2
0
mirror of https://github.com/offen/website.git synced 2024-12-24 13:50:22 +01:00

Merge pull request #159 from offen/development

update April 16
This commit is contained in:
Hendrik Niefeld 2021-04-20 20:43:31 +02:00 committed by GitHub
commit faeebae7a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 163 additions and 77 deletions

View File

@ -19,21 +19,21 @@ We have further refined the existing application architecture to make it more ro
#### Easy to test drive
Download a single binary file and run it on your local computer to get an Offen instance up and running immediately. At the moment this setup only supports Linux. Windows and MacOS will follow soon.
[Download binary](https://8342-180605180-gh.circle-artifacts.com/0/tmp/artifacts/offen-stable.tar.gz){: target="_blank" data-button="outline"}
[Download binary](https://8342-180605180-gh.circle-artifacts.com/0/tmp/artifacts/offen-stable.tar.gz){: data-button="outline"}
#### Develop without complex setup
Docker and Docker-Compose are the only hard requirement for you to develop Offen. We have successfully tested this setup under Linux, Windows and MacOS. Head over to our wiki for instructions how to get the setup up and running.
[Open wiki](https://github.com/offen/offen/wiki/Developing-offen#setup){: target="_blank" data-button="outline"}
[Open wiki](https://github.com/offen/offen/wiki/Developing-offen#setup){: data-button="outline"}
#### Lightweight and accessible interfaces
The *Auditorium* is ready for a dry run. It's a functional prototype for accessing and managing user data. We opted for [Choo](https://choo.io/){: target="_blank"} as the application framework and [Tachyons](https://tachyons.io/){: target="_blank"} as the CSS framework.
The *Auditorium* is ready for a dry run. It's a functional prototype for accessing and managing user data. We opted for [Choo](https://choo.io/) as the application framework and [Tachyons](https://tachyons.io/) as the CSS framework.
#### Ready to localize
You can now localize all user-related content in server- and client-side applications. At the moment English is the only supported locale, but we would be happy to add more locales soon. Contributors wanted after milestone 3 is completed.
[Get in touch](mailto:hioffen@posteo.de){: data-button="outline"}
#### Read the docs
The work on our wiki has started. Including documentation for [developers](https://github.com/offen/offen/wiki/Developing-offen){: target="_blank"} as well as for [website operators](https://github.com/offen/offen/wiki/Running-offen){: target="_blank"} who want to deploy and run Offen.
The work on our wiki has started. Including documentation for [developers](https://github.com/offen/offen/wiki/Developing-offen){: target="_blank"} as well as for [website operators](https://github.com/offen/offen/wiki/Running-offen) who want to deploy and run Offen.
#### No reverse proxy required
We have further hardened and improved the HTTP server that Offen exposes. If you want to, you can already expose this server to the Internet without having to run a reverse proxy in front of it.
@ -45,4 +45,4 @@ We have further hardened and improved the HTTP server that Offen exposes. If you
### Deep dive
Interested in the details? Want to get your hands dirty? Head over to our GitHub repo.
[Open milestone 1 Pull Request](https://github.com/offen/offen/pull/192){: target="_blank" data-button="full"}
[Open milestone 1 Pull Request](https://github.com/offen/offen/pull/192){: data-button="full"}

View File

@ -16,26 +16,26 @@ We finished milestone 2. Here is what we' ve been doing for the last 8 weeks.
#### Collecting data only with consent
A first approach to one of our major features is implemented. Websites that embed the Offen script now display a user consent banner. In case of user's deny, no other requests than loading the script are made from then on.
[Learn more](https://offen.offen.dev/){: target="_blank" data-button="outline"}
[Learn more](https://offen.offen.dev/){: data-button="outline"}
#### Accidental leaks don't expose data
We encrypt all event data before it leaves the browser. [Two types](https://github.com/offen/offen/pull/270){: target="_blank"} of crypto implementations are used for this. This allows us to handle user data from both https and http-only sites securely.
We encrypt all event data before it leaves the browser. [Two types](https://github.com/offen/offen/pull/270) of crypto implementations are used for this. This allows us to handle user data from both https and http-only sites securely.
#### What exactly happens on your website?
The insight into user behavior has been improved. Still, no sensitive user information is collected. We have added seven additional statistics like Average Page Depth as well as Landing and Exit Pages. Here you find an [overview of all added stats.](https://github.com/offen/offen/pull/270){: target="_blank"}
The insight into user behavior has been improved. Still, no sensitive user information is collected. We have added seven additional statistics like Average Page Depth as well as Landing and Exit Pages. Here you find an [overview of all added stats.](https://github.com/offen/offen/pull/270)
#### We are live
The current state of *Offen runs on this domain.* You should have noticed our conset banner by now. Opted in? Head to the [Auditorium](https://offen.offen.dev/auditorium/){: target="_blank"} to manage your data. If not, please have a look at our [Explainer.](https://offen.offen.dev/){: target="_blank"}
The current state of *Offen runs on this domain.* You should have noticed our conset banner by now. Opted in? Head to the [Auditorium](https://offen.offen.dev/auditorium/) to manage your data. If not, please have a look at our [Explainer.](https://offen.offen.dev/)
*We welcome any feedback* on this key subject. Did our banner text inform you sufficiently? Which issues have been left open? How can we do better? Thanks in advance.
[Send feedback](mailto:hioffen@posteo.de){: target="_blank" data-button="outline"}
[Send feedback](mailto:hioffen@posteo.de){: data-button="outline"}
#### Testdrive on your system
Whether you are a developer that want to contribute or a website operator that wants to test Offen. Have a demo up and running in no time on your local machine. Download and install a single binary file on Linux, Windows or MacOS.
[Download demo](https://github.com/offen/offen/releases/download/v0.1.0-alpha.2/offen-v0.1.0-alpha.2.tar.gz){: data-button="outline"}
#### Feeling adventurous?
Offen is under active development but with the introduction of the user consent banner has become usable for the general public. If you are brave enough you can use our [latest alpha release](https://github.com/offen/offen/releases/latest/){: target="_blank"} in a production environment.
Offen is under active development but with the introduction of the user consent banner has become usable for the general public. If you are brave enough you can use our [latest alpha release](https://github.com/offen/offen/releases/latest/) in a production environment.
#### We need to talk about Safari
Currently, the way we store encryption keys securely on the client side does not work in Apple's Safari browser. Fortunately, our improved opt-in flow will allow us to resume Safari support in milestone 3. Please bear with us until then.
@ -47,4 +47,4 @@ Currently, the way we store encryption keys securely on the client side does not
### Deep dive
Interested in the details? Want to get your hands dirty? Head over to our GitHub repo.
[Open milestone 2 Pull Request](https://github.com/offen/offen/pull/270){: target="_blank" data-button="full"}
[Open milestone 2 Pull Request](https://github.com/offen/offen/pull/270){: data-button="full"}

View File

@ -28,11 +28,11 @@ Although we have dug very deep, things may still contain issues. Therefore, we r
[Download](https://get.offen.dev/){: data-button="full"}
##### Your own Offen instance
[Deploy to Heroku](https://heroku.com/deploy?template=https://github.com/offen/heroku/tree/master){: target="_blank" data-button-mb5="full"}
[Deploy to Heroku](https://heroku.com/deploy?template=https://github.com/offen/heroku/tree/master){: data-button-mb5="full"}
Download or deploy Offen today and give it a spin. *[Check our Docs](https://docs.offen.dev/){: target="_blank"} for detailed instructions.*
Download or deploy Offen today and give it a spin. *[Check our Docs](https://docs.offen.dev/) for detailed instructions.*
We appreciate any feedback. No matter if you have difficulties with the installation, find our UI hard to understand or catch anything unexpected. Please get in touch via [Twitter,](https://twitter.com/hioffen){: target="_blank"} [LinkedIn](https://www.linkedin.com/company/hioffen/){: target="_blank"} or [email.](mailto:hioffen@posteo.de){: target="_blank"}
We appreciate any feedback. No matter if you have difficulties with the installation, find our UI hard to understand or catch anything unexpected. Please get in touch via [Twitter,](https://twitter.com/hioffen) [LinkedIn](https://www.linkedin.com/company/hioffen/) or [email.](mailto:hioffen@posteo.de)
We look forward to hearing from you. Happy testing!

View File

@ -37,9 +37,9 @@ Relevant PRs are: [349](https://github.com/offen/offen/pull/349), [355](https://
In Milestone 5, we want to add integration test coverage for all of our user-facing features. To prepare for this, we did research on what tools we can use and how to integrate them into our existing development and CI setup.
We ended up choosing and implementing a setup using [Cypress](https://www.cypress.io/){: target="_blank"}, which is a popular MIT-licensed tool that can run tests in multiple browsers like Chromium and Firefox.
We ended up choosing and implementing a setup using [Cypress](https://www.cypress.io/), which is a popular MIT-licensed tool that can run tests in multiple browsers like Chromium and Firefox.
Another great thing about this setup is that is allows us to run automated Accessibility and performance audits (for example using [Lighthouse](https://developers.google.com/web/tools/lighthouse){: target="_blank"} or [Pa11y](https://pa11y.org/){: target="_blank"}.
Another great thing about this setup is that is allows us to run automated Accessibility and performance audits (for example using [Lighthouse](https://developers.google.com/web/tools/lighthouse) or [Pa11y](https://pa11y.org/).
This has been implemented in PRs [362](https://github.com/offen/offen/pull/362), [365](https://github.com/offen/offen/pull/365) and [368](https://github.com/offen/offen/pull/368)
@ -102,7 +102,7 @@ Offen tries to be a slim and lightweight solution but nevertheless, crucial user
Offen collects data only after opt-in. In addition to the consent banner that is shown on websites that embed Offen, the Auditorium itself allows users to manage their consent status. As an exercise, let's write a test where a user first grants consent, reviews the Auditorium and then opts out again, seeing that data has been deleted.
As noted above integration tests are written using [Cypress](https://www.cypress.io/){: target="_blank"} which has a `mocha`-esque DSL for writing tests. In the `offen/offen` repository, create a new file called `integration/cypress/integration/consent.spec.js`. We're ready to write a basic test now.
As noted above integration tests are written using [Cypress](https://www.cypress.io/) which has a `mocha`-esque DSL for writing tests. In the `offen/offen` repository, create a new file called `integration/cypress/integration/consent.spec.js`. We're ready to write a basic test now.
N.B.: these examples use `.contains('some text')` for selecting elements as this is very obvious in the context of an example. Our real world tests will use dedicated `data-testid` selectors for targeting DOM elements.*

View File

@ -17,7 +17,7 @@ In this article we collect a few real world options and scenarios for hosting Of
---
*Prerequisite:* All of the below assumes you have registered one or multiple domains on which you run your applications and websites, and can set [A](https://en.wikipedia.org/wiki/List_of_DNS_record_types#A){: target="_blank"} or [CNAME records](https://en.wikipedia.org/wiki/CNAME_record){: target="_blank"} for these. If you do not know what this means exactly: it is a default feature in almost all packages that let you register a domain. Your provider or registrar surely can help you with further support if you need any. Read more about it in our [dedicated subdomain tutorial.](https://docs.offen.dev/running-offen/setting-up-using-subdomains/){: target="_blank"}
*Prerequisite:* All of the below assumes you have registered one or multiple domains on which you run your applications and websites, and can set [A](https://en.wikipedia.org/wiki/List_of_DNS_record_types#A) or [CNAME records](https://en.wikipedia.org/wiki/CNAME_record) for these. If you do not know what this means exactly: it is a default feature in almost all packages that let you register a domain. Your provider or registrar surely can help you with further support if you need any. Read more about it in our [dedicated subdomain tutorial.](https://docs.offen.dev/running-offen/setting-up-using-subdomains/)
### Scenarios where Offen is a good fit
@ -39,9 +39,9 @@ If you are working on a bigger project with a lot of traffic, you might consider
### Some available hosting providers
This list is a non-exhaustive collection of hosting providers that we happen to know and have used ourselves. We are in no way affiliated with any of these, don't earn any money when you install Offen there, and definitely don't want to push you anywhere. We do want you to use Offen though, of course, but it's always your choice where to run it. If you know of any other good option, tweet them our way [@hioffen](https://twitter.com/hioffen){: target="_blank"}.
This list is a non-exhaustive collection of hosting providers that we happen to know and have used ourselves. We are in no way affiliated with any of these, don't earn any money when you install Offen there, and definitely don't want to push you anywhere. We do want you to use Offen though, of course, but it's always your choice where to run it. If you know of any other good option, tweet them our way [@hioffen](https://twitter.com/hioffen).
#### [AWS](https://aws.amazon.com/){: target="_blank"}
#### [AWS](https://aws.amazon.com/)
The obvious choice for hosting your Offen instance in the AWS ecosystem is probably using EC2 (which is a virtual server). For handling Offen in any of the above scenarios a `t3.nano` instance is sufficient, which - at the time of writing - bills at *USD 3.90 per month*. In case you have just recently signed up for AWS, you could also run Offen using the *free tier usage plan* that gives you one free `t2.micro` (this, by the way, is also how we are currently running our own instance).
@ -56,11 +56,11 @@ The lowdown on AWS:
---
#### [Heroku](https://www.heroku.com/){: target="_blank"}
#### [Heroku](https://www.heroku.com/)
Heroku is famous for making deployment of web based software as easy as possible, and it indeed lets you deploy Offen from within your browser using our Heroku preset.
[Open Heroku preset](https://github.com/offen/heroku){: target="_blank" data-button-mb3="outline"}
[Open Heroku preset](https://github.com/offen/heroku){: data-button-mb3="outline"}
Heroku has a free tier that theoretically lets you deploy Offen and a database for free. The only caveat with this is that you will need to provide your own SSL certificate in this scenario, which makes it relatively complicated to get going. In addition to that Dynos (this is Heroku's name for a virtual server) on the free plan fall asleep when they are not used, so applications tend to be relatively sluggish when going down that route.
@ -76,11 +76,11 @@ The lowdown on Heroku:
---
#### [DigitalOcean](https://www.digitalocean.com/){: target="_blank"}
#### [DigitalOcean](https://www.digitalocean.com/)
DigitalOcean provides virtual servers in a product they call Droplets. The cheapest variant - which is enough to host Offen for one of the above scenarios - costs *USD 5.00 per month*. On this droplet you can install Offen yourself in whatever fashion you prefer (Docker, systemd, something else) or use our prebuilt image.
[Open prebuilt DigitalOcean image](https://github.com/offen/digitalocean){: target="_blank" data-button-mb3="outline"}
[Open prebuilt DigitalOcean image](https://github.com/offen/digitalocean){: data-button-mb3="outline"}
If you need a dedicated database server, you can either use the managed Postgres offering (which is relatively expensive) or add another Droplet, installing a prebuilt PostgreSQL or MySQL image.
@ -93,7 +93,7 @@ The lowdown on DigitalOcean:
---
#### [Linode](https://www.linode.com/){: target="_blank"}
#### [Linode](https://www.linode.com/)
Feeling "close to the metal" in a good way, Linode offers virtual servers on shared instances. At *USD 5.00 per month* you get a Linux server that you can use to install and serve your Offen instance. There is no dedicated database offering, so if you wanted to use a dedicated database you would need to install MySQL or PostgreSQL on another shared instance. Presets are available for these.
@ -108,4 +108,4 @@ The lowdown on Linode:
### Where to head next
If you made a choice and want to deploy your own Offen instance, head over to our [Installation tutorials](https://docs.offen.dev/running-offen/tutorials/){: target="_blank"} where you will get further guidance on what to do next and how to get your instance up and running. And in case you get stuck or need help, file an [issue](https://github.com/offen/offen/issues){: target="_blank"}, [tweet](https://twitter.com/hioffen){: target="_blank"} or [email](mailto:hioffen@posteo.de){: target="_blank"}.
If you made a choice and want to deploy your own Offen instance, head over to our [Installation tutorials](https://docs.offen.dev/running-offen/tutorials/) where you will get further guidance on what to do next and how to get your instance up and running. And in case you get stuck or need help, file an [issue](https://github.com/offen/offen/issues), [tweet](https://twitter.com/hioffen) or [email](mailto:hioffen@posteo.de).

View File

@ -30,4 +30,4 @@ At the same time essential metrics give operators the chance to gain valuable in
By the way, Offen is in beta phase now. [Please take a look and give it a try.](/try-demo/)
We believe it is time to go one step further. This is how we want to support a web that is *privacy friendly and fair at last.* Are you as enthusiastic about it as we are?
Drop us a [tweet](https://twitter.com/hioffen){: target="_blank"} or [email](mailto:hioffen@posteo.de){: target="_blank"} and feel invited to work together to drive this idea forward.
Drop us a [tweet](https://twitter.com/hioffen) or [email](mailto:hioffen@posteo.de) and feel invited to work together to drive this idea forward.

View File

@ -39,7 +39,7 @@ Relevant PRs are: [399](https://github.com/offen/offen/pull/399), [400](https://
#### Community approved handling of licensing
With help from the FSFE, we adopted [REUSE](https://reuse.software/){: target="_blank"}, a standard and tooling around the handling of licensing in non-small repositories. Having integrated a dedicated check for REUSE compliance into our CI pipeline allows us to stop worrying we have forgotten something, and will give everyone access to all licensing information needed to use or reuse Offen in all scenarios.
With help from the FSFE, we adopted [REUSE](https://reuse.software/), a standard and tooling around the handling of licensing in non-small repositories. Having integrated a dedicated check for REUSE compliance into our CI pipeline allows us to stop worrying we have forgotten something, and will give everyone access to all licensing information needed to use or reuse Offen in all scenarios.
In addition to that we now also automatically generate a NOTICE file from our dependency tree that we can include in our binary distributions, making sure every dependency is properly attributed when others download and use Offen. You can see it in action being served from our own Offen instance here: [offen.offen.dev/NOTICE.txt](https://offen.offen.dev/NOTICE.txt)
@ -87,7 +87,7 @@ Once this is defined, we will apply for new funds. Let us know if you know of an
An important part of Milestone 5 was hardening the HTTP interface of Offen, which in most cases will be exposed to the internet directly, without any reverse proxy or similar in front. So why not do a load test and see how far we can take it?
The tools we'll be using to perform the load test is called [vegeta](https://github.com/tsenart/vegeta){: target="_blank"}, which you can install using `go get` (or you download the binaries from GitHub):
The tools we'll be using to perform the load test is called [vegeta](https://github.com/tsenart/vegeta), which you can install using `go get` (or you download the binaries from GitHub):
```
go get -u github.com/tsenart/vegeta

View File

@ -1,24 +1,25 @@
title: Why Offen is a valid Matomo alternative
description: This brief comparison of both tools gives you a first insight into the field of fair and lightweight web analytics.
date: 2020-08-28
modified: 20.4.2021
slug: matomo-alternative
url: /blog/matomo-alternative/
sitemap_priority: 0.7
image_url: /theme/images/offen-blog-0100-Matomo.jpg
author: Hendrik Niefeld
bottom_cta: fair
bottom_cta: budget
# Why Offen is a valid Matomo alternative
#### Matomo at a glance
Matomo was started around 2007 as a successor to phpMyVisites and *open-source alternative to Google Analytics.* The project founded by Matthieu Aubry used to be called Piwik until it was rebranded to its current name in 2018. According to Wikipedia it is installed on about 1.5 million websites, making it one of the best known open source web analytics applications on the market.
Matomo was started around 2007 as a successor to phpMyVisites and open-source alternative to Google Analytics. The project founded by Matthieu Aubry used to be called Piwik until it was rebranded to its current name in 2018. According to Wikipedia it is installed on about 1.5 million websites, making it one of the best known open source web analytics applications on the market.
Operators interested in open and privacy friendly web analytics particularly appreciate Matomo's ability to be self hosted. The respective app variant called "Matomo On-Premise" has no license costs, but paid plugins are necessary for extensive use.
### Room for improvement
Despite the general popularity, there are some problems with Matomo's decisions regarding privacy. By default, the software only offers an opt-out feature for website users. This way, *consent is practically a preset.* In addition, access to usage data is not automated and therefore can be very complex and laborious for users. A common problem which the GDPR mandates explicitly under the heading ["Rights of the data subject"](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#III_Rights_of_the_data_subject){: target="_blank"}.
Despite the general popularity, there are some problems with Matomo's decisions regarding privacy. By default, the software only offers an opt-out feature for website users. This way, *consent is practically a preset.* In addition, access to usage data is not automated and therefore can be very complex and laborious for users. A common problem which the GDPR mandates explicitly under the heading ["Rights of the data subject"](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#III_Rights_of_the_data_subject).
On the technical side, the following issues are particularly apparent. Installing Matomo can be a bit of a pain as there are many dependencies that must be pre-installed on the system. This also applies to the requirement to use a dedicated MySQL database, which makes installation even more complex. Last but not least, the tracking script that Matomo uses is extensive and therefore delays the loading of the pages considerably.
@ -26,7 +27,7 @@ On the technical side, the following issues are particularly apparent. Installin
### Operators and users as equal parties
To address the above mentioned issues we develop a fair and lightweigt web analytics tool that treats operators and users as equal parties. It is called Offen and is [available as a beta version.](https://www.offen.dev/get-started/)
To address the above mentioned issues we develop a fair, self hosted and lightweigt web analytics tool that treats operators and users as equal parties. It is called Offen and is [available as a production ready version.](https://www.offen.dev/get-started/)
*Offen's default is to NOT collect any data.* Usage data is collected after opt-in only. If users choose to opt in, they have full access to their data. They can delete it any time or opt out completly.
@ -38,7 +39,7 @@ Offen is open source and will always be available for free with no hidden costs
The installation is relatively simple and supports the use of SQLite files as well. The tracking script is reduced to a bare minimum and allows pages to load much faster.
To complete the package, the app allows to manage several websites with one login. All website accounts can be shared within teams. A [detailed documentation](https://docs.offen.dev/){: target="_blank"} assists with the installation and daily operation.
To complete the package, the app allows to manage several websites with one login. All website accounts can be shared within teams. A [detailed documentation](https://docs.offen.dev/) assists with the installation and daily operation.
### Confidential by design
@ -49,4 +50,13 @@ Our strict focus on data protection also means that there are some Matomo featur
We hope this overview helps you to get a better insight into the topic of fair web analytics. If you are passionate about ethical software and want *a truly lightweight and privacy focused alternative to Matomo* you should give Offen a try. Why not let both run parallel for a while and then see how it feels? We are looking forward to your [feedback.](mailto:hioffen@posteo.de)
Find further information in our [explainer](https://www.offen.dev/#bg-explainer) or head to our [get started](https://www.offen.dev/get-started/) section.
Find further information in our [explainer](https://www.offen.dev/#bg-explainer), test it on your system or get everything you need to use Offen in production.
<div class="flex flex-wrap justify-center mt4 mb6">
<div class="w-100 w-40-ns mh0 mb3 mb0-ns mr3-ns">
<a class="w-100 tc b link dim ph4 pv2 dib b--solid bw2 cclr-brd-black-mid cclr-fnt-black-mid" href="/try-demo/" rel="noopener">Try demo</a>
</div>
<div class="w-100 w-50-ns mh0 ml3-ns">
<a class="w-100 tc b link dim ph4 pv2 dib b--solid bw2 cclr-brd-black-mid white cclr-bg-black-mid" href="/get-started/" rel="noopener">Get started</a>
</div>
</div>

View File

@ -10,7 +10,7 @@ bottom_cta: blog
# Episode Six — Packaging and testing
It feels a little surreal to write this, but: this post marks the end of Milestone 6, which is the last one defined in our initial product plan defining the scope of our support by the [NGI Zero PET initiative](https://nlnet.nl/thema/NGIZeroPET.html){: target="_blank"}.
It feels a little surreal to write this, but: this post marks the end of Milestone 6, which is the last one defined in our initial product plan defining the scope of our support by the [NGI Zero PET initiative](https://nlnet.nl/thema/NGIZeroPET.html).
In these last weeks we focused on packaging and testing, which - who would have thought - uncovered some issues we didn't know about yet. But it also felt very rewarding to see the work of the last ~9 months paying off, now that we and others can deploy and use Offen easily. Having designed Offen as a self hosted solution from the start, we managed to establish a unique characteristic when comparing Offen with other solutions out there: if you're looking to self host your analytics software, it won't get much easier. If you are unsure about that claim, check out the rest of this post to see what that actually means.
@ -32,17 +32,17 @@ As always, you can download the latest release from [https://get.offen.dev](http
One of the design goals of Offen is to make it really easy to install. Nevertheless, using self hosted software can be daunting if you haven't done it before, or you are not well versed with using the CLI. To help people unsure about what to do getting started, we published a lot of options and contributed to community resources:
- There is a tutorial for installing Offen on [Uberspace](https://uberspace.de/){: target="_blank"}: [https://lab.uberspace.de/guide_offen.html](https://lab.uberspace.de/guide_offen.html){: target="_blank"}
- There is a tutorial for installing Offen on [Uberspace](https://uberspace.de/): [https://lab.uberspace.de/guide_offen.html](https://lab.uberspace.de/guide_offen.html)
- We packaged Offen for [YunoHost](https://yunohost.org/#/){: target="_blank"} (an operating system tailored towards self hosting): [https://github.com/offen/offen_ynh](https://github.com/offen/offen_ynh){: target="_blank"}
- We packaged Offen for [YunoHost](https://yunohost.org/#/) (an operating system tailored towards self hosting): [https://github.com/offen/offen_ynh](https://github.com/offen/offen_ynh)
- We wrote a tutorial for how to host your static website alongside Offen: [https://github.com/hetzneronline/community-content/pull/257](https://github.com/hetzneronline/community-content/pull/257){: target="_blank"}
- We wrote a tutorial for how to host your static website alongside Offen: [https://github.com/hetzneronline/community-content/pull/257](https://github.com/hetzneronline/community-content/pull/257)
- You can deploy Offen to Heroku with a single click: [https://github.com/offen/heroku](https://github.com/offen/heroku)
- There is also a prebuilt image for DigitalOcean: [https://github.com/offen/digitalocean](https://github.com/offen/digitalocean)
- In case Docker is something you are using, here's our image: [https://hub.docker.com/r/offen/offen](https://hub.docker.com/r/offen/offen){: target="_blank"}
- In case Docker is something you are using, here's our image: [https://hub.docker.com/r/offen/offen](https://hub.docker.com/r/offen/offen)
- Raspberry Pis can run Offen just fine: [https://docs.offen.dev/running-offen/downloads-distributions/#building-offen-for-architectures-other-than-amd64](https://docs.offen.dev/running-offen/downloads-distributions/#building-offen-for-architectures-other-than-amd64)
@ -67,7 +67,7 @@ While we've been doing a lot of test installations of Offen ourselves in the pas
#### Helping others to start contributing to Offen
Offen is free and open for everyone to use with no strigs attached. There is no business model like a hosted version or similar behind it. This is why it's important for us to open up the development of Offen to the community now that we've set the foundation. To kick this off, we will be participating in this year's [Hacktoberfest](https://hacktoberfest.digitalocean.com/){: target="_blank"}. Check out the [relevant issues on our repository](https://github.com/offen/offen/issues?q=is%3Aissue+is%3Aopen+label%3AHacktoberfest), forward this to whoever might be interested, or start hacking on Offen yourself right away. We are also happy about any kind of feedback on our [roadmap](https://github.com/offen/offen/projects/1).
Offen is free and open for everyone to use with no strigs attached. There is no business model like a hosted version or similar behind it. This is why it's important for us to open up the development of Offen to the community now that we've set the foundation. To kick this off, we will be participating in this year's [Hacktoberfest](https://hacktoberfest.digitalocean.com/). Check out the [relevant issues on our repository](https://github.com/offen/offen/issues?q=is%3Aissue+is%3Aopen+label%3AHacktoberfest), forward this to whoever might be interested, or start hacking on Offen yourself right away. We are also happy about any kind of feedback on our [roadmap](https://github.com/offen/offen/projects/1).
---
@ -99,7 +99,7 @@ Localizing software at an early stage is hard, so we developed Offen as English-
#### Packaging Offen as a snap
[Snapcraft](https://snapcraft.io/){: target="_blank"} is a relatively recent way of packaging apps for use across all Linux distributions. While it has also received its fair share of criticism, it also provides a really simple way of packaging and distributing apps like Offen.
[Snapcraft](https://snapcraft.io/) is a relatively recent way of packaging apps for use across all Linux distributions. While it has also received its fair share of criticism, it also provides a really simple way of packaging and distributing apps like Offen.
To build a snap from Offen, first install `snapcraft`. If you're on Ubuntu or Debian, you can use `snap` to install it:

View File

@ -33,7 +33,7 @@ First let's take a look at some numbers provided by our web analytics tool. Thes
<img class="mt3 mb2" alt="Figure A" src="/theme/images/offen-blog-0120-opt-in-quality-A.svg"/>
To get an overview of our total traffic in the same time frame we use [GoAccess](https://goaccess.io/){: target="_blank"} to analyze our server logs. Although "total traffic" is a rather symbolic term here, since the *exact number of visitors can never be determined* by any method. Even if we leave aside all non human traffic, a combination of adblockers, privacy tools and bugs reliably prevent an absolutely accurate measurement.
To get an overview of our total traffic in the same time frame we use [GoAccess](https://goaccess.io/) to analyze our server logs. Although "total traffic" is a rather symbolic term here, since the *exact number of visitors can never be determined* by any method. Even if we leave aside all non human traffic, a combination of adblockers, privacy tools and bugs reliably prevent an absolutely accurate measurement.
<img class="mt3 mb2" alt="Figure A" src="/theme/images/offen-blog-0120-opt-in-quality-B.svg"/>
@ -41,7 +41,7 @@ Not surprisingly, far more data is generated in our server logs than with our we
Visitors in the server logs are identified on the basis of a single day and could therefore have been counted several times during recurring visits. Also our logs count visitors and not unique users. This is because all non human traffic on our website is also covered. Which means that search engines indexing our website and all other page views generated by software agents are included.
According to the [7th Annual Bad Bot Report](https://www.imperva.com/resources/resource-library/reports/2020-bad-bot-report/){: target="_blank"} (Imperva Threat Research Lab, 2020), the average *non human traffic on websites has now grown to more than 37%.* Two thirds of this non human traffic accounts for so called bad bots. This software interacts with your website in the same way as a human user would do, which makes it more difficult to detect and block.
According to the [7th Annual Bad Bot Report](https://www.imperva.com/resources/resource-library/reports/2020-bad-bot-report/) (Imperva Threat Research Lab, 2020), the average *non human traffic on websites has now grown to more than 37%.* Two thirds of this non human traffic accounts for so called bad bots. This software interacts with your website in the same way as a human user would do, which makes it more difficult to detect and block.
Let us therefore take a closer look at the quantity and quality of referrer domains collected by both methods.

View File

@ -10,7 +10,7 @@ bottom_cta: blog
# Episode Seven — Performance and Awareness
Some time has passed after [NGI Zero PET Initiative](https://nlnet.nl/thema/NGIZeroPET.html){: target="_blank"} funding ended, we want to recap the results of our work with this blog post.
Some time has passed after [NGI Zero PET Initiative](https://nlnet.nl/thema/NGIZeroPET.html) funding ended, we want to recap the results of our work with this blog post.
Wrapping up what has been a challenging year for everyone, we have been working steadily over the past three months to further enhance our product. The most important aspect of this was a significant improvement in query performance. An update that is particularly beneficial for operators of high-traffic websites who want to analyse user behavior over long periods of time.
@ -52,7 +52,7 @@ For operators who want to migrate an older running Offen instance to another har
#### Localization
As already mentioned in our last milestone, localization ranks at the top of our bucket list. Thanks to the kind support of the folks at [POEditor](https://poeditor.com/){: target="_blank"}, we now have a proper workflow in place and the translation may begin. Not surprisingly, German will be the second locale we tackle. Let us know if you can you help us out with French, Spanish or any other mother tongue.
As already mentioned in our last milestone, localization ranks at the top of our bucket list. Thanks to the kind support of the folks at [POEditor](https://poeditor.com/), we now have a proper workflow in place and the translation may begin. Not surprisingly, German will be the second locale we tackle. Let us know if you can you help us out with French, Spanish or any other mother tongue.
#### Easily accessible analytics data

View File

@ -11,7 +11,7 @@ bottom_cta: quality
# Privacy focus? Consider the cookie
Whoever [drafted the idea for HTTP cookies](https://tools.ietf.org/html/rfc2109){: target="_blank"} back in 1997 likely did not anticipate having created a technology that is as disputed, discussed and also disliked as it is today. A non-technical user of the internet might be under the impression that cookies are an utterly useless privacy disaster that bring you nothing but consent banners filled with dark patterns, and enable advertisers to track you on literally every website ever.
Whoever [drafted the idea for HTTP cookies](https://tools.ietf.org/html/rfc2109) back in 1997 likely did not anticipate having created a technology that is as disputed, discussed and also disliked as it is today. A non-technical user of the internet might be under the impression that cookies are an utterly useless privacy disaster that bring you nothing but consent banners filled with dark patterns, and enable advertisers to track you on literally every website ever.
And while there are definitely problems with the modern day usage of cookies, with very good reasons to regulate their usage, they can also be used to enhance privacy on the web. Using cookies does not necessarily equal tracking your users or invading their privacy. In this article we would like to show you how you can use cookies to respect and enhance the privacy of your users.
@ -21,7 +21,7 @@ And while there are definitely problems with the modern day usage of cookies, wi
### Collecting data should require consent, no matter your implementation details
Inside the European union the so called "[Cookie Directive](https://en.wikipedia.org/wiki/Privacy_and_Electronic_Communications_Directive_2002){: target="_blank"}" mandates acquiring consent from users for setting non-essential cookies. Similar laws exist for example in California. The internet being a global phenomenon, you are very likely to be subject to these regulations in one way or the other the moment you serve any non-trivial website. Many developers like to complain vocally about so called "cookie banners", and the number of sleazy patterns that try to trick users into consenting makes these complaints relatable. A solution that does not require user consent must surely be the better option for privacy, right?
Inside the European union the so called "[Cookie Directive](https://en.wikipedia.org/wiki/Privacy_and_Electronic_Communications_Directive_2002)" mandates acquiring consent from users for setting non-essential cookies. Similar laws exist for example in California. The internet being a global phenomenon, you are very likely to be subject to these regulations in one way or the other the moment you serve any non-trivial website. Many developers like to complain vocally about so called "cookie banners", and the number of sleazy patterns that try to trick users into consenting makes these complaints relatable. A solution that does not require user consent must surely be the better option for privacy, right?
It's not that easy though. If you think user privacy from the ground up, how do the technical details of your implementation matter? We'd argue they do not matter much. If you want to collect non-essential data from your visitors (analytics data in the case of Offen) in a privacy friendly way, you should be asking for user consent. No matter how your technical solution for doing so looks like, and no matter what regulations currently say. If you're not doing this and instead come up with something that allows you to avoid "the cookie banner" for collecting non-essential data, you are not building a privacy friendly solution, you are building a regulations friendly solution.
@ -53,7 +53,7 @@ Cookies are essentially a key-value store. It might seem tempting to store detai
For example let's say you wanted to write a feature test, checking for whether you can set cookies in the first place, you might come up with a mechanism that writes a random value to a certain key and tries to read it again. If the value can be read and is not altered the check succeeds. However, this means the feature test does also make the user identifiable by that random token, which is a privacy implication that is not tolerable for such a basic task. Instead, you can use a static value and also a static key for all users that ever run the feature test, thus making them indistinguishable. The guideline therefore is to always use static values that are the same for each and every user, unless you really need to identify users.
If you find yourself in the situation where you do need to create an identifier that is unique to a user, cookies will give you the privacy advantage of being able to create a truly random and anonymous value (e.g. a UUID) that is not tied to any user or device specific information (as compared with for example tracking sessions by hashing a combination of IP address and User Agent string on the server, [which leaks a lot of private information, even when stored in its hashed form only](https://edps.europa.eu/data-protection/our-work/publications/papers/introduction-hash-function-personal-data_en){: target="_blank"}). Ensure you use a well-tested library for creating such identifiers. Also, consider the option of periodically rotating such tokens so that others that inadvertently get hold of such a token can only make use of it for a limited period of time.
If you find yourself in the situation where you do need to create an identifier that is unique to a user, cookies will give you the privacy advantage of being able to create a truly random and anonymous value (e.g. a UUID) that is not tied to any user or device specific information (as compared with for example tracking sessions by hashing a combination of IP address and User Agent string on the server, [which leaks a lot of private information, even when stored in its hashed form only](https://edps.europa.eu/data-protection/our-work/publications/papers/introduction-hash-function-personal-data_en)). Ensure you use a well-tested library for creating such identifiers. Also, consider the option of periodically rotating such tokens so that others that inadvertently get hold of such a token can only make use of it for a limited period of time.
> *Cookies will give you the privacy advantage of being able to create a truly random and anonymous value that is not tied to any user or device specific information.*
@ -73,7 +73,7 @@ However, when designing an application you might find yourself in situations whe
#### Same site cookies
To preserve privacy for the values stored in the cookies you set yourself, you will want to restrict their usage to to a first-party or same-site context. In order to allow for fine grained control of this behavior, [the `SameSite` attribute](https://web.dev/samesite-cookies-explained/){: target="_blank"} got introduced in [RFC6265bis](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1){: target="_blank"}.
To preserve privacy for the values stored in the cookies you set yourself, you will want to restrict their usage to to a first-party or same-site context. In order to allow for fine grained control of this behavior, [the `SameSite` attribute](https://web.dev/samesite-cookies-explained/) got introduced in [RFC6265bis](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1).
This allows you to now set a value of either `Strict`, `Lax` or `None` for the `SameSite` attribute, limiting the scenarios in which your browser will send cookie information with requests to your domain.
@ -107,15 +107,15 @@ Access rules for a cookie can be defined by using the `Domain` and `Path` parame
There are some interesting details about the `Domain` parameter: it is optional and when not specified at all, the cookie will be bound to the very domain that is setting the cookie. No sibling or subdomains will be allowed to access its value. When you specify a domain, this domain and all of its subdomains will be allowed to access that cookie.
Sometimes, you will also see domain values starting with a dot like `.offen.dev`, which used to indicate that the cookie should be sent to all subdomains, yet modern browsers will treat the domain [with or without the leading dot in the same way](https://tools.ietf.org/html/rfc6265#section-4.1.2.3){: target="_blank"}. It is not needed anymore.
Sometimes, you will also see domain values starting with a dot like `.offen.dev`, which used to indicate that the cookie should be sent to all subdomains, yet modern browsers will treat the domain [with or without the leading dot in the same way](https://tools.ietf.org/html/rfc6265#section-4.1.2.3) It is not needed anymore.
These two mechanisms should be leveraged from the start when you are using cookies. Start by not specifying a domain and the most restrictive `Path` value you can use and only relax these rules if it is strictly necessary for your application to function. Be extra stringent about this when handling cookies that contain identifiers.
#### Expire cookies you do not need
Cookies come in two flavors: Session cookies and persistent cookies. Session cookies will be purged by your browser once your [browsing session](https://html.spec.whatwg.org/dev/history.html#browsing-session){: target="_blank"} ends, persistent cookies define a point of time where they expire themselves. Technically, it's not possible to issue a cookie that is never expiring, although you can create one that expires in a 100 years, resulting in the same effect for the end user.
Cookies come in two flavors: Session cookies and persistent cookies. Session cookies will be purged by your browser once your [browsing session](https://html.spec.whatwg.org/dev/history.html#browsing-session) ends, persistent cookies define a point of time where they expire themselves. Technically, it's not possible to issue a cookie that is never expiring, although you can create one that expires in a 100 years, resulting in the same effect for the end user.
Once again using the principle of [Datensparsamkeit](https://martinfowler.com/bliki/Datensparsamkeit.html){: target="_blank"} as a guideline, it's a good habit to start with all cookies being session cookies. Only make those persistent where the benefits justify the consequences of storing possibly sensitive data like user identifiers on a user's device for a prolonged period of time. Consider the trade-offs for your users when defining the expiry and err on the side of security and privacy. If you really need a very long lived cookie, look into if you could periodically refresh its value so that it does not create a potentially unwanted tracking identifier for others.
Once again using the principle of [Datensparsamkeit](https://martinfowler.com/bliki/Datensparsamkeit.html) as a guideline, it's a good habit to start with all cookies being session cookies. Only make those persistent where the benefits justify the consequences of storing possibly sensitive data like user identifiers on a user's device for a prolonged period of time. Consider the trade-offs for your users when defining the expiry and err on the side of security and privacy. If you really need a very long lived cookie, look into if you could periodically refresh its value so that it does not create a potentially unwanted tracking identifier for others.
> *Start with all cookies being session cookies. Only make those persistent where the benefits justify the consequences of storing possibly sensitive data.*
@ -125,4 +125,4 @@ Once again using the principle of [Datensparsamkeit](https://martinfowler.com/bl
If you find yourself building a product where privacy is important - just like we do when building Offen - feel encouraged to consider cookies as an option for your tasks. Very often, it's a robust and simple choice that is beneficial for your user's privacy when done right, and the implicit requirement for acquiring user consent is a major privacy feature.
Do you have comments or feedback about this article or about Offen in general? Tweet at us [@hioffen](https://twitter.com/hioffen){: target="_blank"} or email us at [hioffen@posteo.de](mailto:hioffen@posteo.de).
Do you have comments or feedback about this article or about Offen in general? Tweet at us [@hioffen](https://twitter.com/hioffen) or email us at [hioffen@posteo.de](mailto:hioffen@posteo.de).

View File

@ -33,7 +33,7 @@ Offen is now also available in English and German. Our consent banner and the Au
To run Offen in a non-default locale, you need to set `OFFEN_APP_LOCALE` to the desired value. In the case of German that'd be `de` for example. [Check the docs about configuring the application](https://docs.offen.dev/running-offen/configuring-the-application/#application).
Our translation workflow featuring [POEditor](https://poeditor.com){: target="_blank"} is up and running and ready to be applied to other languages. A further locale, Indonesian, is currently in the works. If you want to support fair web analytics by contributing French, Spanish or other language versions, don't hesitate to [request an invite.](mailto:hioffen@posteo.de)
Our translation workflow featuring [POEditor](https://poeditor.com) is up and running and ready to be applied to other languages. A further locale, Indonesian, is currently in the works. If you want to support fair web analytics by contributing French, Spanish or other language versions, don't hesitate to [request an invite.](mailto:hioffen@posteo.de)
#### About time

View File

@ -48,7 +48,7 @@ We had already started looking for support in late 2018. And as we delved deeper
In our experience, the key to preparing is to find out as much as possible about the intention of a funding program. Who are the funding backers? Which people decide on the granting? Which projects have been funded so far? Does my project really fits into this whole constellation? Based on these factors you have to make a honest decision. Is the effort of an application really worth it?
With this approach we were able to focus on one German and a few international calls. And by summer 2019 we had submitted a handful of applications. To our great pleasure our proposal to the [NGI Zero Privacy & Trust Fund of the Dutch NLnet Foundation](https://nlnet.nl/PET/){: target="_blank"} was then successful.
With this approach we were able to focus on one German and a few international calls. And by summer 2019 we had submitted a handful of applications. To our great pleasure our proposal to the [NGI Zero Privacy & Trust Fund of the Dutch NLnet Foundation](https://nlnet.nl/PET/) was then successful.
> *We were surprised how many funding sources for the development of open source software exist worldwide.*
@ -87,7 +87,7 @@ This will involve enhancing the UX to a level that can fully compete with other
Furthermore, by factoring out tools from our code we will create an open access for all developers interested in the topic of fair data transfer. In addition to that we want to formalize the general approach we use in Offen and define a protocol spec that others can adopt, ideally generating an ecosystem of compatible client and server implementations.
NLnet is willing to support us once again in these ambitions. This time from the [NGI Zero Search and Discovery Fund.](https://nlnet.nl/discovery/){: target="_blank"} We are of course more than happy about this and would like to take this opportunity to thank the whole NLnet team for their confidence in our work.
NLnet is willing to support us once again in these ambitions. This time from the [NGI Zero Search and Discovery Fund.](https://nlnet.nl/discovery/) We are of course more than happy about this and would like to take this opportunity to thank the whole NLnet team for their confidence in our work.
> *We want to formalize the general approach we use in Offen and define a protocol spec that others can adopt, ideally generating an ecosystem of compatible client and server implementations.*
@ -95,4 +95,4 @@ NLnet is willing to support us once again in these ambitions. This time from the
Do you have feedback on the latest Offen release or our next steps? What is your experience in developing open source tools? Are you as enthusiastic about fair data transfer as we are?
Drop us a [tweet](https://twitter.com/hioffen){: target="_blank"} or [email](mailto:hioffen@posteo.de) and feel invited to work together to drive this idea forward.
Drop us a [tweet](https://twitter.com/hioffen) or [email](mailto:hioffen@posteo.de) and feel invited to work together to drive this idea forward.

View File

@ -0,0 +1,71 @@
title: Extend the view
description: Over the last eight weeks, we have further optimized our display options, added a French locale, and made our Docker image more safe.
date: 2021-04-20
slug: extend-view
url: /blog/extend-view/
sitemap_priority: 0.6
image_url: /theme/images/offen-blog-0170-extend-view.jpg
author: Hendrik Niefeld
bottom_cta: cookie
# Episode Nine — Extend the view
As spring arrives in Berlin, we would like to share with you some highlights of our work over the past eight weeks.
With version v0.4.1 now officially out, the UI for Offen is now also available in French. We've added a widescreen option for the Auditorium and made our Docker image more safe. Plus, we've done a lot of maintenance under the hood to make sure everything is up to date
Since our last update we have published three versions:
- [v0.3.1](https://github.com/offen/offen/releases/tag/v0.3.1)
- [v0.4.0](https://github.com/offen/offen/releases/tag/v0.4.0)
- [v0.4.1](https://github.com/offen/offen/releases/tag/v0.4.1)
As usual, you can download the latest release from [https://get.offen.dev](https://get.offen.dev/) or pull it from Docker Hub.
---
### Achievements
#### Go widescreen
We have further optimised our display options and brought them closer to real workflows. The Auditorium for operators now makes better use of the screen space on desktop devices. Furthermore, we have optimised the display of the bar chart in mobile view.
#### Nous parlons français
Our consent banner and the Auditorium for operators as well as users can be displayed in one more locale. Thanks to the great contribution of [@jtraulle](https://github.com/jtraulle), *Offen is now also available in French.*
To run Offen in a non-default locale, you need to set `OFFEN_APP_LOCALE` to the desired value. In the case of French that'd be `fr` for example. [Check the docs](https://docs.offen.dev/running-offen/configuring-the-application/#application) about configuring the application.
If you want to support fair web analytics by contributing Spanish, Portuguese or other language versions, don't hesitate to [request an invite.](mailto:hioffen@posteo.de)
#### More safe
There is a breaking change for users of our Docker image using a SQLite database.
Until now, our Docker image has run the application as `root`. This could theoretically have allowed malicious third-party code to be injected into Offen.
*It has not happened in any Offen version* but to prevent this from potentially happening in the future, all images published from now on run the application as a dedicated, non-priviledged `offen` user. Please [refer to our documentation](https://docs.offen.dev/running-offen/known-issues/#docker-based-deployment-stops-working-after-upgrading-to-v040-or-later) on how to update. Feel free to contact us if you need further assistance.
---
### Next up
#### Awareness once more
We want to further support operators in making users aware of how their data is handled. As a further step, we plan to make all existing consent elements customizable in their design to make insertion less painful for operators.
Following on from this, we then aim to give operators a range of options for adding pre-built elements to their website that will help attract user awareness.
#### Talks and conferences
As far as the visibility of our project in the relevant public is considered, there is still much to be done. That' s why we want to present Offen and the idea of fair data transfer behind it to a professional audience as well.
We already have a few events in mind but welcome more recommendations for relevant talks and conferences worldwide. Do you have something in mind that we should apply for? [Let us know.](mailto:hioffen@posteo.de)
---
### Happy to hear from you
Are you using Offen? We're happy to feature you in this [README.](https://github.com/offen/offen/blob/development/README.md) Send a PR adding your site or app to [this](https://github.com/offen/offen/blob/development/README.md#whos-using-offen) section.
If you have any feedback, comment or bug report on the latest release, let us know. Open an [issue](https://github.com/offen/offen/issues) or send us an email at [hioffen@posteo.de](mailto:hioffen@posteo.de).

View File

@ -8,9 +8,9 @@ sitemap_priority: 0.3
### What is this thing called "my data" and why does seemingly everyone want to get hold of it?
It has a ring, gives a slight spine-chilling sensation and generates a whole lot of clicks: consumer magazines like German "Computer Bild" caution about ["Google espionage"](https://www.computerbild.de/artikel/cb-Ratgeber-Kurse-Wissen-Was-weiss-Google-ueber-Sie-2799009.html){: target="_blank"} just like the internet has countless tutorials on turning off numerous ["data leeches"](https://praxistipps.chip.de/datenkrake-windows-10-so-schalten-sie-auffaellige-funktionen-ab_99652){: target="_blank"}. Interestingly, diving into these realms will have you accidentally catching the next toolbar, malware infection or [even worse](https://blog.malwarebytes.com/cybercrime/2012/10/pick-a-download-any-download/){: target="_blank"}.
It has a ring, gives a slight spine-chilling sensation and generates a whole lot of clicks: consumer magazines like German "Computer Bild" caution about ["Google espionage"](https://www.computerbild.de/artikel/cb-Ratgeber-Kurse-Wissen-Was-weiss-Google-ueber-Sie-2799009.html) just like the internet has countless tutorials on turning off numerous ["data leeches"](https://praxistipps.chip.de/datenkrake-windows-10-so-schalten-sie-auffaellige-funktionen-ab_99652). Interestingly, diving into these realms will have you accidentally catching the next toolbar, malware infection or [even worse](https://blog.malwarebytes.com/cybercrime/2012/10/pick-a-download-any-download/).
Yet, many internet users still do not know what really is happening to their data. Public relation activities trying to calm the public - as recently undertaken by Facebook [for example](https://www.zeit.de/digital/datenschutz/2019-01/social-media-facebook-mark-zuckerberg-ads-privacy-business-model-transparency){: target="_blank"} - end up being rather disturbing instead of creating transparency or adding any value to the public debate. Denelle Dixon, COO of Mozilla, just publicly [warned the European Commission](https://blog.mozilla.org/blog/2019/01/31/mozilla-raises-concerns-over-facebooks-lack-of-transparency/){: target="_blank"} about the dangerous effects an opaque apparatus such as Facebook can have on society. Updated Terms and Conditions only parenthetically mention that newly created Google accounts will now hand over real names to third parties for [advertising purposes](https://www.propublica.org/article/google-has-quietly-dropped-ban-on-personally-identifiable-web-tracking){: target="_blank"}.
Yet, many internet users still do not know what really is happening to their data. Public relation activities trying to calm the public - as recently undertaken by Facebook [for example](https://www.zeit.de/digital/datenschutz/2019-01/social-media-facebook-mark-zuckerberg-ads-privacy-business-model-transparency) - end up being rather disturbing instead of creating transparency or adding any value to the public debate. Denelle Dixon, COO of Mozilla, just publicly [warned the European Commission](https://blog.mozilla.org/blog/2019/01/31/mozilla-raises-concerns-over-facebooks-lack-of-transparency/) about the dangerous effects an opaque apparatus such as Facebook can have on society. Updated Terms and Conditions only parenthetically mention that newly created Google accounts will now hand over real names to third parties for [advertising purposes](https://www.propublica.org/article/google-has-quietly-dropped-ban-on-personally-identifiable-web-tracking).
<div class="flex justify-end pb5">
<img class="smaller-image" alt="Detour" src="/theme/images/gfx-deepdive-A.png"/>
@ -20,7 +20,7 @@ As a regular user of the internet, are you really being spied upon? *What exactl
> "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
>
> [Eric Schmidt](https://www.eff.org/de/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy){: target="_blank"} (at this time CEO of Google), 2009
> [Eric Schmidt](https://www.eff.org/de/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy) (at this time CEO of Google), 2009
We would like to turn the tables on this much quoted statement and apply it to the operators of services and websites instead of their users. The analytics software Offen *transparently and uncompromisingly discloses what data is being collected and what it is being used for* to the users.
@ -42,7 +42,7 @@ Choosing Offen, websites and web applications obtain a free, open and robust too
Transparently handling usage data in the open creates mutual trust while still enabling operators to collect needed usage statistics. Offen is designed to be a mediating agent only, and does not side with either users or operators. Sharing knowledge between the two parties creates opportunities for an *open and fact based discussion* about user data and privacy. Users gain insights into what data is being collected and what these data points are used for, just like they learn about which kind of data is not part of the collection. They are enabled to reach self-determined decisions about what they consent with and what they disagree with when it comes to privacy on the web, also in other contexts than analytics.
We want to exemplify that it is time to depart the age of ["data capitalism"](https://www.zeit.de/digital/datenschutz/2019-01/datenschutz-nick-couldry-datenkolonialismus-datenhandel/komplettansicht){: target="_blank"} and to create *technologies and infrastructure that are transparent, open and oriented towards the common good*
We want to exemplify that it is time to depart the age of ["data capitalism"](https://www.zeit.de/digital/datenschutz/2019-01/datenschutz-nick-couldry-datenkolonialismus-datenhandel/komplettansicht) and to create *technologies and infrastructure that are transparent, open and oriented towards the common good*
<div class="flex justify-end">
<img class="smaller-image mt2" alt="Detour" src="/theme/images/gfx-deepdive-C.png"/>
@ -50,9 +50,9 @@ We want to exemplify that it is time to depart the age of ["data capitalism"](ht
### Offen as a technology
At runtime, Offen is just mediating exchange between users and operators. Usage data is collected in conformance to GDPR and with the concept of ["Datensparsamkeit"](https://martinfowler.com/bliki/Datensparsamkeit.html){: target="_blank"} in mind. All user data is encrypted in the browser so that it can only ever be accessed by the users themselves or the matching operator. While being collected in the context of a website or application, neither operators nor third party scripts have any possibility to access the usage data. Offen itself doesn't have any way of decrypting, processing or even selling the gathered data at any point.
At runtime, Offen is just mediating exchange between users and operators. Usage data is collected in conformance to GDPR and with the concept of ["Datensparsamkeit"](https://martinfowler.com/bliki/Datensparsamkeit.html) in mind. All user data is encrypted in the browser so that it can only ever be accessed by the users themselves or the matching operator. While being collected in the context of a website or application, neither operators nor third party scripts have any possibility to access the usage data. Offen itself doesn't have any way of decrypting, processing or even selling the gathered data at any point.
The software itself, as well as *all the used tools are open source*, [project planning and technical specification](https://github.com/offen/offen){: target="_blank"} take place in the open and actively solicit feedback from the general public.
The software itself, as well as *all the used tools are open source*, [project planning and technical specification](https://github.com/offen/offen) take place in the open and actively solicit feedback from the general public.
Users and operators are given intuitive and accessibility-focused tools for analyzing and managing their data in the form of a web application and a browser extension. Operators deploy the service using a simple script tag.
@ -64,11 +64,11 @@ Developing and running Offen can only work out when it is entirely *free of any
### Status Quo
Offen is created by [Frederik Ring](https://www.frederikring.com/){: target="_blank"} and [Hendrik Niefeld](http://niefeld.com/){: target="_blank"} and is currently being conceptually designed and in active development, both as a product as well as as a software.
Offen is created by [Frederik Ring](https://www.frederikring.com/) and [Hendrik Niefeld](http://niefeld.com/) and is currently being conceptually designed and in active development, both as a product as well as as a software.
[![NLnet Foundation](/theme/images/nlnet-logo.svg){:width="160px" height="60px" class="mt4"}](https://nlnet.nl/){: target="_blank"}
[![NLnet Foundation](/theme/images/nlnet-logo.svg){:width="160px" height="60px" class="mt4"}](https://nlnet.nl/)
We are happy to work with [NLnet Foundation,](https://nlnet.nl/){: target="_blank"} which actively supports our efforts as part of its [Next Generation Internet](https://nlnet.nl/NGI/){: target="_blank"} initiative.
We are happy to work with [NLnet Foundation,](https://nlnet.nl/) which actively supports our efforts as part of its [Next Generation Internet](https://nlnet.nl/NGI/) initiative.
### Contact
@ -76,4 +76,4 @@ We are happy to work with [NLnet Foundation,](https://nlnet.nl/){: target="_blan
*Feel free to contact us with any kind of feedback.* From criticism and praise to contributions or support, everything is welcome. Get in touch.
[hioffen@posteo.de](mailto:hioffen@posteo.de)
[PGP Key](/theme/74B041E23DB29D552644CEB1B18C633D6967FE3F.asc){: target="_blank"}
[PGP Key](/theme/74B041E23DB29D552644CEB1B18C633D6967FE3F.asc)

View File

@ -6,7 +6,7 @@ sitemap_priority: 0.8
We optimize Offen to be as simple and easy for everyone to self host. *No additional software is required to run an instance* and hardware requirements are minimal. A basic VPS or even a Raspberry Pi will be all you need to get started.
Choose your preferred way of running Offen below. Be sure to check out our documentation as well. If you get stuck or need help, [file an issue][gh-issues], [tweet (@hioffen)][twitter]{: target="_blank"} or [email][email].
Choose your preferred way of running Offen below. Be sure to check out our documentation as well. If you get stuck or need help, [file an issue][gh-issues], [tweet (@hioffen)][twitter] or [email][email].
[gh-issues]: https://github.com/offen/offen/issues
[twitter]: https://twitter.com/hioffen

View File

@ -28,7 +28,7 @@ Our banner serves two purposes: We ask you to access your usage data and would l
Yes, in particular cookies are used to store your decision about granting access to your usage data. If you opt in, we also use cookies to store a user and a session ID for you.
#### How does it all work?
After opening a website where an Offen installation is active, you can explicitly opt in to the data collection and thereby help to improve the services you use. Only then you will be assigned a user and a session ID using a cookie. Offen handles these IDs in an unrecognizable form. [Learn more about cookies here.](https://en.wikipedia.org/wiki/HTTP_cookie){: target="_blank"}
After opening a website where an Offen installation is active, you can explicitly opt in to the data collection and thereby help to improve the services you use. Only then you will be assigned a user and a session ID using a cookie. Offen handles these IDs in an unrecognizable form. [Learn more about cookies here.](https://en.wikipedia.org/wiki/HTTP_cookie)
### External hosting
This website is hosted by an external service provider. Non-personal data on requests to this website are stored on the hoster's servers and automatically deleted after 7 days. Responsible for hosting this website is:
@ -38,7 +38,7 @@ Industriestr. 25
91710 Gunzenhausen, Germany
E-mail: [info@hetzner.com](mailto:info@hetzner.com)
Internet address: [www.hetzner.com](https://www.hetzner.com/){: target="_blank"}
Internet address: [www.hetzner.com](https://www.hetzner.com/)
### Data processing / Information in accordance with Section 5 TMG
Data processing on this website is handled by the website operator. If you have any questions about data protection, please feel free to contact us at any time. Responsible for data processing and general contact for this website is:
@ -54,7 +54,7 @@ Internet address: [www.offen.dev](http://www.offen.dev)
If you contact us by e-mail, your request including all resulting personal data (name, request) will be stored by us for the purpose of processing your request. We will not disclose your data without your consent. It remains stored with us until you request us to delete it or revoke your consent to store it.
### License
The content of this website itself is licensed under the [Creative Commons Attribution 4.0 International (CC BY 4.0) License](https://creativecommons.org/licenses/by/4.0/){: target="_blank"}, and the underlying source code used to format and display that content is licensed under the [GNU Affero General Public License v3.0](https://github.com/offen/website/blob/development/LICENSE){: target="_blank"}.
The content of this website itself is licensed under the [Creative Commons Attribution 4.0 International (CC BY 4.0) License](https://creativecommons.org/licenses/by/4.0/), and the underlying source code used to format and display that content is licensed under the [GNU Affero General Public License v3.0](https://github.com/offen/website/blob/development/LICENSE).
### Graphics and Image Sources
NLNet Logo [https://nlnet.nl/logo/](https://nlnet.nl/logo/){: target="_blank"}
NLNet Logo [https://nlnet.nl/logo/](https://nlnet.nl/logo/)

View File

@ -6,7 +6,7 @@ sitemap_priority: 0.1
Offen always respects your data, which is why *we don't offer a live demo showing you data of real users.* However, it's really easy to get a demo that is populated with random usage data up and running on your system.
If you get stuck or need help, [file an issue][gh-issues], [tweet (@hioffen)][twitter]{: target="_blank"} or [email][email].
If you get stuck or need help, [file an issue][gh-issues], [tweet (@hioffen)][twitter] or [email][email].
[gh-issues]: https://github.com/offen/offen/issues
[twitter]: https://twitter.com/hioffen

Binary file not shown.

After

Width:  |  Height:  |  Size: 140 KiB

View File

@ -31,7 +31,7 @@
</a>
</figure>
<h6 class="f5 lh-solid normal ma0 light-silver">
{{ article.date | strftime('%d %b %Y') }}{% if article.modified %}(article.updated {{ article.modified | strftime('%d %b %Y') }}){% endif %}, {{ article.author }}
{{ article.date | strftime('%d %b %Y') }}, {{ article.author }}
</h6>
<h2 class="f3 normal lh-title mt3 ma0 mb3 light-silver">
{% if not article.must_read %}

View File

@ -26,8 +26,13 @@
</figure>
<div class="ph3 ph5-ns pt5">
<h6 class="f5 lh-solid normal ma0 light-silver">
{{ article.date | strftime('%d %b %Y') }}{% if article.modified %}(updated {{ article.modified | strftime('%d %b %Y') }}){% endif %}, {{ article.author }}
{{ article.date | strftime('%d %b %Y') }}, {{ article.author }}
</h6>
{% if article.modified %}
<h6 class="f5 lh-solid normal ma0 mt2 light-silver">
Revised on {{ article.modified | strftime('%d %b %Y') }}
</h6>
{% endif %}
{{ article.content }}
</div>
</div>