‘NSA-proof’ Tor actually funded by US govt agency, works with BBG, FBI & DOJ – FOIA docs | RT

‘NSA-proof’ Tor actually funded by US govt agency, works with BBG, FBI & DOJ – FOIA docs | RT US News

The Tor Project, hailed as a bulwark against the encroaching surveillance state, has received funding from US government agency the BBG and cooperates with intelligence agencies, newly released documents reveal.

Tor, free software which enables anonymous communication over the internet, is a “privatized extension of the very same government that it claimed to be fighting,” claims journalist Yasha Levine, who obtained 2,500 pages of correspondence about the project via Freedom of Information Act (FOIA) requests.

The Weaponization of Social Media (video) | James Corbett

Now openly admitted, governments and militaries around the world employ armies of keyboard warriors to spread propaganda and disrupt their online opposition. Their goal? To shape public discourse around global events in a way favourable to their standing military and geopolitical objectives. Their method? The Weaponization of Social Media. This is The Corbett Report.

Looking Glass: The next ‘bright idea’ from Mozilla (updated)

Back in the day, Firefox was sort of a hackers power browser that fit a niche market. It was probably the most tweakable mainstream web browser on the planet for both geeks and average users alike. Although it is still highly customizable, it has become less so since Mozilla decided to terminate support for so-called “legacy” add-ons and replace them with WebExtensions of the same type as used by Google Chrome. Matter of fact, Firefox has become a Google Chrome clone as far as i’m concerned and some of us — a core Firefox audience that liked running something different and something that wasn’t ‘Googlized’ — didn’t want anything to do with Google, much less their Chrome web browser.

In its [not so] slow, steady decline and separation from its core values, Mozilla has dumbed-down Firefox to the point where it is hardly recognizable and changed its add-on API several times, thus forcing developers to rewrite their code in order to comply with yet another new standard. The developer of the much loved Search WP extension had this to say:

I’d love to support Firefox 57 (with all my extensions) but

1) Webextensions are just *too* limited. You simply can’t do anything useful with them until somebody adds an API just for you. It already starts with the most basic functionality of SearchWP: there does not seem to be a way to modify the search bar.

2) Mozilla ruthlessly breaking all existing extensions on purpose and removing customization possibilities with every new version of Firefox made me loose trust in the foundation and the browser itself – I’m not willing to spend my spare time on a project that has set a course that goes against everything Firefox once stood for.

And the stupidity continues…

For some time Mozilla has been packaging extensions with Firefox in the form of system add-ons, or “features” as Mozilla calls them. Not only is the option to uninstall these add-ons absent from the user interface, but most people aren’t even aware they exist since they’re hidden from the Add-Ons panel (if you want to know more about system add-ons and how to remove them, read the article, Firefox Configuration Guide for Privacy Freaks and Performance Buffs).

In its latest burst of stupidity, Mozilla is now installing yet another add-on without consulting users, but this time, to their undeserved credit, they have made it removable apparently. ‘Looking Glass‘ appears to be some kind of metrics collection add-on disguised as an augmented reality game created by the PUG Experience Group, whoever the hell they are, and it is part of a series of “Shield Studies” conducted by Mozilla. To see what studies Mozilla has foisted upon you that you didn’t agree to, enter about:studies in the address bar and then about:preferences#privacy to opt out. Better yet, stop using the Mozilla version of Firefox altogether.

Of course adding this unwanted crap to Firefox isn’t the worst of it. A while back, Mozilla decided that it needed to jump on the “fake news” bandwagon with its newly created Mozilla Information Trust Initiative in order to steer you away from sources of information that the multi-million dollar Mozilla Foundation decides are not suitable for your consumption.

I no longer suggest using Firefox, at least not the version distributed by Mozilla. If you want Firefox with the privacy disrespecting garbage removed, consider using Waterfox, which is a more privacy-centric, 64 bit fork of Firefox that will apparently continue to support XUL (legacy) extensions in addition to the newer WebExtensions. Some of the features of Waterfox are:

  • Disabled Encrypted Media Extensions (EME)
  • Removed Pocket
  • Removed Telemetry
  • Removed data collection
  • Removed startup profiling
  • Allow running of all 64-Bit NPAPI plugins
  • Allow running of unsigned extensions
  • Removal of Sponsored Tiles on New Tab Page

UPDATE: Mozilla apologizes.

On 18-Dec., after many users complained about the inclusion of the Looking Glass add-on, for which almost nothing was known at the time it was distributed, Mozilla published an apology, moved the add-on to the Mozilla add-on repository and published the source code. The post opened with the following nonsensical statement which raises more questions than it answers:

Over the course of the year Firefox has enjoyed a growing relationship with the Mr. Robot television show and, as part of this relationship, we developed an unpaid collaboration to engage our users and viewers of the show in a new way: Fans could use Firefox to solve a puzzle as part of the alternate reality game (ARG) associated with the show.

Does this sound remotely like anything that should be included in an internet web browser? What is the nature of Mozilla’s relationship with Mr. Robot? We already know that Mozilla has a habit of adding unnecessary functionality through its inclusion of 3rd party services for monetary gain and using its relationships with many privacy destroying corporations, such as Google, to monetize necessary functionality, yet they packaged the Looking Glass add-on with Firefox for no other reason other than, what? They like Mr. Robot? They wanted to make sure you weren’t bored by giving you a game to play? Utter bullshit. And why wasn’t the source code published before the add-on was shipped? And how do we know that the published code is identical to the unpublished code?

The rollout did not meet the standards to which we hold ourselves causing concern that was surfaced through our Firefox community.

Yes it did because Mozilla sacrificed its standards long ago. The only reason they published this apology is because enough users complained.

We received feedback regarding the transparency of the rollout and the processes that govern our auto-install mechanism for add-ons. In response we immediately started our internal review, […]

Good thing most users have no clue about the several system add-ons and “features” that ship with Firefox which are forcefully installed, activated, not easily uninstalled, and are used to collect data. Of course we know that no internal review will be performed to address this glaring privacy issue.

We’re sorry for the confusion and for letting down members of our community. While there was no intention or mechanism to collect or share your data or private information […]

When one considers exactly what Mozilla defines as “user data” and “private information”, one realizes how hollow this misleading claim rings. If they’re so concerned about their users, why aren’t they concerned about the data that is still being collected by the forcefully installed system add-ons of which users are largely unaware? Why aren’t these add-ons removed and placed in the add-on repository?

Resources:

The Pirate Bay and its cryptocurrency mining script – why this might be the best thing since DOOM

People are now creating scripts to mine cryptocurrencies using your computing power while you visit any websites which employ these scripts. I first learned about this when The Pirate Bay used such a script in certain sections of their website.

This is an extremely interesting development and it will be just as interesting to see how wide-spread it becomes. Just days after TPB was found running such a script, there was already a cryptocurrency miner WordPress plug-in on wordpress.org with 300+ active installs as of Sep. 27, 2017.

At first i categorized this as outright malware and, in fact, i would say this was accurate in the case of The Pirate Bay when they introduced it secretively and didn’t make it an opt-in option for its users. It also appears that ad-blockers, including uBlock Origin, as well as anti-virus software vendors, are targeting these mining scripts. After giving it some thought however, this seems like it might be an excellent way for independent journalists and others to generate some “cash” to support their work whilst dumping, or at least cutting back on their intrusive ads.

The company apparently responsible for all the hub-bub is Coinhive and, frankly, i very much like what they have to say about their cryptocurrency miner. There are millions of people — me being one of them — running ad-blockers to remove all the in-your-face garbage that people and corporations use to monetize their websites and the service offered by Coinhive could be a revolution in this regard in that everyone, from the Google’s of the world to individuals like yourself, could monetize websites and services with cryptocurrency miners that are virtually transparent to their visitors. I say “virtually” because i think it is absolutely critical that such mining scripts only run if the visitor chooses to run them. Apparently Coinhive feels the same way. Here’s some comments from the Coinhive blog:

Our goal was to offer a viable alternative to intrusive and annoying ads that litter so many websites today. These ads are not only a distraction to end users, but also provide notoriously unpredictable and non-transparent revenue numbers. We set out to change that.

[…]

We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission. We believe there’s so much more potential for our solution, but we have to be respectful to our end users.

[…]

It’s probably too late to do anything about the adblockers that already prevent our current JavaScript from loading. Instead, we will focus on a new implementation that requires an explicit opt-in from the end user to run. We will verify this opt-in on our servers and will implement it in a way that it can not be circumvented. We will pledge to keep the opt-in in tact at all times, without exceptions.

I like their ethics and motivation for creating this service. Their privacy policy is also very good, at least for the time being.

Right now i’m blocking these scripts, but hopefully this will change in the future.