Seems like the only thing they redacted very diligently was the names of the perpetrators.

I wonder if they gave considered crowdsourcing this, having many people type in small chunks of the data by hand, doing their own character recognition? Get enough people in and enough overlap and the process would have some built-in error correction.

Amazon abuses employees, destroys the environment, attacks unions, kills local businesses, sells fake crap, spies on us, supports a violent fascist US regime that threatens to invade my country, and is causally responsible for that godawful stunt where Katy Perry spent 2 minutes in space then made us all stupider with the dumbest interview in the history of dumb interviews. Any one of these is a great reason not to shop with them.

Until recently the Canadian government was pushing Bill C-2:

Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance (EFF)

They have now tried to tone it down a bit in Bill C-12 but there are still serious concerns:

Joint statement: Bill C-12’s introduction solves none of Bill C-2’s problems (Amnesty International)

So Canada’s government is talks tough, but in actual legislation they seem oddly eager to appease the USA at the expense of Canadians.

I believe Canada is also introducing legislation to increase the amount of data on its citizens that it shares with the USA. In the current climate these moves seem crazy. But I guess only fascists and billionaires (and billionaire fascists) get to decide what happens.

There’s some IOC information here:

https://securelist.com/notepad-supply-chain-attack/118708/

And here:

https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/

the safe thing to do is uninstall, then download from the new (theoretically more secure) website and install the new (theoretically more secure) 8.9.1.

That won’t rescue your system if it is already compromised though. It will just prevent it from being newly compromised in this manner.

Stop encouraging it.

So does their CEO.

I’ve been using it for a while, and it feels almost indistinguishable from regular Firefox. Broken sites are not a common problem.

Windows 8 was awful. Windows 7 was better. But instead of using a nearly 20 year old version of Windows, we can use modern Linux.

I agree in principle. I know how to self-host, and I do self-host some things, but I can’t always afford the upfront investment (especially with today’s hardware costs) and I don’t always have time to keep up with the administration (because I’m a wage slave) so I end up renting some of it. I’m not the only one in this position.

I think there’s a place for rented tech services just as there’s a place for rented housing, but the problem in both cases is regulatory capture by landlords that mean we get stuck renting forever from exploiters. (And with tech there’s the surveillance too, so they’re the landlord that puts a secret camera in your bedroom.) So anyway, I’m trying to at least pick my tech landlords more carefully until I can afford a better solution, and as far as possible I try to make sure my stuff is encrypted before they see it.

I ended five subscriptions to US tech services over the weekend, and I’m working steadily down my list.

GrapheneOS is good and surprisingly simple to install.

Ah but now they’re going to be a robot company selling fewer and fewer robots instead.

The kakkiest of kakistocracies.

You really need a VPN to torrent safely, and the UK Government is in the process of restricting VPNs.

That’s not the point. This is a protest by the company running these sites against a system that’s not fit for its claimed purpose (age restriction of websites) but is very fit for surveillance.

Then we just need a hero to route all our traffic through the House of Lords.

I think we’re dealing with weasel lawyer words here. Meta can boast that messages are E2E encrypted between you and the recipient, but that implies nothing about key storage or security, or about other channels through which the app could send message data before it is encrypted. It may be E2EE between you and the recipient, and also sent in plaintext to Meta. Plus E2EE of messages implies nothing about message metadata.