πŸ…°πŸ…»πŸ…ΈπŸ…²πŸ…΄ (πŸŒˆπŸ¦„)Mar 20
πŸ‘ Poison πŸ‘ your πŸ‘ data ☠️
chrokaki4d ago
Show threadπŸ…°πŸ…»πŸ…ΈπŸ…²πŸ…΄ (πŸŒˆπŸ¦„)

The goal is to make corporate data less profitable.

Even stuff as simple as setting your birthdate to 1970-01-01 everywhere, adding [TEST] or [DELETED] as your name or account notes anywhere you don't need them to know your name.

Using plugins like AdNauseam to poison ad trackers (and cost them marketing dollars).

Using VPNs set to different locations.

Signing into data broker sites to "correct" outdated info (they'll often let you do that with little-to-no proof of identity, but will require your passport or state ID in order to delete your info). Bonus points if you correct it to someone else's info on their site that's similar to yours.

Only fill in required fields when you sign up for anything, but only provide correct info if it matters for you to use the service, otherwise provide plausible, but incorrect, data.

If you use LLMs anywhere, use the free tier and always vote thumbs up for bad answers and down for good ones. It wastes their resources and drives up their costs while making their training data worse.

Mar 20 at 6:30amWeb
Show threadMichael GaleMar 20
@alice best answer. thank you for taking the time!
Show threadIrene (she/they, Sir/Mr.)Mar 20

@alice scribbling notes furiously

For the less savvy among us, tysvm for this helpful advice πŸ™

Show threadThe Orange ThemeMar 20
@alice I've toyed with the idea of setting up a headless Chrome instance to just ask "but why?" to ChatGPT all day to drive up their inference costs. πŸ‘€
Show threadMichael GaleMar 20
@theorangetheme ha! thats so good.
Show threadChrisMar 20
@theorangetheme @alice lol somebody has a toddler
Show threadДими́трийMar 20

@theorangetheme @alice

'and then?'

Show threadNicky DonnaMar 20
@theorangetheme @alice always add β€œplease” and β€œThanks” it waste sooooo many tokens. Those words are usually in a different β€œspace” that what you asked
Show threadIghostriderMar 20
@theorangetheme @alice haha!
Show threadI am Jack's Found 404Mar 20

@theorangetheme @alice

Philosophy!

Show threadI am Jack's Found 404Mar 21

@theorangetheme @alice

Context:
https://xkcd.com/903/

(see the hidden alt text :)

Extended Mind

xkcd
Show threadStephan DruskatMar 21
@float13 @theorangetheme @alice Thanks for sharing this! Had to try of course, interesting (to me) result: this works for English entries, German ones end up circling around languages and linguistics. What that has to do with anything is , however, a philosophical question?
Show threadNumerfoltMar 20

@alice If you're selfhosting, have a look a iocaine: https://iocaine.madhouse-project.org/

If you upload pictures, maybe nightshade would be the right tool: https://nightshade.cs.uchicago.edu/userguide.html

iocaine - the deadliest poison known to AI

Show threadTanguy ⧓ HerrmannMar 21

@Numerfolt @alice yeah, we need to switch to offensive mode.

That makes me want to create a nightshade fuse FS.
So when you want to upload the image from your picture folder, it nightshades it on the fly.

Show threadMichael GaleMar 20

@alice when i have to use a web app to order food, e.g. CoolBurgz (fictional) i will always put my email as e.g.

[email protected]

usually counts as valid.

Show threadChipMar 20
@miclgael @alice if it doesn’t like that, .lol is a valid TLD. πŸ˜†
Show threadMichael GaleMar 20
@bytex64 @alice maybe i'll just go ahead and register [email protected] haha
Show threadpocketsMar 20

@miclgael
Wherever possible, I'm using my duck addresses, because all too often they send a confirmation link they need you to click.

Some places have the domain blacklisted, but not all of them.

@alice

Show threadsaucytinaMar 20

@miclgael

Some shops umm...decline...take-away orders without a name. The POS* computer insists on one. I give them a completely random word or number. Works fine.

@alice

*(POS also stands for, ¨Point Of Sale¨)

Show threadelleMar 20

@alice

a fair bit of the advice in here seems really good, but from what I know, AdNauseam isn't really worth using over just uBO

at least as of when I last looked into it a couple years ago: it uses more resources on your machine, doesn't really make any significant difference for the companies, and the high volume of "clicks" from you just makes you far more trackable since no normal person browsing would do so

also, I think it might be worth editing the last point to say "hopefully none of you are using LLMs, but if you're someone who does..." 🩡

Show threadmike morrisMar 20
@alice "Fold your punch cards"! πŸ˜ƒ
Show threadBillMar 20

@mikro2nd @alice

Bend, fold, mutilate, and spindle!

Show threadsaucytinaMar 20

@w_b Tape the chads back into the tiny holes...

Lacking chads to insert, masking tape works.

@mikro2nd @alice

Show threadAJ SadauskasMar 20
@alice NULL is also a good answer for when you don't want to give out a particular personal detail.

Aside from phone, date of birth, and email, most of the time the front end form fields will accept NULL as an answer.

https://en.wikipedia.org/wiki/Null_(SQL)
Null (SQL) - Wikipedia

Show threadneoludditeMar 20
@aj @alice "[object Object]" is great for giving their devs an aneurysm trying to track down javascript bugs...
Show threadAmorpheusMar 20
@neoluddite @aj @alice Just wondered what might happen if enough self-hosting people were to add an zero opacity image tag on their public indexable pages illustrating a d*ckbutt and having alt attribute set to Donald J. Trump.
Show threadTzimisce FleshMar 20
@aj @alice Mind you, a well designed application should not interpret a string saying null as a null value.
You probably won't pull a Bobby Tables off on Facebook.
Show threadRabidchaosMar 20
@flesh @alice @aj Probably not. However, corpo software is not always well-designed, and the current crop of layoffs + executives vibe coding make those sorts of vulnerabilities more likely.
Show threadEndlessMasonMar 20

@rabidchaos @flesh @alice @aj
If it is treating that null as a proper null there's a good chance there's constraints in place that'll fail and the app won't even check the failure...

Which can be fun, or not, depending on if it counts you as logged in after you submit the form or not

Show threadPoul-Henning KampMar 20

@alice

We should tax corporations by the GigaByte of storage the own.

It doesn't matter what they use it for, it should have a tangible yearly cost, to make them think about how much they store.

Show threadAgnieszka R. TurczyΕ„skaMar 20
@alice Enter your name as [object Object] and let them try to find a bug.
Show threadBillMar 20

@agturcz @alice

Please enlighten me... What does that do?

Show threadAgnieszka R. TurczyΕ„skaMar 20
@w_b @alice This itself does nothing. But if you are javascript programmer, and mess something, this is being shown as a string, instead of the real value. So, this is a result of some bug.
Show threadBillMar 20

@agturcz @alice

Thank you. My last real programming was decades ago in C.

Show threadHippo πŸ‰Mar 20
@alice thank you! I've always wondered whether to put random made-up data but hearing the reasoning and logic spelt out like this is convincing me to actually start. Especially commonsense things like "mess with the fields that don't matter in their service to you"
Show threadPenguin RebellionMar 20

@alice

Wrt #PII, It might be a good idea to avoid entering data easily identifiable as trash, and use generators instead. E.g.:

Show threadMcCrankyfaceMar 20
This is the way. I've been doing this since 1997.
Show thread"Mediocre Bunny" EvelynMar 20
@alice Non-tech-savvy question:
Is there something special about 1970-01-01, or is it just an example of an arbitrary incorrect birthdate? Would it foul things up just as much if I entered, say, 1984-04-01?
Show threadPatrick Dersjant RCXMar 20
@Gorfram @alice 1970-01-01 is the first date (Unix)computers start to count from and as such a system often falls back to it when no data is available.
Show threadDiego MartΓ­nez (Kaeza) πŸ‡ΊπŸ‡ΎMar 20

@patrick @Gorfram @alice

It should be noted that there will be something similar to the Year 2000 Problem somewhere in 2038: the common way to represent time, seconds since 1970-01-01 00:00, as a 32 bit number, will wrap around and make computers think they're in the past.

Hopefully(?) we learned from Y2K and are preparing for that event already.

https://en.wikipedia.org/wiki/Year_2038_problem

Year 2038 problem - Wikipedia

Show threadPatrick Dersjant RCXMar 21
@diegomartinez @Gorfram @alice Yeah I know ;). I hope to be pensioned by then but the government is trying to prevent that ;).
Show threadDiego MartΓ­nez (Kaeza) πŸ‡ΊπŸ‡ΎMar 21

@patrick @Gorfram @alice

That's if the planet is not destroyed before πŸ₯²

Show threadPatrick Dersjant RCXMar 21
@diegomartinez @Gorfram @alice Oh, the planet will still be there, possibly without mankind… (hypergalactic bywayconstruction excluded from scenario’s).
Show threadRaindrops and RosesMar 20
@Gorfram @alice I don't get it but I'm not very smart.
Show threadswggrkllr3rdMar 20

RE: https://toot.community/@openculture/116259749175404044

@alice https://mastodon.world/@openculture@toot.community/116259749462141780

Show threadApriloq - Please Use Alt TextMar 20
@alice got to show my ignorance here, but how do I find which brokers have my info?!
Show threadisolMar 20

@alice

I've been using mobile phone numbers from the list of numbers reserved for creative works (in Australia), when a form requires me to enter a phone number.

https://www.acma.gov.au/phone-numbers-use-tv-shows-films-and-creative-works

Show threadDJ ToebeansMar 20

@isol @alice

I often use 867-5309. Tell Jenny I said hi!

Show threadChinga la migra! πŸ‰πŸŒˆMar 20

@djtoebeans @isol @alice

I have gotten discounts on clothes (thanks Raj whoever you are) and I get 10% off store brands (because an employee used that as their alt id on their loyalty card) using the Jenny trick. I hope that I am paying it forward somehow through another loyalty program elsewhere

Show threadJames SMar 20

@alice

Hi, this is relevant to my interests. Is there a full set of instructions available for the data broker part of it or is that something I should just go look up?

Thanks for your efforts so far...

Show threadAlan Langford πŸ‡¨πŸ‡¦πŸ§€πŸ§Šζ‘Mar 20
@alice Use a different email address for friggin everything so aggregators can't use it as a primary key.
Show threadMark β›΅οΈπŸ³οΈβ€πŸŒˆMar 20
@alan @alice I have 92 current, active, email addresses, not counting all the disposable ones I've used over the years - this is just one reason why I shall not be visiting the USA - the immigration paperwork would be a nightmare! πŸ˜‚
Show threadAlan Langford πŸ‡¨πŸ‡¦πŸ§€πŸ§Šζ‘Mar 20
@not_a_label @alice Sampling just one of my several domains, I count 330.
Show threadTanguy ⧓ HerrmannMar 21
@alan @not_a_label @alice it goes sooooo fast.
I'm at 800.
It's annoying at some point, but f them
Show threadWoozle HypertwinMar 20

@alan I do that anyway, as a way of (a) being able to block large amounts of spam with high reliability and (b) finding out who has leaky databases.

@alice

Show threadAlan Langford πŸ‡¨πŸ‡¦πŸ§€πŸ§Šζ‘Mar 21
@woozle @alice Me too. I add a random sequence to the end, so when an address is compromised, I just keep the first part and tack on the random bit. I had someone say "well they could have guessed that address" when I reported an issue, so yeah the chances of that are now one in several hundred million. I guess it's not a leak, just a spammer who made a really lucky guess! LOL
Show threadWoozle HypertwinMar 21

@alan

I just do [abbreviation for company][year]@[one of my domains].

@alice

Show threadF3715HMar 20
@alice always lie ton corpos unless doing so will get you jailed!
Show threadRipp_ Mar 20

@alice given that the alternative approach is to complain to them that collecting my postcode violates GDPR as they don't need it, just to have them say they'll fix it then they don't

I think I'm going to keep entering ZZ9 2ZA for postcodes

Show threadAshMar 21
@Ripp_ SW1 1AA here (Buckingham Palace’s postcode)