Perché usare Gitea, l'alternativa etica a Gitlab e Github. Gitea.it è il sito italiano del repository open source gitea. Ospitato con amore nei server del collettivo devol. https://gitea.it
Go to file
Filippo DB f675c8ef48 Aggiornare 'README.md' 2020-08-13 09:11:50 +02:00
README.md Aggiornare 'README.md' 2020-08-13 09:11:50 +02:00

README.md

Gitea

Perché usare Gitea, l'alternativa etica a Gitlab e Github

Perchè non usare Gitlab

“Free software” that forces execution of non-free software isnt really free.

  • There is nothing particularly wrong with the gitlab software, but that software must be hosted and configured and there are copious ethical problems with the gitlab.com service that the OP suggested:
  • Sexist treatment toward saleswomen who are told to wear dresses, heels, etc.
  • Hosted by Google.
  • Proxied through privacy abuser CloudFlare.
  • tracking
  • Hostile treatment of Tor users trying to register.
  • Hostile treatment of new users who attempt to register with a @spamgourmet.com forwarding email address to track spam and to protect their more sensitive internal email address.
  • Hostile treatment of Tor users after theyve established an account and have proven to be a non-spammer.

Regarding the last bullet, I was simply trying to edit an existing message that I already posted and was forced to solve a CAPTCHA (attached). There are several problems with this:

  • CAPTCHAs break robots and robots are not necessarily malicious. E.g. I could have had a robot correcting a widespread misspelling error in all my posts.
  • CAPTCHAs put humans to work for machines when it is machines that should work for humans.
  • CAPTCHAs are defeated. Spammers find it economical to use third-world sweat shop labor for CAPTCHAs while legitimate users have this burden of broken CAPTCHAs.
  • The reCAPTCHA puzzle requires a connection to Google
    1. Googles reCAPTCHAs compromise security as a consequence of surveillance capitalism that entails collection of IP address, browser print.
      • (speculative) could Google push malicious j/s that intercepts user registration information?
    1. Users are forced to execute non-free javascript (recaptcha/api.js).
    1. The reCAPTCHA requires a GUI, thus denying service to users of text-based clients.
    1. CAPTCHAs put humans to work for machines when it is machines who should be working for humans. PRISM corp Google Inc. benefits financially from the puzzle solving work, giving Google an opportunity to collect data, abuse it, and profit from it. E.g. Google can track which of their logged-in users are visiting the page presenting the CAPTCHA.
    1. The reCAPTCHAs are often broken. This amounts to a denial of service. gitlab_google_recaptcha
      • the CAPTCHA server itself refuses to give the puzzle saying there is too much activity.
      • E.g.2:
    1. The CAPTCHAs are often unsolvable.
      • E.g.1: the CAPTCHA puzzle is broken by ambiguity (is one pixel in a grid cell of a pole holding a street sign considered a street sign?)
      • E.g.2: the puzzle is expressed in a language the viewer doesnt understand.
      • (note: for a brief moment gitlab.com switched to hCAPTCHA by Intuition Machines, Inc. but now theyre back to Googles reCAPTCHA)
      • Network neutrality abuse: there is an access inequality whereby users logged into Google accounts are given more favorable treatment the CAPTCHA (but then they take on more privacy abuse). Tor users are given extra harsh treatment.

The reason for the reCAPTCHA stuff being hosted on Google.com is shared cookies. This allows reCAPTCHA to gain more information about what you trust Google with online…

This is why gitlab.com should be listed as a service to avoid, like MS Github.