PSA: Google has now begun to roll-out the Ad Topics "feature" onto Android itself. It's not just in Chrome you have to disable the settings. Please #Boost to spread awareness.
If you didn't get the pop-up screen on your Android device (it looks like the first two screenshots), to opt-out of these settings:
- Go to your device Settings
- Press "Google"
- Press "Ads"
- While you're here, press the "Delete Advertising ID" button and delete it
- Press "Ad Privacy"
- Review: "Ad Topics", "App-suggested ads", and "App Measurement". Make sure all are labelled as "OFF". (This page will look like the third screenshot)
If you don't see "Ad Privacy" in Step 4 then it means that it hasn't been rolled out to you yet. You might need to wait and check back in a couple of days to see if/when it has been implemented to disable these settings.
EDIT: There's another setting to review. In step 2, scroll to "Personalize using shared data". Turn everything off.
Pt. 2 in Replies
It now has a blurb about 'upgrading' to a static site generator and that it will 'take time' for everything to be up again. Suuuuuure.
It means they have too much money and don't mind suing until you get tired if it and go 'fine, give me that paper', it run out of money, whichever comes first.
No, you should not give in. Yes, it does happen.
@developing_agent
@raboof @ska @reproducible_builds Sure; I meant to say that you can detect trusting trust issues without bit-by-bit identical binaries. Having those makes the detection even easier, of course!
That still leaves figuring out what happened, of course, but you don't need to be an expert to get this far. With your method of auditing binaries, you do.
Maybe better to discuss with the party involved and see what works for the both of you?
Only if the reproducer uses the same compromised tool chain. The whole point of reproducible builds is that you can in fact use your own version of the tool chain and still get the same result.
Cc @reproducible_builds