[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-requested confusing auto download issue

From: Miroslav Rovis
Subject: Re: non-requested confusing auto download issue
Date: Sat, 8 May 2021 16:08:05 +0200

Hi! See below when I sent the message! At the time of
sending it does not appear on:
I.e. I sent it more than 15 hours ago.

Also, no fixing of the bug:
has happened yet.

And also no contact appears on pages of (didn't check all pages, but
the front page, and the
do not have any contact to my understanding).

I'm resending this email but only with the one layer of
citation removed, so it contains text identical to the sent

If it does not appear for longer, then, because it could be
outside filtering, I am thinking of doing what I said I
would previously (see
> > take out all the relevant messages, use my frozen lurker
> > little set of scripts to convert them for web and post
> > them for perusal.

What worries me is: new material has been added to, but the bug has not been
fixed (the same 'Video preload is set to preload="auto"'
i.e. non-requested confusing auto download into browser
cache still happens. I checked: traced and casted).

The difference btwn the message of the hereby contained
identical text (all after the first "wrote" line below), and
this message, is I added these three recipients that were
not recipients of that not-showing on ML web email:
Michael McMahon, Greg Farough and Ian Kelling via RT.

Moderation mistake, or outside filtering/cancelling or
something else?


On 210508-00:42+0200, Miroslav Rovis wrote:
On 210506-21:32+0300, Jean Louis wrote:
> * Miroslav Rovis <> [2021-05-06 19:38]:
> > > You use Vim for browsing?
> > No, I don't. I'm at intermediate level in programming.
> Yes, which languages?
Bash, Perl. And other languages I'm at less than
intermediate like C, Python, Javascript, but anything in
programming is slowly starting to be more accessible to me
and slowly open up.

But I think other than the need for TLS-decryption in a
completely libre browser, we should conclude our tangent

I want to thank you, however for having informed the folks
here on the list on the issue of GNU Assembly splinter group.
It has been a necessary and valuable thread for this
community, not a tangent topic.

> > And I browse with Pale Moon, because it has
> > TLS-decryption available for setting up (which Iceweasel
> > and Debian packaged Firefox do not offer) and I trust
> > Pale Moon way more than Firefox nightly (which also
> > understands the SSLKEYLOGFILE env var) which I have to
> > use for websites that do not support Pale Moon.
> Problem with Pale Moon is that binary is proprietary
> freeware, thus not free software by definition. Only if
> branding is removed it could be free software, but I doubt
> it, as I looked into that license. They are complicating
> things just as Mozilla:
> -- I don't want to
> analyse it as it looks anti-free software, for example
> they forbid charging, etc. Nonsense, I will not look into
> it.
I have sometimes used CC BY-NC-SA (Creative Commons
Non-Commercial Share-Alike, for casual readers of this list,
such as from the Web),

I also like the JQuery's original non-evil-use clause. None
of those is really against either _real_ freedom or _good_
freedom or freedom for good which I subscribe to. So those
should be alowed, in my opinion. Not imposing my opinion
> So such browser would probably not qualify to be included
> in the free GNU operating systems.
A moot point. 

> > But I can tell you Firefox is horrendous by the shear number of
> > connections it makes and which the user didn't ask for. It's
> > connections to all kinds of places that Firefox makes just
> > when you start it...
> Yes, that is so. I wish we would have nice and quick browser, but we
> don't have.
> > That's tracking... And it's hard to analyze because of the
> > shear diversity and number of those connections...
> On the other hand Firefox does have now good privacy features. But for
> GNU as free operating system the core browser does not qualify
> to be included..
Firefox is tracking you. Pale Moon does not, or if I did see
a minimal phoning back in a rare network trace, it was
utterly negligeable in comparison to what Firefox does. And
just think of what the world's top unofficial spying agency
Schmoogle's Schmrome does... That's against freedom more
than anything in any user's boxen. Apart from straight

The privacy features it offers?... C'mon! If you track me,
what privacy do I really have left?
> > Pale Moon is a real friend in comparison, it does not
> > connect to big surveilling tech... Easy to analyze, but
> > not on complex sites like Facebook (hate it, but
> > sometimes go because of friends)... No browser would be
> > easy to analyze for such sites.
> Good privacy browser is GNU IceCat
Well, it offers me garbage in network traces (though I
didn't check in years by now [*]), can't use it.
> > Does Emacs offer setting up TLS-decryption (repeating
> > the link I gave before:
> > )?
> If Gnutls library can do that, then maybe, who knows. You
> could ask on GNU Emacs Help mailing list:
If I had time, but I'm way too involved with other
time-consuming tasks that I have to solve these days...
But I'm sure they are aware of this issue.

> > Can anybody say if it is at least present in somebody's
> > mind that it would be good to do that?
> > 
> > I'm not going to be browsing anywhere with something
> > that leaves junk to see in network traces instead of
> > decrypted traffic.
> Those are just SSL connections over HTTP protocol, almost
> each browser can tell what is being connected to. What you
> download is what you are getting, test and media.
No! It's more that that! You get binary junk in your traces
instead of decrypted content and you can't really tell what
happened, no! Can be MiTM, or other attacks, and I've seen
spoofing and things, but that would be a drift to tell, and
a drift that I do not have time for.

=  Just: TLS-decryption is badly needed in fully libre
=  browser, and until it is done, Pale Moon, being
=  Mozilla-level libre, is a really good choice.


[*] I can tell that some libre software have started to
    TLS-decryt connections since relatively recently. E.g.
    since only two or three years ago Wget honers
    SSLKEYLOGFILE and stores the keys it used. Also Curl,
    previously than Wget, probably, Curl is a real masterpiece.
    The Linus's Git decrypts as well.

    By the way, TLS decryption wasn't available in any program
    in the open at first. Then Wireshark's Sake Blok (if I
    remember his name correctly) saw how it can be done and
    wrote the patch for Wireshark. Tcpdump still can not decrypt
    SSL/TLS, but it has other advantages over the Wireshark set
    of programs.


Miroslav Rovis
Zagreb, Croatia
my PGP-key:

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]