Firefox's ad tech, CrowdStrike shenanigans, SecureBoot broken: Linux & Open Source News
Go to https://ground.news/TLE to to know where your news is coming from. Subscribe through my link for 40% off unlimited access this month.
Grab a brand new laptop or desktop running Linux: https://www.tuxedocomputers.com/en#
👏 SUPPORT THE CHANNEL:
Get access to:
– a Daily Linux News show
– a weekly patroncast for more personal thoughts
– polls on the next topics I cover,
– your name in the credits
YouTube: https://www.youtube.com/@TheLinuxEXP/join
Patreon: https://www.patreon.com/thelinuxexperiment
Or, you can donate whatever you want:
https://paypal.me/thelinuxexp
Liberapay: https://liberapay.com/TheLinuxExperiment/
👕 GET TLE MERCH
Support the channel AND get cool new gear: https://the-linux-experiment.creator-spring.com/
🎙️ LINUX AND OPEN SOURCE NEWS PODCAST:
Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! https://podcast.thelinuxexp.com
🏆 FOLLOW ME ELSEWHERE:
Website: https://thelinuxexp.com
Mastodon: https://mastodon.social/web/@thelinuxEXP
Pixelfed: https://pixelfed.social/TLENick
PeerTube: https://tilvids.com/c/thelinuxexperiment_channel/videos
Discord: https://discord.gg/mdnHftjkja
Timecodes:
0:00 Intro
0:41 Sponsor: Ground News
02:21 Firefox data collection issue
05:38 The CrowdStrike hilarity never stops
08:49 SecureBoot broken on a lot of PCs
10:35 Cosmic pushed to early August
12:34 Mint 22 was released
14:53 AI tool caught using youtube videos and pirated movies
17:40 Sponsor: Tuxedo Computers
18:43 Support the channel
#linuxnews #technews #linux #opensource
Links:
Firefox data collection issue
https://news.itsfoss.com/firefox-ppa-ad/
https://blog.privacyguides.org/2024/07/14/mozilla-disappoints-us-yet-again-2/?ref=news.itsfoss.com
The Crowdstrike hilarity never stops
https://www.techradar.com/pro/security/microsoft-blames-eu-rules-for-its-inability-to-lock-down-windows-following-crowdstrike-incident
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-resiliency-best-practices-and-the-path-forward/ba-p/4201550
CrowdStrike offers a $10 apology gift card to say sorry for outage
SecureBoot broken on hundreds of models from popular PC vendors
https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers
Cosmic pushed to early August
Mint 22 was released
https://www.linuxmint.com/rel_wilma_whatsnew.php
AI tool caught using youtube videos and pirated movies
https://finance.yahoo.com/news/ai-video-startup-runway-reportedly-trained-on-thousands-of-youtube-videos-without-permission-182314160.html
by The Linux Experiment
linux download
Go to https://ground.news/TLE to to know where your news is coming from. Subscribe through my link for 40% off unlimited access this month.
Mozilla's privacy-preserving ad measurement does not give user data to third parties and is a viable alternative to the privacy-invasive ad services we are used to. This kind of stuff needs to be turned on by default to gain adoption because most people in this community are super cynical and reactionary (which is why this non-issue is a controversy in the first place).
You can't just advocate for privacy without offering a viable alternative to privacy-invasive ad services. You've got to find a way to solve the problem, and that's exactly what Mozilla did. I'll be sticking with Firefox, thank you very much.
That's why I jumped to LibreWolf and also thinking to remove Brave from both my computers and Smartphone.
Secure boot key checker command for anyone who doesn't wanna leave YT:
For Linux (If "DO NOT TRUST" or "DO NOT SHIP" appear in the output, then you have one of the testing keys):
efi-readvar -v PK
For Windows Powershell (run as administrator, if it returns true then you have a testing key)
[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI PK).bytes) -match "DO NOT TRUST|DO NOT SHIP"
Crowdstrike been watching too much Southpark… "We're sorrryy" 😅
Using Librewolf on the desktop, Mull browser on the phone and am awaiting Ladybird.
You were the chosen one! Mozilla.
Opt-in over opt-out, always.
just out of curiosity, can you name an OS in which a crash of a kernel driver/module will not lead to a panic or is it an exclusive Windows feature? 😉
Just checked my Firefox 128.0.3 (from Arch btw. 🙂) has not only "Allow websites to perform privacy-preserving ad measurement" not enabled but also completely grayed out.
Don't know if it is a build from/for arch thing, FF itself, or one of my privacy add-ons already reacted, though.
If it only was when you update firefox and when you open it , it asked you wether or not you wanted the tracking stuff and the box was checked by default that would be one thing
but silently adding the tracking ,not even asking for confirmation by the user , and just enabling it without the user knowing that it even exists… thats insane
I'm using Firefox since V1. I'm done.
I am using Arch on several computers and I just checked Firefox settings. I have v128.0.3 but the ad setting was NOT enabled by default.
Companies should at least include an "opt-in / opt-out / ask me" setting if they don't respect users enough to default contensious changes to opt-out.
Another video on VanillaOS Orchid would be interesting now.
Having kernel access means you can break the OS. Otherwise you would need a lower further ring. Microsoft is spinning, but they are also right.
Firefox should have a ribbon somewhere after an update to quickly access the changelog for new and remived features. Then it would be my fault as a user for nit knowing about these things
Firefox already has a shrinking community that is based around user privacy and now they do a change like this.
I guess Mozilla is just digging their hole deeper by the day now.
Merci Nick, j'étais également passé à côté, et grâce à toi je viens de passer les logs des performances publicitaires à off.
Wow Firefox pulling a Google, breaching GDPR and then giving your data to another company which sells your data….
So disappointed in Mozilla. We haven been supporting the browser for years now just for them to make these anti-consumer implementations.
On Linux Mint: I happily use Mint and get on with my life. I'm wondering how much benefit I'd see from upgrading from 21.3; my equipment is old, so the version of the kernel doesn't matter much, and anyway there's Edge or LMDE. It sounds as though a lot of the work is about Mint starting to get out from under its reliance on Gnome and Ubuntu; which is splendid for the long term, but maybe not offering much for users.
Two things I want to see with the cosmic desktop: 1. The ability to easily change the login background. It's such a pain in GDM. 2. The timer for entering the wrong password needs to be reduced. Currently, if you make a mistake entering your password, it takes a solid 3-5 seconds to tell you it's incorrect.
Great video as always Nick!
At some point there needs to be actual open source competition in browsing that isn't tied to a big corporation like Mozilla; something more like a community funded browser engine that can be used to make browsers support most of the things that modern browsers can do (perhaps with a focus on the IndieWeb because Web3 has a slew of issues now browser could fix), kinda similar to the Linux kernel (and NOT Chromium!)
For existing Linux 21 users : You can upgrade by simply going to terminal and "sudo apt install mintupgrade" then run sudo minitupgrade
I agree that Mozilla not communicating it was bad and that is a problem, but they are doing a good thing and the opt-out is the only reasonable way (otherwise they would shoot themselves in the foot, and it would be no sense to develop it from the start). Still, this should be announced months in advance, discussed, explained, calmed down, instead creating useless s%$#-storm that serves them badly.
I can't fathom these big companies using AI that steals pie-rated movies. What a time it is to live in
uhm, recover better? no OS can recover "better" from that. It would be the same for Mac and Linux.
The Linux Mint 22 auto update is not out yet, it will be out sometime in August
Ruling that Microsoft needs to give kernel level access to third party developers means its inheirently insecure. It's a kernel. It talks directly to the hardware. There is no way to secure that. We are lucky the update didn't frag hardware tbf. Giving third parties direct access to that means Microsoft cannot stop them from pushing crap code. It was a legally required back door. The EU is forced to create crappy laws to force companies into doing things it should have done. Forcing Apple to adopt USB-C on the iPhone is a perfect example. iPhone should have had USB-C for 4 generations at least already. The EU had to force them to do it. Now in 15 years when USB-C is outdated and crap compared to the latest technology we will still have this horrible law mandating USB-C be on all devices. The EU and Apple are equally to blame for that. Microsoft should have written a secure API that allowed software needing to run at that level to operate securely without the kind of access that would allow the system to be fragged.
Regarding the Privacy Preserving Attribution, they did actually communicate it… via a blog post.
That's my issue with it. I don't mind the tech itself, it's fine… But not informing the users in the browser when their user base is so privacy minded is just dumb. Like come on, you should know your user base.
If you have Telemetry disabled already (you should) Website Advertising Preferences is also already disabled and cant be turned on (not that you should want to be) thats why its greyed out
i switched to brave
Are you telling me Mozilla a multi-million dollar organization funded by Google is shoving ad features? I'm shocked!
That does look a lot like Linus Shill Tips!
I love the little “that didn’t make sense” at the end of the Segway 😹 literally saved it.
Libre Wolf Browser is so fast. I used it for the first time and it was amazing for me on Linux Mint 22.
The LTT thing spit out a mix of linus and the host of techquickie (another ltt channel)
One of the problems with open source is that funding models are generally terrible. Most people just take for granted that the software is for free and never donate any financial support to open source projects. I'm surprised that organizations like Mozilla haven't been forced to do worse than these annoyances (I know some have and effectively made their software closed). We really need people to be more willing to help with funding, but to do that we need a much better way of funding them. Something like Patreon where you pick the projects you want to support, the billing cycle (monthly, quarterly, semi-annually, annually, on-demand), and how much per project (a total and a percentage, or amount per project). Note: I don't want perks that are closed source features, and personally I don't really care about perks, but things like zoom meetings with the developers, or a say in new features would be enticing to a lot of users.
Happy waterfox user
I really hope Gnome Web can pick up the pace and implement Manifest V2 in full. Extensions (most notably, request filtering like uBlock Origin, DecentralEyez Simpler, ClearURLs) is the only thing really missing from making it a daily usable browser.
I still prefer Firefox and Brave over scumbag chrome.
Maybe they will have an AI gimmick you have to have a special AI webcam before you are authorized to use a browser, heh. BIG SISTER/BROTHER is watching….
Hope crowdstruke gets sued out of existence. And micro-sht needs even more regulations.
About Cosmic, consider reminded to “not despise these small beginnings.” 😊