Ok wtf. So you're telling me that #Google #Chrome's #V8 #JavaScript engine was more #insecure than #Mozilla's #Spidermonkey after all these years? Because I'm pretty sure SM has been already doing plenty of the things mentioned in this article (I've touched on SM code plenty of times, so much more than I wanted because I worked on separating Spidermonkey from the monolithic #libxul, it's still hurting my brain...), even before the #Quantum rewrite. So even #PaleMoon which has been commonly trashed for being "old and insecure" is apparently more secure than Chrome, but most crucially it also disproves the long-standing blind belief by security freaks out there that Chrome is "more secure" than #Firefox when it's the other way around on many fronts...

thehackernews.com/2024/04/goog…

#web #webbrowser #browser #browsers #openweb

Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks

Google tackles Chrome security with new V8 Sandbox. This aims to stop memory issues from spreading, protecting your browser experience.

^{The Hacker News}

As Snikket is still not available on the #Google Play Store, we've published a longer blog post about the situation, how to work around it using #FDroid, and the long path of stupid Google review responses that led us here.

snikket.org/blog/snikket-googl…

Snikket Android app temporarily unavailable in Google Play store

Google have removed the app, citing lack of a privacy policy. This post provides details and a workaround.

^snikket.org

Just a heads-up that #Snikket #Android has been pulled by #Google from the store. We'll work on restoring it once we figure out their (as usual) nonsensical complaints. Apologies to everyone affected. Please look at #FDroid and free yourself.

Today's excuse for delisting yet another #XMPP app?

"Your app is uploading users' Image information without posting a privacy policy link or text within the Play Distributed App."

Funny. What's this then?? 👀

🚨 PRIVACY WIN 🚨

#Google must destroy $5 billion worth of user data illegally collected in Incognito Mode 💪

Because #privacy matters.

Read more on the court ruling:
👉 tuta.com/blog/google-incognito…

⚡ Watch out: #Microsoft joins #Google & #Facebook with its focus on ads first. ⚡

When creating a test account, #Outlook informed us of 813 data sharing partners! 🫢

Plus, the "new" Outlook app is quietly storing your data in the cloud, including your passwords.
👉 tuta.com/blog/outlook-shares-p…

Can someone please explain to me as if I were a child how this answer makes sense.

2+2x2-2÷2=5 is what every calculator app on my Google Pixel 7 phone reads.

#Math #Pixel #Google

It's 2024 and #Google is now requiring bulk #email senders to use DMARC, SPF, & DKIM when emailing #Gmail users. 👍

👉 tuta.com/blog/google-introduci…

This is a great step, BUT why did they allow bulk senders to send #spam emails without proper #security standards until now? 🤔

Ready to be freaked out? 😲

Here's everything #Google knows about you: tuta.com/blog/what-does-google…

Good news: We also explain how to stop big G from tracking you. Go #private! 💪😎

“I’m a Google Cloud software engineer, and I refuse to build technology that powers genocide [and] apartheid”

dailydot.com/debug/google-prot…

Watch the others in the room. The assholes who jeer and manhandle the protestors. These are your peers in the tech industry. These are the “acceptable folks” in tech. Fuck these people.

Look at their faces. They know exactly what they’re complict in. Look at their smug smiles. Dickheads each one.

#tech #google #ai #ProjectNimbus #israel #genocide #palestine

Google Protest At Tech Conference Over Israel Contracts

Google engineers protested Google at an Israel tech conference in New York before being thrown out by security.

^{Marlon Ettinger (The Daily Dot)}

Anyone else having trouble updating the @IzzyOnDroid #IzzyOnDroid repository ?

#fdroid #droidify #android #appstore #google #grapheneos #repository

Brave Search is the only free private search engine that can challenge Google when it comes to search results.Brave has its own index that doesn't depend on Google or Microsoft Bing.

#bravesearch #google

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 7 of 7:
@prav App - Standards compliant #SMS #OTP based #authentication

wiki.xmpp.org/web/Gsoc2024/Pra…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google
#interoperability #standards #android #java

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 6 of 7:
@dino - Rich message support

wiki.xmpp.org/web/Gsoc2024/Din…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google
#interoperability #standards #vala

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 5 of 7:
@dino - Inline link preview

wiki.xmpp.org/web/Gsoc2024/Din…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards #vala

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 4 of 7:
@Monal - #SiriKit support

wiki.xmpp.org/web/Gsoc2024/Mon…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards #iOS
#iPhone #Apple

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 3 of 7:
@Monal - MDM support

wiki.xmpp.org/web/Gsoc2024/Mon…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards #iOS
#iPhone #Apple

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 2 of 7:
@Monal - Media Gallery

wiki.xmpp.org/web/Gsoc2024/Mon…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards #iOS #iPhone #Apple

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Project idea 1 of 7:
@Monal - Modern Onboarding

wiki.xmpp.org/web/Gsoc2024/Mon…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards #iOS #iPhone #Apple

#XSF Announcement

We are a Google Summer of Code 2024 umbrella organization!

Find our participating projects here: wiki.xmpp.org/web/Google_Summe…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards

Yep, cool feature! Try it out when you get it! #accessibility #andorid #ios #google androiddev.social/@MishaalRahm…

Mishaal Rahman

2024-02-26 08:02:43

4) Last October, Google launched Lens in Maps (formerly Search with Live View). This feature uses AI and augmented reality to help you find information about nearby stores. Now, this feature has been upgraded with screen reader support, so you can point your phone’s camera at your surroundings and have TalkBack read the place’s information out loud.

(3/7)

Today’s find: An amazing listing of existing search engines: those using #Google & Bing’s indexes & many more.

“The 3 dominant English search engines with their own indexes are Google, Bing, & Yandex (GBY). Many alternatives to GBY exist, but almost none of them have their own results; instead, they just source their results from GBY.

“With that in mind, I decided to test & catalog all the different indexing search engines I could find.”

seirdy.one/posts/2021/03/10/se…

h/t 404media.co/this-guy-is-buildi…

This Guy Has Built an Open Source Search Engine as an Alternative to Google in His Spare Time

"I found it very weird that there essentially is no way to browse the web in an open manner. So that's what I am trying to build," the founder of Stract said.

^{Jason Koebler (404 Media)}

Zoom Layoffs Target DEI Amid a Broader Pullback on Diversity Initiatives 🙁

"Zoom is following in the footsteps of Google, Meta, and other corporate giants that have used layoffs to cut back on diversity, equity, and inclusion programs."

inc.com/brit-morse/zoom-layoff…

#zoom #google #meta #diversity #DEI

There are TLS servers that don't send the required close_notify alert message in certain conditions. #Google web servers do this if they think the that recipient isn't interested about the message body and no connection keep alive is set. Examples of such connections would be requests that end up with 0 byte message body while:
• HTTP/1.0 without "Connection: keep-alive" header or
• HTTP/1.1 with "Connection: close" header

This can cause some complications since #OpenSSL 3 defaults to erroring out if the close_notify is missing.

SSL_OP_IGNORE_UNEXPECTED_EOF option was added to enable talking to these non-compliant servers. Enabling this option removes truncation attack protection - so this option should really only be used when absolutely necessary. However, unless if you control the servers being talked to, you probably need to enable this option for now.

So why does Google terminate connections without close_notify? Likely it is done to save some resources when tearing down TLS connections. If you have billions of connections going on all the time, even some small savings add up quickly.

github.com/php/php-src/issues/…

OpenSSL 3: Support of SSL_OP_IGNORE_UNEXPECTED_EOF context option · Issue #8369 · php/php-src

Description OpenSSL became more strict about unexpected EOF (not sending close notify) in 1.1.1e but reverted that change in 1.1.1f due to the huge amount of non-compliant servers. With the new maj...

^GitHub

Hell, yes. This is nothing but good news.

I've been using Unified Push + Element + Fedilab via Nextcloud and NextPush and it's been remarkably simple and reliable while keeping all that sweet, sweet metadata out of the Goog's hungry clutches. Thank you!

Can't wait for Yunohost to support sliding sync so I can shift to ElementX.

#UnifiedPush #Privacy #FOSS #Element #ElementX #Yunohost #Fedilab #Nextcloud #NextPush #Google #Android

#Google is turning #GMail from an Email provider into a website.
No more access via standard email protocols such as #IMAP and #POP

The final stage of #enshittification . Locking the users in.

I wonder how they want to get rid of SMTP as stated in the support posting.
I guess this means outgoing SMTP to forward mail to a real email server.

I guess without relaying I won't ever receive any notifications Google services send to me again as I don't use the Gmail website.
I host my own Email server for many years, thank you.

Timeline for transition

Summer of 2024:

If you (or your users) try to connect to a less secure app for the first time, you will not be able to. This restriction includes third-party apps that still use basic authentication, such as CalDAV, CardDAV, IMAP, SMTP, and POP, to access Gmail, Google Calendar, and Contacts. If you’re not trying to connect for the first time, you will be able to continue using the apps until they’re turned off.
In the Google Admin console, you will not be able to access the turn on and off setting for less secure apps.
Users will not be able to turn IMAP on or off in their Gmail settings.

support.google.com/a/answer/14…

Who would have thought that incognito does not mean incognito after all?

#Google admits incognito mode in #Chrome isn’t so incognito after all
phandroid.com/2024/01/17/googl…

#privacy

Google admits incognito mode in Chrome isn’t so incognito after all

Following a class-action lawsuit, Google Chrome incognito mode now admits that some data is still being collected.

^{Tyler Lee (Phandroid)}

Oof. Wie Heise berichtet, löscht #Google aus dem Playstore installierte GEKAUFTE Apps von Smartphones – zum Beispiel wenn diese aus dem Playstore entfernt wurden. Auch andere Apps wie z.B. den Google Kalender, wenn eine neuere Version eine neuere #Android Version benötigt als das eigene Gerät installiert hat. Natürlich nur zu Eurer Sicherheit…

Da bin ich echt froh, dass meine Geräte "entgoogelt" sind.

heise.de/news/Play-Store-Googl…

#XSF Announcement

We'll apply to Google Summer of Code 2024 as umbrella organization!

If you are interested please reach out via gsoc@muc.xmpp.org or mail.jabber.org/postorius/list…

#XMPP #jabber #chat #GSoC2024 #GSOC #Google #interoperability #standards

But, hey, I might be wrong and the #W3C now fully believes in its new ethical web principles. In which case, they will no doubt take action and expel members that only exist because their business model relies on violating them.

#Google is fundamentally incompatible with the W3C’s ethical web principles and should be expelled from the W3C as it relies on violating section 2.5 (The web must…respect people’s privacy).

Also, §2.2 (The web should not cause harm to society).

Ditto #Facebook, etc.

The American Dialect Society has announced that its 2023 Word of the Year is "Entshittification". 💩

The decline in quality of service and content from #google and #amazon is plain to see, but this doesn't need to be the future of the internet. 🤖

You can help make the web a better place by choosing free and open source alternatives to #BigTech! ✊
👉 tuta.com/open-source

#Google has a revenue of $162bln and 1.8bln regular users. If we divide these numbers, the value of the services people use giving away their #privacy is $7.5/mo.

But you can have all these services for free (or very small monthly fees) in a privacy-respecting environment: #encrypted email from @protonmail or @Tutanota, online office suite from @cryptpad or @ViOffice, cloud storage Proton or ViOffice, #openstreetmap for maps, #duckduckgo, or @StartpageSearch for search. As simple as that! 😀

»Epic-Urteil – Googles Play Store ist ein illegales Appstore-Monopol:
Nach der Niederlage gegen Apple hat Epic Games nun einen Sieg errungen: Eine Jury sieht Googles wettbewerbswiedriges Verhalten als bewiesen an«

Sicherlich mMn ein guter Entscheid, obwohl #Epic wie #Google ein monopolistischen #Unternehmen ist. Klar ist deren Kerngeschäft ein klein diferent aber doch beide #Monopolist'en. Ich nutze zufrieden @fdroidorg für #OpenSource #Android Tools zu installieren.

💾 golem.de/news/epic-urteil-goog…