[At-Risk Shares] Enumeration of Reasons to Leave Github

Karl gmkarl at gmail.com
Wed Oct 14 01:43:18 PDT 2020

On 10/14/20, Karl <gmkarl at gmail.com> wrote:
> Bad alternative: gitlab.com service
> The Gitlab.com SaaS is often considered an alternative to MS Github,
> but it's even worse--
> for many reasons

* Sexist treatment toward saleswomen who are [told to
dresses, heels, etc. * Hosted by Google. *
through privacy abuser CloudFlare. *
* Hostile treatment of Tor users trying to register. * Hostile
treatment of new users who attempt to register with a
`@spamgourmet.com` forwarding email address to track spam and to
protect their more sensitive internal email address. * Hostile
treatment of Tor users *after* they've established an account and have
proven to be a non-spammer.
Regarding the last bullet, I was simply trying to edit an existing
message that I already posted and was forced to solve a CAPTCHA
(attached). There are several problems with this:

CAPTCHAs break robots and robots are not necessarily malicious. E.g. I
could have had a robot correcting a widespread misspelling error in
all my posts.
CAPTCHAs put humans to work for machines when it is machines that
should work for humans.
CAPTCHAs are defeated. Spammers find it economical to use third-world
sweat shop labor for CAPTCHAs while legitimate users have this burden
of broken CAPTCHAs.
The reCAPTCHA puzzle requires a connection to Google
Google's reCAPTCHAs compromise security as a consequence of
surveillance capitalism that entails collection of IP address, browser
anonymity is compromised.
(speculative) could Google push malicious j/s that intercepts user
registration information?
Users are forced to execute non-free javascript (recaptcha/api.js).
The reCAPTCHA requires a GUI, thus denying service to users of
text-based clients.
CAPTCHAs put humans to work for machines when it is machines who
should be working for humans. PRISM corp Google Inc. benefits
financially from the puzzle solving work, giving Google an opportunity
to collect data, abuse it, and profit from it. E.g. Google can track
which of their logged-in users are visiting the page presenting the
The reCAPTCHAs are often broken. This amounts to a denial of service.
E.g.1: the CAPTCHA server itself refuses to give the puzzle saying
there is too much activity.
The CAPTCHAs are often unsolvable.
E.g.1: the CAPTCHA puzzle is broken by ambiguity (is one pixel in a
grid cell of a pole holding a street sign considered a street sign?)
E.g.2: the puzzle is expressed in a language the viewer doesn't understand.
(note: for a brief moment gitlab.com switched to hCAPTCHA by Intuition
Machines, Inc. but now they're back to Google's reCAPTCHA)
Network neutrality abuse: there is an access inequality whereby users
logged into Google accounts are given more favorable treatment the
CAPTCHA (but then they take on more privacy abuse). Tor users are
given extra harsh treatment.

> There's nothing wrong with self-hosting an instance running Gitlab CE
> or using the Gitlab instance of another party.

More information about the cypherpunks mailing list