I hate Temu, but this (apparently contracted?) Grizzly Reports report isn’t really all that trust inspiring, tbh.

Our experts identified a stack of software functions that are completely inappropriate to and dangerous

The stack difference to the Amazon app they list:

• Package compile
• Requesting system logs
• Some code obfuscation
• Mac address collection
• Install permission
• Wake lock

Meh. That’s just a sliver worse than your regular, off the shelves proprietary corporate app. I don’t see how they can pull off the promise of being a truly dynamic Android app from that report.

I do believe they hover up data, but they aren’t otherworldly super hackers. They will probably just ask for the data and the users will hand it over in a second. For most people, it really is that simple.

So what’s preventing those people from using bookmarks as “check this out later” tool?

Bookmarking a page does not give you control over its content. So if you bookmark something and the host deletes it, you are screwed.

If you instead clip the content or save it as a PDF, you retain access regardless of the original host.

For example, I save every good article I read as a PDF, which I cloud sync to a folder. I have a second folder for stuff I don’t want to keep open as a tab but still want to read later. There are probably far better services out there, but I like the lack of technical dependencies and lock-in.

Yeah, just create an entirely new, incompatible extension engine from scratch for this one feature specifically!

This is absolutely not how any of this works.

While Mozilla implements the WebExtensions API based on the W3C standard, they are not bound to a 100% verbatim implementation. Like other browser vendors, Mozilla has the flexibility to extend or modify the API as needed, as long as they maintain compatibility with the core standard. Adding new APIs or features to the extension system does not require creating an entirely incompatible engine. Browser vendors often add non-standard extensions to APIs, which can later be proposed for inclusion in the next version of the standard if they prove useful. So, Mozilla can certainly add new APIs to their extension system without making it incompatible with the existing WebExtensions ecosystem. This is not difficult to understand.

Mozilla isn’t in charge of the extension API, it uses Chromium’s WebExtensions API

No. They are basing their implementation on that of Chrome, but nobody is forcing Mozilla to do this … So yes, Mozilla is responsible for all the APIs they integrate. Of course.

Like yea, it’a technically a levie, not a tax. This whole “it’s different because it does not go through the budget” is such a learned talking point. We have it in Germany as well with our state funded public media houses. You say something about their bias, count to five and suddenly someone appears and tells you that same story of fictional independence through funding through levie.

deleted by creator

The extension APl doesn’t have enough access for this.

If that’s the case, then it’s pretty great that Mozilla is also the exact company in charge of the extension API.

I have only one extension, and I use it longer than I use Firefox. I also trust the developer a lot more than I trust Mozilla.

Again, you’re confused.

I think your credibility would be greater if you weren’t so bad at trying to gaslight the other participants. 😄

irony is a difficult concept

What a clownish thing to say.

That doesn’t sound convincing at all. There’s just no irony in addressing privacy on YouTube.

There’s no irony in talking about press freedom in the unfree press nor is there anything ironic about a serf lamenting the socage in their Middle Ages village squares.

People converse where people are. That is trivial.

If you think that putting content on YT and pushing more people to the platform hence giving them more data while talking about protecting your data from corporations is not ironic then you simply don’t know what irony is.

It’s either that… or - and that’s possible as well - you might be wrong. There’s entire meme traditions surrounding the ridiculousness of your remark.

https://knowyourmeme.com/memes/we-should-improve-society-somewhat

Yes, for sure, by simply connecting to the internet using my local provider and public backbone infrastructure (I’m not in US) I’m supporting corporations. Next you will tell me I’m supporting Saudi Arabia by turning light on in my bathroom.

You are getting dangerously close to understanding my reply. It was deliberately ridiculous, and is equivalent to the ridiculousness of your initial observation. Yes, there is and will be discourse around privacy on YouTube. No, it is not ironic.

I get it, I just find it ironic that people post privacy related content on a platform run by the worst company in the world privacy wise.

This website you are commenting on has been delivered to you through billions worth of corporate infrastructure. Often these companies have long track records of privacy violations and corruption, and you reproduce their power by your participation. Yet you still seem to be using the Internet.

Open source can make it easier to audit software, but we’re long past the point where we can’t audit unfree and/or closed source software. Open source is great and important, but the debate around open source regarding trust and security is often a sideshow.

If 1. all participating devices are sufficiently secure and will be sufficiently secure in the future, 2. no participating device backs up your conversations to the cloud or only does so in a sufficiently encrypted manner, and 3. no participating user leaks your information in any other way, then yes, the general expectation is that your WhatsApp chats with people are encrypted. Keep in mind that defaults, nudges, and people work against you in this long list of requirements.

Oh, and… more importantly… metadata. But that’s a separate issue. WhatsApp’s encryption claim could be entirely true, but still work against user privacy, simply because those conditions are almost never true …and also, again, meta data.

Users conscientious enough to consistently meet all of these requirements could simply use a platform deemed less hostile to user privacy, such as Matrix or Signal.