Countries by percentage total bandwidth usage in 2023:
44.88% Germany
11.30% China
9.52% United States
3.25% Italy
2.33% United Kingdom
2.04% Russia
1.96% Estonia
1.88% Austria
1.85% France
1.59% Canada
1.50% Switzerland
1.40% Netherlands
1.25% Poland
2/
So I messing around a bit more with stats data from the f-droid.org mirror hosted by @FAU in Germany:
* About 25% of the bandwidth of the mirror is for #FDroid
* Countries by percentage total bandwidth usage since /fdroid/ was added in 2019:
47.83% Germany
9.04% United States
5.13% China
3.68% Italy
2.69% France
2.55% United Kingdom
2.07% Russia
1.93% Switzerland
1.87% Estonia
1.82% Poland
1.70% Austria
1.40% Netherlands
1.38% Czechia
1.28% Canada
1/
We are happy to announce the launch of the new NGI0 Commons Fund. It's aim is to reclaim the public nature of the internet.
Offering small and medium-sized grants for free and open source projects across the entire technology stack.
First call opens February 1. If you are working on a project that contributes to reclaiming the public nature of the internet, do apply.
With many thanks to the @EU_Commission 's #NextGenerationInternet initiative.
Assessing the #security of computer systems is really hard because of "known unknowns" and "unknown unknowns". For example, there are lots of reports about #NSO #Pegasus being found on #iPhone but few about #Android. One might be tempted to conclude that Android is more secure. The truth is unfortunately much harder to pin down. For example, it is harder to detect and confirm Pegasus on Android, although it is clear that there have been plenty of infections on both platforms.
In This week in F-Droid (TWIF) we talk about:
* SimpleMobileTools and it's fork Fossify, and specially about the Gallery app
* SimpleX Chat update only for armv7
* the Arcticons apps are now reproducible and have to be reinstalled
* Screenshot sharer was replaced by QuickShot
* Tux Paint is now almost 250 MB big
* NewPipe has a 2023 recap blog post and maintainer changes
Total we had 2 more apps added and 138 more apps updated.
When reading about things like "almost half of British teens feel addicted to social media" https://www.theguardian.com/lifeandstyle/2024/jan/02/social-media-addiction-teenagers-study-phones
It is important to remember that #SocialMedia was designed to be addictive using science and techniques developed by universities like #Stanford and widely taught https://stanfordreview.org/how-stanford-profits-tech-addiction-social-media/
#SurveillanceCapitalism and #AddictiveSoftware came from the same forces as generated the dominant forms of explotation in the 20th century.
Mickey's red shorts and yellow gloves might also be public domain thanks to a color poster from 1928 that was auctioned a few years ago: https://www.reuters.com/article/idUSBRE8AT04E/
"[People] all have a right to exist but only because they are human beings. And there is no justice in securing your own right to exist by denying it to others." https://newrepublic.com/article/177768/israel-right-to-exist-rhetorical-trap
Steve Ballmer is set to make $1 billion a year for doing nothing
https://edition.cnn.com/business/investing/steve-ballmer-one-billion-dividends/index.html
Anyone procuring #Chromebook hardware with public funding, like for schools, should be aware that the expiration date on that hardware is artificially created by #Google since they maintain their firmware as incompatible with other standards. Given a properly structured firmware, any old #Chrome device would run #Debian or other #GNULinux just fine. The #Chromium team operates in public and has done a good job of releasing their source, but the bad structure remains.
@elly and @domi outline how #Google has structured their firmware to make it incompatible with the standard methods of booting an OS. So even though it is open source and #Google upstreams their #Linux changes, lots of key functionality like audio, USB ports, etc does not work when booting any other OS (e.g. GNU/Linux or even Windows). This serves to lock the hardware to #Chrome, and thereby generate lots of e-waste when Google drops support for hardware which #Debian supports.
I'm happy to see more attention given to freeing #Chromebook hardware. They already are built on free software, so with some focused attention on supporting them well with #FreeSoftware distros like #Debian, the number of good GNU/Linux laptops can be greatly expanded. #Depthcharge should be as well understood as other BIOS things. Thanks to @elly and @domi for your #37c3 talk: https://media.ccc.de/v/37c3-11929-turning_chromebooks_into_regular_laptops
Amnesty to all countries: Ban the use and export of invasive spyware! https://securitylab.amnesty.org/latest/2023/12/india-damning-new-forensic-investigation-reveals-repeated-use-of-pegasus-spyware-to-target-high-profile-journalists/ #Staatstrojaner
Our current situation resembles right before World War One: there are many governments that their people want to change, and those governments are drumming up wars to stay in power. #Putin, Ukrainian oligarchs, #Netanyahu & co, #Hamas, #Saudi and Gulf Monarchies, the current regime in #Iran, status quo elites in #US and #EU. We need louder voices representing all the people, regardless of nationality, religion, class, etc to organize the large majority who want to get along and live in peace.
Der Export und Einsatz solcher Spyware muss verboten werden! Regierung in Indien hackt Journalisten und Opposition mit #Staatstrojaner #Pegasus https://www.derstandard.at/story/3000000201146/indien-ueberwacht-journalisten-mit-pegasus-software
@newstik
There is a bunch of metadata that is made available when Signal links your Signal account to your Google device ID (which is needed to send push notifications):
- If your device has a Google account signed in (most do to install Signal from the Play Store) your Signal account will be linked to your Google account
- If you connect your phone to any wifi network, your Signal account will be linked to that wifi's IP address, often revealing your exact location to authorities
@newstik
- If you have any other apps installed that use push notifications, those would be linked to your Google device ID and thus your Signal account as well. Authorities can then link any data they get from those other apps also to your Signal account (and thereby phone number and identity).
Hey! We've been thinking a lot about what's next for the postmarketOS project,
we have a lot of ideas, but we can't do it without your help. We've decided to
join OpenCollective, this makes it possible for us to be financially supported
by and beholden to you - our community.
If you like postmarketOS and want to help us continue on our quest of true
ownership, we would highly appreciate your donations!
More info here 👇
This week in F-Droid (TWIF) was just published.
We have new alpha versions for F-Droid 1.19., and something about the Epic vs. Google trial.
On the app side, we talk about Threema, Xmp Mod Player, Orion Viewer, Transdroid, Minetest and Syncthing-Fork.
Last but not least, we had another 6 added apps, 109 updated apps and one removed app.
I've just published a blog post on a new sample of Android/BianLian botnet which uses (1) an intentionally bad formed ZIP, and (2) uses a new packer.
https://cryptax.medium.com/bad-zip-and-new-packer-for-android-bianlian-5bdad4b90aeb
By the way, this will be covered in my @ringzer0 training.