Please don’t tell me you wear adidas (founded by a Nazi), or drive a Ford (made by an antisemite), or listen to Wagner, (a racist), or drive a Volkswagen, or play Minecraft, or use wix, or eat at Chick-fil-A, or…etc etc
He wasn’t fired. He voluntarily left. And thus Mozilla is left with an incompetent CEO whose only aim is to increase her paycheck year after year, despite pathetic market share results for FF. Enjoy that.
That said, nobody cares about your “friendly remainders”. We’re talking about software here, not politics.
And, to stay on topic, yes, it happened to me that Strict FP broke some website, in particular those displaying a frame with a map or similar stuff. So I’ve resorted to use “standard” FP myself.
I’m not a shill for Brave. It has its fair share of technical issues but it’s the less worse browser for my use case (better than FF, anyway). Your (or mine) opinion on the CEO has nothing to do with the technical issue discussed in OP’s link.
And no, what MAGA are you talking about? I’m not even 'murican. Take your meds, dude.
Yawn… I’m tired of this shit. You people are really ridiculous. I’m going to just block you. Enjoy your cognitive dissonance and your virtue signaling.
Technology and ethics and politics are not airgapped magically distinct things. Pretending that they are is a strategic political choice you are actively making.
Ok. I’m a bad person because I enjoy using a given browser. I get that.
This is a straw man argument; no one said you’re a bad person for using a certain browser.
nobody cares about your “friendly remainders”. We’re talking about software here, not politics.
This is what they are criticising you about. You could be using Edge or Chrome, it wouldn’t matter here, that wouldn’t make you a bad person. The point is that pretending there is no connection when there is clearly a huge relevance here is massive.
I have encountered a handful of sites that it broke as well. I use the strict protection option and manually add exceptions to the few sites it breaks - then I never have any other issues with them
I’ve been having a pretty good experience with Mullvad, however I don’t hear many people talking about it. I wonder why is that, IIRC it’s being developed with Tor Foundation, and is basically a Tor browser for clear web, and that sounds perfect. So far, I didn’t run into any issues, so is there a catch, or are they just not well enough known yet? Or, maybe people are turned away by their optional VPN?
Probably because LibreWolf is most of the way there, and the Mullvad branding + proprietary VPN is more than a bit much. I use(d) the VPN alongside it and found the add-on “hints” regarding the correct DNS settings more frustrating than helpful, too.
I was using LibreWolf before, but I really like the idea of bundling VPN + Browser, and also the way they handle payments - not only is Mullvad VPN kind of cheap, I can just pay with crypto and don’t need any account (kind of - you just generate username that also serves as an password, without any other contact information required).
But what I like the most about it is the idea of making a browser with the goal of having the same fingerprint between users (as much as possible), and offering it with a VPN - becuase that means that most of other users of the VPN will probably also have the same fingerprint from the browser, so you will blend in with them. I wasn’t really sold on the idea of VPN before that and didn’t use one, but this was what convinced me.
But tbh I haven’t done much research into the company, or into the effectivness of their implementation. I’m kind of betting on their cooperation with Tor Browser, which should have most of this stuff already figured out. But it’s possible that other browsers are just better at it, I never checked.
I do however still use LibreWolf for the occasional site that breaks with Mullvad, but it’s not something that happens too often.
I use(d) the VPN alongside it and found the add-on “hints” regarding the correct DNS settings more frustrating than helpful, too.
Hmm, I don’t think I’ve ever noticed anything about DNS. I think I’ve actually never click on the browser vpn extension, though :D Is it the encrypted DNS hint?
EDIT: Found this, apparently it’s doing pretty well privacytests.org
I’d ask why they don’t make it optional (I’m not a Brave user) but it seems it was.
Another issue is that Strict mode is used by roughly 0.5% of Brave’s users, with the rest using the default setting, which is the Standard mode.
This low percentage actually makes these users more vulnerable to fingerprinting despite them using the more aggressive blocker, because they constitute a discernible subset of users standing out from the rest.
Given that, I’m inclined to agree with the decision to remove it. Pick your battles and live to fight another day.
Strict mode is used by roughly 0.5% of Brave’s users
Based exclusively on whether a user had not gone through the Brave’s browser settings and disabled the “Send statistics about my behavior to the Brave corporate HQ” flag.
In other words, the number is useless.
This low percentage actually makes these users more vulnerable to fingerprinting despite them using the more aggressive blocker, because they constitute a discernible subset of users standing out from the rest.
This argument could be used to tell people to avoid using the Brave browser too. After all, only a minority of people do. The best way to blend in would be to use Google Chrome on Windows 11, and improve no privacy settings.
Unless someone wants to argue that using Brave makes you an acceptable degree of unique, but using advanced tracking blocking makes you unacceptably unique.
I had a small mountain of BAT they locked me out of due to shoddy linking with their banking affiliates and out of date DRM practices locking me out of my account due to too many devices being logged in (each OS update counted as its own device).
I noticed you didn’t have that linked, that’s because not every shitty move a company makes gets news coverage. Sorry I don’t fit into your narrow view on what constitutes a valid reason.
The banking backend that grifted me is called uphold and at the time that was the ONLY way to move BAT out of their wallet.
The device limit was a known issue for years and I left before they fixed it.
While I was still a user I would try their forum for support. Big shocker, LOTS of other users had the same issue and reports got ignored or muted by the mods there.
Another issue is that Strict mode is used by roughly 0.5% of Brave’s users, with the rest using the default setting, which is the Standard mode.
How are they getting this data? If it’s with telemetry this data doesn’t seem reliable, I doubt that people who change the fingerprint setting don’t disable telemetry.
It never occurred to me before reading this comment that there actually is a use case for the execute permission. To me it was always just this annoying thing I have to do whenever I download an executable which I didn’t have to do on Windows.
The problem is, using a computer is pretty much essential to function in this world, I actually know more people who would run any file sent to them without a second thought because they wouldn’t know better, but they still need to use a computer.
I think a better solution is to give better training to people about computer hygiene at the workplace.
I work for a large IT company so we’ve had numerous such training courses, but then they use third party services for time reporting, manager evaluation, cloud services, personal finance advice, etc. so I regularly get emails with links to domains that I’ve never heard about that I’m supposed to trust…
That’s what happens when executives don’t listen to IT…
The company I currently work for host everything at the building they own. The CEO doesn’t understand much about IT, but his attitude is “I trust your integrity and your expertise, so I’ll approve anything you ask me within reason if it will improve security and reliability.”
I work in a big international company. We regularly have phishing (email) awareness training. But they outsource about everything and regularly change the providers. So we often get totally legit emails from just some random companies and are supposed to visit/ login to some previously unknown domains.
Lazarus’ Operation DreamJob, also known as Nukesped, is an ongoing operation targeting people who work in software or DeFi platforms with fake job offers on LinkedIn or other social media and communication platforms.
Looks like they’re going after desperate job seeking crypto bros. Even if it’s not terribly effective, it’s a spray and pray, so they probably got some people.
Sadly it does not matter. The company could keep the battle going for close to a decade until there is a final decision. It is financially draining and you have to give up a lot of time in order to attend the hearings (or even travel to the correct jurisdiction).
Firstly, imposing on someone else’s intellectual property is not “illegal”, because that usually refers to crimes. This is a civil issue, as in the some company is demanding the dev stops or else they’ll sue him or something.
Secondly, it doesn’t really matter whether the dev is “right” or could prevail against a legal claim - because you just wouldn’t bother trying. Imagine you have an ok job, take care of your family, and made this plugin on a whim just because you can. Your days are full of taking your kids to the park, spending time with your wife, playing around with your hobbies, that stuff. Maybe you’re not wealthy, but your salary is enough to look after your family and make your mortgage repayments. Then Haier threatens to sue you, and although you could likely prevail mounting a defense would probably cost you a years worth of mortgage repayments. Maybe you could represent yourself but that might take a years worth of saturdays writing and responding to legal stuff that you don’t really know much about. Bear in mind that there’s no financial support from the open source community.
It just doesn’t really matter whether Haier has a legit claim.
Yeah, you’re right, that’s the problem. That system makes sense if big corpos use it to “test” each other for copyright infringement, but when an individual gets involved they just get steamrolled wether they’re in the right or not, since the system assumes they have a team of lawyers on retainer in order to work as intended.
Not a lawyer; would this likely stand up in court? Obviously I wouldn’t risk it were I the dev, but just curious.
It’s pathetic that I’ll happily recommend my Emporia Vue2 energy monitor to folks running HA — not because it works out of the box, but because the company is aware of the community integration projects and seems ok with it, even if they don’t actually support it. (ESPHome Firmware flash gives you local control — It’s been pretty great!)
Not a lawyer; would this likely stand up in court?
I’m not a lawyer either, but I don’t think so.
The developer of this Home Assistant integration is German. European law allows people to reverse engineer apps for the purpose of interoperability (Article 6 of the EU software directive), so observation of the app’s behaviour or even disassembling it to create a Home Assistant integration is not illegal.
In general, writing your own code by observing the inputs to and outputs from an existing system is not illegal, which is for example how video game emulators are legal (just talking about the emulator code itself, not the content you use with it).
If it’s a Terms of Service violation, it’d be the users that are violating the ToS, not the developer. In theory, the Home Assistant integration could have been developed without ever running the app or agreeing to Haier’s Terms of Service, for example if the app is decompiled and the API client code is viewed (which again is allowed by the EU software directive if the sole purpose is for interoperability).
The code in this repo is likely original Python code that was written without using any of Haier’s code and without bypassing any sort of copy protection, so it’s not a DMCA infringement either.
My thoughts exactly. I still remember when the reversed engineered codes for the classic GTAs were out (RE3), all GitHub forks were quickly taken down.
bleepingcomputer.com
Active