Russiagate is becoming ever more desperate and obvious. The previous Russiagate lie had a slightly higher figure spent on Facebook ($100k) and even that amount is laughable; the corporate parties spend orders of magnitude more on media buys to get the public's attention and steer American voters toward voting for their electors. $80k spent doesn't deserve anything but a laugh at someone's attempt to excuse Hillary Clinton from her horrible politics, twice-demonstrated incompetence at heading a political campaign (losing to a then-unknown upstart Senator, then the candidate the mainstream corporate media wouldn't stop making fun of), and continued self-embarrassment in her comments about Harvey Weinstein's alleged sexual abuses.
I thought/. focused on repeating corporate media's IT-oriented lies (endless supportive coverage of proprietary software despite countless stories revealing the same truth: software freedom would have prevented that issue, or software freedom would have let people fix their own instance of $IoTobject). Now/. is getting uncritically into Russiagate? A story that has shown time and again the mainstream American corporate media has no time for facts?/. you're increasingly worthless.
Yes, but there's no reason to trust that Subaru or any Subaru dealer will do the job right the second time. The article makes it clear that Subaru isn't taking this seriously ("I did [reach out]. I told them about the vulnerability and shared my code with them," Wimmenhove told Bleeping. "They referred me to their 'partnership' page and asked me to fill in a questionnaire. It didn't seem like they really cared and I haven't heard back from them." followed by no response from Subaru to the too-corporate-compliant bleepingcomputer.com which won't link to the relevant Github code page). Subaru's response is flatly not the response of an organization that gives a damn and not linking to the relevant code is showing Subaru far too much deference.
The whole thing would be end-user fixable if the vehicle's complete software were free software. Users could run, inspect, share, and modify the code themselves or get someone they have good reason to trust to do the work for them. They wouldn't have to rely on an organization that apparently got it massively wrong the first time, didn't even put up a showing like they cared when shown the exploit they introduced, and so far hasn't done anything to fix.
As it stands now, all Subaru owners can do is ask the proprietors who fucked up the job the first time to take another stab at it—gratis of course—all the while knowing that it will take some helpful hacker like Tom Wimmenhove to look for a different predictable pattern. No Subaru dealer should charge any Subaru owner for applying this or any subsequent lock fix; they should consider themselves lucky if they're not getting sued for selling defective locks in the first place and get their repair costs covered by Subaru.
"This was another thing that Steve [Jobs] taught me, actually," says Cook. "You've got to be willing to look yourself in the mirror and say I was wrong, it's not right." In a broader sense, Cook says that Jobs taught him the value of intellectual honesty -- that, no matter how much you care about something, you have to be willing to take new data and apply it to the situation. He advised his audience to "be intellectually honest -- and have the courage to change."
Judging by the changes made I'd say they were small superficial changes at best; nothing that would risk meeting the level Tim Cook claims Steve Jobs set out for himself, Cook, or Apple as a whole. Respecting a user's software freedom (the freedom to run, inspect, share, and modify published computer programs) is apparently not something Apple's leaders have the "intellectual honesty" or "courage to change".
After his first stint with Apple Steve Jobs headed up NeXT. NeXT distributed an OS and development software which included GCC (then the GNU C Compiler, later the GNU Compiler Collection because it compiles more languages than C-like languages). NeXT was GCC's first commercial copyright infringer, according to Brad Kuhn (former Executive Director of the Free Software Foundation).
NeXT needed a compiler for its new system, GCC was practical and extensible. NeXT extended GCC to compile Objective-C, a programming language used to make applications for NeXTSTEP (the OS on NeXT's computers). The problem came when NeXT distributed its developer system with only object code to its GCC variant, not the "complete corresponding machine-readable source code" GCC's license (GNU General Public License version 2) required. Fortunately for NeXT the Free Software Foundation (GCC's copyright holder) sought compliance with the license over litigation and stopping NeXT from further copyright infringement, so NeXT was allowed to continue distributing their GCC derivative only if they complied with the GNU GPL v2. NeXT eventually complied by distributing said complete corresponding source code (on a large set of ED floppies, if memory serves).
Steve Jobs likely never forgot that smaller non-corporate copyright holders can enforce their license. I believe he developed a perverse hatred of the GNU GPL which he carried back to Apple. Apple distributed MacOS X which came with a number of GPL-covered programs (the Common Unix Printing System or "CUPS" for printing support, GNU's Bourne-again shell or "bash", Apple's GCC derivative to name a few) but some years later (particularly after GPL v3 came out) Apple set out to remove and/or avoid GPL-covered programs from their proprietary (user-subjugating) OS. Apple takes a few different strategies to this end: Apple is replacing GNU GCC with a compiler licensed under a pushover license (a non-copyleft free software license which allows non-free derivatives) so Apple can have the power to distribute a proprietary variant of that compiler and not contribute changes back. Apple bought CUPS from Easy Software Products, CUPS' initial copyright holder, thus making Apple CUPS' copyright holder and switching Apple from being a GPL licensee to a GPL licensor (Apple can litigate the GPL over others but doesn't have to worry that anyone can do the same to it regarding CUPS). Apple ships an old version of GNU bash licensed under the GNU GPL v2.
But respecting a user's software freedom isn't on the list of changes Apple's higher-ups are willing to make. No matter how many insecurities remain in Apple's software (such as one that allowed spying for years), no user (even willing technically-skilled users) should be allowed to inspect the vast majority of Apple's software to figure out what's going on, fix problems and/or improve the software to meet their needs, distribute copies of the software to help other
According to the article, it affected fewer than 1% of customers that weekend, the intrusion was stopped within 28 hours, and they've called in outside experts to take an objective look at it and help them improve their security posture.
I think we've seen enough stories of this kind to know that businesses lie about the extent of the loss of control of relevant systems and by default we should not believe them their first report. We've even seen these kinds of stories repeated on/. recently:
Yahoo Triples Estimate of Breached Accounts To 3 Billion—Yahoo reported they lost control of around 1 billion user accounts then later it turns out they lost control of around 3 billion (basically all) Yahoo accounts and "compromised customer information included usernames, passwords, and in some cases telephone numbers and dates of birth" which strikes me as information imposters may find useful.
Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries—after an initial breach involving losing "access to credit card systems at 250 properties in 50 different countries", "Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017" which "impacted 41 properties across 11 countries".
If you think this is the beginning and ending of this story, you have not been paying attention.
What to do about it? Using cash is a short-term solution for a narrow problem but doesn't address the de-anonymization efforts underway for cash (unique IDs embedded in paper currency, for instance) and doesn't address whether we should trust Pizza Hut or Yum! Brands at all.
If we think like legislatures apparently do regarding drug law, copyright law, and so on then the ugly patterns have formed and it's time get punitive (just as they apparently do at the behest of big businesses against the wishes of the citizenry). Tell big businesses that they stand to be disincorporated when they lose exclusive access to their systems or hire other businesses that lose said exclusive access because we value not being defrauded more than we value their lax business practices. We also need to remain vigilant over credit law and make sure that liability is always limited to some low value and always kept in place for the credit user. We should never stand for credit card processors of any kind making it easier to move the liability for fraud to the end user.
This story only comes off as the Dutch looking out for Dutch Windows 10 users' interests if one accepts a mainstream media bias against critically examining the unethical power of proprietary software.
"The lack of clear information about what Microsoft does with the data that Windows 10 collects prevents consumers from giving their informed consent" is true as far as it goes but hardly affects just Windows 10. This whole story hinges on that Microsoft got caught ignoring user's privacy preferences and releasing more information than the user said they wanted released. All proprietary software inherently fails to give such clear information and every time that software is altered the information collected or disseminated can change, making informed consent harder.
Software freedom is needed to truly address the underlying concerns rightly raised by the Dutch government. Only with free software can users have any real chance to understand what published software does, verify programmer/distributor's claims about the software, ensure that the software complies by modifying the software, and help one's community by distributing the improved software.
So looking out for the users' interests makes sense to do at a government level (apparently the so-called "free market" approach results in situations like what we face now) but structurally this simply cannot be done in an effective and thoroughgoing way with non-free (user-subjugating) software. Proprietors know this and this is partly why they release their software without respecting their user's software freedom.
Four hours is not a lot of time for a rare event such as your tow story.
Someone determined enough is going to get in. But theft deterrent is always about making your neighbor a more appealing target and you not worth the hassle.
Hence the phrase "locks are for honest people". But with the Internet-based lock system (most likely running on proprietary/non-free software the user does not own and exclusively control because they bought an amazon.com kit/service) there's no way to determine who can get in by getting amazon.com to unlock the doors (leaving no evidence of a break-in).
When you're not the only one in control of your system, your system can be set up to fail at an inopportune time (for you) and in ways you can't fix. This is a risk you carry for as long as you let some organization of indeterminable size determine when to unlock your doors. Cameras recording your premises when you're away or asleep and remote-control locks sound secure and convenient until you find out how they're implemented for most people most of the time—all proprietary software-driven and therefore totally insecure.
In the original, pre-Microsoft world, when you made a connection to a counter-party for a Skype Call, the client would first check a dynamic, central registry to see if the counter-party could be identified and if they were on line.
Skype was fundamentally flawed well before this came into play: Skype was always non-free software. Skype was therefore always untrustworthy. How proprietors (Skype pre-Microsoft, Microsoft, or any proprietor who comes to own it later) describe Skype's code is therefore also untrustworthy. So as much as centralized call routing makes spying easier, a mere optimization on an inherently untrustworthy program. This change certainly didn't mean that Skype was in any way trustworthy before, and therefore this change was simply not the significant event you make it out to be.
They still want to better understand your conversations - likely, this time around, for advertising and marketing purposes...
People really ought to stop arguing as if they know why spies spy. We don't know the reasons why they made these choices; you're simply speaking beyond your knowledge. We can reasonably talk about who benefits from their choices and what power proprietary software grants a proprietor, but that's about it. Collected data is useful for multiple purposes not just advertising. Some of the reasons collected data is useful may not yet be known to the spies. What's most important aren't the reasons for spying. The strongest argument for respecting one's privacy is that humans need privacy to live a dignified life. If computer users are to take on software proprietors in a meaningful way they'll have to support software freedom for its own sake. Software freedom (respecting a user's right to run, inspect, share, and modify all published computer software) is a practical means to show other computer users that respect for one's dignity and a means to enjoy that dignity oneself.
That's the great thing about software freedom: programmers can improve free software and make the technical limitations a thing of the past while retaining the software freedom. But non-free software's power and reliability doesn't become freedom-respecting as more features are added.
A known spying organization is deploying balloons to help the Puerto Ricans communicate in their time of need. This need is genuine and I'm sure everyone is grateful for the assistance. Therefore this sounds very nice and a good thing to do for any organization. But in light of what Google does with its services (email accounts, blog hosting, phone call proxy/rerouting, etc.) and the article's lack of describing any restrictions on this generous service, I wonder what else will the organization do with the data they get access to via this service? Are there conditions put on Alphabet to make sure this doesn't double as taking advantage of the needy?
Kaspersky's proprietary anti-malware software was never trustworthy. Kaspersky's anti-malware didn't recently become untrustworthy, and the year-plus long Russophobia didn't change anything nor does that craze amongst the war profiteers inform the current situation.
We judge software's trustworthiness by software freedom—the freedom to run, inspect, share, and modify published computer software. If a program is non-free (proprietary, user-subjugating) that program is untrustworthy regardless of what it purports to do, who wrote it, or who distributes it. No review program can ever truly evaluate the trustworthiness of non-free software because either they don't review the program's source code (thus the reviewers don't really know what the program can or will do), or they are under some non-disclosure agreement (in which case the reviewers can't be trusted). You need software freedom even if you don't program (as most computer users don't) so you can give a copy of the free software to someone you trust and ask them for a proper review. This can also be a commercial opportunity (jobs!).
How did they do it? They took advantage of someone's desire for convenience over software freedom (and the practical security benefits one gains from software freedom) to sell them products and services with at least one backdoor.
Naturally, nobody should trust anything from Cisco regardless of how much they paid for it unless that program is free software (free to run, inspect, share, and modify) because that means one's software freedom is respected. But Cisco isn't the only problem organization here, all software proprietors are just as untrustworthy. I know I've posted a lot about this, but blame/. for pointing readers to the same theme of story again and again: Proprietary software (such as Cisco's Umbrella product) simply can't be trusted. Neither can anything configured in them or output from proprietary software. Logs, filters, anti-malware code, etc. are all untrusted once you know they come from a non-free program precisely because you don't know what that program is doing while it ostensibly does what it's advertised to do. When you don't know how much information is left out, and you are not permitted to inspect or modify the program to do what you want it to do, you are at the mercy of those who know its true power (the proprietor) just as Cisco's clients were subject to Cisco's use of this backdoor (and anyone else Cisco decided to let in on the backdoor).
This untrustworthiness extends to the announced "resolution" ("Vulnerability due to always-on SSH Tunnel -- RESOLVED") as well. For all we know a newer more stealthy vulnerability was introduced to replace the old one. Thus the functionality this tunnel provided isn't really gone, it's just changed. And the untrustworthiness remains.
I quite agree, and as horrible as civil forfeiture is that's not even the worst of it: the drone war (conducted across US administrations from US Presidents G.W. Bush, through Obama, and now Trump) kills people extrajudicially including Americans and children. Put another way: civil forfeiture typically takes people's property (including their money), the drone war typically takes people's lives. So far nobody has used the drone war as much as Pres. Obama, but there's more continuity of policy showing how (like civil forfeiture) there's an agreement across both corporate parties. The reasoning justifying the killings is almost always absent, and when pressed revealed to be horrific.
Under Obama's administration on September 30, 2011 the US killed an American named Anwar al-Awlaki said to be involved in al-Qaeda operations. There were no charges filed, no evidence offered, no trial held. Two weeks later in a separate drone strike his 16-year-old son Abdulrahman al-Awlaki was also killed. Again no charges filed, no evidence offered, no trial held. When reporters asked what Abdulrahman's crime was that justified killing him extrajudicially Robert Gibbs, Obama's press secretary, replied in a way that made it clear: the US government kills whomever it wants whenever it wants on any or no evidence while he also blamed the son for the alleged sins of his father. Lots of passers-by die in each drone strike as well; completely untargetted people who happen to live or pass within the killing zone of a missile. This is how wedding and dinner parties full of people (we don't even know their names) have died.
Robert Gibbs, Obama's former White House press secretary and a senior official in the president's 2012 reelection campaign, was also asked about the strike that killed Abdulrahman. "It's an American citizen that is being targeted without due process of law, without trial. And, he's underage. He's a minor," reporter Sierra Adamson told Gibbs, during a press gaggle after a presidential debate where Gibbs was serving as a surrogate for Obama. Gibbs shot back: "I would suggest that you should have a far more responsible father if they are truly concerned about the well-being of their children. I don't think becoming an al Qaeda jihadist terrorist is the best way to go about doing your business."
Obama famously made a joke of drone war at one of his press dinners where he joked about killing a boy band his daughters liked. What made that 'joke' so unfunny is precisely that when he said it he was one of the few people who could have ordered such a strike and gotten away with killing them too. I think it important in this age of replaying Pres. Trump gaffes to indicate how little he cares about the disaffected people to show how little people knew of what was going on in these drone strikes, who was being killed, and why.
As other countries get killer drones, what future has the US committed its citizens to? One can only hope that other countries continue to show a restraint that the US has not shown with nuclear weapons. There's still far too much danger with nuclear weapons too, but the above are some of the reasons the world fears the US most. You won't hear many people criticizing Trump mention civil forfeiture or drone strikes because bringing this up at all runs the risk of not being uniquely anti-Trump, of pointing out the continuity of American policy that in some way hurts us all (none so much as those assassinated, of course).
So long as any part of this depends on non-free (proprietary, user subjugating) software, insecurity is to be assumed because untrustworthiness is guaranteed. Manual overrides on proprietary software are an illusion built to placate those who don't think through the process thoroughly.
It's also worth recognizing that this is entirely unnecessary. People have been quite fine to turn on/off their own house lights, lock/unlock their own door locks (without handing out keys to others such as an unknowable and indeterminably large set of people who want free access without making it look like they broke in), and so on without automation. Principled technologists know when it's a better option to say no to automation and remote control, this is most obviously the correct reaction in the face of a system the user has no permission to fully and exclusively control.
There's no way of "securing" door locks, for instance, with software one doesn't control and fully have the freedom to own. When dealing with a system a proprietor can augment or replace at any time, manual overrides mean nothing.
I wouldn't be surprised about Chrome—a proprietary web browser (which alone makes it untrustworthy) from Google (a well-known spy agency). Ubuntu GNU/Linux is a slightly different case here in that technical users could choose to not install the spyware search, but ordinary users relied on better defaults. The big difference here is what users are allowed to study, change, and distribute: Chrome is not allowed to be so inspected, changed, and distributed while perhaps most software in Ubuntu GNU/Linux can be inspected, changed, and modified.
Raising Chrome or Ubuntu GNU/Linux as being equals in proprietary malware is both not quite the same and takes nothing away from the previous poster's apt reminder that Microsoft is a known NSA collaborator making all but its free software even more suspicious.
For communication during games, me and some friends use Teamspeak. No bullshit, not spyware, no hustle, it just works.
If Teamspeak is proprietary software as Wikipedia's Teamspeak entry says it is, you're making claims beyond your knowledge. Part of your description uses terms which have no clearly agreed-upon definition, and you have no idea if Teamspeak is spyware now or will become so later. For all we know, Teamspeak "just works" to implement its developers' ends implemented via proprietary malware. The fact that we don't know what Teamspeak does when it runs is a problem, not something we should overlook because it appears to reliably allow its users to chat and share data.
So, "No thanks!" indeed, but I'd aim this message at both Skype and Teamspeak because both should be flatly rejected for the same reason—both programs don't respect a user's software freedom to run, inspect, share, and modify the software at any time for any reason.
The claims of "no ads, no tracking, no user profiling and we don't collect or share any user data with anyone" is unverifiable and possibly already untrue. It's not wise to put much stock in such claims. This is one of the problems of the modern website: even altruistic admins who want to set up a valuable service that genuinely does not advertise to user, track users, profile users, collect data, or share data about users can't be trusted. StartPage.com and Ixquick.com are websearch sites run by the same organization. This organization makes privacy-minded claims about what it collects about its users but there's no way to know if these claims are honored.
Server-side free software is great for the admins; that's a big step toward letting the site admins control their computers (which everyone deserves to do for their computers). But free server-side software won't help us verify privacy-respecting claims because there's no way a site's users who aren't site admins (in other words, the majority of the site's users) can tell what happens to the data the server gathers or is offered. It's possible Raddle.me runs software that is different from what the site admins acquired before reddit stopped publishing their site's code.
So if Raddle.me uses Javascript, it's very easy for the site to send the visitor code that will track how the site is used, and allow the site to collect more information about users than typically shows up in server logs. And even if Raddle.me doesn't send its visitors Javascript there's plenty of information in server logs to do some profiling, tracking, and make something saleable from that data.
Apple's users need to declare their independence from dependence on Apple and switch to free software OSes running on hardware they own. The same is true for independence from any proprietor.
You will never get the control over your own damn equipment you seek so long as you do business with proprietors (Apple, Google, Microsoft, etc.). Like I've said so many times before on/., the themes of the articles here are the same and so are the fixes you can implement today: software freedom is a good unto itself because it helps grant you the independence and true ownership you seek, running free software on hardware you can fully own is the best currently viable way to get the independence you seek. The rest is a matter of political will—are you willing to change your system and hardware so you can have the best available hardware and software that respects your freedom? Wishing and hoping achieve nothing, real change requires political action.
Is this some question rooted in making sure future privacy leaks happen faster, in a more standards-compliant way, with a different web rendering engine, or some other technocratic detail that tries to obscure the underlying non-freedom problem?
Since when would the non-free Edge browser be more trustworthy than the non-free Internet Explorer browser?
The problem is the lack of software freedom; even users skilled and willing to help themselves and others fix the problem are not given permission to know what proprietary software does (whether intentionally or by mistake). So after years of people using Windows (a known security leaky proprietary OS written by an organization that partners with spies like the NSA) more problems arise with Microsoft Internet Explorer (an apparently security leaky proprietary browser). Proprietary software users must either switch to a free software OS and run free software on that, or wait for a proprietor they can't trust to issue a fix.
the user does need to download and run the app [...] And, since it's unsigned, I'm assuming it won't work for most users by default
No on both counts—the app demonstrated in the movie is for proof of existence. The relevant code could exist in any application, even apps MacOS users already have and have been using (since this security flaw is old and also affects earlier variants of MacOS). In other words, sensitive data could have already been uploaded somewhere including changes to those credentials.
Apple's security is not only totally unimpressive here, Apple has a horrible track record as well. Wardle was quoted as saying he's "continually disappointed in the security of macOS...", "...every time I look at macOS the wrong way something falls over", and "Apple marketing has done a great job convincing people that macOS is secure, and I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable". I don't know precisely what Wardle was referring to to draw that conclusion. Perhaps he is referring to the time Apple chose to leave a 3-year old remotely exploitable iTunes bug unfixed after being informed about the problem. As Richard Stallman pointed out, "During that time, governments used that security hole to invade people's computers.".
But the worst part is that the software in question is proprietary (in other words, it's user-subjugating and non-free). So even technical users who are motivated to fix this, capable of fixing the problem, and willing to help others by distributing copies of their fix to other MacOS users in an easy-to-install package are rendered helpless. Such technically-inclined and helpful users can't help themselves or their community. They can either switch to a free system where their software freedom is respected or wait for Apple to fix the problem. And as the article says, "Apple did not say if or when it will patch the bug.".
I disagree; we should not judge the software by the person or organization that wrote or published it. We should reject the vast majority of Microsoft's software because that software is non-free (user-subjugating, proprietary) software. We can't trust any non-free software. This has nothing to do with its author. Microsoft's free software is like any other free software: we can evaluate its trustworthiness by inspecting the code, and if necessary improving the code. Then we can help ourselves by running that improved code (if it is helpful to us), and we can help our community by distributing copies of the improved code. These are the freedoms we get with free software and we should respect all computer users' software freedom regardless of the authors of that code.
"To think about these very complex products and say the answer to all our problems is that you should have anybody to repair and have access to the parts is not looking at the whole problem."
Complexity of the device is irrelevant, a distraction, and a red herring. The issue here is an owner's right to repair what they own, and this case should be fought and discussed on that basis. Any other argument (such as ones posted here like people saying they just won't buy Apple products) that even tacitly gives into an owner being denied repair right because the device is deemed to be "complex" is a very dangerous argument to make. It's right and proper to not do business with organizations that don't treat you properly, so not buying Apple products and services is perfectly reasonable and recommendable. But you're better off doing that while also letting the public know that it's better to demand a right to repair everything you own and not give into this notion that sufficiently "complex" items somehow legitimate denying an owner the right to repair their own devices. Apple's desire for more power and money may well "not looking at the whole problem" but that is not your problem.
The W3C was doing what it was designed to do—membership is only available to those who pay, and that means its membership is almost entirely businesses. Calling this selling out misses the point of how the W3C's structure virtually guarantees predictable pro-DRM business outcomes such as this. As DefectiveByDesign.org pointed out long ago, "Companies can impose DRM without the W3C; but we should make them do it on their own, so it is seen for what it is—a subversion of the Web's principles—rather than normalize it or give it endorsement.".
Without agreeing to or objecting to the specific number of deaths per year attributable to cheating on environmental testing compliance, it would appear that Brad Kuhn (former Exec. Dir. of the Free Software Foundation, current Distinguished Technologist at the Software Freedom Conservancy) was right in his article "Software Freedom Doesn't Kill People, Your Security Through Obscurity Kills People":
I heard a talk today from a company representative of a software supplier for the automotive industry. He said during his talk: "putting GPLv3 software in cars will kill people" and "opening up the source code to cars will cause more harm than good". These statements are completely disingenuous. Most importantly, it ignores the fact that proprietary software in cars is at least equally, if not more, dangerous. At least one person has already been killed in a crash while using a proprietary software auto-control system. Volkswagen decided to take a different route; they decided to kill us all slowly (rather than quickly) by using proprietary software to lie about their emissions and illegally polluting our air.
Meanwhile, there has been not a single example yet about use of GPLv3 software that has harmed anyone.
This is the time to cite the cheating scandal as a reason why car owners should actually own their car including the complete corresponding software for the car and the software build instructions. We know what happens when the manufacturers are allowed to use the power of a proprietor. It's time we get vehicles that respect our software freedom.
I concur and I encourage you all to keep this in mind anytime anyone proposes using proprietary software because that's one of the effects of what they're encouraging you to adopt—less control over your computer and the data that it handles.
I don't know about the rest of you folks but I waited 3 hours in line to vote for Bernie in my primary. That wasn't an accident. Nor was it because of overwhelming turnout.
According to information known at the time and later leaked by WikiLeaks, it was likely because Sen. Bernie Sanders' campaign was a victim of collusion between the Hillary Clinton campaign and the DNC corporation. And if you read the (remarkable but predictably underreported) DNC lawsuit (CAROL WILDING et al. v DNC SERVICES CORPORATION, d/b/a DEMOCRATIC NATIONAL COMMITTEE and DEBORAH âoeDEBBIEâ WASSERMAN SCHULTZ), you'll understand why voting in party primaries is a waste of time. Consider what the DNC corporation's lawyer, Bruce Spiva, said about how that party could have picked a standard bearer (http://jampac.us/wp-content/uploads/2016/07/042517cw2.pdf pages 36-37):
[I]f you had a charity where somebody said, Hey, I'm gonna take this
money and use it for a specific purpose, X, and they pocketed it and
stole the money, of course that's different. But here, where you have a
party that's saying, We're gonna, you know, choose our standard bearer,
and we're gonna follow these general rules of the road, which we are
voluntarily deciding, we could have — and we could have voluntarily
decided that, Look, we're gonna go into back rooms like they used to and
smoke cigars and pick the candidate that way. That's not the way it was
done. But they could have. And that would have also been their right,
and it would drag the Court well into party politics, internal party
politics to answer those questions.
There's no obligation for them to pay attention to your primary "votes" and you, Court, keep your nose out of our corporate business. I doubt any court would have told a corporation how to pick its representatives here anyhow, but the lawsuit was worth mounting even though it was likely to lose.
I don't want anyone to have to run YouTube's nonfree Javascript, so either look elsewhere for clips of "Redacted Tonight" (one of the few TV shows to mention this lawsuit which, uncoincidentally, is very revealing of the Democratic Party) or use youtube-dl to download https://www.youtube.com/watch?v=ZoSYC45cl6k and https://www.youtube.com/watch?v=V_fdBqISODQ for information on the class action lawsuit and how it ended.
Slashdot Mirror
Russiagate is becoming ever more desperate and obvious. The previous Russiagate lie had a slightly higher figure spent on Facebook ($100k) and even that amount is laughable; the corporate parties spend orders of magnitude more on media buys to get the public's attention and steer American voters toward voting for their electors. $80k spent doesn't deserve anything but a laugh at someone's attempt to excuse Hillary Clinton from her horrible politics, twice-demonstrated incompetence at heading a political campaign (losing to a then-unknown upstart Senator, then the candidate the mainstream corporate media wouldn't stop making fun of), and continued self-embarrassment in her comments about Harvey Weinstein's alleged sexual abuses.
I thought /. focused on repeating corporate media's IT-oriented lies (endless supportive coverage of proprietary software despite countless stories revealing the same truth: software freedom would have prevented that issue, or software freedom would have let people fix their own instance of $IoTobject). Now /. is getting uncritically into Russiagate? A story that has shown time and again the mainstream American corporate media has no time for facts? /. you're increasingly worthless.
Yes, but there's no reason to trust that Subaru or any Subaru dealer will do the job right the second time. The article makes it clear that Subaru isn't taking this seriously ("I did [reach out]. I told them about the vulnerability and shared my code with them," Wimmenhove told Bleeping. "They referred me to their 'partnership' page and asked me to fill in a questionnaire. It didn't seem like they really cared and I haven't heard back from them." followed by no response from Subaru to the too-corporate-compliant bleepingcomputer.com which won't link to the relevant Github code page). Subaru's response is flatly not the response of an organization that gives a damn and not linking to the relevant code is showing Subaru far too much deference.
The whole thing would be end-user fixable if the vehicle's complete software were free software. Users could run, inspect, share, and modify the code themselves or get someone they have good reason to trust to do the work for them. They wouldn't have to rely on an organization that apparently got it massively wrong the first time, didn't even put up a showing like they cared when shown the exploit they introduced, and so far hasn't done anything to fix.
As it stands now, all Subaru owners can do is ask the proprietors who fucked up the job the first time to take another stab at it—gratis of course—all the while knowing that it will take some helpful hacker like Tom Wimmenhove to look for a different predictable pattern. No Subaru dealer should charge any Subaru owner for applying this or any subsequent lock fix; they should consider themselves lucky if they're not getting sued for selling defective locks in the first place and get their repair costs covered by Subaru.
Judging by the changes made I'd say they were small superficial changes at best; nothing that would risk meeting the level Tim Cook claims Steve Jobs set out for himself, Cook, or Apple as a whole. Respecting a user's software freedom (the freedom to run, inspect, share, and modify published computer programs) is apparently not something Apple's leaders have the "intellectual honesty" or "courage to change".
After his first stint with Apple Steve Jobs headed up NeXT. NeXT distributed an OS and development software which included GCC (then the GNU C Compiler, later the GNU Compiler Collection because it compiles more languages than C-like languages). NeXT was GCC's first commercial copyright infringer, according to Brad Kuhn (former Executive Director of the Free Software Foundation).
NeXT needed a compiler for its new system, GCC was practical and extensible. NeXT extended GCC to compile Objective-C, a programming language used to make applications for NeXTSTEP (the OS on NeXT's computers). The problem came when NeXT distributed its developer system with only object code to its GCC variant, not the "complete corresponding machine-readable source code" GCC's license (GNU General Public License version 2) required. Fortunately for NeXT the Free Software Foundation (GCC's copyright holder) sought compliance with the license over litigation and stopping NeXT from further copyright infringement, so NeXT was allowed to continue distributing their GCC derivative only if they complied with the GNU GPL v2. NeXT eventually complied by distributing said complete corresponding source code (on a large set of ED floppies, if memory serves).
Steve Jobs likely never forgot that smaller non-corporate copyright holders can enforce their license. I believe he developed a perverse hatred of the GNU GPL which he carried back to Apple. Apple distributed MacOS X which came with a number of GPL-covered programs (the Common Unix Printing System or "CUPS" for printing support, GNU's Bourne-again shell or "bash", Apple's GCC derivative to name a few) but some years later (particularly after GPL v3 came out) Apple set out to remove and/or avoid GPL-covered programs from their proprietary (user-subjugating) OS. Apple takes a few different strategies to this end: Apple is replacing GNU GCC with a compiler licensed under a pushover license (a non-copyleft free software license which allows non-free derivatives) so Apple can have the power to distribute a proprietary variant of that compiler and not contribute changes back. Apple bought CUPS from Easy Software Products, CUPS' initial copyright holder, thus making Apple CUPS' copyright holder and switching Apple from being a GPL licensee to a GPL licensor (Apple can litigate the GPL over others but doesn't have to worry that anyone can do the same to it regarding CUPS). Apple ships an old version of GNU bash licensed under the GNU GPL v2.
But respecting a user's software freedom isn't on the list of changes Apple's higher-ups are willing to make. No matter how many insecurities remain in Apple's software (such as one that allowed spying for years), no user (even willing technically-skilled users) should be allowed to inspect the vast majority of Apple's software to figure out what's going on, fix problems and/or improve the software to meet their needs, distribute copies of the software to help other
I think we've seen enough stories of this kind to know that businesses lie about the extent of the loss of control of relevant systems and by default we should not believe them their first report. We've even seen these kinds of stories repeated on /. recently:
If you think this is the beginning and ending of this story, you have not been paying attention.
What to do about it? Using cash is a short-term solution for a narrow problem but doesn't address the de-anonymization efforts underway for cash (unique IDs embedded in paper currency, for instance) and doesn't address whether we should trust Pizza Hut or Yum! Brands at all.
If we think like legislatures apparently do regarding drug law, copyright law, and so on then the ugly patterns have formed and it's time get punitive (just as they apparently do at the behest of big businesses against the wishes of the citizenry). Tell big businesses that they stand to be disincorporated when they lose exclusive access to their systems or hire other businesses that lose said exclusive access because we value not being defrauded more than we value their lax business practices. We also need to remain vigilant over credit law and make sure that liability is always limited to some low value and always kept in place for the credit user. We should never stand for credit card processors of any kind making it easier to move the liability for fraud to the end user.
This story only comes off as the Dutch looking out for Dutch Windows 10 users' interests if one accepts a mainstream media bias against critically examining the unethical power of proprietary software.
"The lack of clear information about what Microsoft does with the data that Windows 10 collects prevents consumers from giving their informed consent" is true as far as it goes but hardly affects just Windows 10. This whole story hinges on that Microsoft got caught ignoring user's privacy preferences and releasing more information than the user said they wanted released. All proprietary software inherently fails to give such clear information and every time that software is altered the information collected or disseminated can change, making informed consent harder.
Software freedom is needed to truly address the underlying concerns rightly raised by the Dutch government. Only with free software can users have any real chance to understand what published software does, verify programmer/distributor's claims about the software, ensure that the software complies by modifying the software, and help one's community by distributing the improved software.
So looking out for the users' interests makes sense to do at a government level (apparently the so-called "free market" approach results in situations like what we face now) but structurally this simply cannot be done in an effective and thoroughgoing way with non-free (user-subjugating) software. Proprietors know this and this is partly why they release their software without respecting their user's software freedom.
Four hours is not a lot of time for a rare event such as your tow story.
Hence the phrase "locks are for honest people". But with the Internet-based lock system (most likely running on proprietary/non-free software the user does not own and exclusively control because they bought an amazon.com kit/service) there's no way to determine who can get in by getting amazon.com to unlock the doors (leaving no evidence of a break-in).
When you're not the only one in control of your system, your system can be set up to fail at an inopportune time (for you) and in ways you can't fix. This is a risk you carry for as long as you let some organization of indeterminable size determine when to unlock your doors. Cameras recording your premises when you're away or asleep and remote-control locks sound secure and convenient until you find out how they're implemented for most people most of the time—all proprietary software-driven and therefore totally insecure.
In a way, this story is a dupe (both duplicate and a forum for dupes) because it was covered before and the underlying vulnerabilities haven't been addressed.
Skype was fundamentally flawed well before this came into play: Skype was always non-free software. Skype was therefore always untrustworthy. How proprietors (Skype pre-Microsoft, Microsoft, or any proprietor who comes to own it later) describe Skype's code is therefore also untrustworthy. So as much as centralized call routing makes spying easier, a mere optimization on an inherently untrustworthy program. This change certainly didn't mean that Skype was in any way trustworthy before, and therefore this change was simply not the significant event you make it out to be.
People really ought to stop arguing as if they know why spies spy. We don't know the reasons why they made these choices; you're simply speaking beyond your knowledge. We can reasonably talk about who benefits from their choices and what power proprietary software grants a proprietor, but that's about it. Collected data is useful for multiple purposes not just advertising. Some of the reasons collected data is useful may not yet be known to the spies. What's most important aren't the reasons for spying. The strongest argument for respecting one's privacy is that humans need privacy to live a dignified life. If computer users are to take on software proprietors in a meaningful way they'll have to support software freedom for its own sake. Software freedom (respecting a user's right to run, inspect, share, and modify all published computer software) is a practical means to show other computer users that respect for one's dignity and a means to enjoy that dignity oneself.
Then improve them until they do.
That's the great thing about software freedom: programmers can improve free software and make the technical limitations a thing of the past while retaining the software freedom. But non-free software's power and reliability doesn't become freedom-respecting as more features are added.
A known spying organization is deploying balloons to help the Puerto Ricans communicate in their time of need. This need is genuine and I'm sure everyone is grateful for the assistance. Therefore this sounds very nice and a good thing to do for any organization. But in light of what Google does with its services (email accounts, blog hosting, phone call proxy/rerouting, etc.) and the article's lack of describing any restrictions on this generous service, I wonder what else will the organization do with the data they get access to via this service? Are there conditions put on Alphabet to make sure this doesn't double as taking advantage of the needy?
Kaspersky's proprietary anti-malware software was never trustworthy. Kaspersky's anti-malware didn't recently become untrustworthy, and the year-plus long Russophobia didn't change anything nor does that craze amongst the war profiteers inform the current situation.
We judge software's trustworthiness by software freedom—the freedom to run, inspect, share, and modify published computer software. If a program is non-free (proprietary, user-subjugating) that program is untrustworthy regardless of what it purports to do, who wrote it, or who distributes it. No review program can ever truly evaluate the trustworthiness of non-free software because either they don't review the program's source code (thus the reviewers don't really know what the program can or will do), or they are under some non-disclosure agreement (in which case the reviewers can't be trusted). You need software freedom even if you don't program (as most computer users don't) so you can give a copy of the free software to someone you trust and ask them for a proper review. This can also be a commercial opportunity (jobs!).
How did they do it? They took advantage of someone's desire for convenience over software freedom (and the practical security benefits one gains from software freedom) to sell them products and services with at least one backdoor.
Naturally, nobody should trust anything from Cisco regardless of how much they paid for it unless that program is free software (free to run, inspect, share, and modify) because that means one's software freedom is respected. But Cisco isn't the only problem organization here, all software proprietors are just as untrustworthy. I know I've posted a lot about this, but blame /. for pointing readers to the same theme of story again and again: Proprietary software (such as Cisco's Umbrella product) simply can't be trusted. Neither can anything configured in them or output from proprietary software. Logs, filters, anti-malware code, etc. are all untrusted once you know they come from a non-free program precisely because you don't know what that program is doing while it ostensibly does what it's advertised to do. When you don't know how much information is left out, and you are not permitted to inspect or modify the program to do what you want it to do, you are at the mercy of those who know its true power (the proprietor) just as Cisco's clients were subject to Cisco's use of this backdoor (and anyone else Cisco decided to let in on the backdoor).
This untrustworthiness extends to the announced "resolution" ("Vulnerability due to always-on SSH Tunnel -- RESOLVED") as well. For all we know a newer more stealthy vulnerability was introduced to replace the old one. Thus the functionality this tunnel provided isn't really gone, it's just changed. And the untrustworthiness remains.
I quite agree, and as horrible as civil forfeiture is that's not even the worst of it: the drone war (conducted across US administrations from US Presidents G.W. Bush, through Obama, and now Trump) kills people extrajudicially including Americans and children. Put another way: civil forfeiture typically takes people's property (including their money), the drone war typically takes people's lives. So far nobody has used the drone war as much as Pres. Obama, but there's more continuity of policy showing how (like civil forfeiture) there's an agreement across both corporate parties. The reasoning justifying the killings is almost always absent, and when pressed revealed to be horrific.
Under Obama's administration on September 30, 2011 the US killed an American named Anwar al-Awlaki said to be involved in al-Qaeda operations. There were no charges filed, no evidence offered, no trial held. Two weeks later in a separate drone strike his 16-year-old son Abdulrahman al-Awlaki was also killed. Again no charges filed, no evidence offered, no trial held. When reporters asked what Abdulrahman's crime was that justified killing him extrajudicially Robert Gibbs, Obama's press secretary, replied in a way that made it clear: the US government kills whomever it wants whenever it wants on any or no evidence while he also blamed the son for the alleged sins of his father. Lots of passers-by die in each drone strike as well; completely untargetted people who happen to live or pass within the killing zone of a missile. This is how wedding and dinner parties full of people (we don't even know their names) have died.
Obama famously made a joke of drone war at one of his press dinners where he joked about killing a boy band his daughters liked. What made that 'joke' so unfunny is precisely that when he said it he was one of the few people who could have ordered such a strike and gotten away with killing them too. I think it important in this age of replaying Pres. Trump gaffes to indicate how little he cares about the disaffected people to show how little people knew of what was going on in these drone strikes, who was being killed, and why.
Continuing the policy of unlimited extrajudicial killing Obama once feinted to be concerned about: On January 29, 2017, the Trump administration killed Anwar Al-Awlaki's 8-year-old daughter, Nawar Al-Awlaki in a drone-led Navy SEAL raid.
As other countries get killer drones, what future has the US committed its citizens to? One can only hope that other countries continue to show a restraint that the US has not shown with nuclear weapons. There's still far too much danger with nuclear weapons too, but the above are some of the reasons the world fears the US most. You won't hear many people criticizing Trump mention civil forfeiture or drone strikes because bringing this up at all runs the risk of not being uniquely anti-Trump, of pointing out the continuity of American policy that in some way hurts us all (none so much as those assassinated, of course).
So long as any part of this depends on non-free (proprietary, user subjugating) software, insecurity is to be assumed because untrustworthiness is guaranteed. Manual overrides on proprietary software are an illusion built to placate those who don't think through the process thoroughly.
It's also worth recognizing that this is entirely unnecessary. People have been quite fine to turn on/off their own house lights, lock/unlock their own door locks (without handing out keys to others such as an unknowable and indeterminably large set of people who want free access without making it look like they broke in), and so on without automation. Principled technologists know when it's a better option to say no to automation and remote control, this is most obviously the correct reaction in the face of a system the user has no permission to fully and exclusively control.
There's no way of "securing" door locks, for instance, with software one doesn't control and fully have the freedom to own. When dealing with a system a proprietor can augment or replace at any time, manual overrides mean nothing.
I wouldn't be surprised about Chrome—a proprietary web browser (which alone makes it untrustworthy) from Google (a well-known spy agency). Ubuntu GNU/Linux is a slightly different case here in that technical users could choose to not install the spyware search, but ordinary users relied on better defaults. The big difference here is what users are allowed to study, change, and distribute: Chrome is not allowed to be so inspected, changed, and distributed while perhaps most software in Ubuntu GNU/Linux can be inspected, changed, and modified.
Raising Chrome or Ubuntu GNU/Linux as being equals in proprietary malware is both not quite the same and takes nothing away from the previous poster's apt reminder that Microsoft is a known NSA collaborator making all but its free software even more suspicious.
If Teamspeak is proprietary software as Wikipedia's Teamspeak entry says it is, you're making claims beyond your knowledge. Part of your description uses terms which have no clearly agreed-upon definition, and you have no idea if Teamspeak is spyware now or will become so later. For all we know, Teamspeak "just works" to implement its developers' ends implemented via proprietary malware. The fact that we don't know what Teamspeak does when it runs is a problem, not something we should overlook because it appears to reliably allow its users to chat and share data.
So, "No thanks!" indeed, but I'd aim this message at both Skype and Teamspeak because both should be flatly rejected for the same reason—both programs don't respect a user's software freedom to run, inspect, share, and modify the software at any time for any reason.
The claims of "no ads, no tracking, no user profiling and we don't collect or share any user data with anyone" is unverifiable and possibly already untrue. It's not wise to put much stock in such claims. This is one of the problems of the modern website: even altruistic admins who want to set up a valuable service that genuinely does not advertise to user, track users, profile users, collect data, or share data about users can't be trusted. StartPage.com and Ixquick.com are websearch sites run by the same organization. This organization makes privacy-minded claims about what it collects about its users but there's no way to know if these claims are honored.
Server-side free software is great for the admins; that's a big step toward letting the site admins control their computers (which everyone deserves to do for their computers). But free server-side software won't help us verify privacy-respecting claims because there's no way a site's users who aren't site admins (in other words, the majority of the site's users) can tell what happens to the data the server gathers or is offered. It's possible Raddle.me runs software that is different from what the site admins acquired before reddit stopped publishing their site's code.
So if Raddle.me uses Javascript, it's very easy for the site to send the visitor code that will track how the site is used, and allow the site to collect more information about users than typically shows up in server logs. And even if Raddle.me doesn't send its visitors Javascript there's plenty of information in server logs to do some profiling, tracking, and make something saleable from that data.
Apple's users need to declare their independence from dependence on Apple and switch to free software OSes running on hardware they own. The same is true for independence from any proprietor.
You will never get the control over your own damn equipment you seek so long as you do business with proprietors (Apple, Google, Microsoft, etc.). Like I've said so many times before on /., the themes of the articles here are the same and so are the fixes you can implement today: software freedom is a good unto itself because it helps grant you the independence and true ownership you seek, running free software on hardware you can fully own is the best currently viable way to get the independence you seek. The rest is a matter of political will—are you willing to change your system and hardware so you can have the best available hardware and software that respects your freedom? Wishing and hoping achieve nothing, real change requires political action.
I recommend perusing the GNU Project's list of free distros and the Free Software Foundation's "Respects Your Freedom" hardware list.
Is this some question rooted in making sure future privacy leaks happen faster, in a more standards-compliant way, with a different web rendering engine, or some other technocratic detail that tries to obscure the underlying non-freedom problem?
Since when would the non-free Edge browser be more trustworthy than the non-free Internet Explorer browser?
The problem is the lack of software freedom; even users skilled and willing to help themselves and others fix the problem are not given permission to know what proprietary software does (whether intentionally or by mistake). So after years of people using Windows (a known security leaky proprietary OS written by an organization that partners with spies like the NSA) more problems arise with Microsoft Internet Explorer (an apparently security leaky proprietary browser). Proprietary software users must either switch to a free software OS and run free software on that, or wait for a proprietor they can't trust to issue a fix.
No on both counts—the app demonstrated in the movie is for proof of existence. The relevant code could exist in any application, even apps MacOS users already have and have been using (since this security flaw is old and also affects earlier variants of MacOS). In other words, sensitive data could have already been uploaded somewhere including changes to those credentials.
Apple's security is not only totally unimpressive here, Apple has a horrible track record as well. Wardle was quoted as saying he's "continually disappointed in the security of macOS...", "...every time I look at macOS the wrong way something falls over", and "Apple marketing has done a great job convincing people that macOS is secure, and I think that this is rather irresponsible and leads to issues where Mac users are overconfident and thus more vulnerable". I don't know precisely what Wardle was referring to to draw that conclusion. Perhaps he is referring to the time Apple chose to leave a 3-year old remotely exploitable iTunes bug unfixed after being informed about the problem. As Richard Stallman pointed out, "During that time, governments used that security hole to invade people's computers.".
But the worst part is that the software in question is proprietary (in other words, it's user-subjugating and non-free). So even technical users who are motivated to fix this, capable of fixing the problem, and willing to help others by distributing copies of their fix to other MacOS users in an easy-to-install package are rendered helpless. Such technically-inclined and helpful users can't help themselves or their community. They can either switch to a free system where their software freedom is respected or wait for Apple to fix the problem. And as the article says, "Apple did not say if or when it will patch the bug.".
I disagree; we should not judge the software by the person or organization that wrote or published it. We should reject the vast majority of Microsoft's software because that software is non-free (user-subjugating, proprietary) software. We can't trust any non-free software. This has nothing to do with its author. Microsoft's free software is like any other free software: we can evaluate its trustworthiness by inspecting the code, and if necessary improving the code. Then we can help ourselves by running that improved code (if it is helpful to us), and we can help our community by distributing copies of the improved code. These are the freedoms we get with free software and we should respect all computer users' software freedom regardless of the authors of that code.
Complexity of the device is irrelevant, a distraction, and a red herring. The issue here is an owner's right to repair what they own, and this case should be fought and discussed on that basis. Any other argument (such as ones posted here like people saying they just won't buy Apple products) that even tacitly gives into an owner being denied repair right because the device is deemed to be "complex" is a very dangerous argument to make. It's right and proper to not do business with organizations that don't treat you properly, so not buying Apple products and services is perfectly reasonable and recommendable. But you're better off doing that while also letting the public know that it's better to demand a right to repair everything you own and not give into this notion that sufficiently "complex" items somehow legitimate denying an owner the right to repair their own devices. Apple's desire for more power and money may well "not looking at the whole problem" but that is not your problem.
The W3C was doing what it was designed to do—membership is only available to those who pay, and that means its membership is almost entirely businesses. Calling this selling out misses the point of how the W3C's structure virtually guarantees predictable pro-DRM business outcomes such as this. As DefectiveByDesign.org pointed out long ago, "Companies can impose DRM without the W3C; but we should make them do it on their own, so it is seen for what it is—a subversion of the Web's principles—rather than normalize it or give it endorsement.".
Without agreeing to or objecting to the specific number of deaths per year attributable to cheating on environmental testing compliance, it would appear that Brad Kuhn (former Exec. Dir. of the Free Software Foundation, current Distinguished Technologist at the Software Freedom Conservancy) was right in his article "Software Freedom Doesn't Kill People, Your Security Through Obscurity Kills People":
This is the time to cite the cheating scandal as a reason why car owners should actually own their car including the complete corresponding software for the car and the software build instructions. We know what happens when the manufacturers are allowed to use the power of a proprietor. It's time we get vehicles that respect our software freedom.
I concur and I encourage you all to keep this in mind anytime anyone proposes using proprietary software because that's one of the effects of what they're encouraging you to adopt—less control over your computer and the data that it handles.
According to information known at the time and later leaked by WikiLeaks, it was likely because Sen. Bernie Sanders' campaign was a victim of collusion between the Hillary Clinton campaign and the DNC corporation. And if you read the (remarkable but predictably underreported) DNC lawsuit (CAROL WILDING et al. v DNC SERVICES CORPORATION, d/b/a DEMOCRATIC NATIONAL COMMITTEE and DEBORAH âoeDEBBIEâ WASSERMAN SCHULTZ), you'll understand why voting in party primaries is a waste of time. Consider what the DNC corporation's lawyer, Bruce Spiva, said about how that party could have picked a standard bearer (http://jampac.us/wp-content/uploads/2016/07/042517cw2.pdf pages 36-37):
There's no obligation for them to pay attention to your primary "votes" and you, Court, keep your nose out of our corporate business. I doubt any court would have told a corporation how to pick its representatives here anyhow, but the lawsuit was worth mounting even though it was likely to lose.
I don't want anyone to have to run YouTube's nonfree Javascript, so either look elsewhere for clips of "Redacted Tonight" (one of the few TV shows to mention this lawsuit which, uncoincidentally, is very revealing of the Democratic Party) or use youtube-dl to download https://www.youtube.com/watch?v=ZoSYC45cl6k and https://www.youtube.com/watch?v=V_fdBqISODQ for information on the class action lawsuit and how it ended.