Google’s monopoly on the APK trust chain

Tomáš has an interesting article on trusting APKs from third-party mirrors.

Since Google is the gatekeeper of the APK trust chain, it’s not easy to independently verify APKs; Google doesn’t even give you the package signatures. The article shows a nifty method for extracting them by (ab)using the εxodus privacy audit project.

Do you know of a better way?

No more Google Fonts here

Using Google Fonts on your site is a privacy problem because it allows Google to track your visitors even if you don’t use any other Google APIs or services. Why did you think Google so generously lets you use those fonts for free?

I asked the WordPress developers for an option to remove them (also in the admin panel) several years ago, but they were not really willing. It seems the situation hasn’t changed in the meantime, but there is now at least a third-party plugin that allows you to disable/remove Google Fonts in many popular themes.

It’s updated regularly and seems to work, so cheers for that!

Our terrible future of closed protocols and proprietary systems

TL;DR (1072 words): The current trend towards closed communications systems like Slack, Facebook and the like can only hurt us as society. An open standard needs to emerge. Who’s volunteering to support things like Matrix and the “new decentralized Internet”?

I’m trying to illustrate the newly closed nature of the Internet using team chat and team collaboration as an example. But you can expand this example to pretty much anything nowadays. Because the solution to combat this closed-ness applies equally to all of these issues, I hope you can extrapolate from this as necessary.

Continue reading “Our terrible future of closed protocols and proprietary systems”

Google shutting down XMPP interoperability is a sad sign of the age of communication silos

Update: With XMPP slowly dying (at least IMHO), maybe you should consider Matrix instead of XMPP and ignore everything I write below.

Google just shut down the last piece of Google Talk, killing XMPP. This means that people using standards-based open and interoperable chat systems can no longer talk to their friends who use Google’s proprietary and closed chat system, Hangouts. For example, people who use Pidgin on any of the thousands of free and open XMPP servers in the world cannot message Google users anymore.

Instead of working towards standardization, making sure that all chat systems from all vendors can talk to each other, each large company now has their own communications silo. Skype is not compatible with Hangouts is not compatible with Apple FaceTime is not compatible with WeChat is not compatible with WhatsApp. Even though all these systems perform mostly the same function, have roughly the same features and could be built using open, mutually compatible standards. Could even be built from the same source code.

But Google, Microsoft and Facebook make more money by preventing you from talking to your friends on other systems. They want to analyze both parts of a conversation, they want to control the sender and the receiver and read all the content. This is harder to do when you have a standardized, federated system, and even harder in the case of XMPP where users can employ message encryption with just a few clicks. Encryption that is not controlled by Microsoft or Facebook but by the users themselves.

What can you do against this?

  • Geting an XMPP JID would be the first step. You can register for an account on any public XMPP server (sometimes called Jabber servers, but Jabber is now a closed product by Cisco, adding insult to injury, while the XMPP standard remains open).
  • Then get an XMPP client, for example Pidgin for the desktop and Conversations for Android. Set up your account and log in. People can now invite you to their XMPP contacts and you can start chatting.
  • If you want message encryption, make sure to enable OTR. There are many tutorials on this, I’ll just link to a random one I found.

What if you don’t do this? Then we’ll end up in a world with more communication silos, where people find it harder and harder to talk to each other, and huge multinational companies with bad privacy policies will control and record more of our communication. Because these closed platforms create inconvenience for anyone not inside those closed platforms, peer pressure will then pull everyone towards such closed platforms, until a dangerous oligopoly emerges. This latest move by Google is one more step in this direction.

I’ll leave you with a link to a relevant XKCD comic.

Google is trying to destroy the ad blocker market

Like I guessed about two years ago, Google are now trying to undermine the ad blocking market by releasing their own ad blocker, which will of course not block ads served by Google. It will probably also not block other privacy invasions or tracking systems that would benefit Google or its customers. Since Google is the world’s largest advertisement company, that’s quite a few.

This is likely just the first step of several that they might take while abusing their browser dominance. Watch carefully as things get worse the higher Chrome’s market share climbs.

You can still use an independent web browser, but who knows for how long? The effects I described in that old article linked above might lead to content no longer working correctly on anything but Google Chrome, and by that time Google’s control of what you can and cannot see, and also of how much of your privacy you are forced to surrender, will be total.

55'555 kilometers in a Tesla Model S in the Swiss Alps

Well, okay, we didn’t cover that entire length just in the Alps, but I needed a catchy title. If you want the short version: there is nothing to say here, and that’s the most significant thing I can tell you about electric driving in Europe today.

IMG_2515
Solar-powered Supercharger in Denmark

Continue reading “55'555 kilometers in a Tesla Model S in the Swiss Alps”

How Microsoft and Google are manipulating your children

Microsoft yesterday announced Windows 10 S, a cut-down version of Windows 10 for the education market. They plan to make it available to PC makers to sell laptops with, for as little as US$ 200 a pop. “Like a Chromebook, then”, you say? Exactly, like a Chromebook.

Services as drugs for kids

This is the start of a new turf war for child mindshare. Like drug dealers, Microsoft and Google know that it’s best to get them early, get them young, make them depend on your products. Microsoft even helpfully supplies teaching aids.

Continue reading “How Microsoft and Google are manipulating your children”

Switzerland’s own anti-Muslim campaign

The Swiss People’s Party (one of the most powerful parties in Switzerland) has recently launched a campaign against easier naturalization of third-generation foreigners. This is one of the billboards:

teaserbreitgross
People’s Party campaign, photo by Newsnetz. Note the nazi color scheme.

As a Swiss person, I am way more afraid of the old white men behind this campaign than I am of that hypothetical woman behind her niqab.

These men have in the past:

  • Weakened our education by cutting funding.
  • Managed to make the building of minarets illegal while building Christian churches and Jewish synagogues is still legal.
  • Supported not one but two new laws that undermine privacy, increase surveillance and allow remote wiretapping of Swiss citizens and others on pure suspicion, without a court order. These laws are BÜPF and NDG.
  • Are now supporting another new law that reduces taxes for large corporations while increasing them for individuals, the Corporate Tax Reform Act III.

And they are mostly men. Only 11 of their 65 seats in the national council are under the butts of women.

As a reaction to their billboards I would love to see an interview with a third-generation foreigner who likes to wear the niqab, but I’m pretty sure you won’t find one. The only person I am aware of in Switzerland who even wears a niqab is Swiss through and through: Nora Illi. On the right in this picture as you can surely guess:

Anne Will
Photo by Spiegel/WDR

But since she’s had Swiss citizenship since birth, I guess that won’t be a problem for our geniuses at the People’s Party, eh?

Microsoft's Cortana spies on everyone except school children

It appears that Microsoft decided that its voice-controlled assistant can no longer be disabled in Windows 10 after the upcoming Anniversary Update. So they can now be listening in on everything someone says in a household. Is this immoral? Microsoft probably doesn’t think so. But then you discover that Microsoft also decided that school children will not be spied on (so that would be immoral?)

A hardware killswitch is probably the only way you can make sure Cortana doesn’t hear you, but some manufacturers don’t supply those anymore.

Microsoft is not alone in wanting to listen in on your bedroom performance, Google also sneakily placed a recording system on all computers running an up-to-date version of Chrome. They even managed to infiltrate the free software base of Chrome, Chromium. So do Chrome users on Windows 10 now have two spies in their home? Seems that way.

To defend the free web, you must save Mozilla

TL;DR: Mozilla is largely dependent on Yahoo! We must make sure it is funded by individuals’ donations and a diverse roster of companies to keep it independent, to fight Google’s increasing browser dominance and to ensure our privacy. We must also let Mozilla know what we expect from them.

Read on to hear my reasoning.

Continue reading “To defend the free web, you must save Mozilla”