05.19.23
Canadian Desktops and Laptops: Windows 61.7%, GNU/Linux 5.5%
Summary: This month’s numbers show another shark drop for Windows; GNU/Linux + ChromeOS (based on Gentoo) rose to over 5.5% in Canada, where many schools ditched Windows
05.07.23
Reporting That Embarrasses Powerful People Online is at Risk (Politicians Are at It Again)
Video download link | md5sum 326ca25a0add9eb3055664d6d0bc1cc5
Restrictions in Canada and EU
Creative Commons Attribution-No Derivative Works 4.0
Summary: Journalism online is under attack, especially through centralised “services” (especially social control media and proprietary search engines, which are veiled disservices or censorship mechanisms) and as usual this is disguised as combating piracy, protecting children, and protecting adults from “misinformation”
THE other day we added two important items under the “politics” category of Daily Links. One concerned Canada’s “Liberal Party Policy Proposal” and the other concerned DSA’s (Digital Services Act) Article 37 and Article 44, which is open for feedback until the start of June. The former explores options to “hold on-line information services accountable for the veracity of material published on their platforms and to limit publication only to material whose sources can be traced.” The latter “is to set out the necessary rules for the procedures, methodology and templates used for the audits of very large online platforms and very large online search engines as required under the Digital Services Act (Article 37).”
“…what the European Commission does typically gets implemented in north American countries and vice versa for political and cultural reasons.”As noted in the video above, what the European Commission does typically gets implemented in north American countries and vice versa for political and cultural reasons. They habitually refer to this as harmonisation.
In recent decades we saw a whole bunch of laws put forth as “bills” and “proposals”, resulting in less speech online or more censorship by large, centralised “services”, including search and social control media. When in Canada they say “limit publication only to material whose sources can be traced” they basically mean only people that the oligarchs can punish for disclosing “embarrassing” information. That would hurt anonymous sources. As an associate put it, this is one “among the many other problems with that approach.”
“In recent decades we saw a whole bunch of laws put forth as “bills” and “proposals”, resulting in less speech online or more censorship by large, centralised “services”, including search and social control media.”“Among several reasons it is very relevant to Techrights because of the sources relied upon and need for protecting them from retaliation and other abuse.”
In the video above I give the examples of Novell, Microsoft, and the EPO. Source protection is very immportant. In the case of the EU, they still seek/strive to control “very large online search engines” (such as Google) and it seems to be geared towards changing or controlling the narrative. They try to get those corporations to serve some political agenda.
If you live in the EU, you can read the documents listed here and provide feedback by June 2nd (someone has already submitted a comment in French). They may or may not listen, but it’s the best we can do at the moment. █
05.04.23
The Electronic Frontier Foundation (EFF) Covers Software Patents Again
By Dominik Butzmann / re:publica – re:publica faces 2019, CC BY-SA 2.0.
Summary: Cory Doctorow and Joe Mullin (EFF) wrote about software patents this week; this shows that the EFF can still pivot in the right direction if it really wants to
As it turns out, Joe Mullin is fortunately still around (at the EFF, he used to be in the media) and the other day he cautioned “the U.S. Solicitor General Trying To Change The Law To Benefit Patent Trolls”. His EFF colleague, Mr. Doctorow, said at almost the same time: “In theory, patents are for novel, useful inventions that aren’t obvious “to a skilled practitioner of the art.” But as computers ate our society, grifters began to receive patents for “doing something we’ve done for centuries…with a computer.” “With a computer”: those three words had the power to cloud patent examiners’ minds.”
He then changed the subject from software patents to patent trolls (the EFF habitually changes the subject to “bad patents” or “trolls”). To quote: “Patent trolls – who secure “with a computer” patents and then extract ransoms from people doing normal things on threat of a lawsuit – are an underappreciated form of “tech exceptionalism.” Normally, “tech exceptionalism” refers to bros who wave away things like privacy invasions by arguing that “with a computer” makes it all different.”
Quoting Mr. Mullin, regarding the U.S. Patent and Trademark Office (USPTO) and 35 U.S.C. § 101: “Government officials should be working to reduce, not increase, the burden that low-quality patent lawsuits impose on innovators. So we’re concerned and dismayed by recent briefs filed by the U.S. Solicitor General, asking the Supreme Court to reexamine and throw out the best legal defenses regular people have against “patent trolls”—companies that don’t make products or provide services, but simply use patents to sue and threaten others.
“To truly stop patent trolls, we’ll need wholesale reform, including legislative change. But the current framework of rules governing Section 101 of the U.S. patent laws, including the Supreme Court’s 2014 CLS Bank v. Alice decision, were important victories for common-sense patent reform.
“The Alice decision made clear that you can’t simply add generic computer language to basic ideas and get a patent. The ruling has been consistently applied to get the worst-of-the-worst software patents kicked out of the system. For the most part, it allows courts to state, clearly and correctly, that these patents are a form of abstract idea, and should be thrown out at an early stage of litigation. A win under the Alice rules spares the targets of patent trolls not just from an unjust trial, but from an invasive and expensive discovery process, fueled by a patent that never should have been issued in the first place.”
It’s encouraging to see that the EFF still covers this issue, however seldom, and we hope it’ll do so as frequently as it used to do. █
05.03.23
Microsoft Windows in BRICS Laptops/Desktops: Monopoly Bricked?
(Not even counting Android; Microsoft Windows is only on a quarter of Internet-connected computers by such measures)
Windows market share in Brazil: (laptops/desktops only, not counting mobile)
Windows market share in Russia: (laptops/desktops only, not counting mobile)
Windows market share in India: (laptops/desktops only, not counting mobile)
Windows market share in China: (laptops/desktops only, not counting mobile)
Windows market share in South Africa: (laptops/desktops only, not counting mobile)
Summary: An “Unknown” OS (not Windows) is taking market share away from Windows; whatever is going on with these statistics, it seems clear Microsoft isn’t coping with a fast-changing world, hence so many layoffs (far more than 10,000 — the “official” number that media loves parroting without investigating; Microsoft is 42 billion dollars in debt and the debt grew more than tenfold since 2010)
“Microsoft, the world’s most valuable company, declared a profit of $4.5 billion in 1998; when the cost of options awarded that year, plus the change in the value of outstanding options, is deducted, the firm made a loss of $18 billion, according to Smithers.”
–The Economist, 1999
05.01.23
Contrary to What Microsoft-Funded Media Keeps Saying, Bing Has Lost a Lot of Market Share Since the Lying Chatbot Was Introduced (Despite Endless Marketing)
Even in places/geographies where Microsoft does a lot of “marketing” and back room deals the market share of Bing falls noticeably (there were also many Bing layoffs this year).
Search Engine Market Share North America Nov 2022 – Apr 2023: (link)
Down by a lot since all the fake hype started (from 7% to about 5.5%)
Search Engine Market Share Europe Nov 2022 – Apr 2023: (link)
Down by a lot since all the fake hype started (from 4% to about 3%)
Summary: We keep reminding people that the media/press is lying for Microsoft; not only is Bing not gaining, as in practice it is universally falling quite sharply and there are layoffs in that division (some of those who survived the layoffs are now vacated from the offices in Bellevue, WA)
Suitable Online Bank(rupt)ing
Reprinted with permission from Alexandre Oliva (FSFLA and FSF)
For the past couple of decades, I've entered various fights with Brazilian banks over their threats to my software freedom in their Internet banking services. Back in 2002, the main threats were websites that required Internet Explorer, or the then-still-proprietary Java plugin, and there were plenty of alternatives without such abusive requirements. Nowadays, in the early 2020's, most banks require users to install security-theater malware and to use tracking devices, and those that make exceptions to the malware upon request are becoming very hard to find. Before running out of alternatives to these morally bankrupt practices, I've started legal action to defend my freedom using my consumer rights.
Java Trap
I was a happy customer of Banco do Brasil until around 2001, when it rolled out a Java applet for authentication. The Java VM only became free software years later, but even if the Java Trap had already been disarmed, the applet itself was a nonfree program I'd be required to run on my own computer, analogous to the JavaScript Trap that became a grave problem later on.
Both of these requirements were unacceptable to me, and I let the bank know in no uncertain terms. For some time, changing the browser-presented User-Agent identifier to pretend to be running some Java-incompatible system served as a workaround. When that was cut off and it became clear that there weren't going to be workarounds any more, I took my business to banks that did not impose such abusive requirements.
JavaScript virtual keyboards
Banespa and Real, both now part of Santander, at some point also started demanding a so-called "security" program on the customer's end, but both of them made exceptions upon request, so I didn't have to move on from them. Eventually, they also rolled out virtual keyboards for authentication in security theater, and at that, I blinked: without GNU LibreJS to warn me, I did not realize those were also nonfree programs running on my computer after being automatically installed by the browser. When I learned that this was the case, I had already accepted these features for too long, and I rationalized them as layout silliness that was borderline acceptable, and so I kept on using them. I'm embarrassed and sorry that I did; resisting back then might have made things easier for everyone else later on.
Hostile take-over
In 2008, my then-employer started paying salaries at Citibank. I gave it a try and was happy with how little JavaScript it used, so it became my favorite banking platform, and it served me well for some 10 years, until Itaú-Unibanco (henceforth just Itaú) bought its retail operations in Brazil and switched all customers to its own Internet banking service. That brought me two major problems: in order to perform banking transactions, they demanded a piece of malware they deemed "Guardian" (Diebold's Warsaw, really) to be installed on the desktop or laptop computer, and the bank's own One-Time Password (OTP) TRApp had to be installed on a portable tracking device (of the kind that usually can also make phone calls) for authentication purposes.
Workaround
Some colleagues mentioned that changing to FreeBSD the operating system name sent by the browser in the User-Agent identifier would disable the malware requirement, but authentication remained a challenge. It was no use to argue that my phone ran GNU/Linux (my smartphone has been a Neo Freerunner for way over a decade) and they only had nonfree apps, for other also-nonfree mobile operating systems; or that there were other OTP apps I could run, on it or elsewhere, that would serve the same purpose.
Backup plan
Santander still worked for me, but it's very uncomfortable to be tied to a single option, so I contacted a banking cooperative/credit union, Sicredi, explained that I was looking for a bank that would offer me Internet banking services without requiring me to install anything but a standards-compliant browser on any operating system of my choice, that this was the reason I had left Banco do Brasil before, and was leaving Itaú now, that I was very serious about not running nonfree software, to the point of maintaining my own Free version of Brazilian income tax software to avoid the government-provided nonfree version. They told me that they could indeed meet my requirements, and they'd be happy to take my business.
Plot twist
So I signed up with Sicredi, went to a branch of Itaú to transfer the balance, and then, only then, did Itaú think of offering me a hardware OTP token for authentication, just like the one Sicredi had offered me. I figured I could give Itaú a try, so I didn't trasfer the whole balance. I'm glad I didn't! I went back to the Sicredi branch, confirmed the transfer that activated the account, got the hardware token, moved a significant chunk of the balance to a long-term investment fund, and went home.
When I got there, I tried to access the Internet banking service and check everything out, just to find out that it demanded the installation of the same piece of "security" malware as Itaú. Unlike Itaú, I couldn't even see my balance without it, whereas Itaú worked beautifully once I had its hardware token and the User-Agent workaround.
For some time, I had FreeBSD as the operating system name in User-Agent to authenticate with Itaú, but eventually I tried GNU instead of the misnomer Linux, and that worked too.
Once again, GNU helped me keep my freedom!
Seeking consumer protection
Still, I felt unsafe, because the User-Agent workaround was not documented nor recommended. The bank even denied its existence. It also unilaterally decided to stop sending me monthly statements by mail, which was part of the service I'd hired and was quite important to me, since the viable alternative, namely getting the file with the Internet banking service, could be cut off at any time. So I filed complaints about both Itaú and Sicredi with the local consumer protection agency, Procon.
Not that I expected much to come out of it: in my experience, Procon could only fine violators, that would be taken as cost of business, and even protect the violators from any further complaints from me over the same issue.
In this case, I wasn't even sure Procon would recognize my rights; its agents were not familiar with the notion of software freedom, but once I explained that in terms that made sense to consumer protection agents, they seemed quite excited about it. Procon eventually found in my favor in both cases, fined both banks, and confirmed the fines on appeal.
Surprise!
I expected the banks wouldn't change their behavior over it, though. It turned out I was surprisigly wrong. Not long after the initial Procon decision, Itaú started changing its Internet banking service. It wasn't for the better, though.
Progressively, over several years, some kinds of transactions would no longer accept authentication with the secure and entirely offline hardware token, and instead insisted on a tracking device-based OTP instead. After some time, they'd start demanding the Guardian malware, or their own brand new app, now available for a small selection of operating systems, including GNU/Linux/x86_64, but nonfree software nevertheless.
As I write this, relevant features I've noticed as blocked are payments of bills that aren't scheduled automatically, payments of some taxes, outgoing wire transfers, international wire transfers, credit card statements, activating new cards, and even updating contact and investor information and obtaining the consolidated information needed to fill in income tax returns, all in name of "security". At least the tax information is made available on another website maintained by the bank, that clearly doesn't care so much about "security".
That wasn't all at once. One day a feature worked, next day it didn't any more. Then another. And another… For some time, even redeeming from investment funds (to avoid a negative balance over automatically scheduled payments) stopped accepting confirmation with the hardware token, but at least on this one they seem to have retreated. Not on the others.
Not fine
Meanwhile, Sicredi accused me of dishonesty: they wouldn't believe I hadn't come across the very clear information about their software requirements, shown on a web page that's not even reachable without JavaScript, reason why I ended up contacting the branch to explain my requirements. That absurd accusation earned them a reprimand in the appeal decision, but not a higher fine.
Lawsuit
As Itaú tightened the knot, I talked to my lawyer about defending my rights with a lawsuit. He wasn't enthusiastic about it at first, apparently expecting the bank to take back on the impositions, not realizing back then how they were show-stoppers for me, while most people wouldn't even notice or realize that there was an injustice there. We couldn't count on a public uproar for the bank to retreat.
We had to demand the bank to live up to the obligations it acquired along with the Citibank retail business: it couldn't unilaterally change the terms, quality and requirements of the service I had so carefully selected because I wouldn't use a service that demanded nonfree software. So, in the middle of 2022, he filed a lawsuit against Itaú on my behalf, grounded mainly on consumer rights, asking the court to order the bank to offer the services I had hired, under the conditions I had hired them, restoring the services that it was progressively discontinuing.
Picking battles
Ironically, because of COVID-19, I had to attend a conciliation session held through nonfree software. My lawyer was surprised that even that sort of online program would be objectionable for me, and invited me to attend along with him at his office. That's no way to get full justice, but… that's another fight, that we're going to have to have at a higher court. He's optimistic about the legal arguments in the ongoing lawsuit, and though they're not quite founded on software freedom, we do mention freedom and dignity as constitutional rights that the bank's imposition violates.
2023-02 update
In February 2023, a sentence landed ordering Itaú to abide by our request, restoring services without demanding the installation of additional programs, with a small daily fine in case of noncompliance. It's a full victory in the first round, but my lawyer tells me theirs are likely to file an appeal, so we can celebrate some, but this is not over yet.
In other news, the month before Itaú emailed me about its renewed plans to phase out the hardware token: no new ones would be issued, though the ones in use would be usable as long as their batteries lasted. The lawsuit will hopefully enable us to come to an agreement so that I can start using oathtool or FreeOTP+.
2023-04 update
Surprisingly, there was no appeal. The sentence is final. It remains to be determined whether it will be obeyed.
Procon fines Sicredi
Back on the week the lawsuit had been filed, coincidentally, Procon published the appeal decision in the case against Sicredi, and I was contacted by its lawyers trying to find some way to reach an agreement and avoid the fine. I wrote and published a long open letter (in Portuguese) explaining why I rejected that and any other piece of nonfree software over philosophical (defending my software freedom on principle), practical (defending my freedom to choose what computer and operating system to use) and security (the alleged need for obscurity suggests insecurity) concerns.
I restated my wish for service delivered through a standards-compliant browser on any operating system, noting the possibility of removing the requirement for specific users, before or after authentication, and offering an alternative: getting documentation on the networked programming interfaces that their own apps rely on, for me to implement relevant features on Gnucash.
Coincidence?
A few days later, I was supposed to make a payment to my lawyer for his service in preparing the initial filing against Itaú. I went on to Santander's Internet banking website, that had served me well while Itaú and Sicredi let me down, and I couldn't get in: it was demanding me to agree to a so-called "privacy policy" (in Portuguese) that, besides requiring JavaScript to be viewed and not allowing printing or saving as a whole, contains abusive terms unrelated to the notion of privacy policy, or even to the terms of use bundled with it.
That policy had allegedly been in effect for nearly a whole year, so it seemed an unbelievable coincidence that they'd start demanding agreement to it right then. The next day, the requirement was gone, only to return a couple of weeks later. Meanwhile, I could make the payment, but my lawyer joked he could already tell the next bank we were going to sue.
Some of the abusive terms were the power to choose computers and operating systems the customer would have to use to get service, and the power to discontinue the service unilaterally for any reason, including changes to the technological platform. My lawyer's guess is probably right, but I've started by filing a complaint with the consumer protection agency and agreeing only to the terms identifiable as privacy policy. The bank did not dispute my understanding in its response, so the case got closed with the understanding that they agreed, but the fight goes on.
Copyright 2022-2023 Alexandre Oliva
Copyright 2023 FSFLA
Permission is granted to make and distribute verbatim copies of this entire document worldwide without royalty, provided the copyright notice, the document's official URL, and this permission notice are preserved.
Bankrupt
Reprinted with permission from Alexandre Oliva (FSFLA and FSF)
Banking institutions have sought to automate customer service through websites and, more recently, through TRApps.
https://www.fsfla.org/anuncio/2023-03-TRApps
What these banks are saving in offices and staff, we customers are paying for with security and freedom. They are morally bankrupt.
Genuine security never depends on secret software. On the contrary, transparency strengthens security.
Nevertheless, these banks impose on us, in the name of security (their own, not ours), various harmful behaviors:
-
the use of software that we cannot control and whose actions on our computers are hidden from us;
-
the use of too-short passwords; and
-
the use of devices and operating systems designed to run under someone else's control, and to collect and exfiltrate our data.
Running software controlled by others always implies a loss of freedom, and a threat to security and privacy.
The requirement to use these programs has become so common and persistent that it seems unavoidable. Thus, we have decided to expand our campaign against imposed taxing software beyond state-controlled institutions to also include private services and goods whose providers converge on such impositions.
https://www.fsfla.org/anuncio/2023-04-bancarrota#softimp
We share our board member Alexandre Oliva's recent account of his over 20 years of struggle against technological abuse by banks in his country. We highlight his recent legal victory: online banking services must be restored without requiring the installation of programs other than a standard browser. Read more:
https://www.fsfla.org/texto/bancarrota
About Imposed Taxing Software
Since 2006, we have been running a campaign against imposed taxing software: programs that are imposed in the sense that you cannot avoid them, and taxing in the sense that they burden you in a way that resembles a tax, but is exempt from social benefits and paid for with your freedom.
Nonfree programs are unjust and too onerous (even when they are nominally gratis), because they imply a loss of freedom, that is, of control over your digital life. When this burden (of suppressed freedom) is compounded with the imposition of use of such programs, they become profoundly oppressive: imposed taxing software.
Our initial focus was on oppressive software imposed by governments, such as mandatory tax-related programs and software required to interact with public banks.
https://www.fsfla.org/circular/2006-11#Editorial
While pressuring the government to liberate income tax software in Brazil, we have been updating and publishing a compatible and freedom-respecting version every year since 2007.
https://www.fsfla.org/anuncio/2012-10-Acesso-SoftImp
https://www.fsfla.org/~lxoliva/fsfla/irpf-livre/
In 2023, we extended the campaign to taxing software imposed by private providers: when freedom-depriving software is required to obtain or enjoy products or services.
To be clear, this campaign is not (solely) about software for taxation, but rather about software that is taxing (an unjust burden, because it taxes your freedom; the software is itself like a tax), and that, on top of that, is imposed, thus profoundly oppressive.
About FSFLA
Free Software Foundation Latin America joined in 2005 the international FSF network, previously formed by Free Software Foundations in the United States, in Europe and in India. These sister organizations work in their corresponding geographies towards promoting the same Free Software ideals and defending the same freedoms for software users and developers, working locally but cooperating globally.
https://www.fsfla.org/
Copyright 2023 FSFLA
Permission is granted to make and distribute verbatim copies of this entire document without royalty, provided the copyright notice, the document's official URL, and this permission notice are preserved.
Permission is also granted to make and distribute verbatim copies of individual sections of this document worldwide without royalty provided the copyright notice and the permission notice above are preserved, and the document's official URL is preserved or replaced by the individual section's official URL.
04.27.23
Microsoft Leaving Atlanta
Summary: In Seattle, Redmond and Bellevue (Washington) Microsoft has hit the brakes and laid off many people (more than it admits to the press); apparently Atlanta too is impacted (skip to 1:22)
Content is available under CC-BY-SA