Browse Source

add proof of Playstore insecurity

master
cyberMonk 1 year ago
parent
commit
15063a26b0
  1. 11
      input_data/table_legend.md
  2. 31
      rap_sheets/cloudflare.md
  3. 2
      usa_banks.md
  4. 11
      usa_brokerages.md
  5. 11
      usa_insurance_companies.md

11
input_data/table_legend.md

@ -174,6 +174,17 @@ avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
Google Playstore is
[scientifically proven](https://nsl.cs.waseda.ac.jp/wp-content/uploads/2018/04/submitted_wama2017.pdf)
to be relatively insecure compared to F-Droid in the "*Understanding
the Security Management of Global Third-Party Android Marketplaces*"
article. Also noteworthy is
[F-Droid: The privacy-friendly alternative to Google Play Store](https://android.izzysoft.de/articles/named/fdroid-intro-1).
Another [study](https://core.ac.uk/download/pdf/142058929.pdf#page=64)
found financial applications on Android to have a propensity to call
for over-priviledged permissions and to call the protected android
methods excessively.
## Why CISPA supporters are graylisted
The [Cyber Intelligence Sharing and Protection Act (CISPA)](

31
rap_sheets/cloudflare.md

@ -1,4 +1,4 @@
[RAP-pp]: <rap_sheets/paypal.md>
[RAP-pp]: <paypal.md>
[//]: # (https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/paypal.md)
[//]: # (interesting flip-flopping loop when trying to visit dl.acm.org via archive.org from curl)
@ -50,7 +50,7 @@
[36]: https://nitter.net/eastdakota/status/1273277839102656515
[37]: https://en.wikipedia.org/wiki/Schadenfreude
[38]: https://nitter.net/thexpaw/status/1108424723233419264
[39]: https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams
[39]: <https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams> "popups (better link needed)"
[40]: <https://web.archive.org/web/20191112033605/https://opencollective.com/cloudflarecollective#section-about> "using mirror to avoid CloudFlare"
[41]: https://www.businessinsider.com/cloudflare-ceo-suggests-people-who-report-online-abuse-use-fake-names-2017-5
[41-cache]: https://web.archive.org/web/20171024040313/www.businessinsider.com/cloudflare-ceo-suggests-people-who-report-online-abuse-use-fake-names-2017-5
@ -61,6 +61,13 @@
[rbi]: <https://web.archive.org/web/20210323130327/blog.cloudflare.com/browser-isolation-for-teams-of-all-sizes> "using mirror to avoid CloudFlare"
[rbiDiscrimination]: <https://toot.cafe/@matt/105939502971295092> "warning: Amazon link"
[RBIzeroTrust]: <https://web.archive.org/web/20210323130454/https://blog.cloudflare.com/cloudflare-and-remote-browser-isolation> "using mirror to avoid CloudFlare"
[unescoEDU1950]: http://portal.unesco.org/en/ev.php-URL_ID=12074&URL_DO=DO_TOPIC&URL_SECTION=201.html
[unescoEDU1960]: http://portal.unesco.org/en/ev.php-URL_ID=12949&URL_DO=DO_TOPIC&URL_SECTION=201.html
[unescoEDU2003]: http://portal.unesco.org/en/ev.php-URL_ID=17721&URL_DO=DO_TOPIC&URL_SECTION=201.html
[unescoEDU2015]: http://portal.unesco.org/en/ev.php-URL_ID=49358&URL_DO=DO_TOPIC&URL_SECTION=201.html
[unescoEDU2019]: http://portal.unesco.org/en/ev.php-URL_ID=49556&URL_DO=DO_TOPIC&URL_SECTION=201.html
[unescoG16]: https://en.unesco.org/themes/access-information
[unescoEDUhr]: https://en.unesco.org/themes/education
# CloudFlare
@ -145,7 +152,25 @@ CloudFlare is a vigilante extremist organization that takes the decentralized we
*"enable users to remain anonymous and avoid both
**commercial** and government surveillance."*(emphasis
added) Proquest's use of CF also undermines several parts
of the [Library Privacy Guidelines for Vendors][27].
of the [Library Privacy Guidelines for Vendors][27]. RUC's
campus in Denmark is subject to the
[1960 Convention against Discrimination in Education][unescoEDU1960]
and yet its use of Proquest violates articles 1 and 5 in
that treaty. RUC's use of Proquest also violates article
IV(a) of the
[1950 Agreement on the Importation of Educational, Scientific and Cultural Materials][unescoEDU1950],
paragraph II.9.iii of the 2019
[Recommendation on Open Educational Resources (OER)][unescoEDU2019],
paragraphs 3.2 and 3.5 of
[Recommendation concerning the preservation of, and access to, documentary heritage including in digital form][unescoEDU2015]
and article 2 of the 2003
[Charter on the Preservation of Digital Heritage][unescoEDU2003]. [Goal 16][unescoG16]
of UNESCO's 2030 Agenda for Sustainable Development
includes open public access to information, which RUC and
Proquest violates as a consequence of jailing education
resources in the walled garden of Cloudflare. Access to
education is a [human right][unescoEDUhr], so when RUC
makes it exclusive, it undermines human rights.
1. ACM's Digital Library is jailed in CloudFlare's exclusive walled-garden despite ACM's intent to be ["open" during a pandemic][28]. The perverse affect is that privacy-seekers are subject to CF's privacy abuses when attempting to access [a paper about privacy abuse][29].
1. CloudFlare [attacks freedom of expression][30].
1. When a review exposed CloudFlare's doxxing of whistle blowers, CF [censored][31] the review.

2
usa_banks.md

@ -25,7 +25,7 @@
(👌) *the problem with ALEC*-- ALEC is a huge right-wing political lobby that puts corporate interests above the interest of human beings, as it fights gun control, fights healthcare, fights immigration, fights unions, fights public education, fights womens rights, and supports the NRA. The OK hand sign (👌) indicates that the bank supports right-wing extremism through ALEC membership.
(👁) *the problem with Tor hostility*-- Tor is a tool that helps the privacy of consumers. Banks that block Tor or take hostile actions against customers who use Tor are indicated with an eye (👁). A plus ("+") indicates that the bank allows Tor users to *attempt* to login (so they can discover which of their customers use Tor), followed by a permanent account denial and locked bank account.
(👁) *the problem with Tor hostility*-- Tor is a tool that helps the privacy of consumers. Banks that block Tor or take hostile actions against customers who use Tor are indicated with an eye (👁). A plus ("+") indicates that the bank allows Tor users to *attempt* to login (so they can discover which of their customers use Tor), followed by a [permanent account denial](https://git.sdf.org/deCloudflare/deCloudflare/src/branch/master/anti-tor_users/misc/hostility.md) and locked bank account.
More metrics: to see where these banks stand on gun issues, see https://isyourbankloaded.org.

11
usa_brokerages.md

@ -238,6 +238,17 @@ avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
Google Playstore is
[scientifically proven](https://nsl.cs.waseda.ac.jp/wp-content/uploads/2018/04/submitted_wama2017.pdf)
to be relatively insecure compared to F-Droid in the "*Understanding
the Security Management of Global Third-Party Android Marketplaces*"
article. Also noteworthy is
[F-Droid: The privacy-friendly alternative to Google Play Store](https://android.izzysoft.de/articles/named/fdroid-intro-1).
Another [study](https://core.ac.uk/download/pdf/142058929.pdf#page=64)
found financial applications on Android to have a propensity to call
for over-priviledged permissions and to call the protected android
methods excessively.
## Why CISPA supporters are graylisted
The [Cyber Intelligence Sharing and Protection Act (CISPA)](

11
usa_insurance_companies.md

@ -247,6 +247,17 @@ avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
Google Playstore is
[scientifically proven](https://nsl.cs.waseda.ac.jp/wp-content/uploads/2018/04/submitted_wama2017.pdf)
to be relatively insecure compared to F-Droid in the "*Understanding
the Security Management of Global Third-Party Android Marketplaces*"
article. Also noteworthy is
[F-Droid: The privacy-friendly alternative to Google Play Store](https://android.izzysoft.de/articles/named/fdroid-intro-1).
Another [study](https://core.ac.uk/download/pdf/142058929.pdf#page=64)
found financial applications on Android to have a propensity to call
for over-priviledged permissions and to call the protected android
methods excessively.
## Why CISPA supporters are graylisted
The [Cyber Intelligence Sharing and Protection Act (CISPA)](

Loading…
Cancel
Save