For those wanting to embrace the "devalue your data" idea, I suggest uMatrix. High granularity for which resources your browser executes (cookie, css, images, plugins, scripts, xhr, and frames) from where (domain, subdomains, third parties).
I wonder how first party isolation will deal with both serving stuff from CDNs and serving stuff from different domain names which actually below to the same owner. For example,
YouTube streaming data is served from googlevideo.com,
most Reddit media is served from redditmedia.com, etc
You realise that "workers rights" is not given by a single data point, yeah? Even if in this specific case the US has it right, saying that "France is catching up to the US" is ludicrous.
If you have hundreds of tabs open, unused tabs etc, I would suspect that you'd have more to gain by fixing whatever is wrong with your work methodology than by downloading extensions. Food for thought.
The results of getting into "Podesta's gmail for some days" is you take the elections. But no, you think it's smarter getting into some nobody sysadmin's social media accounts. Got it.
Sorry, my intention wasn't to move the goalposts, I actually misspoke the second time. Obviously I don't care where the evidence comes from. I did mean "no public evidence" and then the parent made it political, somehow.
I did read the RPT-APT28 report by FireEye on APT28 (all fifty-something pages, surprise!). It did convince me that APT28 has political motivations. What's the connection between that and DNC/Podesta? I don't know, because there's no public evidence on that (that I know of).
Instead of focusing on the tools, focus on the results. I bet you're one of those people who uses microservices to run his 100 visitors/day blog just because it's the shiniest new paradigm.
> They are signed by the same process as all other APK's on the store; using the play store developer keys that OWS received. Google can backdoor it because they control the distribution source and verification scheme.
If I verify the signature, I can determine whether or not the APK has been tampered with by Google, yes or no?
> It would be too easy to say "don't try to teach moxie how to do crypto" but this won't be interesting to either of us, I'm really curious what is your threat model that you would like additional signature specifically by OWS and what do you want them to sign.
Well, obviously I'm not trying to teach anyone crypto as I don't know enough myself to begin with. My threat model is don't trust anyone that has a bad track record. In my book Google has a bad track record but not moxie.