US Tariffs for the EU? Then let’s get rid of the anti competitive rules the US rammed down the throat of the EU for tariff free trade

Those were wild times, when engineers pitted their wits against one another in the spirit of Steve Wozniack and SSAFE. That era came to a close – but not because someone finally figured out how to make data that you couldn’t copy. Rather, it ended because an unholy coalition of entertainment and tech industry lobbyists convinced Congress to pass the Digital Millennium Copyright Act in 1998, which made it a felony to “bypass an access control”:

https://www.eff.org/deeplinks/2016/07/section-1201-dmca-cannot-pass-constitutional-scrutiny

That’s right: at the first hint of competition, the self-described libertarians who insisted that computers would make governments obsolete went running to the government, demanding a state-backed monopoly that would put their rivals in prison for daring to interfere with their business model. Plus ça change: today, their intellectual descendants are demanding that the US government bail out their “anti-state,” “independent” cryptocurrency:

https://www.citationneeded.news/issue-78/

[…]

Big Tech isn’t the only – or the most important – US tech export. Far more important is the invisible web of IP laws that ban reverse-engineering, modding, independent repair, and other activities that defend American tech exports from competitors in its trading partners.

Countries that trade with the US were arm-twisted into enacting laws like the DMCA as a condition of free trade with the USA. These laws were wildly unpopular, and had to be crammed through other countries’ legislatures:

https://pluralistic.net/2024/11/15/radical-extremists/#sex-pest

That’s why Europeans who are appalled by Musk’s Nazi salute have to confine their protests to being loudly angry at him, selling off their Teslas, and shining lights on Tesla factories:

https://www.malaymail.com/news/money/2025/01/24/heil-tesla-activists-protest-with-light-projection-on-germany-plant-after-musks-nazi-salute-video/164398

Musk is so attention-hungry that all this is as apt to please him as anger him. You know what would really hurt Musk? Jailbreaking every Tesla in Europe so that all its subscription features – which represent the highest-margin line-item on Tesla’s balance-sheet – could be unlocked by any local mechanic for €25. That would really kick Musk in the dongle.

The only problem is that in 2001, the US Trade Rep got the EU to pass the EU Copyright Directive, whose Article 6 bans that kind of reverse-engineering. The European Parliament passed that law because doing so guaranteed tariff-free access for EU goods exported to US markets.

Enter Trump, promising a 25% tariff on European exports.

The EU could retaliate here by imposing tit-for-tat tariffs on US exports to the EU, which would make everything Europeans buy from America 25% more expensive. This is a very weird way to punish the USA.

On the other hand, not that Trump has announced that the terms of US free trade deals are optional (for the US, at least), there’s no reason not to delete Article 6 of the EUCD, and all the other laws that prevent European companies from jailbreaking iPhones and making their own App Stores (minus Apple’s 30% commission), as well as ad-blockers for Facebook and Instagram’s apps (which would zero out EU revenue for Meta), and, of course, jailbreaking tools for Xboxes, Teslas, and every make and model of every American car, so European companies could offer service, parts, apps, and add-ons for them.

[…]

It’s time to delete those IP provisions and throw open domestic competition that attacks the margins that created the fortunes of oligarchs who sat behind Trump on the inauguration dais. It’s time to bring back the indomitable hacker spirit

[…]

Source: Pluralistic: There Were Always Enshittifiers (04 Mar 2025) – Pluralistic: Daily links from Cory Doctorow

Cloudflare blocking Pale Moon and other alternative browser engines

Aside from reporting it on Cloudflare’s forum, there appears to be little users can do, and the company doesn’t seem to be paying attention.

Cloudflare is one of the giants of content distribution network. As well as providing fast local caches of busy websites, it also attempts to block bot networks and DDoS attacks by detecting and blocking suspicious activity. Among other things, being “suspicious” includes machines that are part of botnets and are running scripts. One way to identify this is by looking at the browser agent and, if it’s not from a known browser, blocking it. This is a problem if the list of legitimate browsers is especially short and only includes recent versions of big names such as Chrome (and its many derivatives) and Firefox.

The problem isn’t new, and whatever fixes or updates occasionally resolve it, the relief is only temporary and it keeps recurring. We’ve found reports of Cloudflare site-blocking difficulties dating back to 2015 and continuing through 2022.

In the last year, The Register has received reports of Cloudflare blocking readers in March, again in July 2024, and earlier this year in January.

Users of recent versions of Pale Moon, Falkon, and SeaMonkey are all affected. Indeed, the Pale Moon release notes for the most recent couple of versions mention that they’re attempts to bypass this specific issue, which often manifests as the browser getting trapped in an infinite loop and either becoming unresponsive or crashing. Some users of Firefox 115 ESR have had problems, too. Since this is the latest release in that family for macOS 10.13 and Windows 7, it poses a significant issue. Websites affected include science.org, steamdb.info, convertapi.com, and – ironically enough – community.cloudflare.com.

According to some in the Hacker News discussion of the problem, something else that can count as suspicious – other than using niche browsers or OSes – is something as simple as asking for a URL unaccompanied by any referrer IDs. To us, that sounds like a user with good security measures that block tracking, but it seems that, to the CDN merchant, this looks like an alert to an action that isn’t operated by a human.

Making matters worse, Cloudflare tech support is aimed at its corporate customers, and there seems to be no direct way for non-paying users to report issues other than the community forums. The number of repeated posts suggests to us that the company isn’t monitoring these for reports of problems.

[…]

Source: Cloudflare blocking Pale Moon and other browsers • The Register

Microsoft Exchange Admin Center goes down for EU users

Microsoft’s Exchange Administration Center (EAC) has fallen over and appears to be struggling to get up.

The issue affects users trying to access EAC to administer Exchange Online for their users. Users began expressing frustration about the service being down just before lunchtime in the UK. The issue appears widespread in Europe, with users from countries such as Germany, Poland, and Belgium reporting problems.

Canada and the US appear fine, hinting that the issue might be location-based. The Register asked Microsoft for more details, but the company has not responded.

The EAC manages mailboxes, administers groups, and migrates data, among other functions. A lot of its functionality is also accessible via PowerShell, which currently seems to be working fine. However, the company has not commented on the issue or when it will be resolved.

Microsoft is very keen for customers to migrate from on-premises versions of Exchange to the company’s cloud, although one observer on social media remarked: “The amount of downtime they are facing is getting to a point where you can’t even argue ‘Cloud has better availability.'”

Quite. The long-held assertion that the cloud is a cheaper, more reliable option than an on-premises rack of servers has been ringing increasingly hollow in recent times. Microsoft suffered an Outlook outage over the weekend, and some Microsoft 365 users experienced downtime on Monday.

[…]

Source: Microsoft Exchange Admin Center takes siesta for EU users • The Register

How to stop Android from scanning your phone pictures for content and interpreting them

process called Android System SafetyCore – which arrived in a recent update for devices running Android 9 and later. It scans a user’s photo library for explicit images and displays content warnings before viewing them. Google says “the classification of content runs exclusively on your device and the results aren’t shared with Google.”

Naturally, it will also bring similar tech to Google Messages down the line to prevent certain unsolicited images from affecting a receiver.

Google started installing SafetyCore on user devices in November 2024, and there’s no way of opting out or managing the installation. One day, it’s just there.

Users have vented their frustrations about SafetyCore ever since and despite being able to uninstall and opt out of image scanning, the consent-less approach that runs throughout Android nevertheless left some users upset. It can be uninstalled on Android forks like Xiaomi’s MIUI using Settings>Apps>Android System SafetyCore>Uninstall or on Android using Apps/Apps & Notifications>Show System Apps>Show system apps>Locate SafetyCore>Uninstall or Disable. Reviewers report that in some cases the uninstall option is grayed out, and it can only be disabled, while others complain that it reinstalls on the next update.

The app’s Google Play page is littered with negative reviews, many of which cite its installation without consent.

“In short, it is spyware. We were not informed. It feels like the right to privacy is secondary to Google’s corporate interests,” one reviewer wrote.

Source: Google’s ‘consent-less’ Android tracking probed by academics • The Register

Android tracks you before you start an app – no consent required. Also, it scans your photos.

Research from a leading academic shows Android users have advertising cookies and other gizmos working to build profiles on them even before they open their first app.

Doug Leith, professor and chair of computer systems at Trinity College Dublin, who carried out the research, claims in his write up that no consent is sought for the various identifiers and there is no way of opting out from having them run.

He found various mechanisms operating on the Android system which were then relaying the data back to Google via pre-installed apps such as Google Play Services and the Google Play store, all without users ever opening a Google app.

One of these is the “DSID” cookie, which Google explains in its documentation is used to identify a “signed in user on non-Google websites so that the user’s preference for personalized advertising is respected accordingly.” The “DSID” cookie lasts for two weeks.

Speaking about Google’s description in its documentation, Leith’s research states the explanation was still “rather vague and not as helpful as it might be,” and the main issue is that there’s no consent sought from Google before dropping the cookie and there’s no opt-out feature either.

Leith says the DSID advertising cookie is created shortly after the user logs into their Google account – part of the Android startup process – with a tracking file linked to that account placed into the Google Play Service’s app data folder.

This DSID cookie is “almost certainly” the primary method Google uses to link analytics and advertising events, such as ad clicks, to individual users, Leith writes in his paper [PDF].

Another tracker which cannot be removed once created is the Google Android ID, a device identifier that’s linked to a user’s Google account and created after the first connection made to the device by Google Play Services.

It continues to send data about the device back to Google even after the user logs out of their Google account and the only way to remove it, and its data, is to factory-reset the device.

Leith said he wasn’t able to ascertain the purpose of the identifier but his paper notes a code comment, presumably made by a Google dev, acknowledging that this identifier is considered personally identifiable information (PII), likely bringing it into the scope of European privacy law GDPR – still mostly intact in British law as UK GDPR.

The paper details the various other trackers and identifiers dropped by Google onto Android devices, all without user consent and according to Leith, in many cases it presents possible violations of data protection law.

Leith approached Google for a response before publishing his findings, which he delayed allowing time for a dialogue.

[…]

The findings come amid something of a recent uproar about another process called Android System SafetyCore – which arrived in a recent update for devices running Android 9 and later. It scans a user’s photo library for explicit images and displays content warnings before viewing them. Google says “the classification of content runs exclusively on your device and the results aren’t shared with Google.”

Naturally, it will also bring similar tech to Google Messages down the line to prevent certain unsolicited images from affecting a receiver.

Google started installing SafetyCore on user devices in November 2024, and there’s no way of opting out or managing the installation. One day, it’s just there.

Users have vented their frustrations about SafetyCore ever since and despite being able to uninstall and opt out of image scanning, the consent-less approach that runs throughout Android nevertheless left some users upset. It can be uninstalled on Android forks like Xiaomi’s MIUI using Settings>Apps>Android System SafetyCore>Uninstall or on Android using Apps/Apps & Notifications>Show System Apps>Show system apps>Locate SafetyCore>Uninstall or Disable. Reviewers report that in some cases the uninstall option is grayed out, and it can only be disabled, while others complain that it reinstalls on the next update.

The app’s Google Play page is littered with negative reviews, many of which cite its installation without consent.

“In short, it is spyware. We were not informed. It feels like the right to privacy is secondary to Google’s corporate interests,” one reviewer wrote.

Source: Google’s ‘consent-less’ Android tracking probed by academics • The Register