WEBVTT 00:00.000 --> 00:12.000 Hi everyone, my name is Recytnik. I'm from Ivo Martian's company and today I will try to tell you 00:12.000 --> 00:20.000 how and why from 10 developers, the developers should take care about the privacy. And you know a lot of people in 00:20.000 --> 00:26.000 a lot of developers who are still in Twitter will ask a question like, oh no, politics again, 00:26.000 --> 00:34.000 like I prefer to talk about memory, about the code, not the politics. Why? And this is a good question, 00:34.000 --> 00:41.000 like how software industry related with the principles of politics. Open source, a lot of people who 00:41.000 --> 00:46.000 still in Twitter think that open source is a way to get a free software. But in reality, open source 00:46.000 --> 00:53.000 is a way to control your software that the laptop belongs to you and not just rent from the company 00:53.000 --> 01:00.000 from the Apple for instance. And so this is pretty political idea that I should and must control 01:00.000 --> 01:08.000 my software that it should belong to me. I think the very important part of software development 01:08.000 --> 01:15.000 is mistrust the authorities and it's pretty political decision. But my favorite code from the developers 01:16.000 --> 01:21.000 is the quote from the people who created RCA like all these encryption algorithms, actually 01:21.000 --> 01:27.000 TPS in your URL bar. Like the decision we make about communication security today will determine 01:27.000 --> 01:33.000 the kind of society we will live tomorrow. And this is a good example of how we as a developer should 01:33.000 --> 01:38.000 think about what we're creating. It's not a software, it's not a task in your zero management. It's a 01:38.000 --> 01:45.000 society where you will live where your child will live, etc. And I think software was always 01:45.000 --> 01:51.000 about politics in principles, open source, high-end cryptography, it's always about the politics. 01:51.000 --> 01:58.000 And it's only a modern generation thing that they should be out of the politics. This is a movie 01:58.000 --> 02:05.000 hackers from the 1993 and this show completely different pictures of ourselves. If I will go 02:05.000 --> 02:12.000 to frontend conference, it will look like this, not like this. And unfortunately this is a problem. 02:12.000 --> 02:18.000 Okay, why I should care about privacy and understand that software development is about privacy 02:18.000 --> 02:24.000 but why I should care? First, because you're creating a software, the world where you will live. 02:24.000 --> 02:30.000 If you create a software which track a worker's hours, like what you're doing on the laptop 02:30.000 --> 02:38.000 in the next month, you will use the software against you. Second, you know, working just for closing 02:38.000 --> 02:45.000 a genotask, just for money is meaningless. It's created empty hole inside your soul and create 02:45.000 --> 02:50.000 and having some fun together making the revolution is always fun. So having the principles 02:50.000 --> 02:57.000 make your life much more meaningful and finding. But all the things about principles, what about 02:57.000 --> 03:01.000 the privacy? It's about principles in general and there is multiple principles, 03:01.000 --> 03:08.000 politics and solutions which you should care about. And like there is no objective way to prove that 03:08.000 --> 03:15.000 one revolution principle is better than another one. But I will try. So why you should care about privacy 03:15.000 --> 03:21.000 especially? Of course, like there is a lot of misconception about privacy. First, 03:21.000 --> 03:26.000 in this assumption, it's like that Google, et cetera, they took our data only to show 03:26.000 --> 03:31.000 the better advertisement for you. You should not be care about privacy because all the 03:31.000 --> 03:38.000 survival is for your better advertisement. Unfortunately, it's not exactly how it works. 03:38.000 --> 03:44.000 And the main problem here is a very shaded thing which nobody really takes to speak about is data brokers. 03:44.000 --> 03:50.000 You know, like when you have a software and there is some trackers like Google Analytics, 03:50.000 --> 03:55.000 some advertisement, this data is not going to only one company. It's going to the company 03:55.000 --> 03:59.000 which aggregate a lot of data together and they sell this data, 03:59.000 --> 04:04.000 aggregated data to very shaded clients. Here's a one interesting example. 04:04.000 --> 04:08.000 This is a data broker called XMode and in 2020, 04:08.000 --> 04:16.000 journalists found out that this data brokers buy a data from about 100 applications, 04:16.000 --> 04:20.000 including Corona application, missing data application, 04:20.000 --> 04:28.000 drug applications, and then all this data aggregated data was sold to US milk to contractors. 04:28.000 --> 04:36.000 What could be more shady that selling a missing data to the Americans military? 04:36.000 --> 04:41.000 Like it's fucking pretty crazy. Okay, this is like a bad company, 04:41.000 --> 04:45.000 but my company doesn't sell the data. I'm working in a good company. 04:45.000 --> 04:49.000 And here's the problem, like you don't need to sell the data, 04:49.000 --> 04:51.000 so this data will be available for data brokers. 04:51.000 --> 04:54.000 There is such a thing called data breaches, 04:54.000 --> 05:01.000 so data leaks when data will be taken from your company without your permissions. 05:01.000 --> 05:04.000 My hackers buy some leaks, et cetera, et cetera. 05:04.000 --> 05:07.000 And we have more and more leaks every month. 05:07.000 --> 05:10.000 And so if you store any data on the server, 05:10.000 --> 05:15.000 this data will be leaked in some point of the company history. 05:15.000 --> 05:20.000 The only way to prevent data from the leaking is not to know 05:20.000 --> 05:24.000 to have a better security system, et cetera, just not to store the data. 05:24.000 --> 05:27.000 And there is a very interesting example. 05:27.000 --> 05:32.000 Like there is a Yandex food delivery, similar to Zubili, et cetera, 05:32.000 --> 05:37.000 and they leaked all data from 2021 to 2022. 05:37.000 --> 05:43.000 This data includes your first last name, from number, delivery address, 05:43.000 --> 05:44.000 and delivery time. 05:44.000 --> 05:49.000 For the whole year of all cities and of Russia, that was leaked. 05:49.000 --> 05:54.000 And you know, imagine that once you have a meeting with your grandma, 05:54.000 --> 05:58.000 give you some Hiroshki, and you told that, no, I don't want it, 05:58.000 --> 06:02.000 I'm already a lot, but then. 06:02.000 --> 06:06.000 Like the funny part that people create in website, which everyone can use 06:06.000 --> 06:11.000 to search this data, and then your grandma going to this data, put your name, 06:11.000 --> 06:17.000 and find that after this dialogue, you go in, you order a Chinese food. 06:17.000 --> 06:21.000 It could be, you know, very bad situation in your family. 06:21.000 --> 06:25.000 But you know, like, you can understand, like, right now, people use this data to 06:25.000 --> 06:30.000 track president, because it's easy to track the, like, execute the present security, 06:30.000 --> 06:33.000 according to this data, because they have a phone number, et cetera. 06:33.000 --> 06:36.000 Okay, then mistake, the next mistake. 06:36.000 --> 06:41.000 Okay, but the data, which my company collects, is not, you know, 06:41.000 --> 06:44.000 sense it, if it's not private data, just email. 06:44.000 --> 06:46.000 And here's a problem. 06:46.000 --> 06:48.000 The problem is called big data. 06:49.000 --> 06:54.000 We can compare data from a different application to make a very interesting connections. 06:54.000 --> 06:58.000 For instance, this application can run up, and, like, it does have any 06:58.000 --> 07:02.000 like registration, it just use only location to show the direction to the, 07:02.000 --> 07:06.000 but of course, like, if user have this application, we know that this 07:06.000 --> 07:09.000 application is, this user is very likely a Muslim. 07:09.000 --> 07:13.000 But then we, this is another application, social application. 07:13.000 --> 07:17.000 We use location to make a picture, like Instagram, to make a, to put a 07:17.000 --> 07:19.000 location inside the pictures. 07:19.000 --> 07:22.000 And this social app has email. 07:22.000 --> 07:26.000 And we can use locations to connect, that it's exactly the same person 07:26.000 --> 07:29.000 using a corona application and social app application. 07:29.000 --> 07:34.000 And then we can use all data bridge to connect email with the real, 07:34.000 --> 07:35.000 phone name. 07:35.000 --> 07:40.000 So this corona application and locations, it's a sensitive data, 07:40.000 --> 07:43.000 because it could be connected with other data links. 07:43.000 --> 07:49.000 And then, make it very, like, painful, very dangerous decisions. 07:49.000 --> 07:51.000 Okay, and this is a very interesting example. 07:51.000 --> 07:54.000 How many people here use Google Analytics on their website? 07:54.000 --> 07:56.000 It's okay, it's okay, it's okay. 07:56.000 --> 07:59.000 It's okay, it's okay, it's okay, it's okay, it's okay. 07:59.000 --> 08:04.000 Like, according to statistics, the global interest is about half of the website. 08:04.000 --> 08:08.000 And the Google Analytics, it's not only track, I use it inside your website. 08:08.000 --> 08:11.000 It has a global user ID. 08:11.000 --> 08:15.000 So Google Analytics track your path through the whole internet. 08:15.000 --> 08:19.000 And it's not only through this 50% of the websites, 08:19.000 --> 08:24.000 because Google Analytics know where you can go next from the tracking websites 08:24.000 --> 08:27.000 to the tracking area, because it could track the clicks. 08:27.000 --> 08:29.000 And it could track a referer. 08:29.000 --> 08:33.000 So it can understand where, like, from where did you come here. 08:33.000 --> 08:36.000 And as a result, I believe that Google 08:36.000 --> 08:41.000 can understand about 75% of all your paths through the whole internet. 08:41.000 --> 08:46.000 And, like, connected to your exactly username, phone number, personality. 08:46.000 --> 08:51.000 So, you have exactly profile of what you do across the whole global internet. 08:51.000 --> 08:54.000 And this is, like, how they combine data together. 08:54.000 --> 08:56.000 Okay, next mistake. 08:56.000 --> 08:58.000 No, I have nothing to hide. 08:58.000 --> 09:01.000 If you have nothing to hide, you have nothing to fear. 09:01.000 --> 09:04.000 The main problem is that there is people who have something to hide. 09:04.000 --> 09:08.000 For instance, like, extra employee sells the data to Saudi, 09:08.000 --> 09:11.000 about the decisions in Saudi Arabia, 09:11.000 --> 09:13.000 because Twitter collects the data. 09:13.000 --> 09:18.000 And as a result, one person going to jail and a lot of skill. 09:18.000 --> 09:22.000 So, unfortunately, if Twitter would not collect this data, 09:22.000 --> 09:25.000 they will be released right now. 09:25.000 --> 09:28.000 It's not only, you know, about Saudi Arabia. 09:28.000 --> 09:31.000 In Israel, it's a company who created a Facebook condition system, 09:31.000 --> 09:36.000 which you use in the Russian, other countries to prevent mass protests. 09:36.000 --> 09:39.000 And it's not only about a new citizen of Saudi Arabia, 09:39.000 --> 09:44.000 Russia, like, a proton mail, get data to the Spanish government 09:44.000 --> 09:49.000 and then it's combined data with Apple to find a person who helped 09:49.000 --> 09:53.000 mass protests during the Catalonian independence movement. 09:53.000 --> 09:56.000 And this person going to jail, because of this data. 09:56.000 --> 10:00.000 And if Apple and proton mail did not collect this data in first place, 10:00.000 --> 10:03.000 this person will be free. 10:03.000 --> 10:09.000 And even if not about somebody who tried to fight against government, 10:09.000 --> 10:12.000 the more your data available online, 10:12.000 --> 10:17.000 means that LLMs could convince you to do something different by this data. 10:17.000 --> 10:23.000 Because your private data makes LLMs much better to change your political views 10:23.000 --> 10:25.000 and it's very dangerous. 10:25.000 --> 10:29.000 But what I can do about all of this problems. 10:29.000 --> 10:32.000 Yeah, this is a problem, but I'm just a developer. 10:32.000 --> 10:34.000 Okay, different topic. 10:34.000 --> 10:37.000 You know, modern internet is a shitty place. 10:37.000 --> 10:39.000 Pop-ups is everywhere, it's hard to use. 10:39.000 --> 10:41.000 Somebody made it very bad, yeah. 10:41.000 --> 10:46.000 But, like, I mean, the JavaScript section is like, first of them. 10:46.000 --> 10:51.000 Like, it's we made internet, awful place, full of the pop-ups. 10:51.000 --> 10:56.000 It's exactly we are to make, you know, adding this pop-ups to our website. 10:56.000 --> 11:01.000 So, first step, remove fucking GDPR pop-ups, please, finally. 11:01.000 --> 11:06.000 But you know, but like, it's a European bureaucrats forced me to do it. 11:06.000 --> 11:10.000 It's, you know, all this left government forced me to do it. 11:10.000 --> 11:12.000 It's not what I want. 11:12.000 --> 11:17.000 But the main problem that in GDPR, law, there is no pop-up world. 11:17.000 --> 11:23.000 And reality, we add pop-ups, not because we forced by GDPR. 11:23.000 --> 11:28.000 The reality that our software industry could not stop tracking users. 11:28.000 --> 11:33.000 GDPR has a very simple idea, stop truck users. 11:33.000 --> 11:36.000 But we cannot combine this force together. 11:36.000 --> 11:41.000 And like, this law changed, like, our answer to this law is not stopping to track users. 11:41.000 --> 11:46.000 It's to punish users with pop-ups until they agree to give the data. 11:46.000 --> 11:51.000 You know, like, the whole pop-up is a black design pattern. 11:51.000 --> 11:55.000 Like, we show it's exactly in the moment when users don't want it. 11:55.000 --> 12:02.000 So, like, he will be the most suffer, and this software will force the users to allow us to track him. 12:02.000 --> 12:04.000 Said. 12:04.000 --> 12:06.000 So, what is the right way? 12:06.000 --> 12:10.000 It's to use GDPR compatible analytics, instead Google Analytics. 12:10.000 --> 12:12.000 Then you don't need to show pop-up. 12:12.000 --> 12:17.000 And only when users will give you a data in some reasonable way, for instance, sign-up form, et cetera, 12:17.000 --> 12:22.000 we will have you know some checkbox explaining how we will use this data. 12:22.000 --> 12:25.000 Et cetera, it will be a good design. 12:25.000 --> 12:27.000 Nice. 12:27.000 --> 12:32.000 And analytics without GDPR pop-up right now is very capable. 12:32.000 --> 12:37.000 It could track your campaigns, it could track sources, it could track events. 12:37.000 --> 12:42.000 It could, you know, understand that if a person came from this website, 12:42.000 --> 12:47.000 he buys something, kind of, this type of analysis could combine this data, 12:47.000 --> 12:53.000 and like give a campaign, campaign, et cetera, this data to your marketing management. 12:53.000 --> 13:01.000 The only two things which could not track is first it could not connect actions across your website with exact user ID. 13:01.000 --> 13:05.000 So, because it's tracking, you can track user pass through the website. 13:05.000 --> 13:08.000 And second one, think it could not do remarketing. 13:08.000 --> 13:11.000 It's when you collect the social media ID. 13:11.000 --> 13:17.000 So, then when you go to Instagram, you will see a detachment about the sense which you try to buy. 13:17.000 --> 13:20.000 Because it's a fucking creepier. 13:20.000 --> 13:21.000 Okay. 13:21.000 --> 13:25.000 There is a lot of Google, a lot of Google analytics. 13:25.000 --> 13:28.000 I personally use plousible, but like all of them is pretty nice. 13:28.000 --> 13:29.000 So, I can recommend them. 13:29.000 --> 13:33.000 And it's not the only, it's like the sense which I heard about. 13:33.000 --> 13:38.000 There is a lot of system right now. 13:38.000 --> 13:42.000 There is a very good website called European Alternative Software. 13:42.000 --> 13:46.000 I think, like, it's a company switches in Europe and then they are mostly like, 13:46.000 --> 13:48.000 Gebercompatible. 13:48.000 --> 13:49.000 Okay. 13:49.000 --> 13:53.000 But what if your marketing manager force you to at Google analytics? 13:53.000 --> 13:57.000 You know, a lot of people collect data, not because they need it, 13:57.000 --> 14:01.000 but because they have a session, especially now, software industry. 14:01.000 --> 14:06.000 And this is a very simple question which you could ask your marketing manager about 14:06.000 --> 14:08.000 this data or not. 14:08.000 --> 14:12.000 Like, what decision have you made with this personal data in the last year? 14:12.000 --> 14:15.000 If they did not make any decision according to this data, 14:15.000 --> 14:16.000 it's not, they don't need it. 14:16.000 --> 14:19.000 It's just a obsession to collect more and more data. 14:19.000 --> 14:22.000 And the main problem with all this, you know, 14:22.000 --> 14:26.000 Google analytics and pop-ups that we cannot trust this data. 14:26.000 --> 14:31.000 Like, if we have some users, and only part of them, 14:31.000 --> 14:34.000 press no, and part of them press yes, it's about, like, 14:34.000 --> 14:36.000 search for 60%. 14:36.000 --> 14:42.000 It means that this, like, our users split it to two specific groups. 14:42.000 --> 14:49.000 And some feature could be, and presented in a different proportion between these two groups. 14:49.000 --> 14:53.000 So if you have data only for users who press a yes in Europe or pop-up, 14:53.000 --> 14:56.000 you cannot trust this data because in the real case, 14:56.000 --> 14:58.000 it could be completely opposite results. 14:58.000 --> 15:02.000 So, like, marketing manager could trust data only, 15:02.000 --> 15:08.000 which without private data, which could be collected from user who press no, 15:08.000 --> 15:09.000 really, by pop-ups. 15:09.000 --> 15:13.000 Because all this data is, like, representative. 15:13.000 --> 15:16.000 We cannot trust data only for people who press yes. 15:16.000 --> 15:21.000 And, you know, it's not only for you for European Union, right? 15:21.000 --> 15:24.000 Now, across the whole world, this is very similar law, 15:24.000 --> 15:27.000 and this is why you cannot just remove the data of the European user, 15:27.000 --> 15:29.000 something, you know, be okay. 15:29.000 --> 15:33.000 We need this pop-up anywhere, like across the globe. 15:33.000 --> 15:38.000 And I really believe that our, like, software development society could change the industry. 15:38.000 --> 15:41.000 Like, we killed, yeah, and that is polar. 15:41.000 --> 15:42.000 You know, it can be passed. 15:42.000 --> 15:46.000 Who, like, make a, make a website for this polar? 15:46.000 --> 15:49.000 Like, it's what's painful for people who don't understand it. 15:49.000 --> 15:52.000 And, like, I really believe that we are society, like, 15:52.000 --> 15:55.000 make a better world by killing that polar. 15:55.000 --> 15:58.000 And it was not, you know, like, okay, right? 15:58.000 --> 16:00.000 Now, managers don't ask us to make our internet explorer. 16:00.000 --> 16:03.000 So, like, we stop to make the website to support it. 16:03.000 --> 16:07.000 In reality, like, developers create a conspiracy inside the company 16:07.000 --> 16:10.000 to force companies to stop supporting their explorer. 16:10.000 --> 16:13.000 And I believe we can do the same with the privacy. 16:13.000 --> 16:14.000 Okay, second step. 16:14.000 --> 16:16.000 We reduce privacy data professors. 16:16.000 --> 16:18.000 You know, all these GPUs are pop-ups. 16:18.000 --> 16:22.000 We care about your privacy and then, like, a huge number of people who, 16:22.000 --> 16:24.000 they will send their data. 16:24.000 --> 16:27.000 The problem is that, like, a lot of the companies will access 16:27.000 --> 16:29.000 to the private data of your website. 16:29.000 --> 16:34.000 It will be any, like, any CDNs for JavaScript or phones. 16:34.000 --> 16:35.000 Any, like, website hosted. 16:35.000 --> 16:37.000 CDNs, the global one. 16:37.000 --> 16:38.000 And, like, other partners. 16:38.000 --> 16:40.000 All of them has access to your data. 16:40.000 --> 16:43.000 And if more companies will have access, 16:43.000 --> 16:46.000 more companies will have access to their data. 16:46.000 --> 16:49.000 So, the second step, reduce number of companies. 16:49.000 --> 16:51.000 Uh, reduce number of services. 16:51.000 --> 16:55.000 For instance, like, don't use public CDN for the JavaScript libraries. 16:55.000 --> 16:58.000 Don't use public CDN for the phones. 16:58.000 --> 16:59.000 Don't use Google phones anymore. 16:59.000 --> 17:01.000 First, it's a bad for performance. 17:01.000 --> 17:02.000 Second, it's a bad for privacy. 17:02.000 --> 17:05.000 Just serve, or file from your servers. 17:05.000 --> 17:06.000 Very easy to do. 17:06.000 --> 17:08.000 You don't need any magic to do it. 17:08.000 --> 17:10.000 Then, try to use self-posted tools. 17:10.000 --> 17:12.000 Maybe not in the day one. 17:12.000 --> 17:14.000 It's okay to start from the cloud solution. 17:14.000 --> 17:16.000 But it's the option for self-host. 17:16.000 --> 17:18.000 And then, you'll have more money, more engineers. 17:18.000 --> 17:20.000 You can go to self-host solutions. 17:20.000 --> 17:24.000 And second, try to combine different services inside one provider. 17:24.000 --> 17:27.000 For instance, if you have a customer, I'm a zone. 17:27.000 --> 17:28.000 Don't use cloud-stallair. 17:28.000 --> 17:30.000 As you can separate the company. 17:30.000 --> 17:33.000 Before, a CDN from the Amazon, from the Google. 17:33.000 --> 17:35.000 From the company we have hosting. 17:35.000 --> 17:37.000 So, try to combine everything in one place. 17:37.000 --> 17:39.000 At least you have less number of the companies. 17:39.000 --> 17:41.000 You can lick your data. 17:41.000 --> 17:43.000 Start step. 17:43.000 --> 17:44.000 It's advanced step. 17:44.000 --> 17:45.000 Look at first. 17:45.000 --> 17:48.000 Of course, it's a step only for new projects. 17:48.000 --> 17:50.000 It's very hard to add it to the existing project. 17:50.000 --> 17:54.000 So, before, we keep all data on the machine. 17:54.000 --> 17:57.000 Second, next, we have iPhone. 17:57.000 --> 18:00.000 And after iPhone, each user starts to have two devices. 18:00.000 --> 18:02.000 And this is a solution for that problem. 18:02.000 --> 18:04.000 We move the data to the cloud. 18:04.000 --> 18:07.000 But this is completely different way to do it. 18:07.000 --> 18:12.000 Like, elects continue to keep the data on the machine of the users. 18:12.000 --> 18:16.000 But, and use very small server just to synchronize the data. 18:16.000 --> 18:18.000 Between these two devices. 18:18.000 --> 18:20.000 This idea caught local first. 18:20.000 --> 18:23.000 With a whole, like, manifest of it, created by index switch. 18:23.000 --> 18:27.000 It has a lot of, like, ideas, like, no spin or privacy, but default, et cetera. 18:27.000 --> 18:30.000 But, like, I will show you an example. 18:30.000 --> 18:31.000 There is a notion. 18:31.000 --> 18:33.000 How many people here use your notion? 18:33.000 --> 18:35.000 It's people who are popular too. 18:35.000 --> 18:36.000 It's a format nodes. 18:36.000 --> 18:39.000 But all this nodes is openly inside their cloud. 18:39.000 --> 18:41.000 And they can read it. 18:41.000 --> 18:42.000 It's pretty changes still. 18:42.000 --> 18:44.000 This is a different company. 18:44.000 --> 18:45.000 It's not the only solution. 18:45.000 --> 18:46.000 This multiple solutions. 18:46.000 --> 18:48.000 Just an example called obsidian. 18:48.000 --> 18:52.000 For an obsidian, all your nodes stored on your machine. 18:52.000 --> 18:54.000 Inside, mark down files. 18:54.000 --> 18:55.000 In one folder. 18:55.000 --> 18:58.000 And you can use any tool to synchronize this folder. 18:58.000 --> 19:01.000 But, they, of course, provide their own solution. 19:01.000 --> 19:03.000 And, like, you need to pay for it. 19:03.000 --> 19:06.000 And this, and I think, very good example when they have monetization. 19:06.000 --> 19:09.000 Because this cloud is, like, you need to pay for it. 19:09.000 --> 19:12.000 But you can choose what provider you will use to synchronize this data. 19:12.000 --> 19:14.000 And all data is on your machines. 19:14.000 --> 19:16.000 They don't have any access to the data. 19:16.000 --> 19:19.000 But, again, obsidian is, like, ideal case. 19:19.000 --> 19:22.000 Your applications should not be, like, so extreme. 19:22.000 --> 19:24.000 Like, local trust is spectrum. 19:24.000 --> 19:29.000 And, like, different application is different part, different dot on this spectrum. 19:29.000 --> 19:32.000 To make your application local trust. 19:32.000 --> 19:33.000 First, you need a storage. 19:33.000 --> 19:35.000 You need to store all data here. 19:35.000 --> 19:37.000 So, here, you need some database. 19:37.000 --> 19:39.000 With the rich query language. 19:39.000 --> 19:41.000 We have a good performance. 19:41.000 --> 19:43.000 So, if we are talking about JavaScript, 19:43.000 --> 19:47.000 it means that we need to run a skill light of postgres in JavaScript. 19:47.000 --> 19:48.000 It is possible. 19:48.000 --> 19:50.000 The risk of solution call a skill light doesn't. 19:50.000 --> 19:52.000 Or, pinch a light. 19:52.000 --> 19:54.000 It's both, like, a skill light in the web assembly. 19:54.000 --> 19:57.000 And, postgres in the web assembly. 19:57.000 --> 19:58.000 It's pretty amazing. 19:58.000 --> 20:02.000 You can use it in the web version, like, on the website. 20:02.000 --> 20:05.000 But, also, in your not-js application, for instance, 20:05.000 --> 20:08.000 like, to make access to stores the data. 20:08.000 --> 20:09.000 To use postgres language. 20:09.000 --> 20:13.000 But, stores the data in the file without any server. 20:13.000 --> 20:15.000 Like, send a second. 20:15.000 --> 20:18.000 You need some persistent storage on your browser. 20:18.000 --> 20:20.000 And, this is a way, it's called, 20:20.000 --> 20:21.000 OpenFS. 20:21.000 --> 20:24.000 It's a way to ask browser to create temporary data. 20:24.000 --> 20:26.000 To create a folder for you, for your websites. 20:26.000 --> 20:28.000 And, then, your website will have access to this folder, 20:28.000 --> 20:31.000 and it can create any database files inside. 20:31.000 --> 20:33.000 But, there is another way, called, in this database. 20:33.000 --> 20:37.000 And, the funny way, that Firefox used a skill light for in this database. 20:37.000 --> 20:40.000 And, if you will put a skill light inside in this database, 20:40.000 --> 20:43.000 it means that, like, it will be a skill light inside a skill light. 20:43.000 --> 20:44.000 So, like, it could be funny. 20:44.000 --> 20:45.000 A funny part. 20:45.000 --> 20:48.000 It's still faster, like, putting a skill light inside the skill light. 20:48.000 --> 20:50.000 It's faster than just in the index of the database. 20:50.000 --> 20:52.000 Don't use in this database. 20:52.000 --> 20:53.000 Shit database. 20:53.000 --> 20:55.000 Nobody likes it. 20:55.000 --> 20:59.000 And, a big benefit of skill light is to be used at a strict native as well. 20:59.000 --> 21:03.000 So, like, a skill light is much better solution. 21:03.000 --> 21:06.000 Second, you need not only to have database, 21:06.000 --> 21:08.000 but you need operational lock. 21:08.000 --> 21:12.000 So, every time, when you have, like, user interface, 21:12.000 --> 21:14.000 and usually change something to this user interface, 21:14.000 --> 21:16.000 this user interface, like, reacted, etc, 21:16.000 --> 21:19.000 will not change the data directly in the database. 21:19.000 --> 21:21.000 Instead, it will create an action, 21:21.000 --> 21:24.000 and put this action to the action lock. 21:24.000 --> 21:26.000 And, different code will read action lock, 21:26.000 --> 21:29.000 see a new action, and update database. 21:29.000 --> 21:31.000 And, on this end, we will, like, 21:31.000 --> 21:34.000 using the interface will read the new data from database. 21:34.000 --> 21:36.000 Why we need this action lock? 21:36.000 --> 21:39.000 Because, if we were going to make a local trust, 21:39.000 --> 21:42.000 we need a way to synchronize data with a cloud, 21:42.000 --> 21:45.000 and we need to synchronize data between different browser tabs. 21:45.000 --> 21:48.000 So, in reality, it's distributed system. 21:48.000 --> 21:51.000 And, the best way to do distributed system is to have 21:51.000 --> 21:53.000 operation lock, because in this way, 21:53.000 --> 21:55.000 it does not matter who change the data. 21:55.000 --> 21:57.000 Because, like, if it's a server, 21:57.000 --> 21:59.000 the server will edit data to your operation lock. 21:59.000 --> 22:00.000 It's a different browser tab, 22:00.000 --> 22:03.000 it will edit data to your operation lock. 22:03.000 --> 22:04.000 And, as a result, your software, 22:04.000 --> 22:06.000 it actually will be mass, mass, mass, 22:06.000 --> 22:08.000 more simple, because, 22:08.000 --> 22:13.000 all different ways of to change the data will be equal. 22:13.000 --> 22:15.000 Then, you need to use CRDT to resolve 22:15.000 --> 22:17.000 automatically resolve context, 22:17.000 --> 22:19.000 because there is no one source of truth. 22:19.000 --> 22:21.000 Don't afraid of CRDT, like, a lot of people 22:21.000 --> 22:23.000 think that it's something mathematical, 22:23.000 --> 22:24.000 it's hard to read, 22:24.000 --> 22:26.000 because, like, it's was created in the university. 22:26.000 --> 22:28.000 In reality, it's very simple system, 22:28.000 --> 22:30.000 and there is a lot of libraries just use it, 22:30.000 --> 22:32.000 it's, like, just use the individual libraries, 22:32.000 --> 22:33.000 easy to do. 22:33.000 --> 22:34.000 And, step four, 22:34.000 --> 22:37.000 good idea is to create two different password. 22:37.000 --> 22:38.000 Two. 22:38.000 --> 22:40.000 One password for user will, 22:40.000 --> 22:42.000 to, like, one password to authenticate 22:42.000 --> 22:44.000 the user at the cloud, 22:44.000 --> 22:46.000 and second password will increase 22:46.000 --> 22:48.000 all this operation operation lock, 22:48.000 --> 22:50.000 when it will be send it to the server. 22:50.000 --> 22:51.000 As a result, 22:51.000 --> 22:53.000 your server will not be able to read 22:53.000 --> 22:55.000 the data of user. 22:55.000 --> 22:57.000 Benefits, the fun part. 22:57.000 --> 22:59.000 We create all this local infrastructure 22:59.000 --> 23:00.000 of this complexity, 23:00.000 --> 23:01.000 lock, et cetera, 23:01.000 --> 23:03.000 because we have a principles, 23:03.000 --> 23:05.000 because we have a political, 23:05.000 --> 23:06.000 realness. 23:06.000 --> 23:07.000 But in reality, 23:07.000 --> 23:10.000 we will have a lot of practical benefits, 23:10.000 --> 23:11.000 business benefits. 23:11.000 --> 23:13.000 First, 23:13.000 --> 23:14.000 with local first, 23:14.000 --> 23:16.000 which we created for political reasons, 23:16.000 --> 23:20.000 we don't need a complex server. 23:20.000 --> 23:22.000 Our server will be very simple, 23:22.000 --> 23:24.000 so we don't need a big, 23:24.000 --> 23:25.000 back-end team. 23:25.000 --> 23:26.000 Second, 23:26.000 --> 23:28.000 we can create prototype without server at all, 23:28.000 --> 23:30.000 and it's very good for the business, 23:30.000 --> 23:31.000 because you can create a BP 23:31.000 --> 23:32.000 to show to the investors, 23:32.000 --> 23:34.000 like, two times faster. 23:34.000 --> 23:35.000 Third, 23:35.000 --> 23:37.000 because, like, we don't 23:37.000 --> 23:39.000 store the data on the server, 23:39.000 --> 23:41.000 and the server is very simple. 23:41.000 --> 23:42.000 When we will, like, 23:42.000 --> 23:43.000 I will use the base, 23:43.000 --> 23:44.000 you grow dramatically, 23:44.000 --> 23:46.000 we don't need more investments, 23:46.000 --> 23:48.000 because our server is very simple. 23:48.000 --> 23:50.000 We don't need to scale it with our, 23:50.000 --> 23:51.000 our user base. 23:51.000 --> 23:52.000 If, like, we have people, 23:52.000 --> 23:53.000 local trust, 23:53.000 --> 23:54.000 we use machine of the clients, 23:54.000 --> 23:56.000 more clients, more power. 23:56.000 --> 23:57.000 And as a result, 23:57.000 --> 23:59.000 we don't eat money from the investors, 23:59.000 --> 24:01.000 and it's again very good for business. 24:01.000 --> 24:03.000 And no private data, 24:03.000 --> 24:04.000 no problem with GDPR, 24:04.000 --> 24:05.000 no problem with the pop, 24:05.000 --> 24:06.000 nothing, like, 24:06.000 --> 24:07.000 no problem with that, 24:07.000 --> 24:10.000 because we don't have open data 24:10.000 --> 24:12.000 in our system, nothing too weak. 24:13.000 --> 24:15.000 And, but my favourite example, 24:15.000 --> 24:17.000 with local trust, 24:17.000 --> 24:19.000 a lot of developers, 24:19.000 --> 24:20.000 like, tell us that 24:20.000 --> 24:23.000 it becomes faster for them to make websites. 24:23.000 --> 24:24.000 Because right now, 24:24.000 --> 24:25.000 when we have a juxtap, 24:25.000 --> 24:28.000 because when we have fetch request, 24:28.000 --> 24:29.000 etc., 24:29.000 --> 24:30.000 rest API, 24:30.000 --> 24:33.000 we have a imperative way 24:33.000 --> 24:35.000 to write code in our components. 24:35.000 --> 24:36.000 We, in UI, 24:36.000 --> 24:37.000 write imperative way, 24:37.000 --> 24:39.000 how to go to servers and data, 24:39.000 --> 24:40.000 etc., 24:40.000 --> 24:41.000 it's local trust, 24:41.000 --> 24:43.000 it mostly likes some sort of service, 24:43.000 --> 24:44.000 and we use the clarity way. 24:44.000 --> 24:46.000 And this service, 24:46.000 --> 24:47.000 take care about networking, 24:47.000 --> 24:48.000 raw, optimistic UI, 24:48.000 --> 24:49.000 a lot of stuff, 24:49.000 --> 24:51.000 and the code becomes smaller. 24:51.000 --> 24:53.000 It's mean people write code bad, 24:53.000 --> 24:54.000 faster, 24:54.000 --> 24:55.000 and, like, 24:55.000 --> 24:56.000 it's again, 24:56.000 --> 24:57.000 good for the business. 24:57.000 --> 24:58.000 And six, 24:58.000 --> 24:59.000 like, 24:59.000 --> 25:00.000 another benefit. 25:00.000 --> 25:02.000 Your applications start to look faster, 25:02.000 --> 25:03.000 because all data is here, 25:03.000 --> 25:05.000 and user will like it. 25:05.000 --> 25:07.000 It will be your benefit 25:07.000 --> 25:09.000 in competition on the market. 25:10.000 --> 25:12.000 And with a lot of good examples, 25:12.000 --> 25:13.000 for instance, 25:13.000 --> 25:14.000 linear, 25:14.000 --> 25:15.000 linear is a task manager, 25:15.000 --> 25:17.000 there is a lot of task manager right now, 25:17.000 --> 25:18.000 and they compete with other, 25:18.000 --> 25:20.000 by using local trust, 25:20.000 --> 25:22.000 because their UI is faster. 25:22.000 --> 25:25.000 A lot of people going to pay money for them, 25:25.000 --> 25:27.000 because of the local trust, 25:27.000 --> 25:29.000 because they take care about the privacy, 25:29.000 --> 25:31.000 not because people who won't privacy, 25:31.000 --> 25:32.000 but because they take care about privacy, 25:32.000 --> 25:34.000 they have a better user interface, 25:34.000 --> 25:36.000 and it's good for the business. 25:36.000 --> 25:37.000 Like, 25:37.000 --> 25:39.000 and they exactly explain that local trust 25:39.000 --> 25:40.000 helps them to make it. 25:40.000 --> 25:41.000 Only, 25:41.000 --> 25:44.000 there's a pitch with 2 million team users. 25:44.000 --> 25:46.000 It's a very good production level. 25:46.000 --> 25:49.000 Or there is good news with 24 million monthly users. 25:49.000 --> 25:52.000 It means that local trust is pretty production-wedding. 25:52.000 --> 25:53.000 And then, 25:53.000 --> 25:56.000 there is a lot of frameworks to do a local trust. 25:56.000 --> 25:57.000 These are big number of them. 25:57.000 --> 25:58.000 It's only a small part, 25:58.000 --> 25:59.000 but still. 25:59.000 --> 26:01.000 So, there's a big guide, 26:01.000 --> 26:04.000 where you get all the links to the frameworks, 26:04.000 --> 26:05.000 and it works. 26:05.000 --> 26:06.000 Good articles, 26:06.000 --> 26:07.000 guys, et cetera. 26:07.000 --> 26:08.000 So, go to it. 26:08.000 --> 26:10.000 And, 26:10.000 --> 26:13.000 last step to take about the privacy. 26:13.000 --> 26:14.000 You know, 26:14.000 --> 26:16.000 when we talk about the privacy, 26:16.000 --> 26:18.000 we speak only about the United States, 26:18.000 --> 26:19.000 and for instance, 26:19.000 --> 26:20.000 UK. 26:20.000 --> 26:22.000 We don't speak about other countries. 26:22.000 --> 26:23.000 And, of course, 26:23.000 --> 26:24.000 this is a step. 26:24.000 --> 26:25.000 This is where advanced step. 26:25.000 --> 26:26.000 It's only for the big companies, 26:26.000 --> 26:29.000 but I hope there is some developers from the big companies here. 26:29.000 --> 26:32.000 There is a lot of problems with the privacy, 26:32.000 --> 26:33.000 different risks. 26:33.000 --> 26:34.000 For instance, 26:34.000 --> 26:35.000 there is a risk, 26:35.000 --> 26:36.000 not only for you know, 26:36.000 --> 26:37.000 governments, 26:37.000 --> 26:38.000 secret service and threat providers, 26:38.000 --> 26:39.000 that are brokers. 26:39.000 --> 26:40.000 But there is also from family members. 26:40.000 --> 26:41.000 Who know, 26:41.000 --> 26:42.000 when you will sleep, 26:42.000 --> 26:44.000 you will scan your fingerprint 26:44.000 --> 26:45.000 and read your messages. 26:45.000 --> 26:47.000 There is a local community with 26:47.000 --> 26:48.000 very strict editor standard, 26:48.000 --> 26:50.000 which will try to recognize you, 26:50.000 --> 26:52.000 that you follow this ethical standards. 26:52.000 --> 26:53.000 And, 26:53.000 --> 26:55.000 US media focus only on the problem, 26:55.000 --> 26:58.000 which is important for the United States. 26:58.000 --> 27:00.000 Not about other problems. 27:00.000 --> 27:01.000 For instance, 27:01.000 --> 27:02.000 I am making a research video, 27:02.000 --> 27:04.000 like a private first ever research video. 27:04.000 --> 27:06.000 And, for US, 27:06.000 --> 27:07.000 citizens, 27:07.000 --> 27:09.000 they afraid clouds. 27:09.000 --> 27:12.000 So, I will prefer to do local first, 27:12.000 --> 27:14.000 and the application, 27:14.000 --> 27:15.000 as a student, 27:15.000 --> 27:17.000 will ask directly the news from the website. 27:17.000 --> 27:18.000 But in Russia, 27:18.000 --> 27:19.000 I cannot do it. 27:19.000 --> 27:21.000 Because people in Russia, 27:21.000 --> 27:22.000 they don't, 27:22.000 --> 27:24.000 they trust cloud, 27:24.000 --> 27:27.000 but they don't trust local internet provider, 27:27.000 --> 27:29.000 because it will spy for them. 27:29.000 --> 27:30.000 As a result, 27:30.000 --> 27:31.000 in Russia, 27:31.000 --> 27:33.000 to make a private first application, 27:33.000 --> 27:35.000 I need to do completely opposite. 27:35.000 --> 27:36.000 I need to use cloud, 27:36.000 --> 27:38.000 to hide what they are requesting, 27:38.000 --> 27:39.000 because otherwise, 27:39.000 --> 27:40.000 internet provider, 27:40.000 --> 27:42.000 will mix the data to the government. 27:42.000 --> 27:44.000 Interesting case, 27:44.000 --> 27:45.000 which is like, 27:45.000 --> 27:47.000 a lot of privacy, 27:47.000 --> 27:49.000 a lot of privacy, 27:49.000 --> 27:50.000 engineers don't think about it. 27:50.000 --> 27:52.000 It's a local police check in Russia, 27:52.000 --> 27:53.000 or Belarusian. 27:53.000 --> 27:55.000 If you are on the street, 27:55.000 --> 27:57.000 the local police can tell you 27:57.000 --> 27:59.000 and ask you your phone, 27:59.000 --> 28:01.000 and ask you to unlock your phone, 28:01.000 --> 28:02.000 and to see your, 28:02.000 --> 28:03.000 for instance, 28:03.000 --> 28:04.000 telegram, 28:04.000 --> 28:05.000 subscription channels. 28:05.000 --> 28:06.000 And you can unlock it, 28:06.000 --> 28:07.000 they will find, 28:07.000 --> 28:08.000 nobody, 28:08.000 --> 28:09.000 and you go to jail, 28:09.000 --> 28:10.000 or you can try to know or reject it, 28:10.000 --> 28:11.000 because you have to write, 28:11.000 --> 28:13.000 and they will just break your legs. 28:13.000 --> 28:14.000 You know, 28:14.000 --> 28:15.000 like, 28:15.000 --> 28:17.000 not a good question to do. 28:17.000 --> 28:18.000 And, 28:18.000 --> 28:20.000 Belarusian cyber-partisans, 28:20.000 --> 28:21.000 they've, 28:21.000 --> 28:22.000 like, 28:22.000 --> 28:23.000 they've, 28:23.000 --> 28:24.000 they've, 28:24.000 --> 28:26.000 they've, 28:26.000 --> 28:27.000 who you can see through those things, 28:27.000 --> 28:36.000 but like, 28:36.000 --> 28:37.000 telegram refuses. 28:37.000 --> 28:39.000 So the Russian cyber-partisans create 28:39.000 --> 28:40.000 a fork of telegram, 28:40.000 --> 28:44.000 where you can define two different pin cod form order, 28:44.000 --> 28:45.000 one pin loc, 28:45.000 --> 28:46.000 it's normally pin loc, 28:46.000 --> 28:47.000 and the loc every set. 28:47.000 --> 28:49.000 But second ones is a different one. 28:49.000 --> 28:50.000 Which will remove. 28:50.000 --> 28:53.000 Alloughing subscribers will be 28:53.000 --> 28:54.000 a dangeles for you, 28:54.000 --> 28:55.000 and a good feature, 28:55.000 --> 28:57.320 to do next Monday. 28:57.320 --> 29:01.320 First, find your principles. 29:01.320 --> 29:04.040 Second, remove the paper up or up by using 29:04.040 --> 29:05.840 Google Less Analytics. 29:05.840 --> 29:07.000 Second, start. 29:07.000 --> 29:08.120 Reduce services. 29:08.120 --> 29:10.680 It's a success to the private data. 29:10.680 --> 29:12.280 Then, think about the local trust 29:12.280 --> 29:13.880 when you create a new project. 29:13.880 --> 29:16.120 And think about other privacy risks 29:16.120 --> 29:19.240 if you make some big application for many users. 29:19.240 --> 29:19.600 That's all. 29:19.600 --> 29:21.120 This is my method on Twitter. 29:21.120 --> 29:22.360 It must be on the company slides 29:22.360 --> 29:24.880 if you need some of the things from the talks. 29:24.880 --> 29:25.880 That's all. 29:25.880 --> 29:35.880 Thank you. 29:35.880 --> 29:36.880 Thank you. 29:36.880 --> 29:37.880 Thank you. 29:37.880 --> 29:39.880 Well, the next speaker, you can remove your mic. 29:39.880 --> 29:41.880 While the next speaker comes up, if you...