I don’t disagree but the idea being that the law is made by supposedly moral men and that law is at least moral within the perspective and context of society at the time.

Then die. I don’t know what else to tell you.

If your business model is predicated on breaking the law then you don’t deserve to exist.

You can’t send people to prison for 5 years and charge them $100,000 for downloading a movie and then turn around and let big business do it for free because they need to “train their AI model” and call one of thief but not the other…

Well that didn’t take long.

So they do this for all apps. Every single app that is in the Android ecosystem. But in your mind they’re specifically targeting firefox with this to make people “scared” huh?

Must be nice to live in denial.

So you’re advocating that Google shouldn’t broadcast that firefox is broadcasting your current location? Even though they do this for every other app available on Android, you’re saying they shouldn’t do this for firefox?

Why?

I was a super early adopter for firefox. I started using it back in 2005-2006. I’m pretty sure it was still in beta when I started using it.

Over the past 20 years I’ve watched while firefox users have formed a goddamn cult around a software. It’s insane to me, especially because I’m seeing exactly the same things from Mozilla that I was seeing from Microsoft (and later Google) at the time I decided to switch from IE to firefox to begin with…

Firefox isn’t special. It’s falling for all the cloud-based privacy invasive enshittification that Chrome has so far. It’s just getting there slower.

So cool your jets. Especially considering uBlock Origin Lite is uBlock Origin. It’s just compatible with the Manifest V3 standard.

Agreed. I haven’t even found anything that it doesn’t block that UbOrigin did.

https://chromewebstore.google.com/detail/ublock-origin-lite/ddkjiahejlhfcafbddmgiahcphecmpfh

Doesn’t cover 100% of what uBO did, but it still works just as good IMO with DNS based ad-blocking on top.

Hundreds of millions. They’re used in an almost uncountable number of IoT devices.

It’s only this specific chip that is affected. It’s not all bluetooth chips. The article doesn’t even specify which of their tens of chips is affected; ESP32-D0WD-V3, ESP32-D0WDR2-V3, ESP32-U4WDH, ESP32-PICO-V3, ESP32-PICO-V3-02, or the ESP32-PICO-D4.

Even if it were all of them, and even if it were hundreds of millions of devices it would still pale in comparison to HeartBleed in all aspects. It’s an interesting but sophisticated attack vector which severely limits its usage. But lets say you execute a MITM attack from one of these ESP32 chips. What are you feasibly able to do? A MITM attack? Considering these are all low power devices its extremely unlikely that they would be able to output enough power to overtake your home AP. Without doing more research on it, the actual attack surface is opaque. I mean, I guess a guy in China can remotely turn on your sprinklers or get your WiFi password… Lot of good that’s gonna do him from China.

Yeah, looks like I was gonna respond to the other guy too, but ended up rolling both replies into the same post for some reason. lol oops.

The first part of my post is just backing up what you had said, and the second half was for the guy you were also replying to, to point out how crazy he was.

No way they’re on the same level. Heartbleed allowed for remote memory reads.

I professionally studied HeartBleed as a security researcher and wrote a peer reviewed opinion piece which was published. I won’t say where or the title because it would give you my full name, so deal with it. Not trying to humble-brag, just trying to say, I’ve done the research myself here.

HeartBleed was an oversight which sent out enabled by default (!) a TLS heartbeat read overrun error in OpenSSL v1.0.1 to 1.0.2-beta which allowed any third party with an internet connection the ability to request information, 64kb at a time, stored in an affected servers memory. Anything. Private keys, encryption keys, TLS private keys (imagine SSL verified MITM attacks), decrypted sensitive files (which are HDD encrypted and decrypted in memory), passwords, anything.

All’s you had to do was know how to request the information, and the server you wanted to attack. It went undiscovered for a number of months before it was found. The extension was enabled by default, and came bundled with software used on literally billions of private computing devices, servers, IoT devices, and even interstitial devices used over network connection.

Here’s an excerpt from some other security researchers on the subject, in case you don’t want to take my word for it;

We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication. 1

You’re correct that they’re not on the same level, but completely backwards in thinking that an undocumented bluetooth backdoor is worse than the worst vulnerability found since the invention of the internet. HeartBleed affected hundreds of millions of critical servers. Literally billions of devices in total. How many consumer devices do you think have this exact bluetooth chip? 10,000? 100,000? 10 million? Still small peanuts in comparison.

HeartBleed level.

Does that run on top of next cloud or can I run it independently of next cloud?

So anyways, that’s the impact one of these “pointless” boycott posts had on me.

I didn’t say they were pointless. I say they don’t do anything. What does do something is this;

I ended up cancelling my Prime subscription

That’s it. You “buying a ton” on amazon is small peanuts in the grand scheme. Even if you buy a lot amazon is only making a percentage of whatever you spend. Something like 30%. So even if you spend $10k in a year, they make $3,000 net and have to deduct for the cost of getting those items to you. When all the financials are worked out, it’s next to nothing.

The price of their subscription service is their e-penis. They get to say “500 million people pay for Amazon Prime!” @ $139/yr is $69.5 billion. You can buy nothing and they can still survive… But if you stop paying for Prime they lose their e-penis, which affects their stock price, which loses them bargaining rights with their suppliers and ultimately can affect the price of Prime itself.

It’s the surest way to kill them.

Boycotts like this do nothing because the people most willing to “participate” are people who already don’t purchase from Amazon. Even if you were able to get a critical mass of people to participate for even 3 months. So what? Amazon will post 1 bad quarter and then things go back to business as usual. Nothing happens. They don’t even really lose any money. At least none out of pocket, of which they have plenty for things such as this.

Amazon is a subscription model. You want to hurt them, then hurt their subscriptions. Don’t boycott them, cancel Prime.

The problem with boycotts like this, is they do essentially nothing… A single day, week, or even a full month of boycotts can only be successful if a critical mass of people do it at once. And frankly, they’re not going to get that.

The people most likely to boycott Amazon and the like are people whom already don’t purchase things from Amazon, or lightly do it. Amazon if fine with that, because eventually people go back to buying. So what, they’re gonna post one bad quarter? Small price to pay for doing business.

You can’t boycott evil businesses. You have to stop using them entirely. Forever. And most people simply aren’t willing to.

I dumped Google photos for self hosted immich and it’s been great.

I went to install immich but it was very heavy… I don’t need AI in a selfhosted Google Photo’s replacement.

Having functional GPS in a tunnel would be very nice

In a tunnel

a tunnel

tunnel

I fear for the world. You afraid that you’re gonna make a wrong turn? Inside of a tunnel? A fuckin’ tunnel my guy?

GPS is incredibly fragile.

No, not really. The GPS signal isn’t designed to penetrate concrete, no. But that doesn’t make it fragile.

Also very terrestrial…it doesn’t work once you leave the atmosphere.

Considering it was never meant to…that’s really not that goddamn weird. It’s a global positioning satellite system. So clearly for it to work you have to be on the fuckin’ globe…

It’s literally him convincing someone to sell their house that they own outright to rent from him because it’s somehow much better (for him of course). It’s so fucking stupid.