Tag Archives: Privacy

The Lemonade BIPA lawsuit has settled in Illinois, which means I can talk about it now.

The Lemonade BIPA lawsuit has settled in Illinois, which means I can talk about it now.

In 2018, my ex was mugged in Chicago, and I filed a claim on our renter’s insurance, which was Lemonade.

After some back and forth where Lemonade didn’t want to pay anything, I finally got a payment of almost $700 for the things he had stolen from him less the deductible.

What I didn’t know was that Lemonade had stolen my biometric information while I was making the claim video where you have to describe what had happened.

Lemonade was later dumb enough to admit, in a since deleted blog post, that they use “AI” to get your facial information and look for tells that you might be lying. When they got sued, they denied any wrongdoing.

On Facebook later, a law firm called Ahdoot Woolfson, had an ad where they were trying to get lead plaintiffs to initiate a class action lawsuit against Lemonade. I contacted them, and we had a discussion over the phone and then I signed a form stating that they were authorized to represent me on contingency, and then they said they’d get back with me later and never did.

In the mean time, another firm beat them to filing the lawsuit and they told me that we would be working alongside that law firm to pursue the case.

Then I didn’t hear anything. Until I got an email with a unique class member ID the other day stating that the case had been settled with $4 million going to the class and $1 million going to the lawyers.

Since the hearing is in an Illinois courtroom, I can show up an object if I want to, and I might. I filled out a claim anyway so I at least will get something, as the date to object is after the deadline to file a claim.

Recently we got $400 each from a Facebook BIPA settlement and have since filed BIPA claims against Google, which should be paid out later this year.

Some companies have stopped doing business in Illinois entirely due to all of these BIPA lawsuit, but they’re not the companies you want here anyway if you’re one of their victims. Clearview AI was one of them that pulled out, and they do facial recognition that ends up being misused by police agencies and large firms, and the settlement terms are going to give them a hard time doing business anywhere in the country.

There’s been a lot of lobbying to get rid of BIPA or turn it into some sort of a joke, so that Facebook and others can violate you with impunity again. The reason Facebook stopped using facial recognition and deleted it, is because of BIPA. We should expand privacy laws, not allow them to gut it.

Between the California Consumer Privacy Act and the Illinois Biometric Privacy Act, we have the only strong protections in the entire nation.

Microsoft already (says) they apply both laws to anyone using their products. Can you imagine how much worse Microsoft could be without them?

Many companies want the federal government to pass a “privacy” law that doesn’t do anything and effectively repeals all state laws. They turned against one that looks like it might pass when representatives of California and Illinois inserted language that would grandfather the CCPA and BIPA in addition to the privacy protections in the new federal law.

If Congress is going to pass anything, it should at least grandfather these laws and should really allow states to continue passing whatever the elected representatives see fit to, as long as the federal law is a baseline.

The reason why companies have ran into so much trouble in the states and now have different regulatory and employment laws is because they’ve paralyzed Congress and the federal agencies, and while that was going according to their design, the states woke up and started legislating, and now the corporations are mad that they got what they wanted and it’s a mess for them.

NordVPN becoming more annoying and scammy.

NordVPN is becoming more annoying and scammy.

First of all, they’re based in Panama, which is not even near Europe, but that’s an aside.

Recently, I’ve noticed that they shift my VPN connection to Panama and the UAE. Those famous parts of America.

I noticed this at first because Facebook and Paypal change regions and language automatically, and then set cookies so it’s very difficult to change them back.

I noticed that NordVPN keeps shunting my connection to a “Cyber Assets Fzco” based in Dubai recently, it seems to do that more than the Panama ones that keep coming up.

On Reddit, there have also been discussions about NordVPN switching people to AutoPay if they try to switch credit cards, even if that’s not what they want, and NordVPN will continue billing their cards even if they try to cancel it. (NordVPN doesn’t have my card number because I subscribed through Google Play.)

Also, disturbingly, NordVPN has been gobbling up other VPNs which signed deals with the RIAA and MPAA to block BitTorrent or identify the VPN users (making the VPN worthless), which immediately folded up and sold their branding and subscribers to NordVPN since their business was ruined.

Around the same time, NordVPN updated their Privacy and ToS policies, they said it makes them easier to read.

I didn’t think so, but what I did notice is that it more prominently states that they can throw you off the service for infringing copyrights or breaking any law, however they continue to insist that they don’t log you, unless you have a dedicated VPN IP address, in which case all of your activities actually are logged, and linked to the email address you signed up for NordVPN with.

They also made it more obvious where to send abuse and law enforcement complaints/requests to.

What deals are they subject to with the RIAA/MPAA, directly or through their acquisitions. Are they really logging you? Are you comfortable with your Internet access being routed through the United Arab Emirates?

Are you concerned that it might be difficult to get them to quit billing you?

These are all good questions, but NordVPN doesn’t do much except promote itself, and they are pretty good at that.

I don’t think that VPNs are the ultimate answer. There will come a point where the jig is up and they’ll all have to shut down, and we’ll all need to move towards anonymity networks that have privacy built in and to the point where it is fast and easy to share files with others.

Richard Stallman has been adamant in opposing the copyright system that exists in the US. Using a VPN doesn’t get rid of all of the laws that Congress keeps passing, which were bought and paid for by an industry that mostly sits around on its ass and doesn’t create much.

At best, a VPN may not be logging you, but only they know if they are. At worst, you’re paying for a false sense of security.

Mozilla is being laughed at for getting in on the “VPN” scene. What they do is essentially take Mullvad, double the price, and have different software for accessing it, and a different privacy policy.

To sign up for Mozilla VPN, you also have to uniquely identify yourself when you go to pay for it and create an account.

I’m not sure, with the whole UAE thing going on, that I want to subscribe to NordVPN again. I might just let it time out and cancel through the Play store. The UAE is an extremely corrupt country. They allow Russian oligarchs to party there, while executing homosexuals.

Meanwhile, NordVPN talks about human rights. LOL

As Roy Schestowitz put it in TechRights IRC the other day, NordVPN pretends they are based in countries that treat people well, and they’re actually based in some of the biggest countries for human rights violations on the planet.

DuckDuckGo’s “agreement with Microsoft” allows trackers to bypass privacy settings of DuckDuckGo “Privacy Browser”.

DuckDuckGo’s “agreement with Microsoft” allows trackers to bypass privacy settings of DuckDuckGo “Privacy Browser”.

Why would they block them?

They’re hosted on Microsoft Azure and get their search results from Microsoft Bing.

DuckDuckGo is just a thrall of Microsoft, and it lets them sell their products while hiding who they really are, from people who know that the Microsoft brand is toxic.

DuckDuckGo also amused me with their “privacy browser”, because they only produce it for the operating systems that spy on you and hand over your files to the police, like Windows, and iOS, and don’t produce a version for the most private choices of all, such as the BSDs or GNU/Linux operating systems.

Facebook had to pay us about $800 because they violated the Illinois Biometric Information Privacy Act.

Facebook had to pay us about $800 because they violated the Illinois Biometric Information Privacy Act.

I got a $397 check for my spouse last week and a $397 check for myself this week.

Facebook had been tagging us in our pictures and storing our facial patterns in their facial recognition programs. That turned out to be a big problem for them that cost them nearly $700 million in the resulting class action settlement.

Scumbag corporations have been losing big time due to the BIPA, and they want it repealed. There’s pending lawsuits against at least a dozen major companies, and lots of settlements too.

The only thing corporations understand is losing money. Facebook has already had a lot of fake stock value erased this year.

Facebook blamed the loss mostly on Apple’s alleged new “privacy” functions on the iPhone, even though Facebook already has patents pending on how to avoid those features and track people with iPhones anyway. As long as their apps are even on your phone, you’ve lost already whether you use an Android or an iPhone.

I use a Free and Open Source app called Frost from F-Droid that gives Facebook no significant access to my phone. It’s basically a blinged out webview that tricks Messenger into working. So it’s very likely that Facebook has less access to my Pixel 6 than anything Apple has done to box them in on an iPhone, where all you can use is Facebook’s apps.

Facebook’s financial problems have more to do with laws like the California and Illinois privacy statutes.

The only safe way to operate is to assume that anyone you track could be in Illinois or California, which is why although BIPA is an Illinois law, and Illinois is a state of 12.8 million people, Facebook disabled their tagging and facial recognition everywhere in the world after losing $700 million dollars.

Another source of Zuckerberg’s heartburn is the state of the economy in general. Major stocks of companies with real products are down 30 even 40%, and not even Walmart was spared.

Most of the ads I’ve seen go by on Facebook are from lawyers suing app companies.

Since the economy is so bad right now (Maybe call it the “Don’t Say Recession Recession”?), consumers have to tighten their wallets, and while that may or may not eventually break the hyperinflation (since most of this is due to Biden and Congress throwing around trillions of dollars we don’t have, that came at the expense of your bank account), it means the value of advertising is collapsing.

This is what set off the DotCom Bubble Collapse in the early 2000s.

Eventually, investors get sick of losing money, the hysteria wears off, and reality sets in.

Usually in an environment where the Fed loses its appetite for entertaining that round of mania.

Like what’s starting to unfold now.

The reason why Elon Musk wants Twitter isn’t because he has a plan to turn a profit. His Tesla company is down 41% YTD, you know.

It’s because he wants to be able to say whatever he wants without any censorship, and invite Trump back to scream and yell, but there will still be “content moderation” and spyware tracking the people foolish enough to have accounts there.

I’ve never really understood how a company that lets you post 140 characters from the toilet that disappear into the void quickly has managed to stay in business. Pretty much the only thing on Twitter are influencers, “brands”, and politicians. The 1% can say whatever they want unfiltered.

Do you even want to be on this thing?

I barely even have a presence on Facebook anymore. It’s not generally worth using. You hope other people will hate like your vacation or something and there’s a lot of stress to be fake popular on it.

I tried to tell Roy Schestowitz that he’d be a lot happier and lose nothing if he got off Twitter years ago, but the only reason he left was because they shoved him out the door for criticizing Bill Gates.

Merely criticizing the rich and powerful is enough to get you thrown out.

It is dangerous to have “social media” replace the Web, because then they can throw you out when they don’t like what you say, even if it’s not illegal to say that. And that’s why corporations and the governments want the Web to die. They can spy and censor better that way. It was much harder to do this in bulk when everyone who wanted a blog just got their own Web site.

Google even crawls my blog and I get readers. When you post to Facebook and Twitter, your thoughts just die immediately. It gives the illusion of having spoken, even though nobody is really listening.

I wonder if Elon Musk will let him back in. He is a “free speech absolutist”, or so he says. 😉

Firefox for Android no longer gives the user control over the browsing experience. Privacy Browser turns off JavaScript by default.

Firefox/Fennec for Android no longer give the user significant control over the browsing experience.

The browser that said it was on a mission to enable users to “take back the Web” has been falling from grace for years, starting with Digital Restrictions Malware module, Widevine, and then quickly moving to remove a lot of features and then relegating them to extensions, which were then neutered in order to make them easier to port over from Chrome.

But nothing has made me more upset than what has happened to Firefox (or Fennec, the Free and Open Source version) for Android.

Mozilla’s move to GeckoView rendered over 99% of all Firefox extensions incompatible with the mobile browser, including bypass paywalls, and there is no longer any way that I’m aware of to turn off JavaScript.

Major news Web sites like the New York Times are now unreadable in Firefox for Android because I can’t simply block their paywall like I can in my desktop browser, so I decided to try out Privacy Browser for Android, which is in the F-Droid store.

As the name implies, it disables many privacy invading Web technologies like JavaScript, by default, but you can turn them on again if you want to. In my experience, many news Web sites that load paywalls work in Privacy Browser because the JavaScript that enforces their paywall fails to execute. So now whenever I run into a paywall, I have to switch to a different browser.

Privacy Browser can work with the Tor network Orbot program, but it would be better to use Tor Browser itself if you need actual anonymity, as Privacy Browser relies on the Chromium WebView engine and that is proprietary and Google makes it very difficult to properly secure.

The Privacy Browser maintainers say that they plan on forking WebView into “Privacy WebView” and bundling it in version 4.0, which will definitely deserve another look.

Right now, I’m not using it expecting privacy. I’m using it because Mozilla is making Firefox impossible for the user to control at all, and in many cases I don’t want JavaScript on anyway.

F-Droid Spotlight: AirGuard (See devices that track you, like AirTags.)

Apple is a creepy company.

From admitting that they plan to put device scanning that automatically turns their users over to the police into their phones (and claiming anyone who wants privacy from THAT is a sex offender, which is a classic example of DARVO), to creating devices which spy, like AirTags, nothing they do is ethical.

When they released the AirTags, it provided stalkers with an excellent tool to help commit violence and rape (mostly against women, of course) that is so easy to use that even an Appletard can figure it out.

Apple demurred that there were already similar devices on the market (which cost less, much less, but what else is new?) than theirs which don’t go “beep beep beep” (creating an aftermarket for AirTags with the speakers destroyed) and alert the phones nearby that they’re being tracked (after three days, and only if you use an iMonster).

For Android users, they eventually released a broken “Tracker Detect” app into Google Play that hardly works at all and is sitting at a 2/5 star rating just to avoid the inevitable lawsuits or at least give them the defense that they provided us with “something” to rectify the problem that they created.

But as usual, the F-Droid store comes to the rescue with AirGuard.

I’ve been trying it out for the past couple of days and it can monitor all kinds of devices that are nearby, including Airpods, my watch, my stereo (LOL), Airtags, and other devices, and it can tell you where they’ve been following you at, using OpenSteetMaps.


F-Droid Download Link: https://f-droid.org/en/packages/de.seemoo.at_tracking_detection/

License: Apache License 2.0

Is Mistr a trustworthy source of anti-HIV PrEP medication?

A company called Mistr claims to have an app where you can get PrEP for free, but is it legitimate?

When I saw the Facebook ads, I immediately wondered this. How would a company give out free doctor visits (online), call in prescriptions for Truvada or Descovy for Pre-Exposure prophylaxis, and give out free at-home lab tests?

They claim it’s free even if you have no insurance and they claim that the only charge will be for your medication, but that most insurance covers it, and that they will help you fill out Patient Assistance Programs if you don’t have insurance.

As the old saying goes, if it seems too good to be true, it probably is.

As another saying goes, if you’re not being charged, you’re usually the product.

Doctors charge hundreds of dollars for visits, hundreds for lab work, and you need to do this every few months or they stop writing your PrEP prescription.

It’s not something most people can afford to be on without a Health Department or Planned Parenthood (a legitimate charity) managing their PrEP case.

I would absolutely never trust an app that has unknown motivations that claims it will give me thousands of dollars worth of services “for free”.

I tried to ask them some questions about who was actually invested in their company and who pays for all of this stuff since it’s obviously not free to them.

That was about a week ago and they never replied with any answers, so this post is shorter than the one I intended to write, and I cannot definitively say what’s going on with this app/company.

Unfortunately, many people seem to go along with apps and give them too much information, and without considering why or how it will be used later, and this app is suspicious in my opinion.

Until they fully disclose how it is funded and what they do with your information, I wouldn’t touch it. They don’t seem to claim anywhere on their website that they’re a charity, and we know that billionaire investors invest into some creepy things, including suicide crisis lines, because data is worth money.

Worse, they make no guarantees that teenagers who use Mistr won’t be outed as LGBT (the target of the PrEP campaign) to their parents if insurance statements start coming in showing that they paid for PrEP medication, and any parent can get on the internet and figure out that these are HIV drugs and then that leaves the teenager with some tough questions from their parents which they wouldn’t have to answer if they went to the health department or Planned Parenthood.

Crisis Text Line, a “charity” backed by Melinda Gates and Steve Ballmer, collects data from suicidal people, then sells it to advertisers and other third parties.

Crisis Text Line, a “charity” backed by Melinda Gates and Steve Ballmer, collects data from suicidal people, then sells it to advertisers, a customer relations software company, and other third parties.

The outfit claims that the “AI” chat data is “anonymized”, but similar datasets have been trivially de-anonymized in the past.

Even if the dataset has been stripped, allowing them to sell the contents to advertisers is clearly unethical.

Worse, they apparently encourage users to use the system over Facebook Chat, which is monitored by Facebook, which is world-renowned for the creepy, unethical, and illegal things it does to invade privacy. They’ve settled or been convicted of violating the Illinois Biometric Information Privacy Act at least a couple of times, for example.

Imagine what a goldmine all of this stuff that people unwisely tell it while they’re depressed is worth.

Even the more official National Suicide Prevention Hotline in the United States acts unethically at times. For example, if a person definitely plans to kill themselves, they will attempt to dox that person and call the police.

If you’re reading this in a civilized country, you may go “Oh, well, what’s the harm in that?”.

Well, the police in America are not exactly famous for treating mentally ill people well when they arrive on the scene*, as was the case in Michigan when they arrived and shot an unarmed man whose mother had called them for a wellness check.

*(I know. Someone called them for a “check” on me a long time ago and far from trying to do anything to calm or reassure me, they came out, screamed at me, and accused me of malingering and feeling sorry for myself. Shouting at people and trying to throw them off balance might make sense when they’re a suspect in a murder, but it’s ridiculous that the cops are allowed to do this during a wellness check, when a person has harmed nobody.)

And even if you survive the police encounter, they can stuff you in a nuthatch, force you to take barbaric and primitive psychotropic medication, and then give you the boot later on, perhaps after you’ve lost your job for failing to appear at work, and now you are indebted to the treatment center for roughly $20,000.

Ironically, they may have given you more reasons to kill yourself than you had before you called the hotline.

I can only surmise based on what I’ve witnessed here that the United States doesn’t really want to do anything about the growing problem of suicide, which does need to be talked about. It says it does, but it doesn’t.

It allows the 100 richest people to hoard trillions in (largely inherited or as the windfall of various white collar crime) wealth, but it won’t do anything to alleviate poverty.

Instead, we get this 9-8-8 number that just sounds like it could turn your life into even more of a shitshow than the reason you called it for, and the 1% (Including Bill Gates’s ex-wife Melinda, and former Microsoft CEO Steve Ballmer) running a competing disservice that sucks up your data, packages it, and sells it, so that advertisers know what makes people tick.

It makes me wonder, if they’re allowed to sell it, who else they would be selling it to.

There are already companies that copy out all of your Twitter and Facebook posts, likes, and shares, and go combing through it for “red flags”, and then sending it to your employer or potential employer.

Could it be that not too long from now, the Crisis Text Line and Facebook will offer to tell them everything people have typed into this?

It really should stop and give you pause about how you should not interact with things like this. If there wasn’t some way to profit off of this human suffering, the billionaire class wouldn’t be investing in it.

On (hopefully) taming Webkit and getting better privacy in GNOME Web with Privoxy.

On (hopefully) taming Webkit and getting better privacy in GNOME Web with Privoxy.

I blogged earlier, that Safari/Webkit Content Blockers weren’t very good. Apple deliberately limited them to 50,000 blocking rules, which forces Content Blockers to focus their efforts strictly on ads.

Read the entire post here.

While GNOME Web’s ad blocker based on Content Blockers is better than what came before it, more steps to block things that slip through the cracks and threaten your online privacy are clearly needed.

I installed Privoxy, which is a local (runs on your computer) filtering Web proxy, which sits between your browser and the Web, a little while ago from Debian, enabled the system service with sudo systemctl enable –now privoxy and set it to be my HTTP and HTTPS proxy on port 8118 in GNOME’s Settings program, under the Network tab.

It has a page you can open in a Web browser to see if it’s configured properly http://config.privoxy.org/show-status which will be intercepted by the proxy if it is enabled.

You can edit Privoxy’s settings from this page if you open Privoxy’s config file as given in instructions on that page and enable “edit actions” by setting that value (enable-edit-actions) to 1 and saving the file.

So far, so good!

According to Privoxy’s statistics so far, 16.23% of the requests that GNOME Web made, which were already filtered by Easylist as provided in Content Blocker form were shot down by Privoxy! COOL!

Somewhere along the way, a site even tried to load an exploit for Microsoft Internet Exploder and Privoxy sanitized it. I am obviously not using IE, but it’s nice to know that Windows users who may need to use Microsoft Edge in IE Mode could possibly benefit from this.

Really, it would be nicer if Apple would just double the amount of filter rules allowed in Content Blockers, but it seems they really can’t do much about users who take Privacy matters into their own hands, even on Mac OS, as Privoxy apparently works on Mac OS too!

Privoxy has been around for 20 years or so and previously went under the name Internet Junkbuster.

Privoxy will not interfere with your VPN software, or at least it shouldn’t (it doesn’t with my setup, using NordVPN), because it is a local proxy. It should enhance the privacy your VPN gives you. In fact, it used to be part of the Tor Browser Bundle.

I plan to dive deeper into the configuration later and see what else I can find. It’s been a while since I’ve used this regularly because something happened and it got messed up on Fedora when I used that. :/

So there you have it. Privoxy still works, and it makes GNOME Web even more pleasant, and faster!

Rating: 5/5

License: GNU GPLv2

Website: https://www.privoxy.org/

50,000 rules is not enough for Safari Content Blockers and I’m not hopeful that the situation will improve for GNOME Web, despite “WebExtensions” coming.

A little background…

GNOME Web uses WebkitGTK, which is basically an improved version of the one that Safari has. (No DRM modules and support for open media codecs.)

However, it has some of the same limitations. One of these is using Content Blockers for the ad blocking. GNOME Web previously had one that was much, much worse, and caused many bugs, and ate RAM like it was going out of style, and was only partially compatible with Adblock Plus.

So deleting it out of the browser and moving to use Webkit Content Blockers was a win by that measure.

However, Apple is such a piece of shit company that they designed the scheme so that you’re limited to 50,000 rules. To put that in perspective, in most of my browsers, I have twice that many, and no, they don’t slow the browser down at all, because uBlock-Origin is efficient.

What this basically forces Content Blocker list maintainers to do is prioritize the nastiest stuff on the Web that will fit into Apple’s arbitrary 50,000 rule limit.

This reminds me of my younger days when I maintained the best ad blocking HOSTS file I could within the limits of Windows 98’s primitive and stupid networking. Soon, there was a demand for my lists, but eventually I hit a point where I had to stop because if I went a few bytes further, Windows 98 would have a stroke.

Eyeo, the company that makes Adblock Plus, has a “minified” version of Easylist as as a Content Blocker ruleset, and GNOME Web currently points to that. Since many of the trackers on the web are advertisers, it nails a lot of the tracking problem as a side effect of blocking ads.

However, for the Tracking side, we rely more on Apple’s Intelligent Tracking Prevention scheme, which is hardly flawless. Microsoft has developer documentation detailing how to bypass and subvert an earlier version of it. Such as simply tricking the user to interact with the trackers every now and then.

In simple terms, Apple has created a Rube Goldberg Machine that can never hope to work for preventing tracking entirely, while other browsers just let you block it and the data would never be stored to begin with.

GNOME Web says that WebExtensions support is being worked on. I read it a while back.

But the reason we’re unlikely to see some things like uBlock-Origin is because it will likely be the watered down Apple version that the Reddit Enhancement Suite people gave up on.

And even if you can get past Safari’s crap APIs and build the damned thing, you have to pay $100 a year just to give away a free browser extension (Google charges $5 once to verify you).

They also describe a system where the review process has no communication from Apple. It’s like the Keystone Kops are in there doing the App Store reviews. They would sometimes submit extensions for review and get no answer for weeks, or no answer at all, and it never showed up in the Safari extensions store.

We waited a full two weeks from the initial rejection, only to be rejected again because it didn’t contain a specific icon — a situation that would have been automatically and immediately detected by every other extension gallery, because they run a quick scan on the file uploaded to them during the submission process.

All of the browsers’ extension galleries require that you submit your extension for review. Each of them, except Safari, has some automated processes to ensure you’ve checked all the right boxes and included all the right files and data. The fact that we waited two weeks to be notified of such a simple omission, and one that wasn’t noted in the first rejection, is pretty awful.

So, we submitted yet again, once again providing documentation of our license to use the term “reddit” in the name, just in case. What happens? We wait a few weeks and are once again rejected for using the term “reddit” in the name of our extension! I reply explaining the situation, and once again get a reply saying the extension will be “placed back into review.”

-Reddit Enhancement Suite (Regarding one problem they hit with Apple).

At this rate, I wonder what value there would be to adding support for these to GNOME Web.

From what I can gather, you’d have to install “WebExtensions” that were neutered for Safari to know they work at all, and the only place to do that is in an App Store that’s a corporate sewer and platform for censorship that you can’t even access on GNU/Linux, and if you tried installing them from somewhere else, I’m kind of guessing that from what the RES people are implying that they’d depend on APIs that Firefox and Chromium (Brave, Vivaldi, Chrome, Edge) have, but not Webkit.

On the gitlab issues, Jan-Michael Brummer suggested this was coming up soon, but that was 11 months ago. When I went to test WebExtensions as of the GNOME Web 41 Flatpak, nothing seemed to happen when I followed the procedure to turn them on.

At this point, it may just have to be enough to accept that GNOME Web is a simple browser that does what it does but is not extensible, unless somehow they plan to break these limits in just the GTK port, or better APIs than what Apple ships now are coming. Then we’d need to figure out how to install the actual extensions from Mozilla or the Chrome Web Store or something, I suppose.

If it ever does land, it would be cool to have uBO and Bypass Paywalls up and running in GNOME Web.

GNOME Web is a nice little browser, but it doesn’t have the unlimited budget of a Big Tech/GAFAM company behind it, so these things may take time to come to fruition.

This post is more of a dig/laugh at Apple and the 7 levels of hell it takes to get a damned extension published, and how Apple’s App Store mostly prides itself on how many it can yank down for arbitrary and capricious reasons, claiming they do “harm” or something, without justifying their decisions to anyone.

The user can’t override Apple and “sideload”, like you can with Bypass Paywalls in Firefox and Chromium browsers. “Sideload” is a four letter word at Apple because it implies that the user has _some_ control over the computer.

In the mean time, as GNOME Web works out what the story is with WebExtensions, I may go digging around and see if Privoxy can still be made serviceable as a localhost non-caching filtering proxy server. Last time I toyed with it, it worked, and it even had a systemd service.