People, apps and code you can trust
Targeted advertising based on online behavior doesn’t just hurt privacy. It also contributes to a range of other harms. https://www.eff.org/deeplinks/2022/03/ban-online-behavioral-advertising
Happy to have our last version of "The Android Platform Security Model" now included in the official August 2021 edition of ACM Transactions on Privacy and Security: https://dl.acm.org/doi/10.1145/3448609.
Fully open access - download, read, share, feel free to use however it's helpful ;-)
"A passionate and bipartisan legislative effort to rein in the country’s largest technology companies collapsed this week, the victim of an epic lobbying campaign by Amazon, Apple, Google and Meta"
When #FDroid is built into a #FreeSoftware ROM, like #CalyxOS, #lineageos for #microg, etc there is no popup warning with fdroidclient. That comes from "Play Protect", which is #Google proprietary software that flags things based on automated rules, it does not point to real world security concerns for apps like #FDroid. I have nothing against the #targetSdkVersion sandbox, I just think it is important to note what it is good for, and what it cannot do well 2/2
As lead maintainer of the official #FDroid client, I hear a lot of criticism that #targetSdkVersion is still at 25. fdroidclient is #FreeSoftware, publicly audited, with #ReproducibleBuilds, written in memory safe languages, with a proven record of respecting #privacy and delivering #security. The source and binaries also receive human and machine review. #targetSdkVersion is designed around untrusted proprietary software with non-memory safe code where the binary only gets machine review. 1/2
@guardianproject @lauren And of course #ReproducibleBuilds is a key part of this whole picture, allowing anyone to confirm that the exact binary that is running on their device matches the source code as published and audited.
We may never be able to match the incredible achievements of #JohnMastodon, but the European Union still plays its part!
We are proud funders of Mastodon through the Next Generation Internet initiative (@EC_NGI).
More info: https://www.ngi.eu/blog/2022/11/24/how-ngi-supports-open-interoperable-decentralised-and-trust-based-internet-applications-through-fediverse-projects-like-mastodon/
@lauren #FreeSoftware and audits are the only way to provide trustworthy #E2EE. Apps like #DeltaChat, #Matrix with #Olm/#Megolm, #XMPP with #OMEMO, #Signal, #Threema provide trustworthy E2EE because they are built on open standards, free software, and have been publicly audited. That is the standard all services should be held to in order to be labeled trustworthy. Anything else just means you have to trust the service operator. 2/2
@lauren It is important to describe the limitations here. E2EE here would be useful when emailing with third parties. Since #Gmail is proprietary software, users just have to trust #Google to do the right thing. Technically, it is easy to build E2EE where the service can get the private keys and decrypt as they like. Given participation in #PRISM etc, proprietary Gmail cannot provide trustworthy E2EE, especially considering most emails stay within Gmail 1/2
Why curation and #decentralization is better than millions of #apps.
After two years of negotiations with Microsoft, the joint committee of the German federal data protection authority and 17 state regulators (DSK) published a devastating statement that essentially says that organizations currently cannot use MS365 in a lawful way under the GDPR.
Migrating http://maps.google.com to http://google.com/maps, a benign change?
Not really, now Google has permission to geo-track you across all of its services, cf. https://garrit.xyz/posts/2022-11-24-smart-move-google 😈
@mattblaze This is true, but it is equally true that volunteer contributors get tired of being told they're doing it wrong by masses on the internet, which often means doing work they don't want to do. Mastodon is free software, anyone is free to change it as they see fit. Or pay someone else to do it, or orgranize a company around improving the free software.Twitter, Facebook, Instagram, etc. users are the product, so of course those companies will respond and keep them hooked.
No #SimReg nations: Bosnia & Herzegovina, Canada, Cabo Verde, Comoros, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Iceland, Ireland, Israel, Kiribati, Latvia, Liechtenstein, Lithuania, Maldives, Malta, Marshall Islands, Micronesia, Moldova, Namibia, Netherlands, New Zealand, Nicaragua, Philippines, Portugal, Romania, Serbia, Slovenia, Sweden, UK, USA, and Vanuatu.
For people wanting some more information on NGI's involvement with #ActivityPub, this is a good starter: https://www.ngi.eu/blog/2022/11/24/how-ngi-supports-open-interoperable-decentralised-and-trust-based-internet-applications-through-fediverse-projects-like-mastodon/
Do you have an interesting ActivityPub-related project? The next deadline to submit proposals is December 1st - that is next week. And the best thing is: you can submit today!
In the over 3 weeks since #FDroid
shipped a big overhaul of the production buildserver, there have been updates published on most days: Nov16 Nov15 Nov14 Nov13 Nov11 Nov09 Nov08 Nov05 Nov01 Oct31 Oct30 Oct29 Oct28 Oct27 Oct26 Oct25 Oct24 Oct22 Oct21 Oct20
And now, even more exciting, is that this unlocked lots of low hanging fruit that can make the process run much faster.
No technology can save us from ourselves, but building a more interoperable social media environment could be our do-over on the current lock-in model. It could be awesome, if we don’t screw it up. https://www.eff.org/deeplinks/2022/11/fediverse-could-be-awesome-if-we-dont-screw-it
Proprietary software intentionally limits the way a program can be used or accessed as well as the rights over the code. This leaves society with little or no say over its technical infrastructure.
Control over technology has to be in the hands of the whole society, not just a small group! (3/4)
#FreeSoftware #SoftwareFreedom #OpenSource #DigitalRights
Why does #softwarefreedom matter?
⭐ Accessing the code, allows us to read it, understand it, and to argue in favour of a potential improvement.
⭐ Being able to to edit the code, encourages innovation, competition and autonomy. We can change parts of a program and publish the changes, benefiting users and developers.
⭐ Developers can cooperate closely and form communities around software that fits their needs. Software is used in a non- exclusive way, and serves the public good. (2/4)
People, apps and code you can trust
Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.
Stay safe. Please abide by our code of conduct.