Aggiornare 'README.md'

README.md

@@ -2,6 +2,8 @@
 
 ## Perché usare Gitea, l'alternativa etica a Gitlab e Github
 
+It's worth mentioning that Github and Gitlab both distribute the free software that implements their service. Unless I say otherwise, this post is about their service, not their software.
+
 ### Perchè non usare Gitlab
 
 “Free software” that forces execution of non-free software isn’t really free. 
@@ -28,6 +30,7 @@ Regarding the last bullet, I was simply trying to edit an existing message that
 *    3. The reCAPTCHA requires a GUI, thus denying service to users of text-based clients.
 *    4. CAPTCHAs put humans to work for machines when it is machines who should be working for humans. PRISM corp Google Inc. benefits financially from the puzzle solving work, giving Google an opportunity to collect data, abuse it, and profit from it. E.g. Google can track which of their logged-in users are visiting the page presenting the CAPTCHA.
 *    5. The reCAPTCHAs are often broken. This amounts to a denial of service. ![gitlab_google_recaptcha](https://user-images.githubusercontent.com/18015852/51769530-9d494300-20e3-11e9-9830-1610b3ae9059.png)
+*    
 *    5. *  the CAPTCHA server itself refuses to give the puzzle saying there is too much activity.
 *    5. *  E.g.2: ![](https://user-images.githubusercontent.com/18015852/55681364-07713600-5926-11e9-8874-137e4faaf423.png)
 *    6. The CAPTCHAs are often unsolvable.
@@ -38,4 +41,52 @@ Regarding the last bullet, I was simply trying to edit an existing message that
 
 The reason for the reCAPTCHA stuff being hosted on Google.com is shared cookies. This allows reCAPTCHA to gain more information about what you trust Google with online…
 
-This is why gitlab.com should be listed as a service to avoid, like MS [Github](https://github.com).
+This is why gitlab.com should be listed as a service to avoid, like MS [Github](https://github.com).
+
+### Perchè non usare GitHub
+
+
+#### Privacy problems with Microsoft Github service
+
+1. MS feeds other privacy abusers:
+* 1. Github uses Amazon AWS which triggers several privacy and ethical problems
+* 2. (2012) MS spent $35 million on Facebook advertisements, making it the third highest financial supporter of a notorious privacy abuser that year.
+2. Censorship and project interference: Github staff apparently deleted a contributor who was reporting a privacy abuses present on other projects. Hostility toward volunteer privacy advocates  is in itself sufficient reason to abandon Github.
+3. Github may have a policy that entails censoring bug reports (see this post for the discussion)
+4. Github is Tor-hostile (according to Tor project, although personally I've had no issue using Tor for GH)
+5. MS is a PRISM corporation prone to mass surveillance
+6. MS lobbies for privacy-hostile policy:
+* 6. MS supported CISPA and CISA unwarranted information exchange bills, and CISA passed.
+* 6. (2018) MS paid $195k to fight privacy in CA
+7. MS supplies Bing search service which gives high rankings to privacy-abusing CloudFlare websites.
+8. MS supplies hotmail.com email service, which uses vigilante extremist org Spamhaus to force residential internet users to share all their e-mail metadata and payloads with a corporate third-party.
+9. MS drug tests its employees, thus intruding on their privacy outside the workplace.
+10. MS products (Office in particular) violate the GDPR
+11. To report an MS security bug, one must sign in and the sign-in page is broken. It's really bad for security to make defect reports difficult to submit.
+
+
+#### Privacy-compromising consequence of using Github for a project:
+
+1. (conflict of interest) selects only contributors willing to make privacy compromises, and excludes those who will not use GH for privacy reasons.
+2. (conflict of interest) When contributors are evaluating whether a tool is privacy-respecting, they white list Microsoft and Amazon as a consequence of using Github, and then use that as rationale to endorse an unworthy tool.
+3. (side-effect) Privacy advocates who use GH face demoralizing criticism for what some regard as hypocrisy. PTIO contributors should not be subjected to that.
+
+
+#### Rationale for staying with Github:
+
+The shake-up of making a move will lose contributors.
+
+
+#### Problems with Gitlab service
+
+Many Github refugees fled to Gitlab when Microsoft acquired Github. It's a bad idea. Gitlab should be avoided.
+
+#### Alternative
+
+self-hosting Gitea
+(+) avoids the "shake-up" problem of shrinking the community each time the project moves (there is no risk that the privacy factors would later take a negative turn).
+(+) Gitea.it could host other privacy-focused projects and become part of the support structure for them. Centralizing privacy-focused projects would increase Gitea.it visibility and establish a place where developers with the same high-level goals could develop in a more united way. Poaching privacy-focused projects from GH and GL would solve the hypocrisy problem those projects are facing as well.
+
+
+You give one-line on the evils and probably not enough detail to be persuasive. 
+There’s an enumeration of issues above. Also, most of the projects you recommend have a line “source code: github”. Consider linking to the source code in a way that shames the project, otherwise your site promotes GH more than it discourages it. Not everyone will read the GH section. Perhaps express it this way “source code: github (shamefully)”. Also, prefix “Github” with “MS”. (edit) There is a Github link at the bottom of your page. You should certainly not be linking to it from your public website because it leads visitors in the wrong direction. It also hurts your perceived credibility because many readers won’t follow that link; they will just think “what a hypocrit”. You should set the GH issues to external and link to the gitea.it issues. Your readme is too short. You should use that space as an opportunity to detail all the Github issues I linked you to.