I'm pretty confident this is to comply with a recent EU ruling that held that EU antispam laws apply to display ads that look like an email in your inbox. In essence the left prompt is a marketing email opt-in, even if it doesn't look like one (nastier people than I would say it's disguising its true nature - not I, of course).
That's pretty sneaky. Most users will select "more space". Clearly a deliberate Catch 22 for users.
Such a disgustingly unethical design. What kind of sick people come up with this stuff?
Edit: Perhaps showing ads in line with real emails is less visually intrusive then traditional "banner" ads. I take issue specifically with the false choice presented to users in order to manipulate them.
>What kind of sick people come up with this stuff?
Well, Microsoft in this case, and companies like it. They're out to maximize the profit they can extract from their users, so they will do so. People aren't leaving their products in large enough quantities for them to stop doing it.
Which makes this a good opportunity to re-evaluate whether you really need any of their products, or at least see if you can reduce your dependency on anti-user companies.
Don't forget the other side of it: we as programmers, designers, PMs, etc. have a lot more concentrated power than end users do. One of many good reasons to unionize is the ability to set professional standards.
Professional standards have a hard time against monetary incentives. We should work towards making dark patterns simply illegal and removing those incentives.
Edit: AND unionize AND vote for proper labor rights that make unions unnecessary. I just mean to say that it's better to remove the problem rather than trying to "battle" it with more force.
For people in the software biz I think being allowed to make quality products is one of the most important aspects of our working conditions, particularly for our social standing in the long term.
Outlook.com isn’t even a good product if you ignore the ads. Their extremely strict anti spam policies make it very hard to deliver email to their customers.
Gmail has the same "problem". This is a concern for you, the person sending mail to these people, because the people you're trying to send mail to are probably going to complain to you about how they're unable to receive your messages.
I know this is just anecdotal, but IME gmail might send you to spam (and seems to at least sometimes learn not to do so for people you have exchanged mail with before) but MS will simply reject all mail from you if you are a small player without a long-standing deditacted /24 without any way for the recipient to get the mail.
I'm not going to claim that it's right in this situation, but calling people names and social ostracism is a very effective way to modify the behaviors of people. In no small part because people dislike it and it modifies incentives.
How do you propose to change the incentives? The incentives are money. Surely you have something more helpful than whatever you wanted to accomplish with your retort.
If I told you to your face that you were "sick and vile" for trying to do your job to the best of your ability - without a hint of play or irony - you would probably complain to HR. Name-calling doesn't have to entail the use of nouns.
There is also a third choice, you can get Office 365 and remove ads completely. Companies cannot be expected to give away services for free, so if you're not directly sending them money, somebody else is sending them money for you to use it.
So you linked to a random answers article (not a good sign) which in fact isn't even about the product being discussed (it's Word, not Outlook). In addition the ad they mentioned isn't an ad at all, it's a resume assistant feature offered as part of the linked in service and doesn't show up unless you open that feature.
I use office 365 and I've never seen an ad (and I would drop microsoft immediately if I did, they are on a very short leash already, although they don't show 3rd party ads their software bags and annoys the f* out of you and makes every effort to steal you data, even on a business subscription, but I digress)
The linked thread talks about a "home" version, and I have (I assume) a business version, though I dont remember seeing an option, that may be why
I just checked my copy of Word, and honestly that doesn't feel like an ad. Seems like a pretty cool feature for a lot of people, and your link shows how you can disable it through settings.
It's not asking for money nor does it save your personal information, it's just a Github CoPilot for resumes.
It's pretty clear which one they want you to pick. Oh, you don't want ads that look like email, I guess you want less space on your screen and slower-loading? Okay fine Mr. Likes Less Space and Slower Loading.
Try applying this rule to any popup modals, calls-to-action, and other unsolicited software interactions:
Identify the button decorated as "primary" and click the other button instead.
I wonder how many modals use the fine-print button, or even an X, as the primary one, having trained so many users to instantly close modals by searching for those.
You cannot even embed fonts or libraries from a CDN. Because this could be construed as “leaking the visitor’s IP address” to the non-EU “Ausland”. You either have to host everything yourself, or ask the user for consent first.
Maybe if everyone wasn't leaking my entire lifes history to 58 different adtech shitcompanies the EU wouldn't have needed to step in.
Now people say "oh but if every website hosts their own fonts the browser can't cache them" while sending me 35 megs of shitty tracking Javascript code.
There is a very clear aggressor here and it's not the EU or the regulators.
What about a HTML tag that includes a hash sum? Only request the resource if not already present. That could enable cross-website resource caching without leaking information. (IF the resource the site sends if necessary matches the resource of the tag, otherwise the hash sum would tell the server whether the user visited some other site.)
Hashing content makes more sense than relying on the URL staying the same IMHO.
Including the hash is exactly what subresource integrity[1] does (it was even designed for a CDN context originally), but so far people haven’t figured out a sufficiently non-leaky design to use it for caching[2,3].
It's why newer versions of Firefox and Safari use segmented caches. Which, of course, means that loading fonts from a CDN no longer buys you anything at all.
>Maybe if everyone wasn't leaking my entire lifes history to 58 different adtech shitcompanies the EU wouldn't have needed to step in.
But it's not "everyone" - it's you. Your computer sends out all the information that is requested from it. That's how the internet is built. Even when a website tries to use an external font it is still your browser that asks the font host for the font.
A little too much blaming the victim vibe from this. "It's not the rapists who let you get raped! You let yourself get raped! Why didn't you have more personal security?"
It seems you either missed the point of what the post was getting at, or you are being purposefully obtuse about it.
Victim blaming? What's the point of your system being open and you are in control if you don't use that control to stop voluntarily sending data to websites you don't want.
I agree that it would be nicer if websites slurped up less data. But to portray a lot of this stuff as the user being the victim is ridiculous. The users are the ones that voluntarily started using browsers made by an adtech companies. There are alternatives but they don't use them! And yet they complain that their data then ends up with the adtech company because their browser, that is under their control, sends it to the company.
This design is largely perpetrated by the adtech companies in question. Your reference to an external font is, of course, largely referring to Google Fonts. Nobody embedded externally-hosted fonts until adtech companies started pushing you to just add their convenient code that grabs the fonts from their servers direct, but it's insane we allow this.
Of course, the web browser should do something about it... but the adtech company built that too. "That's how the internet is built" is an aggressively dismissive attitude, because there are specific companies building the Internet. Note that every new trash web standard is written by... oh, yeah, Google too.
So... the problem with that argument is that users do not choose whether or not to have fonts on their webpages. The web developer does that. No browser will, out-of-the-box, ask you "Hey, do you want to send your IP address and Referer to Google in order to see this website with the correct font?" or "Hey, do you want to run this untrustworthy, obfuscated, proprietary blob of Somebody Else's Code in a sandbox?". You just tell the browser "go to this website", and it dutifully does whatever the website says within the web sandbox.
If this was a clickable link to Google, and the EU was saying that telling people to go to Google makes you a GDPR data exporter, then I'd be up in arms about this.
But it's not.
What we're talking about are subresource references, not anchor links. Those get loaded automatically without user control, and users do not get the ability to audit them by default. So it's reasonable to argue that subresource requests are "caused" by the developer of the website, not the user.
Furthermore, this is how actual ad trackers work. It's very common for ad trackers to include a reference to either a script file or a 1x1 pixel GIF (the latter called a "tracking pixel"). This isn't a misinterpretation of GDPR, it's the heart of the issue. If we treat subresources the same as clicking a link, then GDPR is a hollow, toothless meme of a law.
>No browser will, out-of-the-box, ask you "Hey, do you want to send your IP address and Referer to Google in order to see this website with the correct font?"
Then make one that does. Or demand for one. But everybody wants to use Chrome and then they're surprised that their browser doesn't give them the control they want.
The whole point is that Google gets your data because you send it to them. Your browser and computer are under your control.
It's no wonder Apple thrives while taking away control from the user. Because when we do have control we just don't use it.
>Those get loaded automatically without user control, and users do not get the ability to audit them by default. So it's reasonable to argue that subresource requests are "caused" by the developer of the website, not the user.
It would only be reasonable to argue this if you think your computer/browser/os is not under your control. NoScript has been a thing for a long time. How many people actually use it?
On your average modern website (or, really, any website), such a design would result in pop-up fatigue very quickly. This is when you pelt the user with so many permission dialogs and "Are you sure?" prompts that they just learn to click "Yes" to get to the thing they actually want to do. Furthermore, I'm not entirely sure what "No" should even do in this context. Most subresources are non-negotiable - if you do not load them you do not get a working website. So even a slightly-savvy user will try denying things, realize that it breaks websites, and learn that they just have to either click "Yes" or close the tab out and not use that website.
The same concerns apply to NoScript and that browser extension the FSF has that bans non-Free JavaScript. If you point them at GDocs, you don't magically get a tracker-free, Free Software word processor. You just get a broken web page. The reason why users don't exercise this control is because they don't have it to begin with. It's not their webpage to modify.
On a more meta-level, you're arguing for technical controls & DRM where legal ones are needed. We don't want browsers where users can pick and choose where their data goes, but if they choose wrong and don't enable enough trackers they don't get the website they wanted. We want websites that don't have trackers on them to begin with.
This is why Do Not Track was a great idea. No popups because the browser indicates your choice proactively.
The problem was the legal framework to enforce it didn't exist so the industry was just using it as a suggestion. The EFF's voluntary declaration didn't help either.
I think if it had been enforced in the style of GDPR it would have been a great thing to have.
That’s just absurd. Browsers, or User-Agents, should be where this is implemented. “This site would like to fetch external resources. Allow or Block?”. Same goes for all those cookie prompts.
Then the consent question would actually be presented in a balanced way. And the preference could be stored even if you wipe cookies. At moment if you distrust cookies, your preferences expressing your distrust of cookies is constantly being reset forcing you be re-prompted again and again.
(It might be harder for regulation to require changes in browser though, and then there's legacy browsers, so I can see how we ended up here)
Fair point. It would certainly be a better world. Though constantly self-updating browsers are a relatively new thing and the legislators probably wanted to "protect" all those people stuck on IE11?
And legal precedence wise, laws have been requiring things of websites for a long time, but I can't think of any legislation that has required certain behavior by browser applications themselves. Since browsers, in theory, just implement open web standards, requiring something of them is effectively legislating a forced change into web standards. That's a spooky thought.
But let's be real... having individual websites ask for cookie and 3rd party request consent makes opt-out massively less popular than if this was built into the browser. If the "disable ad-targeting cookies" button wasn't hidden behind obtuse UI bespoke to each site, far far more people would opt out of them. I suspect that's a big reason why we got to this arrangement.
GDPR isn't about loading external resources, though. It's about tracking.
The browser has no way of knowing what kind of tracking is going to happen on the server it's connecting to or what jurisdiction that data would fall under.
If trackers would provide metadata indicating what kind of tracking each resource is going to do, then browsers could handle it, but trackers would never do that without being forced because they want to make opting out of tracking as painful as possible.
"Google Fonts logs records of the CSS and the font file requests, and access to this data is kept secure."
They don't say how long the raw data is kept either, on a page trying to minimize the tracking, so we can probably assume it's longer than necessary for technical purposes.
They keep it separate from their other tracking, but that's still collecting user data.
This is an extremely disingenuous way to phrase it. It's deliberately not hosted on a domain which would have any session information sent. There's no tacking information set by that service. I invite you to actually look at a call to this service (you'll want to Google "browser developer tools", that should get you started) and realize that there is no user data in the request. Because of course there isn't.
>...makes it seem like you agree...
Ah, the classic tactic of standing up a weak strawman and then arguing against that. Good to see you again, nemesis.
> This is an extremely disingenuous way to phrase it.
It's not disingenuous because I was going by what those terms allow. They say nothing about detail level, so when I talk about whether they could be tracking you I will talk about the worst thing those rules allow.
> It's deliberately not hosted on a domain which would have any session information sent.
Being a separate service from the rest of google is an entirely different question from whether it tracks you. And tracking doesn't need session cookies.
> There's no tacking information set by that service. I invite you to actually look at a call to this service (you'll want to Google "browser developer tools", that should get you started) and realize that there is no user data in the request.
That doesn't stop them from fingerprinting me to a moderate extent and storing that with my IP and exact time forever.
> Ah, the classic tactic of standing up a weak strawman and then arguing against that. Good to see you again, nemesis.
It's not a strawman. Strawmen don't say "makes it seem". That's my doing my best to figure out your opinion, so that I can effectively respond to it, and making it very clear that I'm guessing.
So are you saying that guess was wrong, or are you being vague on purpose here?
In terms of strawman and related, my guess would actually fall under "steelman". Assuming the opposite would have been a strawman. Because if my guess was wrong, and you don't think it's possible for a CDN to collect user data, then why did you make this conversation be about a specific CDN in the first place?
It's totally disingenuous to use phrases like logging in detail when there are no details to log.
> if my guess was wrong...
As I have previously said, you're totally wrong and your misunderstanding is so far from what I said that it's hard to understand how you got there. You asked if CDNs that don't track user data needed to worry, I gave an example of one which doesn't track user data and still got into trouble.
> It's totally disingenuous to use phrases like logging in detail when there are no details to log.
That's not disingenuous. You disagree with me about what counts as "details to log". Nobody is acting in bad faith.
> As I have previously said, you're totally wrong and your misunderstanding is so far from what I said that it's hard to understand how you got there.
I made a post talking about the difference between a "CDN that tracks people" and a "CDN that doesn't track people".
You responded by linking a specific CDN as an example of a "CDN that doesn't track people".
So I guessed that you agreed that "CDN that tracks people" and "CDN that doesn't track people" are both things that exist.
Why is that guess "so far from what you said that it's hard to understand"?
You're saying you don't think that, so why didn't you just say "No CDNs can track people"?
If every CDN is a "CDN that doesn't track people", then what use is it to link the terms of a specific CDN? If no CDNs can track people, then it doesn't matter what their terms say!
-
But as to your argument, I think your definition of tracking is too narrow, but I don't see any way to convince you otherwise so I'm not going to attempt that.
Not just where the CDN is, but apparently where the company operating the CDN is incorporated. In the eyes of the EU, it doesn't matter if you serve out of an EU data center if the overall corporate entity is still subject to the laws of the United States.
AIUI the embedding is itself not the issue. The issue is that you are leaking user data to a third party, and this needs to be handled with care, considering the degree of threat to the user data, your legitimate need to use a CDN, and any possible consent. If your CDN assures you that this data will only be used for legitimate purposes and conforming to GDPR, I think (but IANAL) that explicit user consent wouldn't be necessary, as site owners have a legitimate interest in using CDN services. After all, DDoS prevention is even explicitly listed as a legitimate interest, and fulfilling this legitimate interest is itself enough to allow processing of personal data, without further consent. With the Google fonts ruling, the issue seemed to be that there was no such agreement in place, Google is known for aggressively building user profiles, and the technical need for this was judged to be low, as fonts are rather small and the site could have operated with self-hosted fonts. This was considered to go beyond the scope of the legitimate interest - it's essentially selling user data to Google to save a little on bandwidth, and that would require consent.
(Then there is a separate issue with a human rights dispute between EU and US that makes things a bit more complicated)
The website is making the browser make that request, and the user has not had the opportunity to accept or deny the data transfer to the destination. That's it.
I don't believe it makes sense to have every website in the world implement this in a half arsed JavaScript implementation when it could be done once per major browser. Same with the cookie nonsense.
The browser is the one actually opening up the connection in this case. That's why there's so much disagreement in this thread.
Your browser opens the connection to the original website and downloads the base page. That base page references images and js and fonts hosted elsewhere, so your browser opens a connection to download those images. At this point the browser could pop open a dialogue box that says "Hey you said you wanted to communicate with foo.com but I need to grab a pic from bar.com is that cool?"
At no point in this use case does foo.com send anything to bar.com
> At this point the browser could pop open a dialogue box that says "Hey you said you wanted to communicate with foo.com but I need to grab a pic from bar.com is that cool?"
IE 6 in the default configuration did something like that with its yellow bar, IIRC, and all it amounted to was the fastest known method (minutes, for me) to provoke warning fatigue and make people vulnerable, seeing as the same UI was used for installing ActiveX controls.
(Could be it did that all additional resources, though, not just those from a different origin? I don’t remember since I disabled the whole thing near-immediately even when I did actually use IE 6.)
This is unworkable from a usability perspective for as long as hotlinking to external resources is so commonplace. And a user permission might not be an effective way to do this, anyway, given the imbalance in bargaining power, as already seen with adblocker-blockers and such. (See also the 2006 paper, “A pact with the devil”[1].)
The only real explanation is that the cookie laws were explicitly designed to wear users down into blindly accepting whatever prompts get thrown at them on website load.
Anyone with half a brain and a real intent to reduce tracking would have mandated websites abide by the existing Do not Track toggle. Unfortunately the law was instead introduced by politicians with strong lobbying from media industry. So no brain, and no intent to reduce tracking.
The GDPR isn't a "don't track" law, it's a "tell me what data you collect on me, what you're going to do with it, who are you going to share it with, and allow me to refuse that, retroactively if need be" law. Vastly more nuance than an on/off toggle.
Yes, and the result of that nuance is less privacy and more annoyance. It's an open invitation for sites to use dark patterns to get you to "agree" to tracking. (In fact they "have" to use dark patterns because they specifically aren't allowed to offer you anything in exchange). Either banning tracking outright or requiring sites to obey the DNT header would make much more sense.
It's not an open invitation, in fact those dark patterns are explicitly forbidden in that law :) And many of them have been ruled to be against the law, but compliance is a bit slow.
On paper, sure. In practice, it’s a quick path to “yeah whatever I accept all your stuff just show me the damn content I came here for”. The web would be much better off if the law was implanted with normal consumers and sane defaults in mind.
I think ideally the web would be much better off if the law was implemented bilaterally with the US so sites had to make a much more important consideration of whether they want to tick off their users or not. It's not like third party cookie usage is required - websites choose what pieces of tech they'll utilize and they have, on the whole, made a choice that is extremely unfriendly to the consumer.
Websites make the consumer unfriendly choice because it makes them money, the law allows it, and their competitors are already doing it. They’d be fools not to.
If the law was instead “no non-essential cookies may be stored when the do not track flag is set”, consumers would be far better off. But that’d cause significant financial impact to the media companies that lobbied for the current wording, so now the whole world is screwed.
Of course. Any engineer would solve it that way. And it ran just fine as a browser setting since the 1990s. But the EU isn’t run by engineers. It’s run by bureaucrats who try to save the web without understanding it. They’ve heard nothing of Chesterton’s Fence.
The GDPR is a sensible legislation and no amount of FUD can change that. If you can't explain what you are doing with personal data, you shouldn't be allowed to handle it.
You are also confusing legislation with rulings. GDPR says your business interests cannot outweigh my rights. That's it. Now courts find that leaking my IP address to third countries is something that harms me more than it does your business good. I can live with that.
Not really. GDPR preparations predated the Brexit vote. It was even completed and passed several months before the vote even happened (back when everyone still expected it to fail, even Cameron who initiated it has no expectation it would pass)
And EU tax avoidance is mainly done through Ireland and the Netherlands which are still member states.
I wonder if nobody in the EU regulatory bodies read what Snowden shared. The fact that requests go to US based datacenters has no impact on US's ability to spy on foreign citizens. They latch on to fiber cables everywhere and slurp up all the data they can. What EU should be doing is telling US to reel in their agencies or else all US tech companies get taxed out of the wazoo for operating in the EU. But no, instead all European citizens and businesses have to suffer through these braindead restrictions in how buttons are placed or what popups are needed as if they have any impact on privacy whatsoever.
This is exactly what the Schrems I/II rulings encapsulated: the Privacy Shield agreement was ruled invalid as any guarantees made on the privacy of European Citizens data transferred to the US were deemed to be fake. This has put a lot of cloud migrations on hold particularly for companies that are dealing with sensitive data, like banks and health care, but also retailers.
So it is approached from the consuming end for better or worse.
Uh, there's also increasingly broad mandates that all sensitive data of european citizens should be located in european-based datacenters managed by european companies with no legal liability to the US.
Acting like the EU isn't reacting to american spying is frankly just ignorance of the situation.
If you have the tabbed inbox enabled (i.e. Social, Promotions, Updates, Forums), then Gmail will insert ads into the non-primary tab that look almost like regular emails. If you have the tabs disabled so that all your messages show up in the Primary inbox, you don't get ads.
that's so interesting. and an odd ruling?! I've boughten yahoo email ads. and tried gmails promoted version. it's a really interesting idea and seems better than outright spam
plus email inboxes have a huge amount of valuable data it could be one of the most relevant ad experiences if they truly leveraged that data. I buy ads and don't have a problem with a lot of the industry, i'm minority on that here. To me highly relevant ads are way better than mortgage loan quicken shit ads and virus crap I see otherwise.
I think part of the difference here is that you see ads at all. Most of us who hate tracking block ads completely so it's not a choice between relevant ads or irrelevant ones. Either way we don't see them so limiting tracking has no downsides.
But I would especially hate ads showing up in my mailbox. I pay for O365 business so they don't, but if they did I would drop the service immediately. Spam is a big problem and artificially adding ads on top of all that makes it even bigger.
In my opinion, this is not stupid. The way preferred by Microsoft is to mix the ads in with messages such that it's difficult to tell them apart.
If there's anything stupid here, it's Microsoft's decision that if you want the ads to be easily identifiable then you need to have them in your face, all the time.
Ah but haven't you heard that nobody would buy asbestos, let alone from a mine with children? Because the market is rational, ethical, and fully informed. That's in the very definition of free market pitalism.
Exactly. The fact is that the government is infallible, and any criticism means you think all corporations are benevolent.
Comcast SHOULD have a government-enforced monopoly over internet service! If you think that is overregulation: "Yes, damn governments always after our benevolent corporations"
European internet companies exist within a jurisdiction that enforces a particular level of privacy protections the US does not guarantee in the slightest.
That wasn't the question. if European companies can use ads why can't American companies? It's not like you suddenly stop needing to make money after you reach top 10 status.
If there are no major European Ad companies, then this is a false comparison - which is the point.
If the EU has no economic horse in the race, they are going to make rules that reflect that. If anything, even to ban the companies that other countries have that are valuable if they are uninterested or unable to compete.
Both this comment and the GP comment seem exceedingly ideological to me. The actions of the EU on the internet are not categorically “stupid”, but their laws are also not always for someone's benefit (relative to organizations subverting a given law). It seems rather questionable to base an argument on something so broad and immutable rather than discussing the merits of this specific policy.
You know at the time I never realized I was living in a golden era between the time anti-malware and anti-adware became very good and the time the ads were built right into the damn operating system and first-party software.
Maybe you should take this as a sign that it's time to switch operating systems? There are many out there. Most of them treat you better than Microsoft does.
What makes a good PC for daily work is also very different from what makes a good having PC. My daily driver is a quiet and energy efficient NUC. My gaming PC is quite noisy with its 3080Ti..
I'm sure I can bring noise levels down with expensive fans but consumption will remain higher. This way I don't have to as I always game with a headset on anyway.
I mean in that case you're still paying Microsoft for a Windows install. I'm not sure that is really "choosing a different OS" in a way that matters much. You chose Windows and a different OS, from Microsoft's point of view they still got theirs
Not really, nowadays. Windows has better GPU drivers, and it allows for more intrusive DRM/anticheat. So, if you are playing brand new AAA games with really fancy graphics, Windows might be helpful. Or if you are really into competitive online gaming.
Those are niches, though, not "any sort of pc gaming."
To go completely off topic, whatever happened to free online games? It almost looks like one generation just stopped playing them and the other somehow decided to go with expensive / adware smartphone games. Surely there must have been some people in between who wondered what the fuck was happening? Is this a flash generation gap?
I remember free flash games. I wonder if flash dying, and then nothing quite replaced it, in terms of being 1) easy for the user to 'install' and 2) easy for the creator to make something.
There was also stuff like Urban Dead and Nexus War, almost like MUDs for 2007 or so. Urban Dead is shambling along appropriately enough...
There was also a game -- "Battlemaster," essentially you played some noble lord in a low-ish-fantasy universe. Vaguely game-of-thronesy feeling (before the show, though). I didn't get very far (although someone was nice enough to give me a province, and I dutifully... paid taxes and tried to avoid screwing up whatever plans I thought they had going).
Some players from Urban Dead (the spark more or less came from the ridleyband resistance front, I think) eventually made Nexus War, which had a similar feel to it, but better design (skill trees, etc) and a more interesting theme (angels vs humans vs demons). Eventually that shut down, and somebody from the community made a similar game called Nexus Clash. That's still running, although I guess the population is probably ever-dwindling.
This sort of asynchronous mostly HTML based game seemed to be really good at fostering a community. Play the game a bit, find a faction of some sort, and then join their phpbb forum...
Pretty sure all that flash-level content is in Roblox these days, but I’m not sure because I’m from the wrong generation and can afford to pay for my games.
I'll grant you that most people will likely prefer PC gaming on Wimdows, but the claim of any sort of gaming is excessive. There is a large selection of native games from many publishers and in many genres for Linux. You won't have to go without if you're simply looking for a good time. That's before considering emulation, Proton, and the likes. Of course, a desire to play particular titles is going to be hit-or-miss.
Linux gaming works very well. Perfect without any issues ever? Probably not but neither is Windows. The main remaining difference seems to be due to anti-cheat, but that's only mainstream multiplayer gaming, not "any sort of pc gamings".
I go weeks at a time forgetting that MS makes an operating system. For "business" document exchange and collaboration, Office is still best though. They definitely still have a monopoly in the Office Suite space
The only difference between proprietary software and malware is whether they're exploiting users with or without the corporation's permission. Adware, data exfiltration and remote access are all bad but when they do the exact same thing it's "totally legitimate business interests". Just like when it's "national security" when the governments do worse than what black hats do.
This doesn't deserve to be downvoted. I just switched back to Linux this week after giving Windows more than a fair shake for the past decade (initially because I couldn't be bothered to muck around with UEFI to dual-boot into my gaming partition every time). But I'm so tired of the ads and the scummy app defaults that I got a dedicated Linux machine and the Windows one is now relegated to playing whatever games don't run on Proton or Switch.
It seems a bit of a Microsoft thing. I haven't seen it on Mac/Linux. In general I don't really see ads on my electronic gadgets though London public transport is a bit plastered with the things.
One of the replies has the most plausible reason for this really weird prompt: They want to appear to be giving you the choice to not have inline ads, but the inline ads are more profitable.
Let alone weird, this isn't even novel. Five years ago, one of FB/Google/Twitter framed the advertising data option as "we use your data to show you ads" vs "see more ads, which will also be less relevant to you".
Is this a dark pattern? "see inline ads, or see bigger ads" seems like a pretty straightforwardly-presented choice. Its like other ad servers' "use your data for targeted ads or see more ads, which will be untargeted".
How else would you present the tradeoff to the user? How is the presence of the tradeoff any more of a "dark pattern" than if they had simply turned on inline ads with no option to avoid it?
The anti pattern here is that the lamen clearly can't distinguish the ads from actual emails, hence the EU stepped in.
Instead of just moving to a different ad delivery mechanism (right option) they are still trying to push the inline option (which is objectively "worse" for most users, but good for bottom line) as the best choice, using language that make the "good choice" seem like a stupid option (slower and less space). Hence the language and design here certainly reads like an anti pattern to me.
From the link in another comment about the EU ruling it didn't sound like the issue was that users couldn't distinguish ads from emails. It was that the EU has decided that if the ads appear in the inbox then they count as direct marketing, which must be opted into.
I don't see how the inline option is objectively worse for most users. If I had to have ads in my email client I'd definitely prefer inline. My normal email already includes things I don't normally read so I'm already skimming the inbox to select what to read and discarding the rest. Ignoring ads would be no different than ignoring the other things I ignore. Unless they went totally overboard on the number of ads all it would do would mean maybe a little bit more scrolling on average to get through the inbox.
Having a separate ad section would be a lot more distracting and would likely reduce the space available for displaying the messages that I do read.
> I don't see how the inline option is objectively worse for most users. If I had to have ads in my email client I'd definitely prefer inline. My normal email already includes things I don't normally read so I'm already skimming the inbox to select what to read and discarding the rest. Ignoring ads would be no different than ignoring the other things I ignore.
Inline is certainly the worst option for most users. If the ad is always displayed in the same location (a location separated from what you're there to read: your emails) it can be ignored. As big and distracting as they'll try to make it, most people will eventually tune it out entirely, because they already know nothing they care about will be there. The term for this is "Banner Blindness" (https://en.wikipedia.org/wiki/Banner_blindness) and it means that most people will spend very little time paying attention to the ad.
Inline ads are mixed in with the content you care about (your emails). You say yourself that you'd be forced to skim over them along with everything else that you're forced to evaluate to determine if you actually care about that message or not. That means every time one shows up you'll be forced to determine if what you're seeing is an advertisement or an email that you may or may not care about. You won't be able to become blind to the ads because that would cause you to miss important messages you want to read. Ads, legitimate messages you care about, and legitimate messages you don't care about, they will all need to be evaluated and that will require you to read the ad the same way you are forced to read the sender/subject lines of the email in your inbox you don't care about.
Microsoft knows that inline ads are more effective. It's why they are pushing them so hard. Microsoft wouldn't try to manipulate people into selecting an option that wasn't advantageous for Microsoft. They aren't looking out for your best interests. They are looking out for themselves at your expense. Any time they seem to be steering you toward something, that's a warning sign that you should be extra careful.
>(which is objectively "worse" for most users, but good for bottom line)
Do inline ads really make that much more money? I would have thought advertisers would pay more for bold in-your-face banners over subtle grey text somewhere.
Thanks for your perspective. I guess my dispute is with the claim that this is "objectively worse for most users". Just as some people may prefer a higher volume of untargeted ads to targeting, while others may prefer the opposite, I don't see how one can claim that nobody could possibly prefer less obtrusive inline ads to big blocky ads that reduce the screen real estate of the main content.
It is most definitely a dark pattern. It's a choice, that is not a choice: the swindler's "pick a card, any card" trick. Presented in the most cynical, self-serving, and manipulative, fashion. As UX goes, it's nothing but execrable.
How? I laid out precisely what the choice is in my comment, but I'll lay it out here again: smaller, inline ads vs larger, out-of-mailbox ads.
There are positives and negatives to both. The only sense in which this is "not a choice" is that you will be served ads regardless, but "free service has ads" is not "a new dark pattern", in any way.
The self-serving venom dripping from this followup is a testament to what a toxic choice it is that’s being given. Are you by any chance a Microsoft product manager?
If you think we’ll all kiss the corporate boot and accept the limited range of options offered, think again. The better choice is the one not presented. Hint: it’s obscenely visceral.
Lol, calm down buddy, drink a glass of water. I dislike Microsoft quite a bit, despise ads, and pay or block to minimize my exposure to them.
But believe it or not, not everyone is simple-minded enough to think that it's impossible to be incorrect as long as you're rooting for the right "side".
There's a group of people (let's call them "adults") who are capable of discussing reality in more detail than "hurr durr ads bad". The claim I responded to was that the choice of ad format was a new dark pattern, which is a specific claim that's independent of your feelings about ads overall.
I have said nothing about feelings, nor included an opinion about ads in general.
For someone this supercilious, you sure make a lot of bad assumptions en route. The only person to have used the phrase “new dark pattern”, by the way, is you. So if you want to argue whether it’s new or not, go right ahead: you’re just arguing with yourself. If you want to argue it’s not a dark pattern, then good luck on the next zebra crossing.
> The only person to have used the phrase “new dark pattern”, by the way, is you.
From the comment I responded to: "Add this to the list of dark patterns". (You don't _add_ existing instances of a category to a list enumerating that category)
As it seems the only thing worse than your emotional continence is your reading comprehension, I should probably take my leave of this "conversation". I hope your day goes better than it has been.
This is tying ever more byzantine verbal knots trying to argue you didn't create a strawman to argue against (you did), and adding to that, sinking to personal abuse hoping it improves the quality of the argument (it doesn't).
There are multiple interpretations of "Add this to the list of dark patterns". The asinine paraphrase of this to "a new dark pattern", especially coupled to the absurdly rigid thinking of the explanation offered, is not merely one of many interpretations; it is the least likely, because the general case of Hobson's choice and its related dilemmas have been recognised for centuries. Ergo, we can trivially reject that interpretation. The author might instead merely be suggesting this is their first personal recognition of such a pattern, or they could be imagining a list of specific instances of major tech companies deploying such a pattern, or offering simply a figure of speech to say "this is a dark pattern", and several other variations besides.
Tip: the world is not a fucking Lisp machine.
In light of which, the cheap crack about "reading comprehension" looks even more sophomoric.
What's more, none of that invalidates the actual point, viz. it is one.
I still use my 20 years old hotmail address (OK, I don't really use it anymore... but I still get some mail from newsletters I'm subscribed to), but I read it from thunderbird so I never need to use the ad-ridden web interface.
Then again I would not see the ads anyway. In the case of the tweet we're discussing, I would probably have opted for the "bigger ads" which seems more easily removed by uBlock origin.
The differentiator seems to be the "ads within the mailbox". It looks like a leading question of sorts designed to make the user more accepting of ads being injected into and intermixed with their list of emails.
in the decision between stale bread and rat poison would you not like stale bread and not like rat poison if and in some way not liking stale bread led to the receiving of the otherwise unliked rat poison, this said, would you prefer to have stale bread, click here if you do not agree.
Why is this confusing? The trade-off is between small ads mixed in with messages in the same area, or bigger ads in a separate area, not taking up vertical space.
Like, it is surprising they decided to make that an option. Nobody adds options these days. But it should not be surprising that some people would prefer different options. If I had to guess, I'd assume the big ads version is the old behavior and the small one is what they are migrating to for consistency between mobile and web (or higher revenue).
I'll also point out that it takes two to tango and most every internet content company is actively offering free stuff. I suspect one reason that ad-based revenue models are so hard to remove are because eliminating it would require coordinated effort on two separate axes:
1) Consumers would have to coordinate on, "From now on, let's pay for all our services"
AND
2) Companies would have to all agree, "Let's stop providing free product subsidized by ads"
Without some sort of drastic fundamental shift in technology or radical technological invention, I just don't see it happening. Maybe someone makes a killer OS or product that has ad-blocking built-in from the ground up and is also so amazing that everyone switches to it, and so suddenly ad revenue drops to near zero? I guess we can dream.
If your site makes its money by showing ads from some third party ad network, that is just going to be ordinary corporate income which you will deal with when dealing with the corporate income tax in your country and/or state.
If your site makes its money by selling products or services to end users it will still be ordinary corporate income in your country and/or state but it will also be sales income and so may also be subject to sales taxes or VAT where your customers reside. That can easily result in you having to deal with taxes in several dozen or more jurisdictions.
If you can make enough money from ads it will almost always be a lot less hassle than making your money by charging customers.
> Maybe someone makes a killer OS or product that has ad-blocking built-in from the ground up and is also so amazing that everyone switches to it, and so suddenly ad revenue drops to near zero? I guess we can dream.
I'm not even sure that's the dream I want. There has to be a middle ground with free services paid for by privacy-respecting ads, right?
Of course but Nana gets mail through the mail slot and keeps pop in the fridge.
I'm assuming most people have no idea about the "advanced" options when it comes to email. Most non-tech people use a browser based gmail/yahoo/etc. account or (ugh) their ISP email
Yes, for example GMail with Thunderbird or iCloud with the native mail app, probably some people just don’t know that they can connect their Outlook mail to another mail client.
Unfortunately Google is increasingly making it harder to use gmail with a native mail client. They don’t use normal means of authentication so your client has to have built-in Google support. They’re introducing new types of emails that can only be opened from a web browser or Google’s proprietary email client. I won’t be surprised if I wake up one morning to see that gmail simply doesn’t work with normal mail clients anymore.
I don't believe that it's healthy for society to rely on free stuff from a private entity. Free stuff should come from the government, which we keep up with our tax money, and private entities should be paid for their services directly, so that they can build a healthy business, and not rely on bullshit like burning investor money for a couple of years or surveilling everyone for some ad money.
Hm, I think free stuff could/should also come from individuals and non-profit organizations, not just the government directly. Free stuff from for-profit corporations is always free() with a big () though, even if the cost is not directly paid by the user.
Why not shift to Fastmail? There have been numerous discussions around here. I don't think that its justified to criticise a company providing services and charging advertisers to give it for free, and people complaining on yet another social media platform about this design choice.
It's perfidious! I stumble on numerous Twitter threads about this.
Leave the platform if it's so insidious.
I think the copy is fine. It would be nice if they presented the second option more fairly (E.g. "Larger ads but outside of your typical workflow") but it's understandable that they push you towards inline which must be more profitable.
Nonetheless, I appreciate that they give you three options (inline, sidebar, paid no ads).
They're playing on the idea that users will think "Bigger ads? Why the hell would I want bigger ads? This is obviously a trick to try to get me to click that.", when in actual fact, Microsoft don't want that.
The choice is actually between having ads show up as faux-emails (making them difficult to avoid) and having them show up on the side (making them easier to ignore, despite the "Bigger ads" copy). They want you to pick the option where you don't have banner blindness.
I curse whoever designed and authorised this cynical, abusive, manipulative abomination, and wish them a shorter life, one filled with misery, suffering, and humiliation.
People really do need feedback for their actions, because if there's none, they're not inclined to change behavior and learn. Even then it's not guaranteed, but if there's no feedback at all, how would they even begin to weigh the consequences of their actions?
While the choice between the options is a little confusing at first the idea of ads in a free email service is not that unique. It is clear that they setup the harder to ignore ads as the more appealing (and default) option. They do offer a paid email service as an alternative. I think I’m OK with this. They seem to be using those ads to fund the free service.
Can someone explain to me why so many people insist on using webmail instead of a proper mail client and act as if webmail is the only way of doing email? Every single email service I know of, except hey.com, offers IMAP and SMTP.
I used to feel the same way: I used mutt for ~10 years, Thunderbird and Sylpheed Claws for about a year each, and then gave up.*
Despite webmail's many flaws, I haven't found an MUA that's as good for me as the Gmail web UI.
- Most MUAs choke on my archive. Simple searches take seconds.
- Every modern email service has a tag-like construct. Representing tags in IMAP duplicates messages.
- Decades later, IMAP sync is still slow, unreliable, and annoying to debug.
- A surprising number of MUAs ignore account boundaries when integrating with my contacts.
- Depending on my job, I go through years-long periods with lots of calendar-related mail. Tight integration between Google Calendar and my mail client is very convenient.
- I use snoozes and (especially) delayed sends often.
- I use all these features on my phone, too.
I haven't found an email client that solves all these problems, on both my laptop and my phone, that's better than Gmail web UI + Gmail iOS app. With two exceptions, all the clients I've tried are slower and less reliable, and they often have fewer features important to me. These days, they're often a less-polished, poorly-tested website in an Electron container. I'm happy to pay for GSuite (or whatever they're calling it these days), because I get ad-free clients that work for me and excellent uptime/deliverability.
* The only genuinely good clients I've found are Mailbox (never shipped a stable desktop client, but had useful innovations) and Superhuman. Mailbox was discontinued post-acquisition, and Gmail has implemented their best features. Superhuman is fine, but not worth paying for (though I'd perhaps feel differently if I spent hours each day in email).
Mail clients have issues like emails getting "stuck in outbox", it not being clear when new emails have loaded, etc. Also if I use a mail client then my setup is tied to a particular machine so if I'm away from it, or lose it, or it dies, then I have to go and reconfigure it all again, remember how I set it up, etc. Plus I see no benefit, webmail is great. I'm on my last year of 10+ years of free Google Workspace email. There's one perspective.
It's convenient having everything in the browser. Multiple tabs. Good password autofill. No sync issues. No complicated set up. Good search functionality. No using up disk space. Don't have to worry about keeping another piece of software (mail client) updated.
I use webmail + Firefox containers to access multiple inboxes at the same time. I have like half a dozen email accounts that I access regularly, so it works well.
Honestly email clients have not really improved a lot in recent years. I personally use Fastmail which has a fantastic web interface which is honestly so much better than e.g. Thunderbird, Evolution, etc. I do use Outlook/Mac for my work which is pretty decent but I'd still prefer Fastmail Web over it.
For me personally it's because I can't manage priority emails or use the search through a 3rd party mail client. Most of my time in Gmail when I'm not just reading messages is using gmail specific functionality that isn't supported in 3rd party clients.
With webmail I can right-click on links and send them to the appropriate Firefox container. The last time I tried a dedicated mail client this was a sorely missed feature.
But isn't this the free Outlook.com email? In fact, in the screenshot itself you can see a link to upgrade to their paid service, Microsoft 365, if you don't want to see ads at all. To me it appears ethical to provide a free, ad-supported service. It actually seems more user-friendly than, say, Gmail, in that it allows you to decide if ads will be in-line with your mailbox content.
I'm not a fan of thunderbird compared to Outlook. To me it's a bit like LibreOffice and Microsoft Office. I know some people prefer LibreOffice, it was pretty similar 12 years ago and today it's still better in some ways, but I rather use Microsoft Office.
Your email can be saved as html and viewable in all browsers.
If you are asking if you can login to a webpage you want webmail: horde, squirrelmail, roundcube.. rainloop looks like gmail, Zimbra, mailspring (has undo send), Cypht, mailpile...
There are open source web mail clients if you want though - I vaguely remember rainloop (https://www.rainloop.net/) and roundcube (https://roundcube.net/) being ones I looked at back in the day.
What is very unusual here is that they are asking you if you want bigger ads, a slower experience, and recommend that you don't chose that option. There is also an ad free, paid alternative in the small print.
It is the opposite of what the usual suggestions are. Generally, the most predominant is the paid option, then the one with big ads, then the one with small ads.
The most probable reason here is that they want to show you that if you don't like integrated ads that look like emails, you can, but it will be terrible. Maybe it is a legal requirement or something.
At least in gaming it's frequently possible for companies to make more money off the ad-supported version of a game than they do off the paid version (translation: advertisers will pay more for your leisure time than you will). Not sure if that's also true in domains like this.
More likely they're emphasizing the alternative that makes them the most money. The user-as-product is what Microsoft missed the boat on while concentrating on Windows lock-in under Balmer.
The reality is developing and maintaining a web service at MS scale is expensive and certainly not free. I am glad that MS has taken a very ethical rouate and is providing users a choice. I hope other big tech follow MS lead here.
In the thread on Twitter Adam Waltham stated (imho quite correctly):
'This is the point, they want to make “show the ads separately from your mail” sound like a bad option, because they make more money when the ads are disguised as emails in your inbox.'
So this very dark pattern is designed to make you not click to see bigger ads. They want you to have ads disguised as emails in your inbox. And because you choose the are legally in the clear in the EU because there new regulation (as stated other places in this thread already) requires them to.
This is yet another option, Outlook the email service. Neither Outlook the Office application nor Outlook the bundled free Windows mail client have ads (currently).
This is only the free Outlook mail service web interface.
Here's the CJEU case in question: https://www.insideprivacy.com/european-union-2/court-of-just...