Avast sells user data collected by its antivirus software

An antivirus program used by hundreds of millions of people around the world is selling highly sensitive web browsing data to many of the world’s biggest companies, a joint investigation by Motherboard and PCMag has found. Our report relies on leaked user data, contracts, and other company documents that show the sale of this data is both highly sensitive and is in many cases supposed to remain confidential between the company selling the data and the clients purchasing it.

The documents, from a subsidiary of the antivirus giant Avast called Jumpshot, shine new light on the secretive sale and supply chain of peoples’ internet browsing histories. They show that the Avast antivirus program installed on a person’s computer collects data, and that Jumpshot repackages it into various different products that are then sold to many of the largest companies in the world. Some past, present, and potential clients include Google, Yelp, Microsoft, McKinsey, Pepsi, Sephora, Home Depot, Condé Nast, Intuit, and many others. Some clients paid millions of dollars for products that include a so-called “All Clicks Feed,” which can track user behavior, clicks, and movement across websites in highly precise detail.

Is anybody really surprised by this? Antivirus companies have been scammers for a long time now, spreading fear and anxiety amongst primarily less knowledgeable users, tricking and scamming them into paying exorbitant amounts of money for tools that are not needed, do not work, slow computers down, and in many cases, actively harm operating systems.

Of course, with these programs running with unparalleled access to many Windows machines, we all knew antivirus companies would resort to selling user data to make an extra buck, sinking even deeper. You don’t need anything more than what your operating system provides, whether you use Windows, Linux, macOS, Android, or iOS.

Microsoft goes back on its word, will fix the Windows 7 wallpaper bug for everyone

Even though regular, free Windows 7 support has ended only a few days ago, Microsoft has already been forced to release a regular update to fix a bug.

We reported earlier that Windows 7 users were complaining of their wallpaper being replaced by black screens when they install the important KB4534310 and KB4534314 updates for Windows 7.

The wallpaper bug affected all the Windows 7 users who use stretch option while setting up wallpapers. Microsoft later confirmed that it was indeed a bug but said the company would fix it only for customers who purchased ESU, i.e. organizations. However, it looks like the company has gone back on its word and decided to release an update for everyone.

The best laid plans.

Today, the Trident era ends

Starting now, Microsoft will roll out their new Chromium-based Edge browser to their millions of Windows 10 users. And this will also mark the end of an era. The era of the Trident-Engine.

But hadn’t the Trident era already ended when Edge appeared? Not really.

This is a very deep look at the Trident engine. Goodness.

Google acknowledges the controversial redesign of its search results on desktop

A couple of weeks back, Google redesigned the search results for its desktop website. According to the firm, the new layout was meant to mimic the ordering of search results on the mobile version of the website.

Most significantly, the changes allowed the inclusion of favicons next to display results and the removal of color overlays. This meant that advertisements and traditional search results were displayed inline with little to distinguish between the two.

And now Google is backpedaling.

As a DDG user, this thing kind of passed me by, but upon checking Google, I have to say I agree that this feels so off. You’d think adding favicons to search results wouldn’t make a big difference, but it really does – and not for the better.

Phoenix: a lightweight macOS window and app manager scriptable with JavaScript

A lightweight macOS window and app manager scriptable with JavaScript. You can also easily use languages which compile to JavaScript such as CoffeeScript. Phoenix aims for efficiency and a very small footprint. If you like the idea of scripting your own window or app management toolkit with JavaScript, Phoenix is probably going to give you the things you want. With Phoenix you can bind keyboard shortcuts and system events, and use these to interact with macOS.

Pretty cool.

Librem 5 phone hands-on: open source phone shows the cost of being different

I wonder about the approach Purism took with the Librem 5. The company chose to do everything all at once by building a new smartphone OS and a new hardware supply chain. For a customer receiving a Librem 5 today, you’re getting an unfinished operating system and rough, gen-one open source hardware. That’s a bunch of compromises to accept for $750. A more reserved approach would have been to build an open source GNU/Linux-based OS on closed source hardware first and then make the difficult jump to custom hardware when the OS was in a more complete state.

The Librem 5 is a tough sell, even for people who value the open source nature of the device. That’s simply too much money for such an outdated, unfinished device.

Microsoft Office update switches Chrome search engine to Bing

Microsoft is planning to use the Office 365 installer to forcibly switch Chrome users over to the company’s Bing search engine. Microsoft’s Office 365 ProPlus installer, used by businesses, will include a new Chrome extension next month that switches the default search engine to Bing. New installations of Office 365 ProPlus and updated installs will include the extension, as long as the default search engine in Chrome is not set to Bing.

Microsoft is clearly marketing this to IT admins as enabling its Microsoft Search functionality in Chrome, but it also looks like a stealthy way of pushing people over to using Bing. If Bing is already set as the default search engine in Chrome, then the extension never gets installed. Microsoft is planning to roll this out in the US, UK, Australia, Canada, France, Germany, and India next month.

Windows is an advertising platform. Get out while you can.

Google will provide 8 year of updates for Chromebooks

When we first launched Chromebooks, devices only received three years of automatic updates. Over the years, we’ve been able to increase that to over six. Last fall, we extended AUE on many devices currently for sale, in many cases adding an extra year or more before they expire. This will help schools better select which devices to invest in and provide more time to transition from older devices.

And now, devices launching in 2020 and beyond will receive automatic updates for even longer. The new Lenovo 10e Chromebook Tablet and Acer Chromebook 712 will both receive automatic updates until June 2028. So if you’re considering refreshing your fleet or investing in new devices, now is a great time.

Eight years is a decent amount of time, especially since most Chromebooks are quite cheap – so this longevity is really good value. I only wish Google were this dedicated to Android, too.

NomadBSD

Speaking of using BSD as a general purpose operating system:

NomadBSD is a persistent live system for USB flash drives, based on FreeBSD. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery, for educational purposes, or to test FreeBSD’s hardware compatibility.

This seems like quite the polished and minimalist – yet full-featured – FreeBSD distribution to test out your hardware.

Wine 5.0 released

This release represents a year of development effort and over 7,400 individual changes. It contains a large number of improvements that are listed in the release notes below. The main highlights are:

– Builtin modules in PE format.
– Multi-monitor support.
– XAudio2 reimplementation.
– Vulkan 1.1 support.

Wine allows me to run virtually any Windows game I use on Linux – including League of Legends, my most-played game – so it’s a pretty amazing tool in my book. Since many people no longer directly interact with Wine, using it through tools like Steam’s compatibility tools or Lutris, instead, it’s easy to forget just how important of a project Wine really is.

WordPad is gettings ads in Windows 10

An upcoming feature of WordPad has been discovered by enthusiasts, revealing in-app ads that promote Microsoft Office. The change is hidden in recent Insider Preview builds, and not activated for most users.

WordPad is a very simple text editor, more powerful than Notepad, but still less feature rich than Microsoft Word or LibreOffice Writer. It is good for creating a simple text document without complicated formatting.

The more advertisements and preinstalled junkware Microsoft shoves into Windows 10, the more the otherwise decent operating system turns into a user-hostile joke. Apple is going down the same route with iOS, and everything about it just feels disgusting and sleazy.

One of the many reasons I transitioned all my machines away from Windows and to Linux.

Apple dropped plan for encrypting backups after FBI complained

Apple Inc dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.

The tech giant’s reversal, about two years ago, has not previously been reported. It shows how much Apple has been willing to help U.S. law enforcement and intelligence agencies, despite taking a harder line in high-profile legal disputes with the government and casting itself as a defender of its customers’ information.

This once again just goes to show Apple’s privacy chest-thumping is nothing but marketing and grandstanding. This is effectively a backdoor for government agencies to use, and if the “good guys” can use it, so can the bad guys. On top of that, this neatly ties into Apple handing over iCloud data to the Chinese government – data that is most certainly being used by the Chinese regime in, among other things, its genocide of the Uyghurs.

I prefer a company that’s open and honest about what data it collects and uses and why – Google – over a company that purposefully tries to muddy the waters through marketing and grandstanding – Apple. The devil you know and all that.

FreeBSD is an amazing operating system

As mentioned previously, because FreeBSD is a real multi-purpose operating system with many different use cases, FreeBSD is very flexible and tuneable. Whether you want to run FreeBSD on your desktop computer or on your server, it provides many tuneable options that enables you to make it very performant. The options set out-of-the box may not suit your needs exactly, but then FreeBSD provides lots of documentation on how to get it to work as you need, and it provides a very helpful community with many people who has experience in dealing with many different situations and problems.

I believe it is important to understand that FreeBSD is not like a GNU/Linux distribution. FreeBSD is an operating system made by developers who are also system administrators. This means that FreeBSD is supposed to be run by system administrators who understands how the system works. You cannot simply jump from something like Ubuntu, Fedora or OpenSUSE and then expect that you get the same experience on FreeBSD (I and a lot of other people would be extremely sad if that were the case).

The BSDs just aren’t my thing. I’m not a developer, and I’m not a system administrator. Over the past six months or so, I’ve moved all my machines and all my workflows over to Linux – my laptop, my main PC (used for everything that isn’t translating), and my office PC (for my translation work), and I couldn’t be happier (in the interest of full disclosure, I do keep Windows around on my main PC for possible future Windows-only games, and I have a Windows 10 virtual machine on my office PC for some Windows-specific translation software I need to keep around).

As I was planning this careful migration, I never once considered using any of the BSDs. For the simpler, almost exclusively desktop oriented work that I do, BSD just doesn’t seem like the right tool for the job – and that’s okay, I’m not the target audience – and I suspect there are many people like me. I think the BSDs are stronger for not trying to be everything to all people, and this more focused development seems to be exactly why someone chooses BSD over Linux.

And I see no reason why anybody should want to change that.

Google is working to bring official Steam support to Chrome OS

Last week in Las Vegas while at CES, I spoke with Kan Liu, Director of Product Management for Google’s Chrome OS. In a wide-ranging discussion about the Chrome platform and ecosystem, Liu dropped something of a bombshell on me: the Chrome team is working—very possibly in cooperation with Valve—to bring Steam to Chromebooks.

[…]

The next question, of course, is just what sorts of games would even be worth playing on a Chromebook when run directly on local hardware. Currently, most Chromebooks have extremely limited 3D acceleration performance, with only the most recent devices like Samsung’s Galaxy Chromebook possessing vaguely passable GPUs. Liu said we could expect that to change: more powerful Chromebooks, especially AMD Chromebooks, are coming. Liu would not explicitly confirm that any of these models would contain discrete Radeon graphics, but told us to stay tuned.

This makes a lot of sense. Sure, you won’t be running the latest and greatest AAA titles on Chromebooks any time soon, but Steam has a massive library of less intensive games and older titles that would run just fine on any mid-range Chromebook. On top of that, this would open Chromebooks up to Steam’s streaming feature.

The PinePhone starts shipping – a Linux-powered smartphone for $150

Pine64 has announced that it is finally shipping the PinePhone, a smartphone that takes the rare step outside the Android/iOS duopoly and is designed to run mainline Linux distributions. The PinePhone starts shipping January 17 in the “Braveheart” developer edition.

An interesting device for sure, and the dip switches on the motherboard that act has hardware kill switches for things like the microphone and camera are pretty neat. I do take issue with the “Linux-powered” as if that’s some unique quality or anything. Save for the odd iPhone, every single smartphone in the world runs Linux.

Maybe not in a form that adheres to your no true Scotsman idea of Linux, but 100% Linux nonetheless.

The new Microsoft Edge is out of preview and now available for download

From this incredible momentum, today I’m pleased to announce the new Microsoft Edge is now available to download on all supported versions of Windows and macOS in more than 90 languages. Microsoft Edge is also available on iOS and Android, providing a true cross-platform experience. The new Microsoft Edge provides world class performance with more privacy, more productivity and more value while you browse. Our new browser also comes with our Privacy Promise and we can’t wait for you to try new features like tracking prevention, which is on by default, and provides three levels of control while you browse.

The new Edge will also come to Linux, so this gives us yet another Chromium-based browser available on all platforms. Why, exactly, you’d choose Edge over Chrome, Vivaldi, or any others is still not entirely clear to me, however.

Opening up the Baseboard Management Controller

In 2011 Facebook announced the Open Compute Project to form a community around open-source designs and specifications for data center hardware. Facebook shared its hardware specs, which resulted in 38 percent less energy consumption and 24 percent cost savings compared with its existing data centers. What Facebook and other hyperscalers (Google, Microsoft, et al.) donate to the Open Compute Project are their solutions to the agonizing problems that come with running data centers at scale.

Since then, the project has expanded to all aspects of the open data center: baseboard management controllers (BMCs), network interface controllers (NICs), rack designs, power busbars, servers, storage, firmware, and security. This column focuses on the BMC. This is an introduction to a complicated topic; some sections just touch the surface, but the intention is to provide a full picture of the world of the open-source BMC ecosystem, starting with a brief overview of the BMC’s role in a system, touching on security concerns around the BMC, and then diving into some of the projects that have developed in the open-source ecosystem.

A good overview.

The AlphaSmart dana in 2019

The AlphaSmart dana is technically a Palm OS PDA, in the same way that Hannibal Lecter is technically a famous chef. The dana does run Palm OS 4.0, but it has almost reversed priorities from a normal PDA. For example, I drafted college essays on a dana, but never used the calendar or address book until I began writing this article. In contrast, Palm OS founder Jeff Hawkins distilled the average PDA user’s needs down to, “All I really care about is calendars and address book and trying to coordinate with my secretary.” Palm designed their operating system to organize a social schedule, but AlphaSmart Inc. used that codebase to create a device that focused on expression rather than organization. AlphaSmart was founded by ex-Apple employees who designed simplified computers for classrooms that couldn’t afford high end computers. AlphaSmart achieved these lower costs by hyperfocusing on composition. Those lower costs became irrelevant as laptop prices dropped, but the hyperfocus on composition itself has become more relevant in an era of distraction. If we consider the dana as a device for producing drafts, even its flaws are transformed into strengths.

Google is seeking to deprecate Chrome’s User Agent string

Google intends to deprecate the user agent string in Chrome.

According to the proposal, the first step is to deprecate the “navigator.userAgent” method used to access the User Agent string, suggested to start in March with Chrome 81. This change won’t have any visible effect for most people, and websites will continue to work completely as normal. However, web developers will be given explicit warnings in the Chrome development console that retrieving the User Agent string is no longer a good idea.

Next, with the release of Chrome 83 in June, Google will begin to freeze, or stop updating, the User Agent string with each update to Chrome. At the same time, Chrome will also “unify” the information shared about your device’s operating system, for example meaning that two computers on slightly different Windows 10 updates should have the same User Agent. This will eliminate one more potential fingerprinting method.

Finally, beginning in September’s Chrome 85 release, every Chrome rowser running on a desktop operating system, such as Windows, macOS, or Linux, will report the exact same User Agent string, eliminating all possible User Agent fingerprinting. Similarly, Chrome 85 will unify the User Agent on mobile devices, though devices will apparently be lumped into one of a few categories based on screen size.

User agent strings have long outlived their usefulness, and today only serve to artificially restrict browser access in the stupidest of ways. I’m obviously not comfortable with Google spearheading this effort, so I’m counting on a lot of scrutiny from the web community and other browser makers.