Instagram Hates the Internet

Instagram Uses DMCA Complaint to "Protect" Users' "Copyrighted Works"

The anti-circumvention provisions of the DMCA allow companies that own or provide access to copyrighted works to target tools and systems that facilitate access to that content in an unauthorized manner. [...]

This week Facebook-owned Instagram entered the arena when it filed a DMCA notice against code repository Github. It targeted Instagram-API, an independent Instagram API created by a Spain-based developer known as 'mgp25'. [...]

"Back in the day I wasn't able to use Instagram on my phone, and I wanted something to upload photos and communicate with my friends. That's why I made the API in the first place," he explains. [...]

"I think reverse engineering should be exempt from the DMCA and should be legal. By reverse engineering we can verify whether apps are violating user privacy, stealing data, backdooring your device or doing even worse things," he says. "Without reverse engineering we wouldn't know whether the software was a government spy tool. Reverse engineering should be a right every user should have, not only to provide interoperability functionalities but to assure their privacy rights are not being violated." [...]

After the filing of the complaint, it took a couple of days for Github to delete the project but it is now well and truly down. The same is true for more than 1,500 forks of Instagram-API that were all wiped out after their URLs were detailed in the same complaint.

Previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , , , ,

Postfix address rewriting

Dear Lazyweb,

How do I get postfix to log the entirety of inbound and outbound SMTP sessions? (Including the STARTTLS payload.)

I've mostly solved my mail-delivery problems by routing most (but not all) of my outbound mail through Amazon SES. But when I send a message that happens to bounce, the bounce is bouncing. I'm having a hard time understanding the thing that "notify_classes = 2bounce" is sending me.

<jwz@jwz.org> (expanded from <root@dnalounge.com>): host email-smtp.us-west-2.amazonaws.com[52.88.130.249] said: 501 Invalid MAIL FROM address provided (in reply to MAIL FROM command)
...
Reporting-MTA: dns; cerebrum.dnalounge.com
X-Postfix-Queue-ID: 4FD309B318
X-Postfix-Sender: rfc822; MAILER-DAEMON@cerebrum.dnalounge.com

Final-Recipient: rfc822; jwz@jwz.org
Original-Recipient: rfc822;root@dnalounge.com
Action: failed
Status: 5.0.0
Remote-MTA: dns; email-smtp.us-west-2.amazonaws.com
Diagnostic-Code: smtp; 501 Invalid MAIL FROM address provided

It looks like it's saying that SES rejected my "MAIL FROM" address, but I definitely have dnalounge.com and jwz.org on the list of verified, allowed domains. So I don't know how to tell what address it is complaining about. I've tried debug_peer_list but it is confusing and does not appear to answer my question.

Previously.

Tags: , , , , ,

Facebook Won't Remove This Woman's Butthole As a Business Page

"This unofficial Page was created because people on Facebook have shown interest in this place or business. It's not affiliated with or endorsed by anyone associated with Samantha Rae Anna Jespersen's Butthole."

Samantha Jespersen never wanted her butthole to be the first thing that came up when someone googled her name. But to her horror, she discovered "Samantha Rae Anne Jespersen's Butthole" -- a Facebook business page -- was the very first result when she googled her name.

The Page was created in 2012, when she was only 15 years old. But Jespersen, now 23 and a professional baker, didn't notice it until 2015, when she searched her name. Her reaction was "What the fuck?" "How did this happen?" she told BuzzFeed News.

Jespersen had no idea how the Page was created. She didn't make it herself, and she doesn't know anyone who would have made it on her behalf. [...] Some users suggested that perhaps some friends had created an "interest" in her butthole on their own Facebook profiles as a joke, and this triggered a Page to be created automatically.

To date, the "business" of Jespersen's butthole has no reviews (though it invites them), and no Stories have been added to it. [...]

The exact street address of the so-called business isn't listed, but the pin on the map shows the precise location of her former home (she and her family no longer live there).

What has really vexed Jespersen is that she's been unable to get it taken down. Since she discovered the Page in 2015, she's reported it several times -- but Facebook has said it isn't in violation of its community standards. [...]

"I feel like if anybody has found it, it would probably feel way too weird to talk to me about it," she said. "And if I didn't get a job over it, they definitely wouldn't call me and say, 'Hey, found the Page about your butthole, not going to hire you, bye.'"

And the oh-so-predictable punchline:

(Facebook removed the Page after this article was published).

Previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , ,

Another day, another MITM attempt

Dear Lazyweb,

Can anyone explain to me how to install "Xposed Framework" into an Android emulator on macOS? None of the instructions I've found work.

Rumor has it that this "JustTrustMe" plugin will make mitmproxy work with pinned apps. I got Xposed from here and the installer from here (why isn't it bundled?) and tried it with a "Google API 26" x86_64 emulator. The installer keeps telling me my device isn't rooted, but I've done "adb root".

Or should I be using Frida instead, which looks almost-incomprehensibly more complicated?

Previously, previously.

Tags: , , , , , , ,

Ring Doorbell App Packed with Third-Party Trackers

Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers.

Four main analytics and marketing companies were discovered to be receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers.

The danger in sending even small bits of information is that analytics and tracking companies are able to combine these bits together to form a unique picture of the user's device. This cohesive whole represents a fingerprint that follows the user as they interact with other apps and use their device, in essence providing trackers the ability to spy on what a user is doing in their digital lives and when they are doing it. All this takes place without meaningful user notification or consent and, in most cases, no way to mitigate the damage done. [...]

Ring has exhibited a pattern of behavior that attempts to mitigate exposure to criticism and scrutiny while benefiting from the wide array of customer data available to them. It has been able to do so by leveraging an image of the secure home, while profiting from a surveillance network which facilitates police departments' unprecedented access into the private lives of citizens, as we have previously covered. For consumers, this image has cultivated a sense of trust in Ring that should be shaken by the reality of how the app functions: not only does Ring mismanage consumer data, but it also intentionally hands over that data to trackers and data miners.

Previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , ,

Recent Movies

Blood Drive: I reviewed this the first time around, but on a rewatch, yes, it is still excellent and I am sad that it only got the one season. Their over-use of black censorship bars is mastery of the form.

Code 8: This was pretty good. The premise is that people with superpowers exist, but rather than taking over the world or being exploited as weapons, they're legislated out of the workforce. That seems an unlikely outcome to me, but it holds together in the story, which is half heist movie and half class war.

Star Wars 9: I have not felt a disturbance in The Force like this since... Episode 1. At one point I inadvertently yelled "AWWWWW FUCK YOUUU" at the screen and then I remembered "I'm at Alamo, they might throw me out now." Well, we do what we must. Here are just some stupid things in no particular order:

  • There is literally no explanation for how or why Palpatine is alive. No I don't care what you read in the novelization.

  • Rey is Palpatine's granddaughter, so the whole "biology is not destiny" thing that was the best part of Episode 8 is now, "Oh, yeah, actually it is". Thanks, Jar Jar Abrams. This is the "Kill Newt before the opening credits, obviating the entire previous movie" of the Star Wars franchise.

  • If Kylo Ren has a goal I can't tell what it is, other than periodically freaking out like Nicolas Cage (see below).

  • Every Star Destroyer has a planet killing cannon now. Cool, cool. Oh but they can't run shields in atmosphere so you can take down a Star Destroyer with a blaster I guess?

  • Palpatine somehow managed to secretly build a fleet of like, 10,000 Star Destroyers that he donated to the First Order - and don't those things take like a quarter million people to crew them? Who are all these people??? Don't say clones. Fuck you.

  • Oh and Snoke (remember him? Yeah neither do I) was a vat-grown meat puppet of Palpatine all along. How do you get elected Supreme Leader of a book club like that? Does this guy not have staff meetings? Which is the same problem I have with Kylo Ren. Dude must have paperwork at some point. Who actually manages his empire??

  • Nothing builds tension and urgency like a Heal/Resurrection Spell fake-out. Wait no, strike that, reverse it. Also there's a scene where Kylo Ren cuts down what I assume are the Knights of Ren? So like, didn't he spend years training these guys? Shouldn't this be more of A Thing?

  • I cannot accept that there is still life on the moon of Endor. (This may have been when I yelled at the screen.) The Chicxulub asteroid was only 7 miles across, Death Star Two Electric Boogaloo was 120. You don't dump 904,000 cubic miles of steel honeycomb on a planet and still have surface life. The Endor Holocaust is being covered up.

Parasite: It's about a family of broke grifters and a gig that goes really wrong. It's well written, and has some really horrific moments as well as some strait-up screwball comedy. (I'm kind of puzzled why every review tried to keep the plot totally secret, as if there would be huge spoilers?)

Ballad of Buster Scruggs: Somehow I missed that this even came out. It's definitely one of the lesser Cohen Brothers movies, but still fun. There is a surprising amount of singing. And it is unsurprisingly bleak.

Zeiram (1991) and Zeiram II (1994): I hadn't seen these in ages: sexy bounty hunter and her software sidekick come to earth to chop-socky a fugitive monster whose power level is well over 87. They are way more low budget than I remembered, but still very fun. I remembered there being more power-armor karate and less body horror -- wow is there a lot of body horror! Also, maybe it's a translation thing, but why did they keep calling Zeiram "he"? It's covered with boobs and lays eggs that grow into fighting monster slime babies! Also, I'll take Squeaky Zeiram Face over Baby Yoda any day.

Scooby Doo: Return to Zombie Island: A solid outing. Shaggy makes the gang promise not to solve any mysteries while they are on vacation, and they really, really try. Guest appearance by Elvira!

Elvira, Mistress of the Dark (1988): I hadn't seen this since I was a kid, and it was funnier than I expected! These are exactly the sort of groaner jokes we expect from a burlesque show. Also, fun fact, I'm pretty sure that this movie was where I saw tassle-twirling for the very first time.

Elvira's Haunted Hills (2001): This was... not very funny. I can imagine their enthusiasm: "We get to go to Bulgaria to do a Vincent Price pastiche! Richard O'Brian said yes!" But wow, did it fizzle.

Infinity Train: This is so great! A kid runs away and gets on the wrong train that is... infinitely long and each car is a pocket universe. It's got an amazing Tex Avery-meets-anime cartoon logic to it, the jokes are very clever, and the plot superballs between surreal zaniness and super emo dark. And if you are ever looking for a name for a pet, the answer is "Alan Dracula".

Color Out of Space: This was exactly what I expected from a Nicolas Cage movie. He freaked out, was covered in blood, and did inexplicable accents. The movie was... ok, but there wasn't much to it. I still contend that Cage has been in exactly one good movie in his career, and that was Raising Arizona. (If they would release the pre-FX version of Ghost Rider, I might revise this opinion.)

Harriet: This was great! Hey, remember when Obama's treasury department was going to replace genocidal slaveholding piece-of-shit Andrew Jackson on the $20 with escaped slave, abolitionist, insurgent and spy Harriet Tubman, and then Trump and Mnuchin killed it because they're racists? Well, might I direct your attention to Tubman Stamp dot Com.

BTW, a couple people asked me if I'm going to resume my year-end music wrap-ups this year, since I skipped last year. Probably not. I'm just not feeling it.

Previously.

Tags: , , , , , , ,

Ferry Building's Members-Only Techie Club Stumbles in Attempt at Liquor License

Despite the lack of license, Shack15's website is claiming the place is stocked "with multiple full-service bars."

Shack15 currently has one Yelp review (posted Sunday), which begins "Shack 15 is a game-changer." I promptly puked my guts out and did not read any further.

But there is plenty more puke-worthy language on Shack15's website. Calling the club a "place for founders, innovators, and changemakers," Shack15 says it is "where ideas go to breathe" and "a platform for genuine community throughout all stages of the entrepreneurial journey and a home for the exploration of extraordinary ideas."

The target demographic seems more akin to an exploration of how to lose extraordinary amounts of other people's money. But these "founders, innovators, and changemakers" might do well to remember the Museum of Ice Cream liquor license fiasco, where the quasi-museum was denied the license in no small part because they advertised serving alcohol before being granted a license. We'll see if these so-called "changemakers" can get the Board to change their apprehensiveness toward founders who start up shop without securing permits.

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , ,

The Preacher

Chilling role of 'the Preacher' confirmed at CIA waterboarding hearing in Guantánamo

In the courtroom of the military commission, the CIA officer was referred to only by three-digit code NZ7, or simply as "the Preacher" -- a nickname he was given because of his peculiar way of terrorising detainees.

According to James Mitchell, a psychologist on contract to the CIA who helped draft and apply their "enhanced interrogation techniques", the Preacher "would at random times put one hand on the forehead of a detainee, raise the other high in the air, and in a deep Southern drawl say things like, 'Can you feel it, son? Can you feel the spirit moving down my arm, into your body?'"

Mitchell gave that chilling description in his memoir, Enhanced Interrogation, and on the witness stand on Thursday, he confirmed the Preacher's role at the CIA black sites. He was giving evidence at a pre-trial hearing in the case against five defendants charged for the 9/11 al-Qaida attacks, including the self-styled mastermind, Khalid Sheikh Mohammed.

Previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , , ,

Quilted Squishy Flesh Suits

Daisy Collingridge:


Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , , , , ,

Mystery Flesh Pit National Park

Mystery Flesh Pit National Park:

As the name suggests, it's a giant flesh tunnel opening through the Earth's epidermis, dermis, hypodermis, and more, revealing colossal esophagi and leviathan spleen. As you descend, you may encounter "spasm fits" and "gastric ejecta" or feel your bodily moisture being "leeched." Deviate from the marked trails and you risk digestion, lethal entanglement with "Macrobacteria" and "Abyssal Copepods," or a splattering of "amniotic secretions."

Feast your eyes upon it, O mortal.

D̷̺̕ȯ̸̗ ̸͈͂y̷"̚o̵͐͜ü̷͖ ̶͉͑f̷̓͜e̴̻̒ḛ̴̆l̷̩̊ ̴͕͆i̸͕̒ẗ̶̖́ ̴̤͠b̵͎̽e̵̖͛c̵̤̆k̸̦̈́ȍ̵̱n̴̟͊i̴͖̅n̴̦̐g̷͖͘?̸̼̍

Roberts describes the MFPNP as such:

The Mystery Flesh Pit is the name given to a bizarre natural geobiological feature discovered in the permian basin region of west texas in the early 1970s. The pit is characterized as an enormous subterranean organism of indeterminate size and origin embedded deep within the earth, displaying a vast array of highly unusual and often disturbing phenomena within its vast internal anatomy.

Following its initial discovery and subsequent survey exploration missions, the surface orifice of the Mystery Flesh Pit was enlarged and internal sections were slowly reinforced and developed by the Anodyne Deep Earth Mining corporation who opened the Pit as a tourist attraction in 1976. In the early 1980s, the site was absorbed into the National Park System which operated and maintained the Mystery Flesh Pit until its sudden closure in 2007.

Previously, previously, previously, previously, previously, previously, previously.

Tags: , , ,

  • Previously