asking people to pay into it is usually okay, but the purpose of that charity can’t be to enrich you, and it is a separate legal identity (i.e. taking a charity’s funds and giving it to yourself would be embezzling). Many jurisdictions allow for sports clubs to exist as not-for-profits, but they’d generally need to be for the purpose of organising a whole team to practice, compete and so on.

Generally charities can employ people to do work for them and pay them, but (varies by jurisdiction) they generally need to be not paid above a fair market rate for the work they actually do to advance the goals of the charity.

If the goal is to help a legitimate cause, you could also ask them to donate to an existing not-for-profit for the cause.

Disclaimer: IANAL, and anyway all of this would vary by jurisdiction - not legal advice!

Attacking a military ship is generally not a war crime (as defined by international law such as the Geneva treaties, Rome Statute etc…). It is an act of war (same as invasion or bombardment of another country), and is likely to see retaliation by the attacked country.

Aggression (i.e. unprovoked acts of war) is against the Charter of the United Nations, which also includes the International Court of Justice as a dispute resolution mechanism. It is up to the United Nations Security Council (at which the US has a veto) to authorise enforcement of ICJ rulings.

If a nation is acting to protect another nation facing aggression from the US, it would be legal for the attack US military ships. The reason why they wouldn’t would more be that it would likely bring counter-retaliation from the US.

Liberal by itself is an ambiguous term, so it’s generally best to prefix it with another word / prefix to clarify.

e.g. Neoliberal / Classical liberal - aligned to what I think parent post is saying. Implies economic right. Socially liberal - probably what the GP post means, meaning in favour of social liberties. Can be associated with economic left (usually coupled with positive protection of social liberties) or the economic right (e.g. libertarianism - usually believe government shouldn’t trample social liberties, but businesses can). Liberal is also a political party in many countries - e.g. in Australia it is a (declining, but formerly in power) right-wing party.

That said, I believe most wars are started for reasons of cronyism / crony capitalism, to distract from issues or project an image for the leader and/or for reasons of nationalism, and politicians from all sides will give an insincere pretext aligned to the politics people expect them to have.

Is there any evidence that Dayenu has actually said anything supporting the genocide? Their public web presence does not seem to have anything along those lines; if it is solely because they are Jewish, then I kind of think it is reasonable to deplatform PiP over it. Many Jewish people are anti-genocide, and it is not reasonable to try to punish an entire ethno-religious group for the actions of Netanyahu, Smotrich, Gallant, Ben-Gvir etc.; it is the same class of generalisation as trying to punish all Palestinians for October 7th (needless to say, genocide and seeking to exclude a group from Mardi Gras are very different ends of the same spectrum).

So the very first application of a law which is purported to be to stop neo-Nazis / neo-fascists was against anti-fascist art.

This does seem to be contrary to the law itself, which has at least two defences here for anti-facist political art.

Firstly, the artistic defence:

“(9) Subsection (1) does not apply to a person if a reasonable person would consider that: … (a) the conduct mentioned in paragraph (1)(a) is engaged in for a purpose that is: (i) a religious, academic, educational, artistic, literary or scientific purpose; and (ii) not contrary to the public interest;”

Secondly, the defence that it was genuinely exhibited to oppose Nazi ideology or fascism:

“(10) Subsection (1) does not apply to a person engaging in conduct mentioned in paragraph (1)(a) if: … (f) the person genuinely engages in the conduct for the purpose of opposing Nazi ideology, fascism or a related ideology”.

So back in 1994 my neighbours and I agreed that I’d give them my anti-theft fog cannons, as long as they promise not to steal my stuff.

Then in 2014 they sent some buddies in to burgle my place, and got away with a chunk of my stuff - and I know it was said neighbour behind it, because they now openly claim what was taken is theirs (of course, I never agreed with them on that).

Then since February 2022 they’ve started regularly burgling my place - in the first few weeks, they tried to take literally everything, but fortunately I hired good security guards and they only got away with about 20% of my stuff (including what they stole in 2014).

I’ve been trying to make arrangements for a monitored alarm system that will bring in a large external response if more burglaries happen, but the security company doesn’t want to take it on the contract while a burglary is in progress - but they did sell me some gear. I’m still working on getting the contract.

They say they’ll stop trying to burgle my place as long as I promise not to ever get a monitored burglar alarm, to officially sign over the property they’ve already stolen and to stop trying to get it back, stop buying stuff to protect my property from the monitored security company, and that I fire most of my security guards.

Do you think this is really their end game, or if I agree, do you think they’ll just be back burgling more as soon as I make those promises, with fewer security guards and stuff to protect my house? After all, I did have an agreement with them back in 1994 and they didn’t follow that.

That doesn’t work as a defence in common-law jurisdictions (at least), because all participants who deliberately participate in a crime are considered equally guilty of it.

I’d say this is not a strategy to avoid prosecution, but more the brazen acts of individuals who don’t fear prosecution.

I suspect anything about heaven was likely to manipulate religious voters into voting for him.

Most likely, he is envious of other US presidents like Obama who were given a Nobel Peace Prize. For the whole ‘Board of Peace’ thing, he likely also sees it as a way to manipulate into becoming something of a world dictator who sits above world leaders.

There is a thing called the ‘Dark Triad’ of personality traits, consisting of Psychopathy (lack of empathy for others / celebration of others suffering / impulsive), Narcissism (thinking of oneself as superior) and Machiavellianism (manipulating others, seeking revenge etc…) - and they often occur together in the same person. The dark triad is correlated positively with jealousy - and dark triad people consider themselves superior to peers (even when evidence points the other way) and deserving of recognition. They are vindictive towards people who get in the way of what they think they deserve.

Unfortunately, scams are incredibly common with both fake recruiters (often using the name of a legitimate well known company, obviously without permission from said company) and fake candidates (sometimes using someone’s real identity).

No or very few legitimate recruiters will ask you to install something or run code they provide on your hardware with root privileges, but practically every scammer will. Once installed, they often act as rootkits or other malware, and monitor for credentials, crypto private keys, Internet banking passwords, confidential data belonging to other employers, VPN access that will allow them to install ransomware, and so on.

If we apply Bayesian statistics here with some made up by credible numbers - let’s call S the event that you were actually talking to a scam interviewer, and R the event that they ask you to install something which requires root equivalent access to your device. Call ¬S the event they are a legitimate interviewer, and ¬R the event they don’t ask you to install such a thing.

Let’s start with a prior: Pr(S) = 0.1 - maybe 10% of all outreach is from scam interviewers (if anything, that might be low). Pr(¬S) = 1 - Pr(S) = 0.9.

Maybe estimate Pr(R | S) = 0.99 - almost all real scam interviewers will ask you to run something as root. Pr(R | ¬S) = 0.01 - it would be incredibly rare for a non-scam interviewer to ask this.

Now by Bayes’ law, Pr(S | R) = Pr(R | S) * Pr(S) / Pr(R) = Pr(R | S) * Pr(S) / (Pr(R | S) * Pr(S) + Pr(R | ¬S) * Pr(¬S)) = 0.99 * 0.1 / (0.99 * 0.1 + 0.01 * 0.9) = 0.917

So even if we assume there was a 10% chance they were a scammer before they asked this, there is a 92% chance they are given they ask for you to run the thing.

Maybe they figure if you can’t fix the form to make it submit, you wouldn’t be up to their standard :-)

I think there is some value to MBFC, even though there are also cases where it is problematic - I don’t think a blanket rule would be right.

The issues (& mitigating factors):

• Some of the ‘mostly analytics’ sources still have ‘bias by omission’ problems or misleading headlines, even if the facts in the articles are accurate. But I think on the fediverse, we aren’t beholden to algorithms or their editorial choices in terms of the balance of what we see, so the impact of this is limited.
• Opinion pieces have a place, although arguably not on World News. At the very least, factual pieces from outlets that also publish opinion have a place. But MBFC downrates outlets for having an opinion at all even when clearly labelled as such.
• The attempt to categorise every bias on a left to right scale when really there are so many dimensions any bias could be along isn’t as helpful.

So I’d suggest:

• Only mentioning it when an outlet has a history of publishing things that are factually incorrect (or there is reasonable doubt over it). Not every fact can be verified from first principles (and sadly often articles don’t name their primary sources - in a better world having no source would reduce credibility, but it is often hard to find articles that meet the well-sourced bar). People deliberately muddying the waters create think-tanks to cite with fake facts, fake scientific journals, and cite other unreliable sources - fact checking often requires on the ground investigation, asking reliable experts, and so on; it is simply impossible to be in expert in everything you read in the news to spot well-executed fake news. I think of the approach like a tree - there are experts in an area who can genuinely apply critical analysis to decide if something is fact or bogus. But there are also bogus experts. Then there are aggregators of facts (journals and think-tanks, etc…) that try to only accept things reviewed by genuine experts. But there are also bogus aggregators. Then there are journalists and outlets that further collect things from genuine aggregators and experts, and refine them. But there are also bogus outlets. Sites like MBFC try to act like a root to the tree and help you identify the truthful outlets, who have a good record of relying on truthful aggregators, who rely on truthful experts.
• The left / right bias part means very little - I’d suggest ignoring it if you’re looking at a single article.
• Any of the higher tiers of factual reporting should be fine and not worth a mention.

If there are reliable sources countering some facts, posting those instead of (or as well as) complaining about the source is probably better.

I think the DNC-ignoring callers are likely scammers imitating the real installers trying to get card numbers. If you paid one, you’d lose your money and not get the system.

The US for years kept the screwworm from spreading back into Panama by maintaining a virtual wall of sterile flies across the Darién Gap, which was a cheap way to protect all of North America.

But then stupid MAGA politics came along, put idiots in charge, and they decided that they’d rather try to protect the Mexico-US border and not give Mexico and Panama the incidental benefit, rather than protecting a smaller border that happened to help other countries. https://www.msn.com/en-us/news/world/we-once-rid-the-us-of-this-nasty-parasite-now-it-could-be-coming-back/ar-AA1DKRSV has some information about how it became a problem again.

The terminology in Aus / NZ is pet (owned by people) vs stray (socialised around people but not owned) vs feral (not socialised to people).

Generally speaking, pets & strays like people - they’ve been handled as a kittens. Pets can become strays and vice versa. But feral cats (past being a kitten) will never become stray / pet (and vice versa) - it is only the next generation that can be raised differently.

While the article is defining feral cats as any cat that isn’t a pet, in reality the vast majority of what it is talking about are truly feral cats - nothing like a house cat.