Mozilla extends Firefox support on unsupported Windows versions to March 2025

Not too long ago, Mozilla announced it was going to extend its support for Windows 7, and was mulling over extending support for Windows 8.x as well, without providing any time frames or details. Well, we’ve got the details now.

According to the Firefox Release Calendar website, Firefox 115 ESR, the latest Firefox version with support for Windows 7, 8, and 8.1, will continue receiving updates until April 1, 2025. Firefox 115.21 ESR is expected on March 4, 2024, which means users with old Windows versions have at least seven more months of support from Firefox.

↫ Taras Buria at Neowin

The same extension to March 2025 for Firefox 115 ESR also covers macOS 10.12-10.14. The reasoning behind the extension is simple: there’s still enough users on these older operating system version for Mozilla to dedicate resources to it, despite how difficult backporting security fixes to 115 ESR has become. Firefox is pretty much the only mainstream browser still supporting Windows 7 and 8, and that’s definitely commendable.

Rust on illumos

With the recent Rust in Linux events in the last couple of days, it’s a good time to write up Rust in illumos. Both to spread the word a bit and also to set expectations for both sides (Rust and illumos/OpenIndiana devs) what is currently possible and what work would need to be invested to make things smooth. And also to let the Rust community know about what illumos people were talking about.

What most of the talk currently is about, are the technical details. But we must not leave the social aspects out of it. Software distributions are not made by lone walkers but by groups of people. Bringing in a new language means facilitating change. And that means there are more topics to discuss than just API design. We are talking about impacts on the whole software lifecycle.

↫ Till Wegmüller (Toasty)

I try to steer clear of all the Rust-related drama, mostly because it’s outside of my wheelhouse, but also because I don’t think anything I can highlight here will help anyone get anywhere or solve anything. In this particular case, there’s no drama, and it’s just a good ol’ discussion about what Rust as a programming language can contribute to the illumos community and code.

I can’t program so here my useful contributions end.

MNT unveils MNT Reform Next

Earlier this year, I reviewed the excellent and unique MNT Reform laptop, an (almost) fully open source, very hackable laptop. MNT has just unveiled the upcoming follow-up to the Reform, called the Reform Next.

Being highly performant, modular, and upgradeable, MNT Reform Next gives you more freedom than any other laptop. Swap modules, print your own case, customize your keyboard. Since we are committed to open hardware, all sources are public.

While Classic MNT Reform is a portable device, we felt like a sleeker, more lightweight design would increase portability and make for a more flexible laptop.

↫ MNT website

The focus seems to have been on both performance and size, and I think the latter is especially important for a lot of people who might not have been too enamored with the original Reform’s chunky, brutalist design. The device has been made thinner by splitting the motherboard up into several connected, separate boards, that also happen to improve the repairability and upgradeability of the device. The battery pack has been redesigned for a smaller physical size, too, and the trackball option is no longer available – it’s trackpad-only.

The Reform Next is compatible with MNT’s latest processor module, the RK3588, and as such, packs a bigger punch. This SoC has four ARM Cortex-A76 cores up to 2.4 Ghz, and four power-efficient ARM Cortex-A55 cores up to 1.5 Ghz. This SoC is also available as an upgrade for the MNT Reform and the MNT Pocket Reform, and ships with either 16 or 32 GB of RAM and an ARM Mali G610 MP4 GPU.

Of course, the Reform Next will be as open as humanly possible, both software as well as hardware-wise, and it’s looking like a worthy successor to the MNT Reform. I’m incredibly delighted that MNT seems to have found a niche that works for them, and enabling them to keep developing and releasing hardware that goes against every trend in the industry, giving us entirely unique devices nobody else is making.

Make your own read-only device with NetBSD

For certain use cases, it’s advisable to set up a read-only root file system, which ensures better reliability in case of system issues. Think of scenarios like a router (critical for network access) or a caching reverse-proxy, such as the one described in my series “Make your own CDN“.

While FreeBSD natively supports this configuration and some Linux distributions offer custom solutions (e.g., Alpine Linux), NetBSD stands out as an excellent choice for such devices. It supports nearly all embedded devices, is lightweight, and its stability minimizes the need for frequent updates.

↫ Stefano Marinelli

Exactly what it says on the tin. Friend of the website (a new term I just made up and will use from here on out for some people) Stefano Marinelli, fresh from his series about making your own CDN using the various BSDs, explains how to set up a NetBSD system with a read-only root filesystem for the special use cases where this makes sense.

AMD deprioritizing flagship gaming GPUs

I had a chance to speak to Jack Huynh, AMD’s senior vice president and general manager of the Computing and Graphics Business Group, during IFA 2024 in a question and answer session. Due to speculation that AMD won’t launch flagship GPUs for its next-gen lineup, I pressed Huynh for information regarding the company’s plans for the high-end GPU market with the RDNA 4-powered Radeon RX 8000-series. His comments sketch out a plan focused specifically on gaining market share in the GPU market above all else, and this strategy deprioritizes chasing Nvidia’s highest-end gaming cards — at least for now.

↫ Paul Alcorn at Tom’s Hardware

Reading through the actual comments, it seems that AMD is not going to chase the very, extreme high-end that NVIDIA serves, like the 4090 level of GPUs. Honestly, I’m completely okay with that – those high-end GPUs are insanely expensive, and unlike what YouTube and tech websites might suggest, nobody buys these GPUs. Consistently, for more than a decade now, it’s the xx60-xx70 levels of cards that dominate the market, and it’s smart of AMD (and Intel) to focus on that segment if you want to sell as many GPUs as possible.

The very top of the GPU market just doesn’t make a lot price/performance sense. You pay considerably more for a 4090 compared to a 4080, but the price increase does not correspond to a similar increase in performance. It simply makes a lot more sense to save that money and spend it elsewhere, such as on a better CPU, more RAM, more storage, or a new display. I’d rather AMD not waste time and energy on making these high-end GPUs nobody buys, and instead focus on improving the GPUs people actually buy.

And of course, AMD just hasn’t been able to match NVIDIA at the top end, and that’s probably not going to change any time soon. Releasing a high-end, expensive GPU, only to be trounced by your one competitor every single time is not a good look, so why even try?

Redox 0.9.0 released

It’s been two years, but we finally have a proper new Redox release: the Redox team released version 0.9.0 today. Since we’ve been covering all the monthly progress reports from this Rust-based operating system for a long time now, we’ve already covered most of the improvements in this new release, so if you’ve been following along there shouldn’t be any major surprises in here, but let’s do a quick summary anyway just so we’re all up to speed.

I think the primary thing anyone moving from the previous release to the new one will be massive performance and stability improvements, as well as the arrival of the first few applications from System76’s new COSMIC Desktop. Redox is led by Jeremy Soller, a System76 engineer, and since COSMIC uses Rust as well, it only makes sense for the two projects to start benefiting from each other’s progress. Porting Linux and BSD programs has also become a lot easier, which is also evidenced by a whole slew of new ports from those operating systems.

Redox works in both virtual machines and on real hardware, but the former is definitely advised over the latter. In the latest monthly progress report, which was published only a few days ago, it’s mentioned that Redox performance in virtual machines has improved greatly. The team discovered that reading the system time was a huge bottleneck in the context switching code, which affects virtual machines particularly hard because it needs to be read from outside oft he VM. Redox now reads the TSC using KVM’s paravirtualized system time API to remove this bottleneck.

Running in a VM, Redox is now becoming slightly faster than Linux at certain synthetic benchmarks, for example the same-core context switch latency when using POSIX pipes (tested with mitigations=off). More exciting optimizations are coming, both to reduce context switch overhead further towards the hardware limit, and to reduce unnecessary context switches overall.

↫ Ribbon and Ron Williams

As time moves on and both Redox and COSMIC improve, my excitement for this operating system grows along with it. It seems the people working on both projects have their priorities quite straight, and while I’m obviously not going to make any idiotic grand statements about how Redox will replace anything, I wouldn’t be surprised to see it become a fairly solid option for those of us willing to deal with the issues that come with running something that isn’t Windows, Linux/BSD, or macOS.

AppSumo: this week’s sponsor

AppSumo is a marketplace where software developers and other entrepreneurs can launch their products, giving special offers to early adopters. Many AppSumo deals offer lifetime licenses, so you can throw in your support for an up-and-coming product and be rewarded with a deal-for-life that will save you up to 95% compared to paying monthly. If you’re a developer, AppSumo is a great way to get attention for your launch, and quickly find a cohort of savvy paying customers.

AppSumo deals are all limited-time offers, but this week they’re doing their “Last Call” event, where crowd favorite deals are brought back for a limited time (but only for members paying for the Plus tier).

Linux’s bedtime routine

How does Linux move from an awake machine to a hibernating one? How does it then manage to restore all state? These questions led me to read way too much C in trying to figure out how this particular hardware/software boundary is navigated.

↫ Jacob Adams

So this is a lot deeper of a dive than I expected, and it blows my mind just how complex sleep, hibernating, and waking a computer really is. Instinctively you know this, but seeing it spelled out like this really drives that point home – and this only covers going into hibernation. It also highlights how hard it must be for the developers involved to keep this working at all, especially on the wide variety of machines and hardware combinations Linux runs on.

It wasn’t too log ago that pretty much the only platform where sleeping and waking worked reliably was Mac OS X with its controlled, small hardware selection, so it’s kind of remarkable this works at all on Linux now. I haven’t had to worry about sleeping and waking with Linux for quite a while now, and it’s one of those things that “just works” so I never have to think about it. This definitely wasn’t always the case, though, and on both Linux and Windows I would just turn the whole feature off since it rarely worked reliably, especially on desktops.

I’m sure it still breaks for people, but for me, it’s been rock solid, and reading through the linked article, I’m even more amazed about this than I already was.

KDE to focus on improving developer experience, input methods

The KDE project is currently having its yearly conference – Akademy – and at the conference, the project announced its goals for the coming years.

The KDE community has charted its course for the coming years, focusing on three interconnected paths that converge on a single point: community. These paths aim to improve user experience, support developers, and foster community growth.

↫ Farid Abdelnour on the KDE Blogs

First, the project intends to make it easier for developers to build KDE applications. They want to do this in various ways, but most notably they want to improve the developer experience for people writing KDE applications in languages other than C++, such as Rust or Python. This is a very welcome goal, as I feel there’s definitely a bit of a lack of new KDE applications, and as any other open source project, KDE can always use more developers.

Second, KDE is going to focus on improving the input experience, as in the various ways you interact with your computer. Accessibility, and the more complex input methods people with accessibility needs require, are also part of this goal, but it also covers simpler things like mice with tons of buttons, drawing tablets, 2-in-1 laptops, and so on. I’m assuming this also includes controlling the various RGB stuff found in every keyboard and mouse these days, as this is something KDE has already been making inroads into.

The third and final goal is one strongly related to the first goal, as it involves community outreach to attract new contributors. This covers not just individual contributors, but also support from institutions, organisations, and I’m guessing companies, too. With Valve opting for KDE for its Steam Deck, I wouldn’t be surprised to see some more involvement from that direction, too, which meshes well with the input goal mentioned above.

If you all keep becoming Patreons and donating to us, I might be able to actually go to Akademy next year and be a fly on the wall for some more in-depth reporting from such a conference. I can’t guarantee anything – especially since I have two small children, live far away from everything here in the Arctic, and have serious anxiety problems to take into account, but it’s definitely a goal for me for next year.

RISC Laptops of the 90s and early 2000s

Paul Weissmann’s OpenPA, the invaluable archive on anything related to the HP’s PA-RISC architecture, devices, and operating systems, has branched off for a bit and started collecting information on RISC laptops.

Technical computing in the 1990s was mostly done on RISC workstations with Unix operating systems and specialized applications. For mobile use cases, some of the popular RISC vendors built RISC Laptops for mobile Unix use in the 1990s.

Often based on contemporary Unix workstations, these RISC laptops were often marketed for government and military uses such as command, technical analysis and surveillance.

↫ Paul Weissmann at OpenPA

OpenPA has always had content beyond just PA-RISC (like HP’s Itanium machines), so this is not entirely surprising, and it also happens to be something that’s sorely needed – there’s remarkably little consolidated information to be found on these RISC laptops, and it’s usually scattered all over the place and difficult to find. They were expensive and rare when they were new, and they’re even rarer and often more expensive today.

What we’re talking about here are laptops with PA-RISC, SPARC, (non-Apple) PowerPC, and Alpha processors, running some variant of UNIX, like HP-UX, SunOS/Solaris, AIX, and even Windows NT. A particularly interesting listing at the moment is the Hitachi 3050RX/100C, a laptop based on the Hitachi PA/50L PA-RISC processor that ran something called HI-UX/WE2, a UNIX from Hitachi I can’t find much information about.

The most desirable laptop listed is the amazing Tadpole Viper, which was the most powerful SPARC laptop Tadpole ever made, and I’m pretty sure it’s the most powerful SPARC laptop, period. It was powered by a 1.2Ghz UltraSPARC IIIi processor, and was also sold as the Sun Ultra 3, in 2005. I would perform some seriously questionable acts to get my hands on one of these, but they’re most likely virtually impossible to find.

Anyone who can help Weissmann find more information – feel free to do so.

Keyhole: a highly effective Windows DRM bypass also present on the Xbox One

The MAS project, a group of people working on an open source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, discovered quite a neat and interesting bug in the code responsible for licensing in Windows.

In our ongoing work to bypass Windows licensing checks, we occasionally stumble upon bugs that we choose to keep secret. This decision allows us to preserve potential future activation methods by avoiding bug fixes, while also giving us valuable tools for testing or developing new methods.

One such discovery, which we’ve named “Keyhole”, turned out to be a highly effective DRM bypass. It gave users the ability to license any Microsoft Store app or any modern Windows edition with ease.

↫ The MAS project

There were quite a number of roadblocks to overcome here, such as Microsoft’s code obfuscation tool, called Warbird, which was already done by someone else, after which they could really start digging into the code responsible for handling Microsoft Store and Windows licenses. They then discovered that circumventing the license blocks that hold the actual license information was dead simple – every license block is followed by a signature block covering all the data that comes before it. It turns out that messing with the licensing system was as simple as… Adding data after that signature block.

That was it.

As it turns out, data after the signature block isnt checked at all… and it can even override data that came before it. Whenever two blocks of the same type are stored together, the last one overrides all the others before it. So, if we want to change any license data, we can just make a block for it and put it after the signature block!

This method lets us make licenses for anything sold on the Microsoft Store, including Windows, from any other Microsoft Store license. And since there are so many free apps with licenses, we now had the ability to make as many as we wanted for whatever we wanted. This bug essentially punched a hole straight through CLiP’s DRM, so we decided to name it “Keyhole”.

↫ The MAS project

This opened up a massive hole in Microsoft’s licensing tools and DRM, and allowed the MAS project to pretty much do whatever they wanted. They could even do things that used to be impossible, such as “activating Enterprise LTSC with a digital license, or even activating a legitimate KMS server with a generic key”. Sadly, the fun didn’t last long, as right around the same time, Cisco TALOS discovered this same bug, reported it to Microsoft, who then proceeded to fix it.

the MAS project also discovered something else incredibly interesting, something which further highlights the seemingly terrible lack of quality assurance and code quality inside Microsoft. They noted that the kernel driver responsible for licensing looked incredibly shoddy, full of what they call “odd choices and compromises”. In fact, they soon realised that they had seen this code before: it was a straight-up copy/paste job from the licensing DRM found on the Xbox One.

And there’s the same bug that’s in CLiP, but in Xbox code. In fact, we weren’t too surprised to find this, as we found that almost all of CLiP, from the XML format of the licenses to the TLV-based license blocks, is copy-pasted straight from the Xbox One’s DRM system.

↫ The MAS project

Code reuse obviously makes sense in some situations, but the fact Microsoft even copy/pasted entire sections of code from the Xbox One straight into the Windows kernel as a kernel driver seems rather irresponsible. Shouldn’t code added to the Windows kernel and installed on billions of devices be vetted a little better than this?

Xmem and FVWM

So given that, xmem can be useful as a monitoring tool. Fluffy (my main server) runs both squid and apache, and given that fluffy only has 64MB of RAM, things can get a little cramped. If I suddenly see that the whole of xmem turns blue (i.e. the swap file’s thrashing), then I know that something is odd, and I can easily find out which processes are eating up so much RAM.

I said earlier that xmem can brighten up one’s desktop. Indeed, as I use FVWM in a rather archaic fashion, it seems fitting I should like xmem. 🙂 Here’s a full screenshot showing xmem (plus other applications) in action.

↫ Thomas Adam

This is basically just an excuse to show off this awesome FVWM desktop shown off in this short little article about xmem, written by one of FVWM’s core developers. It just looks neat.

Windows App SDK 1.6 released

We are proud to announce that version 1.6 of the Windows App SDK is now available! Whether you’re looking for the incredible performance boost and footprint reduction of Native AOT support, enhancements for deploying your package, or quality of life improvements for controls like PipsPager and RatingControl, WinAppSDK 1.6 offers a raft of new features, performance boosts and structural changes that enable you to make your native Windows apps better than ever before. 

The Windows App SDK provides a rich set of APIs and tools to help you build beautiful and fast Windows desktop apps, including any C++ Win32 or C# .NET app. You can harness the modern controls and polish of WinUI 3, which ships as part of the WinAppSDK, or if you have an existing app that uses Win32 such as WPF, you can take advantage of only the parts of the SDK that you need. The WinAppSDK also stays up to date with frequent and OS-independent releases so your app can always access the latest innovations.

↫ Duncan MacMichael at the Windows Blogs

There’s actually quite a few nice and welcome updates in version 1.6, most prominently the aforementioned Native AOT. This stands for native Ahead-Of-Time (AOT) compilation, and, as the name suggests, compiles your application ahead of time for the architecture it’s going to run on. This reduces the size of the application package and greatly improves the startup time. Another welcome improvement is that the embedded Edge WebView2 SDK is no longer hard-coded, but a NuGet reference, so developers can choose to use any version of the webview they want, preferably the newest version.

There’s a lot more in here, so if you’re a Windows developer trying to use the latest set of tools from Microsoft – this one’s for you.

A Windows Control Panel retrospective amidst a concerning UX shift

Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all.

Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer?

↫ Maya Posch

I like the Windows Control Panel, and approaches like it. They’re easy to use, they allow you to have multiple settings panels open at the same time, they can be easily extended by third parties – for better or worse – and they make it easy to find things with colourful, recognisable icons. The current Windows Settings application is a massive regression, as is the change from macOS’ iconic and incredibly user-friendly System Preferences to the new System Settings application. KDE also moved to a sidebar design I’m not a fan of, and GNOME has had a similar unpleasant, monochrome sidebar, too.

It’s not big enough of an issue to make a huge deal out of, and the KDE sidebar settings application is at least marginally usable, but I really do wish someone would have the guts to undo this general trend, because it’s getting harder and harder to find the settings I want at a glance, and not allowing you to open multiple settings panels at the same time is a huge loss.

And a small note: this article uses the Windows 3.x Control Panel as its starting point, but both Windows 1.x and 2.x had a Control Panel as well. It’s an old concept, for sure.

The Internet Archive just lost its appeal over ebook lending

The Internet Archive has lost its appeal in a fight to lend out scanned ebooks without the approval of publishers. In a decision on Wednesday, the Second Circuit Court of Appeals ruled that permitting the Internet Archive’s digital library would “allow for widescale copying that deprives creators of compensation and diminishes the incentive to produce new works.”

The decision is another blow to the nonprofit in the Hachette v. Internet Archive case. In 2020, four major publishers — Hachette, Penguin Random House, Wiley, and HarperCollins — sued the Internet Archive over claims its digital library constitutes “willful digital piracy on an industrial scale.”

↫ Emma Roth

If you’re a library and scan books and offer a lending service, you’re committing “willful digital piracy on an industrial scale”. If you scan the entire goddamn internet without any regard for licensing or copyright and regurgitate chunks of it on command, you’re a visionary, a revolutionary, a genius.

Make it make sense.

Porting systemd to musl libc-powered Linux

A. Wilcox, the original creator of Adélie Linux, has ported systemd to musl, the glibc alternative.

I have completed an initial new port of systemd to musl. This patch set does not share much in common with the existing OpenEmbedded patchset. I wanted to make a fully updated patch series targeting more current releases of systemd and musl, taking advantage of the latest features and updates in both. I also took a focus on writing patches that could be sent for consideration of inclusion upstream.

The final result is a system that appears to be surprisingly reliable considering the newness of the port, and very fast to boot.

↫ A. Wilcox

I absolutely adore Adélie Linux as a project, even if I don’t run it myself, since they have a very practical approach to software. Systemd is popular for a reason – it’s fast and capable – and it only makes sense for Adélie to offer it as a potential option, even when using musl. Choice is a core value of the open source and Linux world, and that includes the choice to use systemd, even for a distribution that has traditionally used something else.

The port is already quite capable, and Wilcox managed to replace OpenRC on her system with systemd in-place, and it booted up just fine, and it also happened to boot in about a third of the time OpenRC did. It’s not ready for prime time yet, though, and most services are not yet packaged for systemd, an effort for which Adélie Linux intends to rely on upstream and cooperation with systemd experts from Gentoo and Fedora. They’re also working together with systemd, musl, and others to make any switching a user might want to do as easy as possible.

A beta or anything like that is still a ways off, but it’s an impressive amount of progress already.

Android 15 is released to AOSP

Today we’re releasing Android 15 and making the source code available at the Android Open Source Project (AOSP). Android 15 will be available on supported Pixel devices in the coming weeks, as well as on select devices from Samsung, Honor, iQOO, Lenovo, Motorola, Nothing, OnePlus, Oppo, realme, Sharp, Sony, Tecno, vivo, and Xiaomi in the coming months.

We’re proud to continue our work in open source through the AOSP. Open source allows anyone to build upon and contribute to Android, resulting in devices that are more diverse and innovative. You can leverage your app development skills in Android Studio with Jetpack Compose to create applications that thrive across the entire ecosystem. You can even examine the source code for a deeper understanding of how Android works.

↫ Matthew McCullough at the Android Developers blog

While it’s great that we’re still getting open source Android releases, the reality of it is that Google has eroded so much away from the Android Open Source Project that AOSP has become effectively useless. Back in the olden days, AOSP was a complete mobile operating system, but those days are long behind us. Google has moved so much from AOSP over to proprietary frameworks, applications, and cloud services that running that it’s no longer a complete package, which is a huge shame.

Still, AOSP plays an important role for the custom ROM community and the various companies and communities making privacy-first, de-Googled Android versions, and for that reason alone it’s good that it still exists, even in its gutted state. Android 15’s AOSP release will surely find its way to LineageOS, /e/OS, GrapheneOS, and the countless other alternatives to butchered Android OEM versions and people seeking a more private smartphone experience.

As for when Android 15 will hit Pixels – that’s going to be a few weeks from now, later than usual after the source release.

Programming the Convergent WorkSlate’s spreadsheet microcassette future

That’s the 1983 Convergent WorkSlate, a one-of-a-kind handheld system from some misty alternate history where VisiCalc ruled the earth. Indeed, even the “software” packages Convergent shipped for it — on microcassette, which could store voice memos and data — were nothing more than cells and formulas in a worksheet. The built-in modem let you exchange data with other Workslates (or even speak over the phone to their users), and it came with a calculator desk accessory and a rudimentary terminal program, but apart from those creature comforts its built-in spreadsheet was the sole centre of your universe. And, unlike IAI and the Canon Cat, I’ve yet to find any backdoor (secret or otherwise) to enable anything else.

That means anything you want to program has to be somehow encoded in a spreadsheet too. Unfortunately, when it comes to actually programming the device it turns out the worst thing a spreadsheet on an 8-bit CPU can be is Turing-complete (so it’s not), and it has several obnoxious bugs to boot. But that doesn’t mean we can’t make it do more than balance an expense account. Along the way we’ll examine the hardware, wire into its peripheral bus, figure out how to exchange data with today’s future, create a simple game, draw rudimentary graphics and (with some help) even put it on the Internet with its very own Gopher client — after we tell of the WorkSlate’s brief and sorrowful commercial existence, as this blog always must.

↫ Cameron Kaiser

The amount of knowledge, skill, and sheer passion Cameron Kaiser displays in every one of these articles he writes is astonishing, and I’m incredibly grateful websites like OSNews can benefit from the work of people far, far smarter and more skillful than I’ll ever be. The code for the projects detailed in the article is available on GitHub, and more technical information can be found on Kaiser’s website.

Apple helped nix part of a child safety bill. More fights are expected.

Kim Carver, a legislator in the US state of Louisiana, added a provision to a child safety bill forcing Apple and Google to enforce age restrictions on downloads in their application stores. In other words, it would force Apple to make sure minors could not download gambling and casino applications – i.e., 99% of mobile games – that make up the vast majority of Apple’s services revenue. It would also make application stores play a role in enforcing age restrictions on social media applications, which makes sense because Apple and Google know the age of every one of their users.

Well, it turns out Apple was not happy. They sent out an absolute army of lobbyists – including a guy known for lobbying on behalf of truck-stop casinos, in case you were wondering about the type of people Apple uses for lobbying – to kill this specific provision. Carver’s provision would have breezed through the Louisiana senate, but it needed a key committee approval before being put up for a vote. And it’s this committee that Apple started heavily influencing and pressuring.

Carver began hearing rumblings that Apple was making inroads with the committee—his amended bill might be in trouble. Uncertain on how to proceed, he approached the chairwoman of the committee, Sen. Beth Mizell, for advice.

He declined to describe the substance of the conversation to The Wall Street Journal, but in the end, he promised not to object if she removed the app store provisions or support restoring them on the Senate floor.

“I made the choice to take the win that we could get,” Carver said.

↫ Jeff Horwitz and Aaron Tilley at The Wall Street Journal

This is not the first time Apple has pressured legislatures to drop bills it didn’t like. A famous case is the state if Georgia, which intended to pass a number of application store bills to open up the App Store in much the same way the European Union did with the DMA. Apple went absolutely mental in Georgia, including threatening to cancel “a $25 million investment in a historically Black college in Atlanta”. Apple won.

The way these sleazebag companies get away with such blatant corruption is by using third-party lobbyists, which technically are not employed by the companies in question, so no matter how low and sleazy these lobbyists go, the companies they lobby for can wash their hands in innocence and absolve themselves from any responsibility for the various financial and legal threats levied at underfunded, understaffed local legislatures. Spending a few millions on a local development project or whatever is peanuts for Apple, but a massive boon for a small community somewhere, so Apple pulling out means nothing to Apple, but would massively affect such a community. It’s not surprising local legislatures fold.

Circling back to the age restriction provision itself – telling stores what they can and cannot sell is an entirely normal thing to do, and happens all the time all over the world. It’s why in, say, The Netherlands, supermarkets are only allowed to sell “light” alcohol like beer and wine, with hard alcohol moved to separate liquor stores that have to be separate from the supermarket, so age restrictions are easier to enforce. There’s also just an infinite number of things you’re just not allowed to sell, period.

As always, Silicon Valley believes it’s a very special snowflake to whom regular, normal, widely accepted rules do not apply. Why shouldn’t a store selling gambling applications and similarly addictive and damaging applications have to do the absolute bare minimum to protect minors? Imagine the massive outcry if a Costco or Walmart was found to sell massive amounts of hard liquor to children – why should Silicon Valley companies be treated any differently?

Pitch deck gives new details on company’s plan to listen to your devices for ad targeting

For years now, people believe that their smartphones are listening to their conversations through their microphones, all the time, even when the microphone is clearly not activated. Targeted advertising lies at the root of this conviction; when you just had a conversation with a friend about buying a pink didgeridoo and a flanel ukelele, and you then get ads for pink didgeridoos and flanel ukeleles, it makes intuitive sense to assume your phone was listening to you. How else would Google, Amazon, Facebook, or whatever, know your deepest didgeridoo desires and untapped ukelele urges?

The truth is that targeted advertising using cross-site cookies and profile building is far more effective than people think, and on top of that, people often forget what they did on their phone or laptop ten minutes ago, let alone yesterday or last week. Smartphones are not secretly listening to you, and it’s not through covert microphone activation that it knows about your musical interests.

But then.

Media conglomerate Cox Media Group has been pitching tech companies on a new targeted advertising tool that uses audio recordings culled from smart home devices. The existence of this program was revealed late last year. Now, however, 404 Media has also gotten its hands on additional details about the program through a leaked pitch deck. The contents of the deck are creepy, to say the least.

Cox’s tool is creepily called “Active Listening” and the deck claims that it works by using smart devices, which can “capture real-time intent data by listening to our conversations.” After the data is captured, advertisers can “pair this voice-data with behavioral data to target in-market consumers,” the deck says. The vague use of artificial intelligence to collect data about consumers’ online behavior is also mentioned, with the deck noting that consumers “leave a data trail based on their conversations and online behavior” and that the AI-fueled tool can collect and analyze said “behavioral and voice data from 470+ sources.”

↫ Lucas Ropek at Gizmodo

Looking at the pitch deck in question, you can argue that it’s not even referring to smartphones, and that it is incredibly vague – probably on purpose – what “active listening” and “conversations” are really referring to. It might as well be simply referring to the various conversations on unencrypted messaging platforms, directly with companies, or stuff like that. “Smart devices” is also intentionally vague, and could be anything from one of those smart fridges to your smartphone.

But you could also argue that yes, this seems to be pretty much referring to “listening to our conversations” in the most literal sense, by somehow – we have no idea how – turning on our smartphone microphones, in secret, without iOS or Android, or Apple or Google, knowing about it? It seems far-fetched, but at the same time, a lot of corporate and government programs and efforts seemed far-fetched until some whisteblower spilled the beans.

The feeling that your phones are listening to you without your consent, in secret, will never go away. Even if some irrefutable evidence came up that it isn’t possible, it’s just too plausible to be cast aside.