Setting aside the privacy implications of this (at this point, anyone who thinks they aren't being bagged n' tagged when using Windows 10 is either woefully naive or incredibly stupid), I think this warrants another antitrust investigation into Microsoft's behavior.
Microsoft's OS will silently and without permission uninstall programs that compete with the ones shipped with Windows 10, such as Firefox and Chrome. Or sometimes it will just silently and without permission change your default web browser back to Edge. The reason for this is because Edge's default search engine is Bing, which gives money to Microsoft via personalized advertisement brokering. And now they're locking in Edge, Bing, and the Windows Store so the user is given some menial rewards for using the three lock-in-step.
When a company uses its monopoly or near-monopoly on one platform (e.g. desktop OS) in order to break into other platforms (e.g. web browsers, search engines, app stores), and rewards users for obeying or inconveniences/punishes users for not obeying, that's called abuse. It is far worse than AT&T bundling free phones with their service, and that got them split up into multiple companies. And it's several steps advanced from the original case that Microsoft was convicted for, which was bundling Internet Explorer with Windows 95.
Email is a security nightmare (encrypted tunnels will likely never be universal, encrypted content is too hard to get working for non-techies, read receipts are worthless for verifying that the intended recipient got the message, and most webmail providers are actively man-in-the-middleing you), and I can never understand voicemail because the quality is often terrible.
Why can't we just switch to instant messaging for everything?
They're not really comparable. PowerShell only exists because Unix shells don't work so well with Windows' binary registry (as opposed to plaintext, which is conventional on Unix-like systems).
I really don't see much use for PowerShell on Linux -- maybe some portability reasons for lazy Windows admins. More likely this is just some token thing for Microsoft to open source for publicity, but won't lose them any sales.
I liberally use however much data/text/minutes I want on Ting (same networks as T-Mobile) and my bill is never more than $30.
Honestly these unlimited plans seem like massive overkill; especially for T-Mobile because they already give you the data for YouTube and several music streaming services for free. What are people doing on their phones and tablets that's using several GB per month?
Signal is currently the best solution for secure messages and phone calls. It's an app for Android and iOS, and Chrome has an extension to sync your messages to a desktop chat. But it communicates between phone numbers of course, so if that's not what you want then it's a bit trickier.
The best totally anonymous desktop messaging protocol I am aware of is Pidgin (Windows, Linux) and Adium (macOS) using the "Off-The-Record" extension. I don't know if there's any good solutions for video chat.
I mean, we prosecute mailmen for drug trafficking. We prosecute telecoms because terrorists use their phonelines every day to conspire against the United States. We prosecute sulfur miners murder, since they provide society with the element required to make gunpowder, which enables mass murderers via guns. When a company goes bankrupt due to mismanagement, the CEO always ends up penniless for the damage he caused.
In our country, if you can't catch the people who break laws, we ALWAYS make sure some unaffiliated distant party takes the fall for it.
I never upgraded to Windows 10 because I consider it spyware, but I've had some friends beg me to install Linux on their laptops to avoid it. My coworkers who aren't tech savvy have all brought in their laptops for me to fix because Windows 10 borked something.
So what features of "modern browser security" does Firefox lack? It can't be anything that the Tor Project or Bruce Schneier considers to be a non-starter.
I fail to see how a browser with hundreds of millions of users could not be relevant, but ok.
privacytools.io indicates that your local IP address can be leaked even if you don't ever click the "Allow" button, but if you can verify that's not the case I'm all ears.
TFA says it's an add-on. There is no indication that it will even ship with Firefox by default (Mozilla has made other extensions that aren't pre-packaged into Firefox).
Now, it's totally fine to complain when bloatware is added directly to the browser like Hello and Pocket (I would defend Reader though). But TFA does not indicate in any way that this will be the case.
Really, moving the world to encrypted-by-default is the only solution for this sort of silliness. Then, they can do deep packet inspection all they want to, and all they'll get is a hostname, at best.
You're not wrong. Unfortunately HTTP isn't the only protocol for Internet connections, and even if it was, HTTPS deployment is not at a high enough rate. Far too much stuff travels the net in plaintext right now for people to not be concerned about their privacy.
The only viable solution right now is to have your router forward all of your packets through a VPN. Non-geeks aren't technically savvy enough to do this sadly.
Frankly, we should just nationalize Verizon and Comcast and AT&T and make them not-for-profit.
We've already given them billions of dollars to deploy high speed Internet access to Americans, they just pocketed the money and still give horrible, extortionist, racketeering service to their customers. Well, fuck 'em, I say.
Comcast complains that the FCC won't let them put remote controlled explosives into their modems in order to bring lower prices to customers.
"A bargained-for exchange of customer's safety and well-being for higher prices is a perfectly acceptable and widely used model throughout the U.S. economy, including the Internet ecosystem, and is consistent with decades of legal precedent and policy goals related to consumer protection and privacy. [Not letting us put explosives in modems] would harm consumers by, among other things, depriving them of lower-priced offerings," Comcast's representative writes.
I wonder how long until some automatic Windows 10 update will disable altering any BIOS settings via some rootkit for "security" reasons. I mean, if they're not going to get hit with antitrust violations or charges of abusing their customers for all of the things they've done already (force Windows 10 updates on Win7/8. 1 users, telemetry that deceptively appears to be able to be turned off but really can't, no unsigned drivers allowed, uploading BitLocker keys to their servers, remove features during routine updates, uninstall programs during routine updates, ever-growing built-in advertisements, etc.), then they can pretty much just do anything they like, including preventing other operating systems from booting (which, I add, is now the case both on Windows RT tablets and Windows 10 phones).
It doesn't seem like you can disable it in Chrome, don't know about Opera or Vivaldi though. There's a Chromium fork called Iridium in the works that's hardened for privacy and security features, but I don't know enough about the company behind it to recommend it.
For Firefox, there's a great extension called Privacy Settings that will automatically optimize your settings for security and privacy (N.B. I would select "Full Privacy" but turn on dom.storage.enabled so websites like GOG's and Protonmail's will work, and turn off security.ssl.require_safe_negotiation since too many websites don't have good security yet).
I'm not so sold on the evils of writing passwords down as it requires the Evil Actor to have physical access in order to exploit it. And as we all know, once you have physical access it is pretty well game over for security in general.
Security isn't an all-or-nothing game. While the NSA or KGB could do a hundred things to compromise your privacy or security if they got physical access, an identify thief would probably judge it not worth his effort if he stole your laptop and it had full-disk encryption. In that case, having the password on a sticky note is really bad.
In Firefox, you should go to about:config and toggle dom.battery.enabled to false. I've read this exact advice on many privacy-related websites for over a year, so this really isn't news.
Slashdot Mirror
Setting aside the privacy implications of this (at this point, anyone who thinks they aren't being bagged n' tagged when using Windows 10 is either woefully naive or incredibly stupid), I think this warrants another antitrust investigation into Microsoft's behavior.
Microsoft's OS will silently and without permission uninstall programs that compete with the ones shipped with Windows 10, such as Firefox and Chrome. Or sometimes it will just silently and without permission change your default web browser back to Edge. The reason for this is because Edge's default search engine is Bing, which gives money to Microsoft via personalized advertisement brokering. And now they're locking in Edge, Bing, and the Windows Store so the user is given some menial rewards for using the three lock-in-step.
When a company uses its monopoly or near-monopoly on one platform (e.g. desktop OS) in order to break into other platforms (e.g. web browsers, search engines, app stores), and rewards users for obeying or inconveniences/punishes users for not obeying, that's called abuse. It is far worse than AT&T bundling free phones with their service, and that got them split up into multiple companies. And it's several steps advanced from the original case that Microsoft was convicted for, which was bundling Internet Explorer with Windows 95.
Email is a security nightmare (encrypted tunnels will likely never be universal, encrypted content is too hard to get working for non-techies, read receipts are worthless for verifying that the intended recipient got the message, and most webmail providers are actively man-in-the-middleing you), and I can never understand voicemail because the quality is often terrible.
Why can't we just switch to instant messaging for everything?
They're not really comparable. PowerShell only exists because Unix shells don't work so well with Windows' binary registry (as opposed to plaintext, which is conventional on Unix-like systems).
I really don't see much use for PowerShell on Linux -- maybe some portability reasons for lazy Windows admins. More likely this is just some token thing for Microsoft to open source for publicity, but won't lose them any sales.
I liberally use however much data/text/minutes I want on Ting (same networks as T-Mobile) and my bill is never more than $30.
Honestly these unlimited plans seem like massive overkill; especially for T-Mobile because they already give you the data for YouTube and several music streaming services for free. What are people doing on their phones and tablets that's using several GB per month?
My original submission said nothing about plug-ins, so I declare this "not my fault"
:P
Signal is currently the best solution for secure messages and phone calls. It's an app for Android and iOS, and Chrome has an extension to sync your messages to a desktop chat. But it communicates between phone numbers of course, so if that's not what you want then it's a bit trickier.
The best totally anonymous desktop messaging protocol I am aware of is Pidgin (Windows, Linux) and Adium (macOS) using the "Off-The-Record" extension. I don't know if there's any good solutions for video chat.
I mean, we prosecute mailmen for drug trafficking. We prosecute telecoms because terrorists use their phonelines every day to conspire against the United States. We prosecute sulfur miners murder, since they provide society with the element required to make gunpowder, which enables mass murderers via guns. When a company goes bankrupt due to mismanagement, the CEO always ends up penniless for the damage he caused.
In our country, if you can't catch the people who break laws, we ALWAYS make sure some unaffiliated distant party takes the fall for it.
I never upgraded to Windows 10 because I consider it spyware, but I've had some friends beg me to install Linux on their laptops to avoid it. My coworkers who aren't tech savvy have all brought in their laptops for me to fix because Windows 10 borked something.
Every browser already has this functionality (i.e. arbitrarily alter requests from the server before the user can interact with them).
So what features of "modern browser security" does Firefox lack? It can't be anything that the Tor Project or Bruce Schneier considers to be a non-starter.
I fail to see how a browser with hundreds of millions of users could not be relevant, but ok.
Who says it'll be included with the browser by default? Mozilla has made a bunch of extensions that aren't pre-packaged.
Firefox has about 10% market share (several studies collected here), which is hundreds of millions of people.
privacytools.io indicates that your local IP address can be leaked even if you don't ever click the "Allow" button, but if you can verify that's not the case I'm all ears.
There's plenty of extensions in the wild right now that are filled with security and PR problems, why don't those stop you?
Who says it's hidden? Have you actually used the add-on yourself yet?
TFA in fact says it is an add-on.
TFA says it's an add-on. There is no indication that it will even ship with Firefox by default (Mozilla has made other extensions that aren't pre-packaged into Firefox).
Now, it's totally fine to complain when bloatware is added directly to the browser like Hello and Pocket (I would defend Reader though). But TFA does not indicate in any way that this will be the case.
Instead of hoping, why don't you RTFA and find out?
Really, moving the world to encrypted-by-default is the only solution for this sort of silliness. Then, they can do deep packet inspection all they want to, and all they'll get is a hostname, at best.
You're not wrong. Unfortunately HTTP isn't the only protocol for Internet connections, and even if it was, HTTPS deployment is not at a high enough rate. Far too much stuff travels the net in plaintext right now for people to not be concerned about their privacy.
The only viable solution right now is to have your router forward all of your packets through a VPN. Non-geeks aren't technically savvy enough to do this sadly.
Frankly, we should just nationalize Verizon and Comcast and AT&T and make them not-for-profit.
We've already given them billions of dollars to deploy high speed Internet access to Americans, they just pocketed the money and still give horrible, extortionist, racketeering service to their customers. Well, fuck 'em, I say.
Comcast complains that the FCC won't let them put remote controlled explosives into their modems in order to bring lower prices to customers.
"A bargained-for exchange of customer's safety and well-being for higher prices is a perfectly acceptable and widely used model throughout the U.S. economy, including the Internet ecosystem, and is consistent with decades of legal precedent and policy goals related to consumer protection and privacy. [Not letting us put explosives in modems] would harm consumers by, among other things, depriving them of lower-priced offerings," Comcast's representative writes.
I wonder how long until some automatic Windows 10 update will disable altering any BIOS settings via some rootkit for "security" reasons. I mean, if they're not going to get hit with antitrust violations or charges of abusing their customers for all of the things they've done already (force Windows 10 updates on Win7/8. 1 users, telemetry that deceptively appears to be able to be turned off but really can't, no unsigned drivers allowed, uploading BitLocker keys to their servers, remove features during routine updates, uninstall programs during routine updates, ever-growing built-in advertisements, etc.), then they can pretty much just do anything they like, including preventing other operating systems from booting (which, I add, is now the case both on Windows RT tablets and Windows 10 phones).
It doesn't seem like you can disable it in Chrome, don't know about Opera or Vivaldi though. There's a Chromium fork called Iridium in the works that's hardened for privacy and security features, but I don't know enough about the company behind it to recommend it.
For Firefox, there's a great extension called Privacy Settings that will automatically optimize your settings for security and privacy (N.B. I would select "Full Privacy" but turn on dom.storage.enabled so websites like GOG's and Protonmail's will work, and turn off security.ssl.require_safe_negotiation since too many websites don't have good security yet).
- Write down passwords.
I'm not so sold on the evils of writing passwords down as it requires the Evil Actor to have physical access in order to exploit it. And as we all know, once you have physical access it is pretty well game over for security in general.
Security isn't an all-or-nothing game. While the NSA or KGB could do a hundred things to compromise your privacy or security if they got physical access, an identify thief would probably judge it not worth his effort if he stole your laptop and it had full-disk encryption. In that case, having the password on a sticky note is really bad.
In Firefox, you should go to about:config and toggle dom.battery.enabled to false. I've read this exact advice on many privacy-related websites for over a year, so this really isn't news.