"Stylish" browser extension steals all your internet history

Found on Robert Heaton on Thursday, 05 July 2018
Browse Internet

Unfortunately, since January 2017, Stylish has been augmented with bonus spyware that records every single website that I and its 2 million other users visit. Stylish sends our complete browsing activity back to its servers, together with a unique identifier. This allows it’s new owner, SimilarWeb, to connect all of an individual’s actions into a single profile.

Stylish’s transition from visual Valhalla to privacy Chernobyl began when the original owner and creator of Stylish sold it in August 2016. In January 2017 the new owner sold it again, announcing that “Stylish is now part of the SimilarWeb family”. The SimilarWeb family’s promotional literature lists “Market Solutions To See All Your Competitors’ Traffic” amongst its interests.

That's one of the problems with the entire plugin ecosystem: everybody can release plugins, and everybody can install them. However, users won't get any notifications about owner changes or new "features". That's why it's best to keep the plugin-list as short and trusted as possible.

Gmail messages 'read by human third parties'

Found on BBC News on Wednesday, 04 July 2018
Browse Internet

Google has confirmed that private emails sent and received by Gmail users can sometimes be read by third-party app developers, not just machines.

When linking an account to an external service, people are asked to grant certain permissions - which often include the ability to "read, send, delete and manage your email".

The companies said they had not asked users for specific permission to read their Gmail messages, because the practice was covered by their user agreements.

Why would somebody with a little bit of brain left even remotely consider to allow some random company to have access to the mailbox? Stupidity really has no limits.

Namecheap users rage at domain transfer pain, but their supplier Enom blames... er, GDPR?

Found on The Register on Tuesday, 03 July 2018
Browse Internet

"The original registrar rightly cannot control it and as Namecheap can't control it either, the end user has to go cap in hand to Nominet and pay a £12 ransom to change the IPS-TAG a second time back to their original supplier," the punter said.

For its part, Enom's status page has detailed the issues under the heading "GDPR implementation", although it isn't clear how Europe's General Data Protection Regulation is at fault for this specific issue.

Sounds like a game of "blame someone else".

YouTube now lets you pay $4.99 per month to support your favorite creators

Found on Ars Technica on Friday, 22 June 2018
Browse Internet

Most YouTube creators make a profit through ad revenue, but they'll now have Channel Memberships and Merchandise features to bolster their income—if they pass specific subscriber thresholds.

YouTube knows that many creators haven't been happy with the company's recent content policies changes (as well as the ever-confusing nature of YouTube's algorithms) because it has made it harder for creators large and small to make money from advertisements.

A YouTube representative told Ars in an email that creators will keep 70 percent of the profits from Channel Memberships and merchandise sales while YouTube will get the remaining 30 percent.

Here comes the next payment option, right after Facebook accounced fees for groups.

Facebook Groups may soon charge monthly subscription fees for access

Found on The Verge on Thursday, 21 June 2018
Browse Internet

Facebook will now let group administrators start charging $4.99 to $29.99 a month for exclusive membership in certain groups, the company announced today in a blog post.

Facebook says the new feature is so that group admins, who put a lot of time and dedication to growing their communities, can also earn money at the same time.

Many of those groups will see a significant drop of users. Sooner or later Facebook will of course demands its share too, then it will extend the fees and more users will flee than already do. Alltogether, a good development.

Gmail proves that some people hate smart suggestions

Found on Techcrunch on Monday, 18 June 2018
Browse Internet

Gmail has recently introduced a brand new redesign. While you can disable or ignore most of the new features, Gmail has started resurfacing old unanswered emails with a suggestion that you should reply.

Even if the suggestions can be accurate, it’s a bit creepy, it’s poorly implemented and it makes you feel like you’re no longer in control of your inbox.

That's what you get for trusting a company which removed the 'Don't Be Evil' clause from its code of conduct. Just host your email yourself, or find a smaller provider which you can trust.

17 Backdoored Docker Images Removed From Docker Hub

Found on Bleeping Computer on Saturday, 16 June 2018
Browse Internet

All 17 images were uploaded on the Docker Hub portal by the same person/group, using the pseudonym of "docker123321." Some of these packages have been installed more than one million times, while others were used hundreds of thousands of times.

Wiping systems entirely is probably the safest bet for users who've used one of the 17 Docker images listed in the tables above.

Congrats to all the clueless devs who pull in random software from random sources without checking anything. If you use Docker, build the images yourself.

ICANN pays to push Whois case to European Court of Justice

Found on The Register on Friday, 15 June 2018
Browse Internet

The California based non-profit said this week it would appeal a decision against it in German court but also, bizarrely, announced that it would also appeal that court's decision to the European Court of Justice if it gave the wrong answer.

Seemingly unaware of how the legal system works, ICANN criticized that court decision less for its actual decision than for the fact that it hadn't done what ICANN wanted: to state definitively what the correct interpretation of the GDPR legislation is when it comes to the Whois service.

Whois should have died years ago. Nothing good came ever out of it, except spam, spam and more spam to domain owners.

Verizon’s new $95 unlimited plan offers at least 75GB of high-speed data

Found on Ars Technica on Thursday, 14 June 2018
Browse Internet

Verizon Wireless next week will start selling a third unlimited data plan, one that costs $95 for one line and lets customers use 75GB each month without any possibility of throttling.

GoUnlimited slows you down in congested areas at any time during a monthly billing cycle regardless of how much data you've used.

There are several other differences among Verizon's three unlimited plans. While GoUnlimited allows only "DVD-quality" video streaming at 480p, BeyondUnlimited and AboveUnlimited both allow HD-quality video streaming at 720p.

That's HeavilyRestricted, not AboveUnlimited.

Worst. Birthday. Ever. IPv6's party falls flat

Found on The Register on Sunday, 10 June 2018
Browse Internet

The “IPv6 Launch Day” that happened on June 6, 2012, was a cross between official switch-on by a bunch of US service providers, and promotional exercise.

IPv6 co-author Bob Hinden gave another upside view, noting that “the current level of IPv6 deployment means that the technical hurdles have been overcome and the implementations are mature”.

Let's just skip IPv6 and wait for IPv8.