Internet

AdBlock Censorship :(

On the 13th September, the AdBlock team posted to Google+:

We at AdBlock believe that our users should have freedom. That’s why we block all ads by default and release our code for anyone at http://code.getadblock.com

… but apparently their belief in their users’ freedom doesn’t extend to mentioning that this code is available in a trackable, versioned form at github.com/srcshelton/adblock, because they removed my post saying this!

Now that, I have to say, is just rude…

AdBlock source-code on github.com

At the end of July, Wladimir Palant of Adblock Plus wrote a blog post which criticised Michael Gundlach‘s AdBlock for several reasons, but most worryingly:

AdBlock has no scruples to assign unique IDs to their users, to collect data about them (like which settings they enable) and to track the users each time they visit their website. You also cannot avoid visiting their website because the extension will send you there occasionally, most notably on first run. There is no privacy policy, so nobody knows what happens with that data. The discussion on their privacy policy has been marked private for some reason, I guess details were published there on what data they collect.

Not just that, the AdBlock project was also so careless when implementing this “feature” that every other website can track AdBlock users as well. And they explicitly allowed Disconnect.me to be notified whenever some AdBlock user starts up his browser.

… but also criticised AdBlock for being a GPL-3 open-source project with no public repository, and only per-release zip archives being made available. This means that it is non-trivial to determine what changes have been made between versions, and generally increases suspicions that someone somewhere is hiding something…

To remedy this, and as is my right according to the GPL-3 license under which AdBlock releases are made available, I have extracted each AdBlock release which is still available, and uploaded it to github at the following location:

https://github.com/srcshelton/adblock

… and I’ve a mind to fork this code-base and add DNT support if the user has enabled this option in their browser.

For balance, Michael’s response is at http://blog.getadblock.com/2014/07/adblock-and-privacy.html where he makes a point-by-point rebuttal.

I must admit that I’m still with Wladimir on this one – if AdBlock were doing nothing that they feel their users would object to, why not ask their users permission or, failing that, at least post – either within the extension or on their site – details of what tracking and what partnerships are active within a given release? Michael’s assertion that “User IDs are randomly generated and aren’t retained across different machines, browsers, or reinstallations” entirely misses the point that, for a given installation in a given browser, he had created a constant global tracking ID that can be used to uniquely identify the user, regardless of the preferences the user has expressed regarding whether they’re happy to be tracked or not.

Don’t update Google Authenticator for iOS!

On Tuesday, Google released an iOS update for it’s Authenticator app, which adds support for the iPhone 5’s screen-resolution, an iOS 7-like user interface… and wipes all of your existing tokens.

More

Dyn SLA Update – or, How To Lose Friends and Alienate Customers

I today received an email from Dyn (previously DynDNS), stating:

Starting now, if you would like to maintain your free Dyn account, you must log into your account once a month. Failure to do so will result in expiration and loss of your hostname. Note that using an update client will no longer suffice for this monthly login.

(emphasis theirs)

Now, if this were a service which requires interaction then this would be an unfriendly but potentially fair way to weed-out inactive accounts. This isn’t one of those cases, though – I can happily go for months or even years where my only interaction with Dyn(DNS) is via auto-update clients. And this is the heart of the problem – many routers and embedded devices have built-in DynDNS clients, frequently with no option to switch to an alternative service. Possibly this is worth $25/year, possibly it isn’t. Personally, I’m not paying a penny to a company trying to hold its users to ransom like this. For my usage, there are a handful for hostnames in a Dyn(DNS) domain – and therefore these cannot to transferred to a different provider. I keep them going purely so that historic links will still work.

More

Getting Jetpack to work with WordPress

For what must be many months now, my local installation of WordPress has been hassling me to install the Jetpack plugin.

It sounded sorta useful, so I dutifully clicked on Install and was told:

register_http_request_failed

… with a ‘GnuTLS recv error (-9): A TLS packet with unexpected length was received.‘ error.

Having looked around to try to find a solution, the only suggestion appeared to be to rebuild PHP or to wait for the stabilisation of the newest PHP development branch. This turns out to be wrong, however, and the solution is both simple and maddening…

More

Fun with Google Instant

This is the second mention of Billy Joel on this blog…

Yikes, I’m on slashdot!

Hotmailers Hawking Hoax Hunan Half-Offs

Server seems to be coping for now (and saying that’s likely the kiss of death…)

Original post here – be gentle 😉

Do I eat …what now?

Well, how do you read this?!

I Eat... Animals?

Click to enlarge

Wide-spread exploitation of security hole in Windows Live Mail

Yesterday, April 5th 2009 at approximately 4:30pm (BST), several messages were sent from my HoTMaiL account to every single one of my MSN contacts. Luckily, this account is long-dormant – but unfortunately, Windows Live operates a shared list of contacts between Mail and Messenger (which I do still use, for my sins).

More

Gentoo Linux ebuild for SilverStripe 2.2.3

We’ve recently been working on remodelling our corporate website, and the decision has been made to make use of the SilverStripe CMS.

More