Tag Archives: F-Droid

Facebook had to pay us about $800 because they violated the Illinois Biometric Information Privacy Act.

Facebook had to pay us about $800 because they violated the Illinois Biometric Information Privacy Act.

I got a $397 check for my spouse last week and a $397 check for myself this week.

Facebook had been tagging us in our pictures and storing our facial patterns in their facial recognition programs. That turned out to be a big problem for them that cost them nearly $700 million in the resulting class action settlement.

Scumbag corporations have been losing big time due to the BIPA, and they want it repealed. There’s pending lawsuits against at least a dozen major companies, and lots of settlements too.

The only thing corporations understand is losing money. Facebook has already had a lot of fake stock value erased this year.

Facebook blamed the loss mostly on Apple’s alleged new “privacy” functions on the iPhone, even though Facebook already has patents pending on how to avoid those features and track people with iPhones anyway. As long as their apps are even on your phone, you’ve lost already whether you use an Android or an iPhone.

I use a Free and Open Source app called Frost from F-Droid that gives Facebook no significant access to my phone. It’s basically a blinged out webview that tricks Messenger into working. So it’s very likely that Facebook has less access to my Pixel 6 than anything Apple has done to box them in on an iPhone, where all you can use is Facebook’s apps.

Facebook’s financial problems have more to do with laws like the California and Illinois privacy statutes.

The only safe way to operate is to assume that anyone you track could be in Illinois or California, which is why although BIPA is an Illinois law, and Illinois is a state of 12.8 million people, Facebook disabled their tagging and facial recognition everywhere in the world after losing $700 million dollars.

Another source of Zuckerberg’s heartburn is the state of the economy in general. Major stocks of companies with real products are down 30 even 40%, and not even Walmart was spared.

Most of the ads I’ve seen go by on Facebook are from lawyers suing app companies.

Since the economy is so bad right now (Maybe call it the “Don’t Say Recession Recession”?), consumers have to tighten their wallets, and while that may or may not eventually break the hyperinflation (since most of this is due to Biden and Congress throwing around trillions of dollars we don’t have, that came at the expense of your bank account), it means the value of advertising is collapsing.

This is what set off the DotCom Bubble Collapse in the early 2000s.

Eventually, investors get sick of losing money, the hysteria wears off, and reality sets in.

Usually in an environment where the Fed loses its appetite for entertaining that round of mania.

Like what’s starting to unfold now.

The reason why Elon Musk wants Twitter isn’t because he has a plan to turn a profit. His Tesla company is down 41% YTD, you know.

It’s because he wants to be able to say whatever he wants without any censorship, and invite Trump back to scream and yell, but there will still be “content moderation” and spyware tracking the people foolish enough to have accounts there.

I’ve never really understood how a company that lets you post 140 characters from the toilet that disappear into the void quickly has managed to stay in business. Pretty much the only thing on Twitter are influencers, “brands”, and politicians. The 1% can say whatever they want unfiltered.

Do you even want to be on this thing?

I barely even have a presence on Facebook anymore. It’s not generally worth using. You hope other people will hate like your vacation or something and there’s a lot of stress to be fake popular on it.

I tried to tell Roy Schestowitz that he’d be a lot happier and lose nothing if he got off Twitter years ago, but the only reason he left was because they shoved him out the door for criticizing Bill Gates.

Merely criticizing the rich and powerful is enough to get you thrown out.

It is dangerous to have “social media” replace the Web, because then they can throw you out when they don’t like what you say, even if it’s not illegal to say that. And that’s why corporations and the governments want the Web to die. They can spy and censor better that way. It was much harder to do this in bulk when everyone who wanted a blog just got their own Web site.

Google even crawls my blog and I get readers. When you post to Facebook and Twitter, your thoughts just die immediately. It gives the illusion of having spoken, even though nobody is really listening.

I wonder if Elon Musk will let him back in. He is a “free speech absolutist”, or so he says. 😉

Firefox for Android no longer gives the user control over the browsing experience. Privacy Browser turns off JavaScript by default.

Firefox/Fennec for Android no longer give the user significant control over the browsing experience.

The browser that said it was on a mission to enable users to “take back the Web” has been falling from grace for years, starting with Digital Restrictions Malware module, Widevine, and then quickly moving to remove a lot of features and then relegating them to extensions, which were then neutered in order to make them easier to port over from Chrome.

But nothing has made me more upset than what has happened to Firefox (or Fennec, the Free and Open Source version) for Android.

Mozilla’s move to GeckoView rendered over 99% of all Firefox extensions incompatible with the mobile browser, including bypass paywalls, and there is no longer any way that I’m aware of to turn off JavaScript.

Major news Web sites like the New York Times are now unreadable in Firefox for Android because I can’t simply block their paywall like I can in my desktop browser, so I decided to try out Privacy Browser for Android, which is in the F-Droid store.

As the name implies, it disables many privacy invading Web technologies like JavaScript, by default, but you can turn them on again if you want to. In my experience, many news Web sites that load paywalls work in Privacy Browser because the JavaScript that enforces their paywall fails to execute. So now whenever I run into a paywall, I have to switch to a different browser.

Privacy Browser can work with the Tor network Orbot program, but it would be better to use Tor Browser itself if you need actual anonymity, as Privacy Browser relies on the Chromium WebView engine and that is proprietary and Google makes it very difficult to properly secure.

The Privacy Browser maintainers say that they plan on forking WebView into “Privacy WebView” and bundling it in version 4.0, which will definitely deserve another look.

Right now, I’m not using it expecting privacy. I’m using it because Mozilla is making Firefox impossible for the user to control at all, and in many cases I don’t want JavaScript on anyway.

F-Droid Spotlight: AirGuard (See devices that track you, like AirTags.)

Apple is a creepy company.

From admitting that they plan to put device scanning that automatically turns their users over to the police into their phones (and claiming anyone who wants privacy from THAT is a sex offender, which is a classic example of DARVO), to creating devices which spy, like AirTags, nothing they do is ethical.

When they released the AirTags, it provided stalkers with an excellent tool to help commit violence and rape (mostly against women, of course) that is so easy to use that even an Appletard can figure it out.

Apple demurred that there were already similar devices on the market (which cost less, much less, but what else is new?) than theirs which don’t go “beep beep beep” (creating an aftermarket for AirTags with the speakers destroyed) and alert the phones nearby that they’re being tracked (after three days, and only if you use an iMonster).

For Android users, they eventually released a broken “Tracker Detect” app into Google Play that hardly works at all and is sitting at a 2/5 star rating just to avoid the inevitable lawsuits or at least give them the defense that they provided us with “something” to rectify the problem that they created.

But as usual, the F-Droid store comes to the rescue with AirGuard.

I’ve been trying it out for the past couple of days and it can monitor all kinds of devices that are nearby, including Airpods, my watch, my stereo (LOL), Airtags, and other devices, and it can tell you where they’ve been following you at, using OpenSteetMaps.

5/5

F-Droid Download Link: https://f-droid.org/en/packages/de.seemoo.at_tracking_detection/

License: Apache License 2.0

T-Mobile customer “service” feigns ignorance of the ongoing Google Play blockade in Chicago as many customers take notice.

As the T-Mobile blockade of the Google Play Store in the Chicago region of the US, and apparently others now, continues for the second week for some people….T-Mobile “support” pretends not to know anything about it.

Status of Google Play outage as of Wednesday, March 9th at 7:30 AM CST. According to DownDetector.

I dropped by T-Mobile yesterday and they told me that other customers have had the same issue and that doing a RMA (replacement) on the phone didn’t fix it.

They said that one guy even went through three Motorola phones in the store and the Play Store was inaccessible on all of them and that their boss called a staff meeting on the issue recently.

But they insist that they “don’t know” what to tell customers about it.

Along the way, he mentioned that they would be “shutting down Sprint’s network” as of March 10th.

I called T-Mobile customer service and they told me it was a “problem with the local towers”.

The problem with reaching Google on a T-Mobile Internet (Cellular or Home) connections appears to have been bad in the Chicago area for many T-Mobile customers (based on my conversations with them), since as far back as Saturday the 26th of February. The affected area was confirmed to include parts of Wisconsin and Indiana.

But as of March 9th, the day leading up to the Sprint network shutdown, the DownDetector map is lit up like Skynet taking over the Internet in Terminator 3: Rise of the Machines.

At issue is the fact that very few apps in Play will install if you use T-Mobile or T-Mobile Home Internet. In fact, my spouse has a Samsung Galaxy Tablet that displays the same problems my Pixel 6 does right now, but they both only do it on T-Mobile. Unfortunately, we have T-Mobile for our Home Internet too.

That may have to change soon.

The apps that did install for me included Facebook and Microsoft Authenticator which were just two that happened to pop up while I was randomly tapping “install” on apps in the store to see what was going on. (I uninstalled both immediately.)

About 99% of apps stay stuck on “Pending” or freeze at a certain percentage along the way and then never install.

To slap a band-aid on it, I had to get an APK package for NordVPN from APKMirror and then sideload it into my phone and connect to NordVPN in order to update my Play Store apps and get basic security updates for my phone.

Other users claim that the same problem affecting Play is affecting various Google apps like YouTube, and won’t let them post on Instagram or Reddit until they get on their VPN. This is based on chatter I’ve heard around the Web.

So what is going on? Well, T-Mobile and Google know and just won’t tell customers unless they come in going “This stupid phone won’t work and I already know it’s your network, because when I connect it to something else, the Play Store works again!”.

At Techrights on IRC, Roy and various others figure that US ISPs and Google are gearing up for finer grained censorship to muzzle Americans on the Internet and control what we can read, because the domestic situation here continues to deteriorate rapidly, with so many people out of work, broke, and now facing record high gas prices and an ongoing epidemic of COVID-19 that the media has stopped reporting on at all.

The COVID-19 situation has fallen to the back burner in the mainstream media. They’re trying to make it go away, and now the wall-to-wall reporting is all about the Ukraine crisis.

75% of CNN is the usual junk about rappers getting their butthole waxed and then the 25% in the big letters is disaster porn about the Ukraine situation.

Anyway, back to the T-Mobile problems.

Store employees obviously know there’s a problem going on with Android phones right now on T-Mobile’s network and just continue selling them anyway.

I mean, sure you can’t update anything on the phone, and you can’t even download the data that you need in order to use the Google Assistant on any T-Mobile network.

The guy at the store told me they have to use a VPN now, at the store, to make the phone work at all in order to set it up.

He told me it was “funny” that I thought of using NordVPN to make the Play Store work again on my phone.

What is likely, according to Roy Schestowitz, who adds that many US ISPs block his sites quietly, is that T-Mobile is already censoring the Web and that they fumbled their blacklist and accidentally took out Google out of some sort of incompetence.

(It was AT&T and BellSouth that were blocking Roy. I joked, “Bill”South. As in “Creepy Uncle Bill” Gates.)

I agree that, having viewed how they operate their network, this is a distinct possibility.

Since changing DNS servers on the phone doesn’t fix the Google Play issues, it’s obvious that they’re probably doing some sort of Deep Packet Inspection and that this took out Google Play and god only knows what else.

In Russia, when Putin made ISPs install Deep Packet Inspection, there were big service disruptions. As “apps” do things, you know not what, it’s very plausible that the entire Play Store and anything from it has been configured to allow Man In The Middle (MITM) attacks by the carrier.

That is, you go to use an “app” and they silently decrypt the traffic, log it, and then send it on its way, and you have no idea it happened.

It’s also reasonable to speculate that as big tech companies circle the wagons and give the boot to independent news sites so you can read CNN’s wall-to-wall panic and butthole bleaching, there’s some sort of hard block on the sites they don’t want you to read coming soon, and this could be a harbinger of things to come.

Maybe for a while, tools like VPNs and Tor Browser will work, but for how long? Google has total control of Android, and can make it more like the iPhone, and then take away your ability to use F-Droid, Tor, and any VPN who won’t censor and log.

There’s something called “Onion Browser” for iPhones, but it’s almost certainly not private at all. For starters, Apple can put anything they want to inside it, and even if they don’t, it’s running on a hostile OS where they admit they want to place a “scanner”, if they haven’t already.

In any event, you should never trust anything running on an iPhone for many reasons. Some of which also apply to Android, but at least the app itself can be proven “clean” if it comes from F-Droid.

Like I said previously, people in the United States are not happy, and specifically they’re not happy with Joe “Bligh”den.

They think that they can subdue or redirect the anger people are feeling, which is palpable, by trotting out the same tactics that have worked so far.

Race war, bread and circuses, give them something stupid to panic over. It really distracts from gas that’s $5 a gallon and grocery bills that have doubled and rents that have gone up 30-40% in the past two years. And all of the other failures of the administration.

It’s only fitting that the government and the tech companies (oligarchs and oligarch media) close the ranks around each other and start adopting a posture to the Internet not unlike Putin or Xi’s.

My mom just eats the distractions up. She’s like her mom. She goes and buys thousands of dollars worth of groceries at the store and then shoves it under a bed to go bad. Or leaves it in the garage. Ten years later, you have sugar that turned into cement, and swelling vegetable cans.

One year, my brother went to Grandma’s and found a can of Chef Boyardee spaghetti that expired in 1978.

Grandma thought everything Pat Robertson talked about was the end of the world, including Y2K. Mom’s second husband, “Gonad the Barbarian”, was over there moving furniture 7 years later and broke his toe on some sugar under Grandma’s bed that had solidified.

It’s not the end of the world until it is, and obviously it’s usually not, but they get in your brain and warp your sense of reality so you’re always seeing things incorrectly and won’t plan for what they’re really doing to you.

When strange things start happening at your ISPs around the time of the suppression of media due to whatever crisis it is this week, it does make you wonder.

Then again, of course it could also just be T-Mobile bungling the shutdown of the Sprint network, but that doesn’t make it so. I struggle to find any reason why this would affect Google Play, especially for customers using T-Mobile phones, whose accounts had nothing to do with Sprint, ever. (Mine will be Sprint plans and branding for a while, but on the T-Mobile network.)

The guy in the T-Mobile store asked why I only noticed this problem recently.

I explained that I don’t use the Play Store very much because of F-Droid, and that most of the stuff in the Play Store is like Apple’s App Store, where you have to crawl through an open sewer of freemium junk to find your banking apps and stuff and then a smart person won’t use it again, so it was reasonable for me to assume that it was working and keeping my apps updated, until I noticed it wasn’t.

I also explained open source software, and that apps in the F-Droid store had the “20 or 30 tracking libraries, which are malware that the author or Google Play store puts into apps” removed or neutered, and that “In the case of Telegram, it removes those, as well as the proprietary Google Play services libraries and replaces location mapping with OpenStreetMaps….nothing in F-Droid uses Google Play services at all. They’re designed to work even on phones that don’t have Google Play because the user has custom firmware or because the manufacturer, like Huawei, faced US sanctions and had to remove Google apps.”.

To see apps like “Telegram FOSS” or “Frost for Facebook” or “Infinity for Reddit” in the F-Droid store, you need to enable “anti-feature” apps.

That’s because they’re a Free and Open Source app that uses a non-Free network service. (Which is better than using them with a proprietary app. Facebook’s official apps are some of the most abusive apps even by mobile phone standards.)

I’m a heavy F-Droid users because I simply don’t find the Play Store to be a very valuable source of applications (mostly just iPhone-style junk and crapplications that spy and drain your bank account while people stare into the phone like a f–king braindead moron), but since parts of the Android operating system and apps you can’t remove from the phone get updated there, it’s crucial that it functions properly.

T-Mobile is being super sketchy about their bungling and meddling, which has left it impossible to update apps like Google Chrome. Which is “only” the Web browser, which “only” has about 50 security holes patched each version.

Mine was stuck 7 versions behind when I noticed and used my NordVPN connection to bump it. I don’t even use Chrome, but it’s a Google app, so no getting rid of it. But having it on the phone and not updated can open the door for malicious software to end up on the phone using some vulnerability. Same for the system Webview, which is based on Chromium.

Then at the mall last night, I was on their WiFi to bring in a train wreck full of operating system updates and security patches that had backlogged on me.

There’s no telling how many thousands of CVEs the average user has right now that have been patched, but they are on T-Mobile so no way that they know of to get the patches.

This situation is clearly unacceptable, and T-Mobile remains completely silent as more users are wondering what the Hell is going on.

Developer of the “Better” app, which provides a Content Blocker for Safari, considers quitting due to Apple’s plans to invade user privacy with “CSAM” scanner.

The developer of the Better app may quit and remove the app from the Apple store due to Apple’s privacy violations.

In a bug report regarding potentially switching to Better’s content blocker for GNOME Web, the maintainer of Better says that he and the co-maintainer, his wife, are considering getting out of the Apple app development business entirely.

He blames Apple’s plans to invade the device with “client side scanning”, which Apple claims will detect child pornography stored on iPhones, Macs, and iPad tablets.

While Apple claims that is what it will do, it will really enable massive government surveillance and will lead to regimes like the Communist Party of China and various Islamic theocracies rounding up and murdering people for everything ranging from being a hated minority (gay, Uyghurs, etc.) to wanting democratic government.

Apple already goes to lengths _beyond_ what is legally required in order to do business in China now. For example, you can’t have your Apple merchandise engraved with numbers that correspond to the date of the Tienanmen Square Massacre, even though there’s no legal requirement to prevent them from etching those numbers onto a product.

It was also just two years ago that Apple also proactively removed a song about the massacre from the Apple Music disservice. The sources I read say it didn’t happen in Hong Kong SAR, but it probably has by now. There’s hardly a difference since the so-called “National Security Law” was foisted on them and people began disappearing.

The Communist Party of China tramples over individual rights and freedoms. It’s what they do. Apple assists them. If you think anything good will come out of “client side device scanning”, I’ll sell you the Brooklyn Bridge for two dollars.

And they realize that while the United States conducts “freedom of navigation” exercises in the South China Sea, they can conquer us without firing a shot by putting us in horrible debt to them and buying up American property and companies, and using their money to corrupt universities.

In fact, in Lake County, Illinois, I stopped calling the community college the Colleges of Lake County and started calling them the Communists of Lake County. There is so much Chinese propaganda going on in there, you wouldn’t believe me if I laid out the full extent of it for you.

They paint a very rosy picture of China when what’s actually going on in there is quite horrible and sad, and people are choking on pollution and disappeared by secret police (murdered?), and are too afraid to even speak about it. In the mean time, CLC is pitching an international study program like it was a trip to paradise!

While I applaud Aral Balkan for seeing through the Apple privacy bullshit and leaning towards removing his apps to cease paying them 30% of his app revenues to inflict this abuse on their customers, many developers frankly don’t give a damn and would never inconvenience themselves in such a manner.

In fact, most Apple apps spy on the user to the same extent that most Android apps out of the Play Store do. The author knows this because they’re the ones who put the tracking libraries inside the app!

Usually with Apple’s tracking and advertising libraries, but often with Google’s as well, and of course Google pays to be the default search engine on iPhones, and hardly anyone changes that.

The marketing of “privacy” to users with later versions of iOS serves mainly to try to make it less convenient for other companies to spy on you without using Apple’s tracking garbage, and to position Apple to be the only ad network that iOS developers would want to use.

Richard Stallman mentioned that iPhones (and iOS) are worse than Android, because they do every nasty thing Android does, and then stop you from even considering installing Free and Open Source Software from a repo like F-Droid.

He suggested a good name for a hypothetical such store, though. F-Apple.

Free Software Review: GNOME Web 3.38.2 on Debian GNU/Linux 11. A worthy replacement for your current browser?

GNOME Web 3.38.2 on Debian GNU/Linux 11

With so many web browsers out there to pick from, many of them really aren’t very different from each other, and few take the time to work like the other applications on your desktop.

In Windows, nobody notices this because none of the applications (even from Microsoft) or system settings menus are consistent. They duplicate functionality, have different GUI conventions, and the entire thing is a usability hell. GNOME tries to be a bit “cleaner” than this.

In Windows 11, in fact, Microsoft tried to steal from Chrome OS, GNOME, and the Mac’s “clean” interface design, but reverted to form and immediately crapped it up with the usual junk and ads and trialware, and a store that nobody wanted to use to begin with because there’s still time to repeat that disaster again.

But the point, here, is that GNOME (and to a lesser extent) KDE for various *nix operating systems (they’re portable), try not to confound the user and present them with a giant headache of pointlessness and redundancy and bugs. Which is nice.

That’s where GNOME Web comes in. The development name is Epiphany, because that was the application’s original name, when it started as a project to build a web browser around the Mozilla rendering engine, Gecko. In the late 2000s, Mozilla decided to make it difficult to use their engine in anything but Firefox, forcing the GNOME Web developers to go a different way.

Today, GNOME Web uses the Webkit rendering engine, with GTK toolkit bindings. In practice, the browser behaves much like Safari and even identifies itself as “Safari on Linux” to websites to minimize websites that go “What the hell is this? Oh screw it. Send him to the get another browser page.”. There’s overrides internally for a few sites that break, and to silence Google’s Get Chrome spam, but for the most part, think of it as a Free Software “Safari on Linux”.

Underneath the hood, it’s more similar to Safari on an iPad in functionality, with the bonus that WebkitGTK supports more media codecs, and WebkitGTK has a much more powerful security sandbox to keep you safe online.

If you’ve never heard of GNOME Web/Epiphany before then that’s probably because very few distributions bother to include it or make it the default, even though its footprint, if you already have GNOME, is very small, thanks to WebkitGTK, GTK, and many other components already being there and being shared with the browser. In fact, clocking in at only 2.5 MB of space, everyone with GNOME should probably install this if they haven’t already.

Over at Mozilla, the CEO, Mitchell Baker, is being paid millions of dollars to ruin the company, fire the developers, get rid of their coveted office building, stuff it full of ads and DRM, and turn the company into a thrall of Microsoft and Google (which it was all along), and many users can obviously see where this is going. It’s a fake-left wing political party (Woke Crapitalism…..Not Progressive..) full of sleazy lawyers, and a browser program that was yesterday’s news.

I’ve tried to get away from Firefox, although the alternatives range from worse to much worse in the “from a big company and every website supports it” category.

The last time I tried GNOME Web, I believe it was on version 3.34.something, and I was using Fedora. At the time, the browser just wasn’t where it needed to be on stability, performance, or power efficiency. Regardless, I decided to do some major updates on its Wikipedia article, because I could tell that major work was underway and this was a program to keep an eye on.

But, thanks to the Free and Open Source process, I was able to file bugs requesting features or to report crashes, and attach debugging information. In about 6 weeks I managed to crash the browser or find enough wrong with it to post over 40 bugs between GNOME Web and Webkit, and the developers at Igalia (mostly) were very interested in fixing them. Some were even memory corruption issues, and others were annoyances about the password manager crashing due to the way pages would interact, or not finding password fields in many cases. Others were more dramatic, such as hardware acceleration heating up my laptop and the WebkitGTK engine pretty much dying while I tried to infinite scroll Reddit or something.

The old adblocker code was pretty nasty too. That one was actually a very nice fix because they got to delete the entire thing and write a smaller one around Webkit Content Blockers, which also brought the per-tab memory footprint of the browser down by 50-60 MB!

Developing software is a process, and while Firefox makes very little progress in a positive sense in each release (so little that at this point you may as well use the ESRs so that at least you only have to figure out how to disable new garbage every year and a half or so), GNOME Web has gotten much better.

I’m really only down to two complaints about GNOME Web as it pertains to Debian 11 GNU/Linux.

  1. Debian has a packaging issue that prevents videos from playing properly if you have an Intel graphics adapter in your computer. It turned out that to comply with Debian’s Free Software Guidelines, the Debian people split up the video acceleration package into one that was DFSG compliant but not fully functional, and one that was fully functional that they stuck into the (disabled by default) “non-free” repo, which you can activate in Synaptic Package Manager (and if you like access to more software, might as well do contrib while you’re there). After you do this and refresh your software sources, search for “intel-media-va-driver-non-free” and install it. It will either want to remove intel-media-va-driver or that and its i386 counterpart (mostly pertains to people who use Wine or Steam and have enabled the 32-bit compatibility packages). Just go ahead and let it. Then just restart GNOME Web.
  2. Firefox Sync seems to be the only way to import my passwords in bulk. I looked around and couldn’t find a way to import them in CSV format, which other browsers let you export and import them in. (I may post a feature request.) The upside is that it will keep them in sync with Firefox’s servers (I believe Fennec F-Droid will be in your Sync chain as well. I don’t know of anything else for Android browsing that I can even stomach to use.).
  3. I know I said two, but Youtube has a lot of ads and the ad blocker in this version of GNOME Web doesn’t block them. But the ads don’t seem to appear watching them in DuckDuckGo and VLC can usually play from a network stream. This issue is fixed upstream in GNOME Web 41. (They changed the versioning scheme when GNOME did. It’s really only two major versions ahead of 3.38.)

To help ensure that untrusted web content doesn’t spill out of the browser and harm your computer’s operating system, every major browser has some sort of sandbox.

In GNOME Web, the Webkit Processes are isolated from your system using the lightweight “bubblewrap” sandbox system. It scarcely uses any resources and while I’m not an expert on this, it does seem that it is mostly well received in the developer community. One of the reasons why sandboxing was eventually added is actually because of the Safari user agent that I mentioned earlier.

See, back the late 90s, the JPEG committee tried standardizing a replacement for the JPEG image standard that we’re all familiar with. In practice, however, it turned out to be a major disaster for them where everyone tried stuffing it with patents that they intended to license, and the web and web browser makers responded by refusing to use or implement it. That is, everyone but Apple. Apple is a major patent holder in many of the major patent troll pools, and even though everyone else moved on by creating more efficient ways to use JPEG and make the best of it, Apple implemented JPEG 2000, and if you say you’re Safari, some cache servers will hand you JPEG 2000 files.

Since software patents are dangerous for 20 years, and it’s been more than 20 years now, the danger has gone away, although it’s ironic that the people so eager to profiteer off of unreasonable license fees managed to kill their own format and get nothing.

As such, GNOME Web had to have some way of dealing with these things, because the alternative is a broken image box on a web page. So it implemented the reference JPEG 2000 decoder, which has been notoriously full of security vulnerabilities. So, not having the resources to fix the mess in JPEG 2000 all at once, GNOME containerized the Web Processes with bubblewrap.

GNOME Web is one of the few remaining browsers that is fully Free. It has no Widevine module.

While this means your Hulu and Netflix won’t work, it does mean you don’t have a proprietary program from Google in your browser, representing a security threat while it’s at it.

Some websites call Widevine and then don’t use it for DRM. They’re just gaining another bit of data in a fingerprinting attack. Turning it off probably makes you more unique, but leaving it on means a proprietary application from Google is running on your computer even if it is in some sort of a sandbox.

Even if Google was interested in licensing Widevine to GNOME, GNOME isn’t interested (and it took Brave almost a year to get a license and their browser is far more widely used), and the license of GNOME Web makes it legally impossible to put Widevine in and redistribute it because it’s under the GPLv3.

Never has the Free Software community been so betrayed as when Mozilla lobbed Widevine in and then shrugged it off when people were upset. It was the beginning of the end of Firefox as Free Software and my respect for it.

While GNOME Web is simple, and simple is usually better, this is not a browser for power users who need a lot of extensions.

The good news is that ad blocking works well, and will get better in GNOME 41 when distributions pull that in. The bad news is that there is no extensions store. The good news is that no extensions store keeps the browser simpler and removes ambiguity over what’s Free and Open Source and what’s not. Google doesn’t even make extensions declare a license, so even if you use ungoogled Chromium, you still need to be careful what you install in the browser.

Another reason most users will need to keep another browser on hand is that there does not appear to be any webcam or microphone support in GNOME Web.

I was kind of stunned by this, but whatever. It’s something I use very infrequently. It’s just something to take note of. Obviously, I had to use Zoom last month to take care of traffic court (and I beat the ticket), but I wasn’t about to install their desktop software, so I opened a tab in a browser. I don’t think that GNOME Web can handle things like that. So you may infrequently need another browser to handle this.

The upside is that many users who worry about browsers turning on their camera, and who would normally need kill switches or to turn them off in the advanced configuration of their browsers are not susceptible to this attack on GNOME Web, because the functionality isn’t there.

Finally, as GNOME Web is built on the same Webkit foundation as Safari, implements or inherits some of the decisions Apple made about privacy.

GNOME Web, by default, has Intelligent Tracking Prevention turned on and doesn’t implement the APIs that Google created, which Apple feels are privacy hazards.

Since Safari is one of the major browsers, most websites work regardless, even though they may not like being able to spy on you less. Since GNOME Web masquerades as Safari, that should let us get away with this too.

Final Thoughts:

As I said before, GNOME Web is a simple wrapper around functionality that already exists in GTK and GNOME. The downside is that this is a browser for GNOME and you may get it working elsewhere, but don’t count on it working as well as it could, and it may have more dependencies if you bring it in.

It is improving at a relatively rapid pace while Firefox is stagnant and Chrome is a proprietary mess from an advertising company.

GNOME Web’s minimal additional requirements practically beg for it to be installed since it’s basically “free”. I mean, what is 2.5 MB of disk space these days? Just be aware that due to weird packaging issues like the one I mentioned in Debian, you may need to install a couple packages elsewhere to make it work correctly. And, I suppose, those missing video acceleration profiles will benefit me elsewhere too. So, since I decided to check out GNOME Web, I learned an important thing about Debian 11 on the desktop.

License: GNU GPLv3 (browser) Various Open Source (Webkit)

Rating: 4/5

EDIT:

So, I went ahead and installed the Flatpak version of GNOME Web 41 in place of the one from Debian (and deleted all of the cache and config folders from the Debian version to clear some disk space.

Turns out Flatpak isn’t as horrific as it looks. It only grabs the files it needs out of the dependency packages.

Anyway, no more Youtube ads. Very nice! Make that 4.5/5!

Apple declares victory in the Epic vs. Apple unfair competition lawsuit and then appeals the ruling.

Apple won some parts of Epic v. Apple, but they lost the meat of the lawsuit.

The ruling, which was actually a major disaster for Apple, will cost them billions, if their appeal is denied.

Apple steals money from software developers and drives prices higher, like monopolies always do, by putting a software lock that makes sure you can only pay for the programs you use through their “app store”, and the terms for this app store make it the only app store that can be on an iPhone, and make Free and Open Source Software impossible.

In fact, one of Richard Stallman’s complaints about the iPhone is that it does pretty much every nasty thing to attack the user that Android does, but it also goes much further and prevents the user from installing Free and Open Source Software. Not even Windows or Android does this, because you can get Windows software from anywhere, and Android lets you “sideload” apps or entire app stores, such as F-Droid.

In fact, many developers publish apps in F-Droid, and then solicit donations for those apps through various platforms that are no more dangerous to pay with than the Apple store, but which don’t deprive them of much revenue.

If the decision stands, then instead of having to hide the true cost of ownership of an iPhone in the software, and basically put upwards pressure on Android app prices too in order to prevent accusations of “unfairness” from the idiots who chose to be handcuffed by Apple, Apple will need to increase the price of the iPhone.

I keep saying they’ll hit a ceiling to what people will accept, and indeed their marketshare is plummeting, with almost 9 out of 10 users choosing Android, but the higher and higher prices allow them to sell fewer phones and still be incredibly profitable.

Apple doesn’t even want you as a customer if you ask how much the phone _really_ is.

Sure, carriers hide the real cost behind long term contracts wedded to expensive data plans, and AT&T sells more iPhones than anyone. Sure, the iPhones didn’t have 5G support until very recently, but then again if you have a 5G phone, AT&T’s network is also the worst to try to use it on. But hey, at least they’re expensive!

Comcast is a horrible company, but they once had a commercial that made me laugh, which was obviously directed at AT&T, where the AT&T business executives were dancing around the office calling themselves the “big old expensive phone company” and thanking you for helping them get bigger.

The problem with Comcast accusing AT&T is pot meet kettle, of course, and they both resort to packing your bill with things you didn’t ask for, or even better, mystery fees that weren’t disclosed well or are not explained at all.

Without veering too far off the topic of this article, Apple has always partnered with AT&T as the “iPhone Carrier”, and of course you can use them on other networks today, but AT&T had them before anyone else, and not in a good way.

People who bought the original iPhone and had AT&T found themselves getting several boxes of “detailed billing” where AT&T would literally print a line on the bill each time their iPhone pinged a web server.

Two despicable companies, let’s call them frick and frack. And they have people blathering on about how “Oh, my iPhone was really affordable, and can you believe my bill is only $100 a line after tax?

Oh great, a $400 down payment so you can be locked into a two year deal where you obligate yourself to pay a further $2,400 per line, plus whatever apps and streaming nonsense you get.

The very affordable iPhone. Only $20,000 per decade, per customer!

In fact, I know people who never have money in the bank, but always have a recent and higher tier iPhone.

If they’ve managed to get people to accept this, then a further hike to compensate for the loss of the app store “revenue piracy” that Apple engaged in is likely to succeed, and that’s depressing.

Not only that it will, but that there’s people out there who are so addicted to a phone that they’ll pay it and not even do the math!

Not being locked into a single source of apps is one of the best features of Android.

You want to watch Youtube on an iPhone? Get ready for 10 minutes of Google’s commercials per 6 minutes of video. It’s called wasting your life.

On Android with Newpipe, or even the real Firefox (which iPhones don’t have because of another rule) and an ad blocker, Google can’t force that on you.

That’s just one example of you don’t like something, change it. But you can’t do that on an iPhone.

Have fun with your 6 cameras.

Mozilla outsources newsgroups to Google, development to Microsoft GitHub, and stuffs proprietary tracking into Firefox for Android. The user experience is falling apart.

Many years ago, Mozilla used to stand for things. The years have not been kind. They ran out Brendan Eich over political views that are not illegal to have or express, but rather due to Cancel Culture, then they proceeded to tear down the things that made Firefox different and special.

Today, Firefox is packed full of proprietary programs and is pretty much a thrall of Google and Microsoft.

As Mozilla outsources development to Microsoft GitHub, and sends their mailing lists to Google Groups instead of allowing anyone with an NNTP (newsgroup) reader to access it, and SeaMonkey (a holdover from the “internet suite” days of web browsing) is constantly and increasingly in a state of disrepair, what makes Firefox “different”?

They used to say that they would never make an iPhone version until Apple got rid of its policy on not allowing other web rendering engines. A policy that is in place to enforce Apple’s App Store monopoly, which is the subject of the lawsuit against them by Epic. Apple not only refuses to implement modern web platform features in order to avoid competing with Progressive Web Apps that would look and feel native, they hold “other browsers” back further than this on the iOS devices by frequently refusing to expose APIs that Safari can use.

Today, Apple’s policy against real web browsers on iOS is still in place, but some piece of crap calling itself Firefox is in the App Store.

Shortly after this, Mozilla made more concessions by agreeing to ship a proprietary DRM module from Google, called Widevine, which has failed to “protect content” (as all DRM schemes do), saying it was “necessary for compatibility”. I’ve turned it off and never allowed it to load and I don’t use Netflix. (It’s mostly low cost filler that they put in to make it look populated, but that’s an aside.)

In the announcement on Widevine, Mozilla admitted that Firefox is no longer open source. Unfortunately, on Windows it never has been, because it requires proprietary compilers from Microsoft.

Widevine has even been used to assemble malware that runs in the user’s web browser in order to fingerprint them. Reddit chained together an attack that uses it.

Today when I was looking through TrackerControl from the F-Droid store, it told me there were proprietary tracking libraries in Fennec F-Droid, the Free and Open Source alternative that removes this sort of junk from upstream builds of Firefox. So, what the hell was going on?

Well, it turns out that Mozilla has pages explaining that they use third party proprietary tracking libraries for all sorts of reasons. None of them are, I feel, acceptable reasons. I don’t want to run any of them on my phone.

Thankfully, it seems as they were only detected because F-Droid replaced them with dummy libraries to make the build succeed and the libraries only “load” in the sense that they fail to do anything at all and then exit.

Back in the late 90s when adware and spyware were relatively new concepts in the field of computer viruses, this sort of behavior would have been labeled as such.

In fact, the first adware modules were so crude that many people made Shareware that was “ad sponsored” function without ads by, creating dummy dlls that loaded and failed, but tricked the program into working.

It’s sad that we’ve finally reached this point on Firefox for Android.

There’s virtually no innovation left at Mozilla after the layoffs and Mitchell Baker has been operating it like her own personal piggybank.

They used to ask users for donations, but I wonder who would do that today, knowing that her personal cost to the company is over $2.5 million dollars per year, and seeing that Firefox is constantly pestering them with “Sponsored Content”, “VPN services” with questionable privacy practices, “ClownFlare” DNS with Comcrap TRRs, and so on.

Mozilla gave Comcast, one of the most notorious internet villains, an award for privacy. Techrights reports that Comcast “cooperates with the police 100% of the time“.

Also, they almost always have something to give them because Comcast spies on their customers to drive targeted ads if they are not using a secure no-log VPN or Tor Browser. Whoops.

Worst of all, in exchange for whoring itself out for cash, Mozilla isn’t even deriving any substantial revenue from anything but search.

Some people suspect that the only thing keeping it going these days is that if there are no other web engines besides Chromium, which is yet worse for the user, antitrust regulators will move in and give Google a problem.

Due to Chromium being the de facto web platform, and Mozilla doing all it can just to keep up, the days of being able to throw a rock and hit 100 other (real) web browsers are over.

It might be said that the closest thing left to a Free Software web browser is GNOME Web, which few GNU/Linux distributions even ship by default. I hope that distributions that value their users look into this situation. If they decide to continue shipping FIrefox, they ought to be patching out tracking, ads, and “DNS-Over-HTTPS”.

OpenBSD, an operating system concerned foremost with security, patched DNS-Over-HTTPS to set the preference to OFF because the end result is essentially a supercookie which lets Cloudflare keep tabs on a user everywhere they go if it is turned on, and which might cause the user to be tracked, even if they’re in a VPN.

In closing, the number of things the user needs to turn off in Firefox is growing to be nearly as big as those “Windows 10 Privacy” lists. This is insane. Users don’t want to be tracked, fingerprinted, advertised to, and experimented on.

Back to the Mac, where you have a bunch of hipsters who prostrate themselves to Apple by using Safari, some people opened the new M1 port of Firefox for the Mac that Mozilla seems to be squandering resources on (Apple Silicon being the buzz word), and found that it tries to allocate itself 50 GB of memory and then freezes. (There’s many other posts reporting this.)

I’m personally wondering if there’s something to sync Fennec F-Droid to on the PC that is basically Firefox with all of this stuff stripped out.

Even Fennec is not what it used to be. Ever since Mozilla went to GeckoView, the Android version of Firefox has lost compatibility with all but a few extensions, and Bypass Paywalls isn’t in the list of ones you can install. This inconveniences me because no matter what I use on Android now, I have to clear my cookies every couple of articles.

I almost kind of hate to see this continuing to unfold. Mozilla should have started their own search engine years ago. They’d probably be fairly popular considering that, at one time, they had almost half of all web users and could have defaulted to themselves for search, and been their own ad network. Instead, they renew their search deal every few years, Google gives them about half of what they got last time, and things keep rolling along. Slower, until there’s nothing left.

Failure is not an option, it comes with every Samsung Galaxy phone. (Thanks to Microsoft and T-Mobile.) Swap out the photo gallery with F-Droid.

We used to joke about Windows that failure was not an option. It came bundled with every copy.

Under Microsoft’s tutelage (and threats of patent aggression), Samsung phones have been getting excessively annoying. I keep saying that my next phone might just be a Google device, but next time I don’t think I’d consider a Samsung, even if they’re really cheap.

When I bought my Galaxy S20 FE last year at Best Buy, I did not know that the Microsoft “integration” went deeper than some apps that the salesman assured me, could mostly be gotten rid of.

While the apps are mostly gone, Samsung has integrated a lot of things directly into the firmware.

Samsung’s Android phones have tended to be a disjointed mess of their own homegrown crap, which has been accumulating, and still there despite users constantly mocking it (Bixby) , Google’s crap, which all has to be preloaded per the Google Play Certification, and now Microsoft’s crap, which is there because Microsoft threatened them with software patent lawsuits if they didn’t bundle it.

It’s getting to the point where I am seriously considering rooting my phone to delete some of the apps that are off limits as a regular user on the system.

Recently, the photo gallery app has forced the user to switch from Samsung Cloud (if they were using it…it was optional) to Microsoft OneDrive, and now it has been insisting every ~20th time you open it (might not be 20, that’s just a guess) that you MUST move to OneDrive. Simply storing your photos on your own device is not acceptable and you’re being given the Nudge Treatment to accept Microsoft’s beachhead into your phone, like it or not. Don’t have any use for it? Too bad. Don’t want the NSA and police backdoors into the Microsoft Clown affecting your files? Too bad.

For now, F-Droid to the rescue. I found an app called Simple Gallery Pro, and it adds an orange “Gallery” icon, which is a little bit confusing since the one in the phone is also called “Gallery”, but is red. So I dragged the orange icon to my home screen and will manage photos using that in order to suppress OneDrive spam from Spamsung.

As soon as T-Mobile swallowed Sprint completely and forced my spouse and I to swap SIM cards, we had even more problems with our devices. T-Mobile also tried to force us onto a more expensive plan (which they backed off from after I told them that this would be the last straw…if I’m going to pay Verizon prices, I’m going to get coverage) and take away free Hulu and AAA using the “free” SIM card, but their new SIM even exposed a bug in Spamsung’s S20 FE firmware that is apparently never going to be fixed. You can turn on Wi-Fi Calling, but it will switch it back if there’s a cell signal, no matter how weak, and then tell you that it optimized your calling preferences.

Which is fun when your apartment is in a basement.

For now, the S20 FE still has an SD card slot, but with Android vendors falling all over themselves to emulate Apple’s Total War against local computing, one wonders how long you’ll be able to carry along tons of your own music and photos without being down with the Clown. This cycle, I lost the 3.5 mm jack and have to shim up audio out to my car’s tape deck (yeah) using a USB-C to charge/sync/audio jack adapter, and plug the charger and tape adapter into that. Finally, the elegance of the iPhone, brought to us hoi polloi.

Also, I would be remiss if I were not to mention that T-Mobile’s customer service is bad. I heard from a person who works in a store that they try to rush you out if you’re an existing customer, because opening the account doesn’t earn them any money, it just gives you an opportunity to complain about them, which lowers their commissions when they do sell someone a new phone. I certainly got the impression of an uninvited guest in their stores (not someone who pays them over $100 a month for two lines) when trying to get the SIM card they demanded I drive over to install.

They’ve been hard at work laying off many people across America and shutting down Sprint towers that worked fine before. Often, there’s no signal at all anymore where I live and I’m not even sure our phones support anyone else’s network. Who, honestly, expected anything different?

Did anything good come this cycle? Yes. Google finally, after 7 years, seems to have merged the three line patch that allows you to play Opus with its correct extension.

I suppose that will make the devices that inevitably ship without an SD port in a couple of years less of a headache. I can crunch my WavPack collection down to 128k Opus and still use it without getting Spotify.

Richard Stallman mentions some of the nasty things Spotify does and why not to use it, but misses the most obvious non-starter. It’s a really nasty form of DRM that is designed to get the user to stop valuing having a local copy that cannot be taken away.

Although if you do use Spotify “Free” (gratis), there’s an F-Droid app that replaces the ads with Interdimensional Cable from Rick & Morty. It’s man vs. car, and car wins again!

Bonus: Just after I posted this, I read that Spamsung completely abandoned the S8/S8+, which were the phone of 2017. Four years in, you cannot safely continue to use the phone, whether it works or not, unless you figure out a way to unlock the bootloader and install an unofficial ROM that’s in whatever state it’s in. Nice to see that Spamsung loves e-waste as much as Microsoft loves Linux patent aggression. Like a fat kid loves cake.

It’s the time honored tradition. If the old model kept working indefinitely, how would they sell the new model? Most of these phones are barely different except that they keep getting more expensive and dropping widely used features to help them force the Clown on the user.

Apple realized that the iPod Classic had to go because as long as people could keep dropping MP3s on that, using a flip phone to make calls, and buying a dedicated GPS unit for their car every decade, they were eating into their own sales of a much more expensive market. Now, the deluxe iPhone is $1,649 and it only lasts a few years between replacements. Almost every app costs you money somehow. Sometimes a staggering amount. The carriers love them because a data plan is almost twice as expensive as a basic phone line. (Then certain ones, like T-Mobile, will sell you unlimited data that doesn’t really work anywhere.) Almost nobody is better off with this.

Google Play Spotlight: GasBuddy, Grindr, or how I informed Facebook using Android. F-Droid Spotlight: TrackerControl.

As everyone should know already, privacy on an Android phone, in general, is pretty much a joke.

In fact, the more “apps” you install from Google, the worse things get. Not only does every application published in the Play Store phone home, at a minimum, to give Google crash and analytics data about you (even if the underlying program is Free Software), but developers generally have every incentive to include more.

When Facebook was forced to reveal “Off Site Activity Data” under recent privacy laws like the EU’s GDPR and California’s CCPA, it made them very hard to get at, but when you eventually find the link that gives you limited control over it, you’ll find that most Android apps are spying on you when you open them and are sending them data.

In fact, Facebook publishes a tracking library that app developers can bundle in exchange for money.

When you “learn more”, Facebook admits that it gets more data than it tells you about here, and it’s not even clear what really happens to the data when you clear it and set it so that they don’t use this activity later.

So what does that have to do with apps like GasBuddy? Well, I opened it up and TrackerControl revealed that there are no less than 25 tracker libraries included in this one app, and but one of them is Facebook.

This is also a problem with applications like Grindr (unfortunately promoted by Stephen Fry by way of the BBC) which has already had many privacy scandals. Like the time that it leaked the HIV status of its users out to persons unknown.

Well, one of the “known” companies that gets your HIV status, or at least knows to sell HIV drug companies, gay cruise ships, and Truvada lawsuit lawyers your data, is Facebook, because Grindr has a Facebook library in their app that sends your activity to them every time you use it.

And you’ll likely never notice unless you check an obscure “Off Facebook Activity” page that is hidden behind half a dozen links that you have to click in the correct order, or monitor app behavior using TrackerControl.

Grindr was a Chinese-owned company (until it sold recently due to the Trump Administration declaring it to be a national security threat) that mostly exists to facilitate sketchy hookups and contribute to public health disasters in countries like the United States. The public health officials refuse to say much about it for fear of angering the “gay community”, but it is what it is. Would people behave this way without Grindr? Sure.

My cousin was tracking STDs in Indiana in the late 90s and early 2000s and they were spreading over AOL, Yahoo chat rooms, and Gay dot com when those were a thing, but there was never an app back then where you could flip it open and see who was how many feet away. (They can see you too, which has led to stalking and death threats and all kinds of fun.)

Oddly, I met my spouse there and things have been going fine with him. We’re happily married for years now and I haven’t had that app since, but when I learned of all of the creepy things it had been telling Facebook, I was pretty outraged. Facebook admitted to Congress that it tracks people who have never even set up an account.

I’ve heard that straight dating apps don’t treat people much better, and that now, people are being snookered into telling the app whether they’ve had a Coronavirus vaccine in exchange for being baited by having “additional swipes” or something stupid like that turned on for a little while. The government often bypasses its own laws by buying data that it can’t otherwise legally collect, and the news admits that the Biden Administration is involved with this. Hmm.

Now you may not be able to even match with someone on a dating app unless you’ve taken a vaccine that’s only authorized under an Emergency Use Waiver. I’m not antivax, but I think that it would be more appropriate to discuss health matters somewhere else.

Look, I’m not telling people what to do on their phone, but I would suggest keeping the number of apps that don’t do anything particularly important from the Google Play Store out of the phone, using alternatives from the F-Droid Store where possible, and setting up TrackerControl.

The state of the “smart” phone industry is pretty awful. With either of the two major choices, you’re going to run into nasty problems that are either unfixable or that you can only hope to put a bandage on.

In an episode of The Orville, a woman’s cell phone was recovered by the crew, and it contained enough information to re-create a simulation of her in their holodeck. In reality, if anyone has that kind of data on you, it’s Google and Facebook on a server, and it’s being used to feed into their advertisement network.

Ads just aren’t worth any money if they mostly get shown to people who aren’t the targeted demographic.

In fact, when Signal took out an ad campaign to show Facebook useds why they were being targeted, it got shut down, because Facebook doesn’t want anyone to be consciously aware of what’s happening to them.

Apple’s App Tracking Transparency feature isn’t enough, and while I do indeed believe that Facebook is pissed, as long as you use their apps, load pages with their trackers in them, and run seemingly unrelated apps that share data with them, it’s not going to prevent them from learning about you. In fact, most of what they know isn’t even from the trackers they inject elsewhere. It’s what people tell them.

(I’m not an avid user of Facebook, and Psychology Today reported that studies have shown that people who are tend to be Dark Triad personality types. It helps them learn about people when they tend to be narcissistic exhibitionists anyway, I suppose.)

Where they check-in at, what they say their birthday is, what they say their hobbies are. When you use your phone number or email address with someone else, they can feed data into Facebook. You can shut one door, they’ll open three others. It’s sort of what they do. It’s all they do. (Kyle Reese on the Terminator)

With all of the court actions being taken against Apple and Google (48 states after Google), nobody seems intent on solving more than a few problems that aren’t going to solve the big picture. Just like Microsoft emerged relatively unscathed.

I suspect that no amount of court action is going to seriously damage GAFAM today. Why? They’re in bed with the government. They get bailouts, sometimes disguised as useless products such as Microsoft HoloLens for the military, they get to cheat on their taxes (Apple is an Irish company when the tax man cometh), they design weapons for the military, they partner with ICE. (Yes, that’s right. Facebook gives ICE data on how to track undocumented immigrants.) Some of them have contracts with the military to help them design drones that murder people. Google claims that it recently scuttled one, but who knows?

If anything comes out of the court cases, it will be orders to quit damaging other parts of GAFAM. For example, the antitrust complaint against Google doesn’t mention any of the ways it harms the free market or its users. It’s largely about how Microsoft thinks it deserves to track you and abuse you with its own ad network instead, and how Bing (which deletes more web links due to the DMCA than Google does) deserves to pry open a bigger share of the search market.

Until someone does something about these Tracker Libraries in Android apps (and good luck with that), the only thing we can do is lean hard on the F-Droid store for alternative apps, and use apps like TrackerControl to defuse the server connections that they attempt to make.

Now, on to the review.

TrackerControl

From the F-Droid store page.

TrackerControl allows users to monitor and control the widespread, ongoing, hidden data collection in mobile apps about user behaviour (‘tracking’).

To detect tracking, TrackerControl combines the power of the Disconnect blocklist, used by Firefox, and our in-house blocklist is used, created from analysing ~2 000 000 apps! Additionally, TrackerControl supports custom blocklists.

This approach
– reveals the companies behind tracking,
– allows to block tracking selectively, and
– exposes the purposes of tracking, such as analytics or advertising.

The application also educates the user about their rights under the EU GDPR and helps them send form letters. Unfortunately, as I’m based in the United States, I was unable to try this out.

After installing the app, it sets itself up as a “pseudo-VPN”, to enable filtering app requests to the internet. This is necessary so that the user doesn’t have to “root” their Android phone in order to allow the filtering process to work.

Once installed, the application defaults to what it considers a relatively safe setting to attempt to block trackers, without bricking apps. While this often works out fine, some apps just appear to break with no obvious explanation, but opening TrackerControl allows you to see what it attempted to do. And in many cases, just enabling access to one server that it should obviously be able to get to fixes the app, while allowing it to block everything else.

In some cases, apps really shouldn’t need to access the internet at all. Android gives users no control over this, for obvious reasons, but TrackerControl does. To disable an app’s access to the internet entirely, one can simply click the app’s icon in TrackerControl and it will gray out and the app will report that it blocked all internet access for that app. Or, you can go into the detailed settings and simply set the slider to revoke internet access for that app.

For example, my Samsung Galaxy S20 FE has a lot of annoying Microsoft crap that you cannot remove. Including an app called “SmartThings” that I’ve never even opened, which sends data about me back to Microsoft anyway. Well, that’s dumb. With TrackerControl, I can just disable internet access to these sorts of things entirely and plug the leaks. Cool!

In other cases, TrackerControl is a real eye opener. One of the restaurants I like to eat at, Cracker Barrel, suggests that if the line is too long, you can install their app to pay for your meal, or order to go. I opened the app after installing TrackerControl to see what it would do, and just by opening it, it tried to contact Facebook, SalesForce, KRXD (a fingerprinter), Microsoft and Google trackers, and Crashlytics.

The app works, even if you block all of these, but I didn’t even consider until now….that they have a website that lets you place orders. It won’t let you pay a bill, but do you really need all of these companies to know when you open an app?

I believe that using TrackerControl will get me to start thinking about privacy with regards to apps more, because even a restaurant app now 13 tracker libraries that try to connect to 6 companies just by opening it.

I also found old apps on my phone that I installed in order to get a coupon or something, that are still apparently opening themselves to send reports somewhere. Yuck.

For apps you want to keep, TrackerControl can partially muzzle the trackers and block ads and the app will still do the things you want it to do.

It’s depressing that such an application should be necessary, but that’s the state of the “smart phone”.

As a final note, you should really be using a web browser with an ad blocker available, and relying on TrackerControl to protect you outside the browser. Leave Google Chrome unopened. It’s an unbelievably bad browser designed to make it impossible to control your privacy. I suggest ublock-origin in Fennec. More in a future review.

License: GNU GPL 3

Minimum Android Version: 5.1

F-Droid Non-Free Warnings: None

My Rating: 5/5