I'd love to see data on what verified boot actually stops. The ideal malware implants itself at the lowest level possible. Is there good public data on these kinds of exploits on #Android #Debian #Windows #iOS etc? Does standard spyware do that? Writing to /system requires a root exploit, lots of malware never gets root. How often there are vulns in #VerifiedBoot itself. Here's a real world full #exploit of verified boot:
#Debian created an ecosystem where the software available there is reviewed and trusted, so the system can prioritize flexibility over security. In #Google Play, there are many apps we feel forced to use, despite knowing they are unethical or are tracking us. Google responds by locking down #Android to reduce data leaks, which also reduces the system's flexibility. #FreeSoftware puts the user in control so we can build user-friendly systems without being forced into bad decisions.
Dark Patterns are unethical by design, aimed at tricking you into giving away your data, and ultimately stealing your freedom to choose privacy.
Can you spot one when you see one? Take this quiz from @alfredwkng & @sammorrisdesign to find out: https://themarkup.org/2021/06/03/dark-patterns-that-mislead-consumers-are-all-over-the-internet
Original tweet : https://twitter.com/DuckDuckGo/status/1411682966099607555
Torsten Grote explored Free Software alternatives for smartphones as early as 2012. ⭐
In our interview we look back at the start of Free Your Android campaign.
Of course, we asked @firstname.lastname@example.org which options are available for liberating our phones today.
The interview was conducted in the context of celebrating 20 Years of the FSFE 🙂 #FSFE20
Does anyone know how to query the system for information about Trichrome Libraries https://chromium.googlesource.com/chromium/src.git/+/refs/heads/main/docs/android_native_libraries.md#Trichrome? They seem to be installed as APKs, but the regular way of querying for app metadata does not work. For example, is there a separate concept of "Version Code" for Trichrome libraries?
"It is in our power to wipe out poverty. It simply isn’t among our priorities." #BasicIncome https://www.nytimes.com/2021/06/13/opinion/stimulus-unemployment-republicans-poverty.html
#SiliconValley is demonstrating yet again how out of touch with society it is with yet another plaything for the rich that screws everyone else: the #FlyingCar. Cars are already the dominant source of #NoisePollution, flying drastically increases that, so the promo videos all play music instead of actual audio. Here is one small glimpse of what just one actually sounds like https://yewtu.be/watch?v=E9t154HL1V0 Now imagine how loud flying car traffic would be?
EU-Commissioner Johannes Hahn on 'Public Money? Public Code!' https://peertube.social/videos/watch/20512955-f554-428e-a563-abc74dc806c8
I'm always shocked at how many people buy those cheap plastic #kitchen sponges. They work so terribly and are not washable. Take literally any old rag that is at least partially #cotton, and it cleans so much more efficiently. Like literally any old t-shirt. And everyone knows how to wash a t-shirt.
I posted some thoughts about F-Droid clients and maintenance in response to a post, I'd be interested to hear what other people think: https://www.reddit.com/r/fdroid/comments/noov58/the_problem_with_the_fdroid_clients/h0aobs7/ @fdroidorg
"The current [locations settings] UI feels like it is designed to make things possible, yet difficult enough that people won't figure it out. New exceptions, defaulted to on, silently appearing in settings menus you may never see..."
From an internal Google discussion: "TBH, given what you seem to want to do (not have any contact with any Google service whatsoever), your only option is flashing LineageOS for microG on your phone" https://www.azag.gov/sites/default/files/2021-05/Chai_Exhibit_201.pdf
Anyone know what #google ULR is?
"Suppose a user has disabled permissions to, say, Google Maps for Mobile (GMM). With client-side location, GMM will not get location, as the user intended However, they can still get a place card (e.g. Riddler) via ULR-->████-->GMM server--> GMM client. (URL has GmsCore's location permissions, not GMM's). This seems like a bypass to Android's permissions model."
"Apple is removing apps before China’s internet censors even complain. Apple does not disclose such takedowns in its statistics."
#Apple did not have to make tricky corporate setups with #China to get around the #USGovt ban on US companies handling over data to China. They created a corporate arrangement where a Chinese gov owned company GCBD owns the data, so the Chinese government just asks them instead of Apple. This is clearly pursuing profits in direct conflict with human rights principals Apple claims to protect. This sounds just like #IBM's tight relationship with the Nazis in 1934.
I discussed Gates's ideology in depth in this interview with Luke Savage for Jacobin, where I explore the core idea of "IP" as an ideological construct: that the law should empower firms to control their customers, competitors and critics.
As I wrote in January, digital manorialism works well (if the warlord wants the same thing as you) but fails badly (if they decide to sell you out).
Google wants to kill third party cookies to protect you from randos doing tracking and targeting - but it wants to retain the ability to nonconsensually track and target you on its own:
Doctorow @pluralistic writes about a paper called "The Paradox of Source Code Secrecy":
[...] Lessig's metaphor that "code is law" is no longer metaphorical.
Judges and regulators habitually defer to automated systems, acting as though software-enabled determinations of guilt are empirical and thus reliable [...]
I just read what I think is the best article on the internet in Cuba:
"US media depict the island as stuck in the digital dark ages, but Cuba has lively cultures of connectivity that could evolve into a self-sustaining, open, and accessible digital commons."
The idea that #EU "failed" at vaccines are based on the same flawed premise: countries hoarding vaccines for themselves is good. The virus tells us otherwise, as it rapidly mutates around the world. Good vaccination programs recognize that the pandemic is global, and cannot only be handled on a national level. Vaccinating the lowest risk groups in the US and UK while the highest risk groups elsewhere are not vaccinated is bad science and bad policy. EU, Russia, China, India all export vaccine.