The point people are making is that communication and discipline, both things that require time and skill, would be a better, less invasive approach.
Perhaps that’s being done as well?
But even if it is, that approach doesn’t work with all people, no matter how skillful or how much time is put into it.
In my experience, the AI bots are absolutely not honoring robots.txt - and there are literally hundreds of unique ones. Everyone and their dog has unleashed AI/LLM harvesters over the past year without much thought to the impact to low bandwidth sites.
Many of them aren’t even identifying themselves as AI bots, but faking human user-agents.
robots.txt does not work. I don’t think it ever has - it’s an honour system with no penalty for ignoring it.
I have a few low traffic sites hosted at home, and when a crawler takes an interest they can totally flood my connection. I’m using cloudflare and being incredibly aggressive with my filtering but so many bots are ignoring robots.txt as well as lying about who they are with humanesque UAs that it’s having a real impact on my ability to provide the sites for humans.
Over the past year it’s got around ten times worse. I woke up this morning to find my connection at a crawl and on checking the logs, AmazonBot has been hitting one site 12000 times an hour, and that’s one of the more well-behaved bots. But there’s thousands and thousands of them.
If they annoy you (and why wouldn’t they? Complicated and time wasting prompts caused by terrible and compromised legislation that’s led to far more intrusion instead of enforcing use of browser settings) and you don’t care about cookies, then the browser extension “I don’t care about cookies” suppresses the vast majority.
I think this type of scheme is illegal under the GDPR, which is in effect in the UK just as it is in the EU.
It’s been a while since I worked with the GDPR, but from memory the wording is such that:
The data holder needs to allow people to opt out of data collection. The subject can request to be forgotten. The data holder explicitly cannot charge for this.
But changes move slow, and The Mirror is probably banking on nobody caring enough to complain, and Trading Standards being too underfunded and swamped with other work to investigate otherwise (which they are). If they’re challenged, they’ll just change tack, go “oops” and are unlikely to hit big fines unless they dig in.
Cookie laws are a horrible mess and always have done - the resulting consent banners are far more intrusive than anyone wanted.
A non technical answer: Don’t interact with other players and don’t give out any personal information.
Use a unique and non-memorable username in steam and in game. Don’t use any of the social functions in steam.
It’s often overlooked that the biggest risk to personal information is the person themselves.
(Obviously you need to give some information to Steam for purchasing, and others have shown other methods to limit what information is sold about you as much as you an. It also depends where you reside - the EU has better protections than most)
One question and some unfollowable advice.
Question: Why not use AppArmor? My understanding is that’s what Debian uses by default instead of Selinux which is more native to Enterprise Linux (Fedora, RHEL, Rocky, Alma etc).
Unfollowable advice: As an EL admin where it’s the default and very closely integrated, we have a saying; “It’s not always dns, mostly it’s Selinux”. For most distro-sourced software, it’s fine. But if you install software from other sources, you’re going to hit problems.
Others have given good reasons to your specific questions, but one tip if you go down this route. We use a redhat tool, “setroubleshoot-server” which helps hugely in both identifying when something isn’t working because SELinux has blocked it, but also gives you the commands to add an explicit rule to allow it, so you can view the log, understand why it’s blocking, and allow it without needing to get too involved with the complicated file contexts.
Sadly, it looks like this tool isn’t available in Debian, which would seem to make like a lot harder using selinux. Familiar as I am with selinux, I don’t run it on my personal servers or this laptop, which are Debian.
OP definitely wanted an argument - but it can only have been for imaginary internet points.
Arguing with an AI is pointless - it’s intellectual masturbation - and using biased and weak examples is, if anything, going to train the opponent to be more dumb. (Anyone else remember teaching Megahal to swear on IRC?)
Technical point: US companies still need to abide by the GDPR when the user is in the EU or UK.
(But yes, I accept your main point - that protection is not shared to US citizens of those same companies who operate two very different levels of distinction. European originating software/services usually operate at the higher level of protection across all users. )
I suspect you haven’t worked with governments before.
Just because something is technically possible, it’s no guarantee that it will be the chosen mechanism for something. More likely the contract will be awarded to either the lowest possible bidder, or to a friend of a friend. Cronyism is depressingly common at all levels.
Two points here:
- If they still have OPs data. It’s entirely possible Google is using this technique as a blind because they’ve just expired the account. There are big headlines for “Google deleted my data”, and much smaller ones for “I couldn’t log into my Google account because I lost my phone”
2, To make a SAR (Subject Access Request), which is what you’re referring to - you need to be able to prove your identity beyond reasonable doubt. Google would obviously refuse that if you can’t log into your account. It would actually be illegal for them to provide that data without such proof, which is why you need to log in to access the Google Takeout features that provide most or all the data a SAR would include.
In Europe you own your data.
Er, that’s not quite what the GDPR means and doesn’t apply in this case. In fact, Google could cite the GDPR in making sure that OPs data doesn’t fall into the wrong hands.
The GDPR gives you a bunch of rights if you’re a EU or UK citizen, including the right for data /about you/ to be forgotten or disclosed. It doesn’t mean google have to hold onto stuff indefinitely (quite the reverse) or provide OP access if they can’t meet Google’s security requirements.
Strange we’ve had differing experiences. I’ve only been using Adguard for a couple of months, but the reason I left Pihol was because of its instability! Or at least, the database would constantly get chowned elsewhere when running in docker so I couldn’t whitelist any domains.
Adguard’s been 100% stable so far for me.
Quite a lot is right with the UK - it just doesn’t get reported because the world’s media focuses on negativity. That’s pretty much the case for every country - people are people even if religion and politics differ. The day to day lives go on with a thousand acts of kindness and consideration. Your attitude is no different to someone in the UK saying “America’s shit” because of a few key points that get bounced around the internet constantly, ignoring the many positives.
He is the chosen one! Hail him!