Short Topix: Julian Assange Update

by Paul Arnote (parnote)

Man Gets 15 Month Prison Sentence, $50K Fine For Making Disc Copies Of Software Freely Downloaded From Microsoft, Dell

Eric Lundgren lost his court case on appeal to an appellate court, which upheld a lower court's guilty ruling and sentencing ... for making "recovery" CDs. The recovery CDs were to be bundled with refurbished PCs, and he only charged a nominal fee of $0.25 (25 cents) for each disc ... just as PC sellers do, to cover the cost of creating the CD.

Say what? Both Microsoft and Dell offer free copies of Windows on their websites, available to anyone who wants to reinstall Windows for any reason. These are stripped down versions of Windows, and are only 30 day "feature limited" "trial" copies that must be activated by a valid license key. This was the EXACT same thing that Lundgren was providing. He was not selling Windows licenses, but only copies of the same software that Microsoft, Dell and other PC sellers openly offer on their websites that can be freely downloaded.

The Windows license comes from the purchase of the PC when it is new. Common sense would seem to dictate that the Windows license, being included with the purchase of a PC, would continue to be transferred with that computer for its lifespan. But, Microsoft contends that is not the case, and that they charge computer refurbishers $25 for Windows licenses. But wait ... Lundgren was never charged with selling Windows licenses. He only made CD copies of software that is freely downloadable from Microsoft and PC sellers.

Are you shaking your head in disbelief now, just as I am?

In its press release following the case, Microsoft said, in part, ""Unlike most e-recyclers, Mr. Lundgren sought out counterfeit software which he disguised as legitimate and sold to other refurbishers." This part of their statement runs counter to the facts of the case. They added, "This counterfeit software exposes people who purchase recycled PCs to malware and other forms of cybercrime, which puts their security at risk and ultimately hurts the market for recycled products." As pointed out in a TechRepublic article, this is a very peculiar statement to make. As noted in the Washington Post article, this issue was never raised in Lundgren's trial. Be careful. The Post article is likely to raise your eyebrows even more, so much so that it might make your eyebrows appear on the back of your head.

Now, Lundgren has to spend 15 months in a federal prison, pay a $50,000 fine, and forever have a felony on his record, all for making copies of free software that can be downloaded from Microsoft and virtually every PC seller or maker. Nothing about this case makes any sense, common or otherwise.

Once you can get past the shock and disbelief over this case, it makes you happy to be running PCLinuxOS. Perhaps Lundgren would have been better off to make copies of the PCLinuxOS LiveDVD and provide them to PC refurbishers. Not only would he not end up behind bars in a federal prison, but his users would have benefitted from a much more robust operating system, free from viruses, spyware, malware and crapware.

"Man With The Golden Arm" Makes Last Blood Donation

James Harrison, an Australian man who's known as the "man with the golden arm," has made his last blood donation at age 81. Over the past 64 years, he has donated blood over 1100 times, and is credited with helping save the lives of over 2.4 million babies in Australia alone.

See, Harrison's blood has a rare and unusually strong and persistent antibody that helps babies with rhesus disease. This disease occurs when the baby has Rh positive blood, which is typically determined by the father, and the mother has Rh negative blood. Mother's immune system sees the Rh positive blood of the baby as a foreign invader, and attacks the Rh positive blood of the baby. Harrison's blood, more specifically the antibodies in his blood, are used to make an injection called "Anti-D," which helps fight rhesus disease.

Left untreated, rhesus disease (more formally known as Rhesus D Hemolytic Disease, or HDN) can cause miscarriages, stillbirths, brain damage, and fatal anemias in newborns, and is responsible for thousands of baby deaths every year in Australia. Roughly 17 percent of mothers in Australia receive Anti-D injections throughout their pregnancy to combat the effects of rhesus disease. This has even included Harrison's own daughter being a recipient of the Anti-D treatment. Injections of Anti-D in Rh negative mothers with low levels of RhD immunoglobulin allow the antibodies to clean up any Rh positive blood cells in the mother without causing harm to the baby.

When Harrison was 14 years old, he had a major chest surgery that required him receiving 13 units of blood. He made a pledge then that as soon as he were old enough, he would donate blood as often as he could. Starting in 1954, he has donated blood, sometimes weekly. Each of his blood donations could potentially save three people, and his plasma another 18 people.

Typically, blood donors in Australia have to be under the age of 71. But, it took physicians 10 more years to convince Harrison to stop donating blood for the sake of his own health. Harrison has stated that he'd love to keep on donating, if only the doctors would allow him to do so. But as it is now, he has officially "retired" from blood donation.

The Australian Blood Service now has about 160 donors in the Anti-D program, and Harrison was their first donor recruited. Finding donors is exceptionally laborious and difficult. Harrison's feat is unlikely to ever be duplicated, and Harrison's antibodies have been largely responsible for researchers coming up with the first Anti-D injection in 1967.

Completely Stop Web Site Push Notifications In Firefox Quantum

Go to the Firefox "hamburger" menu, located at the upper right corner of the toolbar. Select "Preferences" from the menu. Then, travel to the "Privacy & Security" section of the preferences. Find the "Notifications" section, and click on the "Settings..." button.

Once you click on the "Settings..." button, you should see something like the screenshot above. Clicking on the button highlighted in red will clear out all of the websites that have asked to allow push notifications (notice all of mine say "Block"). Then, to prevent future "requests," put a checkmark in front of "Block new requests asking to allow notifications" (outlined in blue above).

Now, you can sit back and say bye-bye to all those annoying, pesky "push notifications." I'm not sure who ever thought these were a good idea in the first place.

Julian Assange: Closeted & Cut Off

Since 2012, Julian Assange, the WikiLeaks founder, has been holed up in the Ecuadorian Embassy in England. He sought refuge there from Swedish authorities who wanted to interview him about sexual assault allegations. The Swedes have since dropped any such investigation, but Assange would be arrested "on sight" for jumping bail in London. The U.S. is also has great interest in Assange, after tomes of classified data were dumped to the public via WikiLeaks.

Assange's lengthy stay at the South American country's embassy, which is currently known as "Operation Hotel" due to his length of stay there (it was previously known as "Operation Guest," but was changed at some point over the past six years), is said to cost the Ecuador government $66,000 per month. Last January, Ecuador tried to assist with Assange's quest to leave by making him a citizen of Ecuador and designate him a diplomat. However, his status as a diplomat was ultimately denied. So, for now, Assange remains at the Ecuador Embassy, under "Operation Hotel."

To make matters worse -- oh, yes, it does get worse -- Assange's broadband internet has been cut off by the embassy. Anonymous sources (how far can you trust those?) have implicated Assange for hacking the computer system at the embassy, even going as far as to claim that he intercepted private communications intended for other embassy staff members. Assange, and WikiLeaks, has vehemently denied the allegations.

As reported in The Register:

The embassy -- based in Knightsbridge, London -- said it revoked Assange's broadband connection after he violated a promise not to say, or tweet, anything that would harm the South American nation's relations with the UK.

"Assange's behavior, through his messages on social media, has put our good relations with the United Kingdom and the rest of states in the European Union at risk," a translation of the statement reads.

The Ecuadorian statement did not specify exactly what it was that Assange said to bring about the measure.

Prior to his forced internet sabbatical, Assange had been tweeting on a number of topics, including criticism hurled at him from a UK government official and a link to an article on interactions between Italy's Hacking Team and Ecuador's SENAIN intelligence agency. He also retweeted articles on Germany's interactions with the Spanish government in the arrest of Catalan independence leader Carles Puigdemont.

I know that there are two sides to the controversy surrounding Assange, and they are about as opposite as you can get. One side views him as a traitor and leaker of the worst kind. The other side views him as a hero of the highest order, revealing shady and underhanded government dealings that governments don't want revealed. There doesn't seem to be much of a middle ground between the two viewpoints.

Facebook Data Slurping, Part Deux

As if Cambridge Analytica wasn't bad enough, another "poison" Facebook app has been suspended for ... you guessed it ... collecting MASSIVE amounts of data on Facebook users. Alexandr Kogan, a professor at Cambridge, was listed as a collaborator on the app, called myPersonality, until the middle of 2014. If the professor's name sounds familiar to you, it should. Kogan was at the center of the recently exposed Cambridge Analytica flap.

Over 6,000,000 users filled out answers to intimate questionnaires, and over half of them -- over 3,100,000 -- agreed to share their responses with the "project." The scores to the questionnaires are supposed to assess the respondent's conscientiousness, agreeableness and neuroticism. In the end, the data was widely available to over 280 "collaborators" from nearly 150 institutions.

The data was supposed to be "anonymized" by stripping out the names of the users. However, New Scientist discovered that the "anonymizing" was done so poorly that it wouldn't take much work to uncover which data belonged to which user.

Users would answer these "psychological" quizzes, full of very intimate information. The risk for the misuse of the data was ripe, right from the start. The more detailed the information that is included, the more difficult it becomes to truly "anonymize" that data.

The data, after being "anonymized," was supposed to be posted to the web to be accessed by collaborators to the project. But the data was widely available to just about anyone who knew of its existence and who wanted to access it. If you didn't have a permanent academic contact, the "key" to the data could be easily found in a single web search, stored on GitHub. That username and password has been publicly available on GitHub for the past four years. So, anyone who wanted access could have found the key and downloaded the data in less than a minute. That wide open "back door" to the data has been nailed shut, and the publicly available username and password no longer grant access to the data. The app is also no longer available, but isn't that a bit like shutting the barn door after the horses have all run off?

This is extremely bad news for Facebook, who is still reeling from the Cambridge Analytica fiasco. Most recently, Facebook has been trying to save face by (finally) placing an emphasis on user data and privacy. At least in the U.S., Facebook has been buying prime time network TV ads professing their new "love" of user data and privacy.

Facebook has also suspended around 200 apps that, as part of its internal investigations, have been found to have access to large amounts of user data. For many users, it may be too little, too late. Plus, despite Facebook's claims that this is a new revelation, project coordinators report having meetings with Facebook over the myPersonality app as early as 2011.

Google Openly Aligns With U.S. Defense; Employees Protest, Quit; Drops "Do No Evil" From Code Of Conduct

First, Google signed on to help develop AI (artificial intelligence) for the U.S. Department of Defense. Called Project Maven, the project develops AI that helps study imagery from drones, with the hopes to improve the accuracy of drone strikes on the battlefield. Google used the "excuse" that Amazon and Microsoft are also partners on the project. Google claims that it's partnership with the Pentagon is "specifically scoped to be for non-offensive purposes" and only uses "open-source object recognition software available to any Google Cloud customer." Yeah, right. "Non-offensive purposes" for the U.S. military? Virtually everything developed by or for the U.S. military is for offensive purposes or can be weaponized.

Second, this partnership with the U.S. DoD prompted a open, written letter of protest to Google CEO Sundar Pichai. Between 3,000 and 4,000 Google employees signed the petition (PDF), the number varying by source. More than a dozen Google employees have resigned due to ethical concerns as a result of Google's new, cozy ties with the U.S. DoD. Some of the employees who resigned told Gizmodo in an interview that "executives have become less transparent with their workforce about controversial business decisions and seem less interested in listening to workers' objections than they once did."

Third, and finally, Google has removed the phrase "Do No Evil" from its Code of Conduct. To just about everyone else, it seems about time for the phrase to be removed, since Google has deliberately detoured around this "code" for several years now, in its never ending quest for profits based on your private data and browsing habits. According to the article on The Daily Sheeple, the phrase was present in the Code of Conduct when you look at the Wayback Machine archive from April 21, 2018. However, on the Wayback Machine archive from May 4, 2018, the phrase is absent from Google's Code of Conduct. Google's parent company, Alphabet, dropped the phrase in 2015 shortly after taking over as Google's holding company, replacing the famous phrase with "do the right thing." Just doesn't sound quite as convincing, huh?

Firefox 63 To Block Cryptomining Exploits, Improves Tracking Protection

As reported by the Bleeping Computer website, the upcoming Firefox 63 release in mid-October will offer users increased protection from tracking, as well as block cryptomining exploits.

Available in Firefox's private browsing mode for a few years now, the increased tracking protection has been available in regular browsing mode since Firefox 57, released in November 2017. The tracking protection, though, comes disabled by default, and must be purposefully enabled by going to Firefox's settings > Privacy > Tracking section.

The trouble is, few know it's available (if they even know about it at all), due to it being buried so deeply in Firefox's settings. But starting with Firefox 63, users will be able to access tracking protection from multiple areas of Firefox's user interface. Two areas will be from the address bar's drop down security panel that displays HTTPS information, and another will be from the "hamburger" menu in the upper right corner of the Firefox window.

Tracking Protection has always blocked ads, analytics, and social sharing scripts. Starting with Firefox 63, tracking protection will add the ability to block user fingerprinting scripts, as well as in-browser cryptomining scripts (also known as cryptojacking). All of these abilities will be accessible from an enhanced and redesigned tracking protection panel, in Firefox's settings > Privacy > Tracking section.

Furthermore, Firefox 63 will offer an easier way to clear cookies for individual websites. Users will be able to clear cookies and site data for any particular website by clicking on the info/lock icon in the address bar, and then selecting "Clear Cookies & Site Data" button that appears at the bottom of the window that displays SSL certificate information.