Update Blog #0 webpage from version 4.1.1.28 to 4.2.0.29

blog/foss_is_working_against_itself.html

@@ -5,7 +5,7 @@
 <!-- Copyright 2022 Jake Winters -->
 <!-- SPDX-License-Identifier: BSD-3-Clause -->
 
-<!-- Version: 4.1.1.28 -->
+<!-- Version: 4.2.0.29 -->
 
 
 <html>
@@ -35,33 +35,33 @@
 										<p class="update_date">Updated: 2022-11-09 (UTC+00:00)</p>
 								<!-- Table of contents -->
 								<section id="toc">
-										<h2 id="toc"><a href="#toc" class="h2">Table of Contents<a/></h2>
+										<h2 id="toc"><a href="#toc">Table of Contents<a/></h2>
 												<ul>
-														<li><a href="#introduction" class="body-link">Introduction</a></li>
+														<li><a href="#introduction">Introduction</a></li>
-														<li><a href="#examples" class="body-link">Examples</a></li>
+														<li><a href="#examples">Examples</a></li>
 																<ul>
-																		<li><a href="#examples-smartphones" class="body-link">Smartphones</a></li>
+																		<li><a href="#examples-smartphones">Smartphones</a></li>
 																</ul>
-														<li><a href="#solution" class="body-link">Solution</a></li>
+														<li><a href="#solution">Solution</a></li>
-														<li><a href="#conclusion" class="body-link">Conclusion</a></li>
+														<li><a href="#conclusion">Conclusion</a></li>
 												</ul>
 								</section>
 								<section id="introduction">
-										<h2 id=introduction"><a href="#introduction" class="h2">Introduction</a></h2>
+										<h2 id=introduction"><a href="#introduction">Introduction</a></h2>
 												<p>The world has become a dangerous, privacy invading, human rights stripping, totalitarian place;
 												in order to combat this, people are joining a growing, and dangerous, trend, which I will refer to
 												in this post as the "Free and Open Source (FOSS) movement". With that stated, I will now debunk the
 												misinformation being spread inside of this extremely flawed movement.</p>
 												<p>The
-												<a href="https://en.wikipedia.org/wiki/Free_software" class="body-link">FOSS</a>
+												<a href="https://en.wikipedia.org/wiki/Free_software">FOSS</a>
 												movement is an attempt to regain
-												<a href="https://en.wikipedia.org/wiki/Privacy" class="body-link">privacy</a>
+												<a href="https://en.wikipedia.org/wiki/Privacy">privacy</a>
 												and
-												<a href="https://en.wikipedia.org/wiki/Control_(psychology)" class="body-link">control</a>
+												<a href="https://en.wikipedia.org/wiki/Control_(psychology)">control</a>
 												over our devices and data, but the entire concept of FOSS-only, at the current time, is
 												severely, and dangerously, flawed. What the FOSS community does not seem to understand is the fact
 												that most FOSS software cares not about
-												<a href="https://en.wikipedia.org/wiki/Security" class="body-link">security</a>.
+												<a href="https://en.wikipedia.org/wiki/Security">security</a>.
 												"Security"; keep that word in mind as you progress through this article. What is security? Security
 												is being safe and secure from adversaries and unwanted consequences; security protects our rights
 												and allows us to protect ourselves. Without security, we have no protection, and without protection,
@@ -69,54 +69,54 @@
 												FOSS movement is seeking.</p>
 												<p>FOSS projects rarely take security into account; they simply look at the surface level, rather
 												than the actual
-												<a href="https://en.wikipedia.org/wiki/Root_cause_analysis" class="body-link">root cause</a>
+												<a href="https://en.wikipedia.org/wiki/Root_cause_analysis">root cause</a>
 												of the issues they are attempting to fight against. In this case, the focus is on
 												privacy and control. Without security mechanisms to protect the privacy features and the ability to
 												control your devices and data, it can be stripped away as if it never existed in the first place,
 												which, inevitably, leads us back to the beginning, and the cycle repeats. With this
-												<a href="https://en.wikipedia.org/wiki/Ideology" class="body-link">ideology</a>,
+												<a href="https://en.wikipedia.org/wiki/Ideology">ideology</a>,
 												privacy and control will *never* be achieved. There is no foundation to build privacy
 												or control upon. It is impossible to build a solid, freedom respecting platform on this model.</p>
 								</section>
 								<section id="examples">
-										<h2 id="examples"><a href="#examples" class="h2">Examples</a></h2>
+										<h2 id="examples"><a href="#examples">Examples</a></h2>
 												<section id="examples-smartphones">
-														<h3 id="examples-smartphones"><a href="#examples-smartphones" class="h3">Smartphones</a></h3>
+														<h3 id="examples-smartphones"><a href="#examples-smartphones">Smartphones</a></h3>
 																<p>A FOSS phone, especially so-called
-																<a href="https://en.wikipedia.org/wiki/Linux_for_mobile_devices#Smartphones" class="body-link">"Linux phones"</a>
+																<a href="https://en.wikipedia.org/wiki/Linux_for_mobile_devices#Smartphones">"Linux phones"</a>
 																are completely
 																detrimental to privacy and control, because they do not have the security necessary to enforce that
 																privacy.
-																<a href="https://en.wikipedia.org/wiki/Bootloader_unlocking" class="body-link">Unlocked bootloaders</a>
+																<a href="https://en.wikipedia.org/wiki/Bootloader_unlocking">Unlocked bootloaders</a>
 																prevent the device from
-																<a href="https://source.android.com/docs/security/features/verifiedboot/" class="body-link">verifying the integrity of the boot chain</a>,
+																<a href="https://source.android.com/docs/security/features/verifiedboot/">verifying the integrity of the boot chain</a>,
 																including the OS, meaning any adversary, whether a
 																stranger who happens to pick up the device, or a big tech or government entity, can simply inject
 																malicious code into your software and you wouldn't have any idea it was there. If that's not enough
 																of a backdoor for you to reconsider your position, how about the trivial
-																<a href="https://en.wikipedia.org/wiki/Evil_maid_attack" class="body-link">evil maid</a>
+																<a href="https://en.wikipedia.org/wiki/Evil_maid_attack">evil maid</a>
 																and data extraction attacks which could be executed on your device, without coercion?
 																With Android phones, this is bad enough to completely break the privacy and control the FOSS
 																movement seeks, but "Linux phones" take it a step further by implementing barely any security, if
 																any at all.
-																<a href="https://en.wikipedia.org/wiki/Privilege_escalation" class="body-link">Privilege escalation</a>
+																<a href="https://en.wikipedia.org/wiki/Privilege_escalation">Privilege escalation</a>
 																is trivial to achieve on any Linux system, which is the reason Linux
-																<a href="https://en.wikipedia.org/wiki/Hardening_(computing)" class="body-link">hardening</a>
+																<a href="https://en.wikipedia.org/wiki/Hardening_(computing)">hardening</a>
 																strategies often include restricting access to the root account; if you
-																<a href="https://en.wikipedia.org/wiki/Rooting_(Android)" class="body-link">root your Android phone</a>,
+																<a href="https://en.wikipedia.org/wiki/Rooting_(Android)">root your Android phone</a>,
 																or use a "Linux phone", you've already destroyed the security model,
 																and thus privacy and control model you were attempting to achieve. Not only are these side effects
 																of FOSS, so is the absolutely illogical restriction of not being able to, or making it unnecessarily
 																difficult to, install and update critical components of the system, such as proprietary
-																<a href="https://en.wikipedia.org/wiki/Firmware" class="body-link">firmware</a>,
+																<a href="https://en.wikipedia.org/wiki/Firmware">firmware</a>,
 																which just so happens to be almost all of them. "Linux phones" are not as free as
 																they proclaim to be.</p>
 																<p>You may ask "What's so bad about using
-																<a href="https://lineageos.org/" class="body-link">LineageOS</a>?",
+																<a href="https://lineageos.org/">LineageOS</a>?",
 																to which I answer with "What's not bad about it?".</p>
 																<ul>
 																		<li>LineageOS uses
-																		<a href="https://github.com/LineageOS/hudson/blob/master/lineage-build-targets" class="body-link">debug builds</a>,
+																		<a href="https://github.com/LineageOS/hudson/blob/master/lineage-build-targets">debug builds</a>,
 																		not safe and secure release builds.</li>
 																		<li>LineageOS requires an unlocked bootloader. Even when installed on devices which support custom
 																		Android Verified Boot (AVB) keys, the bootloader cannot be locked due to lack of the OS being
@@ -125,11 +125,11 @@
 																		to perform a second update to install this firmware; this likely causes users to ignore the
 																		notification or miss firmware updates.</li>
 																		<li>LineageOS does not implement
-																		<a href="https://source.android.com/docs/security/features/verifiedboot/verified-boot#rollback-protection" class="body-link">rollback protection</a>,
+																		<a href="https://source.android.com/docs/security/features/verifiedboot/verified-boot#rollback-protection">rollback protection</a>,
 																		meaning any adversary, from a stranger who physically picks up the device,
 																		to a goverment entity remotely, can simply downgrade the OS to a previous version in order to
 																		exploit known
-																		<a href="https://en.wikipedia.org/wiki/Vulnerability_(computing)" class="body-link">security vulnerabilities</a>.</li>
+																		<a href="https://en.wikipedia.org/wiki/Vulnerability_(computing)">security vulnerabilities</a>.</li>
 																</ul>
 																<p>LineageOS is not the only Android OS (commonly, and incorrectly, referred to as a "ROM") with such
 																issues, but it is one of the worst. The only things such insecure OSes can provide you are
@@ -138,34 +138,34 @@
 												</section>
 								</section>
 								<section id="solution">
-										<h2 id="solution"><a href="#solution" class="h2">Solution</a></h2>
+										<h2 id="solution"><a href="#solution">Solution</a></h2>
 												<p>What can you do about this? The answer is simple; however, it does require you to use logic,
 												fact, and evidence, not emotion, which is a difficult pill for most people to swallow. Use your
 												adversaries' weapons against them. The only way to effectively combat the privacy invasion and lack
 												of control of our devices and data is to become a
-												<a href="https://en.wikipedia.org/wiki/Turncoat" class="body-link">renegade</a>
+												<a href="https://en.wikipedia.org/wiki/Turncoat">renegade</a>
 												and not take sides. Yes, that means not taking sides with the closed source,
 												proprietary, big tech and government entities, but it also means not taking sides with any
 												FOSS entities. The only way to win this war is to take *whatever* hardware and software you can, and
 												use it tactically.</p>
 												<p>The only solution for phone security, privacy, and control, is to use a Google Pixel (currently,
 												Pixel 4a-series or newer) running
-												<a href="https://grapheneos.org/" class="body-link">GrapheneOS</a>.
+												<a href="https://grapheneos.org/">GrapheneOS</a>.
 												Google Pixel phones allow you complete bootloader freedom, including the
-												<a href="https://android.googlesource.com/platform/external/avb/+/master/README.md#pixel-2-and-later" class="body-link">ability to lock the bootloader after flashing a custom OS</a>
+												<a href="https://android.googlesource.com/platform/external/avb/+/master/README.md#pixel-2-and-later">ability to lock the bootloader after flashing a custom OS</a>
 												(GrapheneOS includes a custom OS signing key to allow locking the bootloader and enabling verified
 												boot to prevent
-												<a href="https://en.wikipedia.org/wiki/Malware" class="body-link">malware</a>
+												<a href="https://en.wikipedia.org/wiki/Malware">malware</a>
 												persistence, evil maid attacks, and boot chain
-												<a href="https://en.wikipedia.org/wiki/Data_corruption" class="body-link">corruption</a>),
+												<a href="https://en.wikipedia.org/wiki/Data_corruption">corruption</a>),
-												<a href="https://support.google.com/nexus/answer/4457705" class="body-link">long device support lifecycles</a>
+												<a href="https://support.google.com/nexus/answer/4457705">long device support lifecycles</a>
 												(minimum 3 years for Pixel 4a-series to Pixel 5a, minimum 5
 												years for Pixel 6-series and newer), and
-												<a href="https://source.android.com/docs/security/bulletin/pixel/" class="body-link">guaranteed monthly security updates</a>
+												<a href="https://source.android.com/docs/security/bulletin/pixel/">guaranteed monthly security updates</a>
 												for the entire support timeframe of the devices.</p>
 								</section>
 								<section id="conclusion">
-										<h2 id="conclusion"><a href="#conclusion" class="h2">Conclusion</a></h2>
+										<h2 id="conclusion"><a href="#conclusion">Conclusion</a></h2>
 												<p>Use what you can, and do what you can. By neglecting security, you are, even if unintentionally,
 												neglecting exactly what you are trying to gain; privacy and control.</p>
 								</section>