Github has made it impossible to create an account when using a VPN and a privacy browser with fully spoofed hardware identifiers. (Use Firefox or Firefox-based Privacy Browser, VPN, install Canvasblocker to test this.) I create an account with Google or Apple (both requiring hardware identifiers and numbers and birthdates) or I can use an email. When I use an email, it comes back with this horrible test, and even if I do it completely correctly, it tells me after I didn’t do the test right, gaslighting me with a picture of what I chose (which I didn’t choose) and showing me the correct picture (which I did choose and it claims I didn’t select).

It’s fucking bullshit and it’s more corporate control of open source software. For people who have their discussion or issue tracker, I can’t even participate without hardware identifiers likely linked to me some other way and phone numbers. It’s fucking bullshit. If anyone from Microsoft is reading this, FUCK YOU!!!

I am so tired of this bullshit. I just want to post an issue about a piece of software. You don’t need my fingerprint, hardware or personal, or biometric shit. This is a slippery slope. Fuck them.

I really hope more developers just get the fuck off Github. Honestly, if you are developing privacy-oriented software and using github, there’s a mistmatch and it’s bullshit, and I know it’s time consuming and annoying to move, but please do. This is fucking bullshit and it’s not like it’s going to become LESS annoying over time. FUCK THIS.

  • gokayburucdev@lemmy.world
    12·
    9 hours ago

    If something is controlled by a giant corporation and keeping your data and privacy are offered for free, the price is your personel data.🔏

  • whelk@retrolemmy.com
    7·
    9 hours ago

    I’ve wanted to for a while, but this post gave me the final nudge I needed to just buckle down and try selfhosting my own. Forgejo was incredibly easy to set up and my buddies and I are already successfully collaborating on a project that I’ve moved over from Github. So thanks for making your rant post, you made a difference

    • kahnclusions@lemmy.ca
      1·
      8 hours ago

      It would be nice if codeberg supported the FUNDING.yml and had their own way to donate to the open source projects I like.

    • witten@lemmy.world
      2·
      3 hours ago

      Sure it does. Like mitigating constant DDoS attacks / AI scrapers. (To be clear, I’m not advocating using GitHub instead. I’m just saying freedom ain’t free.)

  • Prinz Kasper@feddit.org
    57·
    1 day ago

    Playing devil’s advocate, it’s probably more about blocking bots from creating accounts than it is about blocking privacy minded users. You just end up being collateral damage.

    Obviously that still sucks, I’m just saying it’s not that simple

    • FG_3479@lemmy.world
      4·
      12 hours ago

      Use Librewolf with a mobile data connection on a PAYG SIM, then go to Settings > Librewolf and turn off IPV6 to ensure you are behind CGNAT then turn off resistFingerprinting and enable WebGL.

      Then install Jshelter and create a profile with the following settings:

      Time precision: High

      Locally rendered images: Little lies

      Locally generated audio: Little lies

      Graphic card information: Unprotected for highest chance of success or Little lies for best privacy

      WebAssembley speed-up: enabled

      Then make sure that all other options in Jshelter are turned off including Fingerprint Detector as Cloudflare Turnstile fails with it on.

        • FG_3479@lemmy.world
          1·
          7 hours ago

          Mobile data uses CGNAT for IPV4 which means that your activity is mixed with others. IPV6 is usually just static.

      • brbposting@sh.itjust.worksEnglish
        5·
        22 hours ago

        I’m wondering if you could have any version of this—assuming best intentions and smartest people—which did not demand very similar countermeasures past a certain equivalent growth threshold.

        I unfortunately have to imagine Codeberg is like Lemmy and flies under the radar from spammers.

        …for now.

        LLMs all but guarantee a future of oppressive noise to signal ratios. I imagine IRL connections, or at least numbers saved in your phone, will become pretty important there. So then I think up in-person local-community-vibe verification schemes but they all end with dirty marketers or operators inducing members of the public to astroturf or lease their accounts…

        • ell1e@leminal.spaceEnglish
          1·
          10 hours ago

          I heard Codeberg already struggles with spammers, so I get that. But letting big surveillence data companies like the credit card companies solve this, seems like one of the worst ideas. I’ve seen e.g. discourse use a gradual trust system, there likely are other ways.

  • mrgoosmoos@lemmy.caEnglish
    25·
    1 day ago

    a coworker invited me to his company GitHub team or something recently, and I tried to join several times. each time, I got stuck with a 10 question test to “verify I was human”. it was not quick. eventually, I had time to actually complete it without timing out.

    after completing it correctly twice without success, I gave up