How to install Googlebar for Firefox 20 and beyond

Rather than editing an XML file, I recommend installing Nightly Tester Tools. Nightly Tester Tools helps to make googlebar compatible, almost without a hitch. A while back, upgrading to Firefox version 11 worked for a little bit, but after a browser crash, googlebar disappeared, so I had to use the instructions below. So far I have had no problems with Firefox 20.

This blog post was originally published in June 2011, in response to the release of Firefox 5, then deleted and reposted in August 2011 to account for Firefox 6, and is now updated to account for the upgrade to Firefox 20.

Within the span of April of 2011 to the present, Firefox went from version 3.5 to versions 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 and now 20. This has wreaked havoc on those of us who use the Firefox add-on Googlebar, one of the best interfaces on Firefox to Google, "with an emphasis on easy access to many types of specialized searches". The problem is, the maintainers, John Woods, Andy Boughton, and Francis Turner, don't seem to stay on top of the version changes; while the add-on is a very useful tool, the maintainers don't seem to be very useful when it comes to applying an incredibly simple fix, so that Googlebar can be installed on Firefox version 20 and beyond. We will now correct their oversight:

1. Right-click on the following link and "Save Link As..." to download Googlebar 0.9.20.05 locally to your computer:
   https://addons.mozilla.org/firefox/downloads/latest/33/addon-33-latest.xpi?src=addondetail
   If you simply click on the link, your browser will try to install it, and the attempt may fail.
2. What you downloaded has a file extension of xpi, Cross Platform Install, which is basically a package of files that has been compressed. What we want to do now is decompress the xpi, in order to access a file inside named install.rdf. Since xpi is a compressed file, you can easily decompress it, using your operating system's default decompressor, by changing the file extension from .xpi to .zip. Then you click on the renamed file to display its contents, and open install.rdf with a text editor.
3. Scroll down the file, and look for the section for Firefox:

   <!-- Firefox -->
   <em:targetApplication>
    <Description>
     <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
     <em:minVersion>2.0</em:minVersion>
     <em:maxVersion>5.*</em:maxVersion>
    </Description>
   </em:targetApplication>

   In the line that says maxVersion:
   

   <em:maxVersion>5.*</em:maxVersion>

   replace 5.* with the latest version of Firefox, which, as of today, is 20.*
   
4. Save the install.rdf file, and add it back to the zip file.
5. Rename the file extension, from zip, back to xpi.
6. In your browser, click Firefox, Add-ons, Gear button, "Install Add-on From File..." and install the xpi file that you just modified.

Editor's note: my friend David McIntyre, in the blog comment below, suggests, rather than editing an XML file, to install Nightly Tester Tools, which I shall now do, and will report back if there are any problems.

Update: I still recommend Nightly Tester Tools, but there was a problem for me when upgrading to Firefox 11, where I found, initially there was googlebar, but after a browser crash, it disappeared, and I had to follow the instructions above. I have had no problems with Firefox 20.

What is a Privacy Policy, and Why Do I Need One?

Before the advent of cell phones and the beginning of the Era of Mobile, most people in the United States used landline telephones when making phone calls, with service provided by AT&T, otherwise known as Ma Bell, or its many parts, namely Southwestern Bell, Pacific Bell, or one of the other Baby Bells. Local calls on your landline were free, but for anyone who watches the television show Law & Order, you'd know that the police have access to information about you that even you don't have access to; very often you'd hear the homicide detective Lennie Briscoe mention to his Lieutenant during the beginning of a case how Local Usage Details, or LUDs, for a witness or suspect matched (or did not match) the initial statement made to the police concerning the witness or suspect's whereabouts and calls to the victim in the hours and minutes leading up to and around the time of the crime. During the course of an investigation, the police identify a person of interest, a request for Local Usage Details for a specific individual is communicated to that individual's phone company by an investigating officer, and in response, a phone company employee retrieves said records and hands them over to the police, whereupon a comparison can be made by an investigator as to the veracity of what the witness or suspect may have said. LUDs also give the police a general impression about the person's calling behavior, i.e., who he or she would try to contact.

LUDs are only available to the phone company or the police; if you ever wanted to see your own local usage details, you are simply out of luck. In preparation for this blog post, yesterday, on November 29, in the afternoon, I called my phone company and asked how I might go about obtaining a log of all the local calls I made from my phone. I told the agent that I was interested in switching from flat rate service, where all local calls are free, to measured rate service, where you are allowed 60 local calls per billing period (measured rate service is cheaper). The agent I spoke to said that I would need to keep track of the local calls I make. The agent said, "We don't keep a running record of local calls you make that is accessible in mid-billing period." If you are on the measured-rate plan, at the end of your billing period, the telephone company does provide a simple count of the local calls you made in the previous billing period. However, if you wanted a log of when local calls were made, and to what numbers, the phone company agent told me I would need to get an attorney and have my lawyer subpoena the phone company for the records. LUDs are not available to you or me, unless you are willing to obtain a court order, which involves either hiring an attorney, or spending a lot of time on research and at the courthouse trying to figure out how to do it on your own (if such a thing is even possible).

Something similar to the procedure we see on Law & Order occurred recently in the war between Paula Broadwell and Jill Kelley over CIA Director David Petraeus (all three of whom are married is scandal enough). As UC Hastings professor Dr. Elizabeth Hillman so eloquently put it:

You know girls, they get jealous, and sometimes they threaten each other on email.

As Dr. Hillman explains below:

When the US government decides it wants some information, and there is a law enforcement basis for getting that information, email is a very easy-to-get-into source of private data...the government just has to ask the Internet service provider, like Google, for instance, these were Gmail accounts in this case, that the information came from, they just have to ask, and the ISP generally complies, if they consider it a reasonable request...You only go in front of a judge if you have to get a warrant, and right now we have a dated scheme of privacy protections that are in the Electronic Communications Privacy Act, which is a 1986 law. Right now, the way it's being interpreted by the courts, if an email is older than 6 months, there's no need to get a warrant from a judge. In that case, the FBI agent has the authority to make the decision, subject to the support of supervisors, depending on the extent of the resources that would be devoted to that. Information, if it's older than 6 months, is deemed not protected in the same way that other communications would be.

In this Age of Technology, companies like Google, Facebook, Apple, Amazon and Microsoft have moved up right alongside Ma Bell and its many Baby Bells in terms of the amount of information they have about how you use their equipment to try and communicate with others. These companies, along with Internet Service Providers like AT&T, Comcast, Time Warner Cable Internet, Verizon and many others, make the landscape more complex as to who has personal information about you, whether you have access to that information or not, and which information can be unlocked by a government agency requesting records and all the data associated with you. In many ways, Ma Bell's physical telephone network has evolved and been elevated from land to sky, expanding into "the cloud", as it were, encompassing the Internet and cell phone networks. Your usage of corporate products like free email and mobile devices can reveal so much more about you than a log of when phone calls were made and to what numbers. With these corporations in possession of such intimate information about you, your activities and behavior are very important when you understand under certain circumstances that information may be shared with other people. A privacy policy covers what happens with the information you entrust others with, and to a lesser extent, what will you do with the information people entrust you with.

My privacy policy for all users of my blog is, I will never share unique, identifying information about you with anyone, unless law enforcement presents me with a subpoena. However, since my blog is hosted with Google, if the government wanted information about any of my visitors, I would imagine they'd skip me and go straight to the source, to Google. Which leads me to my final, unsettling point. All our privacy concerns and handwringing over privacy policies may be moot, because everything we do and say may already be in the hands of the government. After 9/11, according to Wikipedia:

A January 16, 2004 statement by [Mark Klein, a retired AT&T communications technician] includes additional technical details regarding the secret 2003 construction of an NSA-operated monitoring facility in Room 641A of 611 Folsom Street in San Francisco, the site of a large SBC phone building, three floors of which are occupied by AT&T.

According to Klein's affidavit, the NSA-equipped room uses equipment built by Narus Corporation to intercept and analyze communications traffic, as well as perform data-mining functions.

According to Frontline:

The Patriot Act took our proposals to update surveillance authorities, and then it doubled or tripled those, and it took our proposals to update privacy protections for e-mail and such and took those out. So many of the same issues we had discussed at great length during the Clinton administration, had proposed in many instances to Congress, but my concern was it was an unbalanced package. It was all surveillance and no updating to protect civil liberties.

And when you say it took your proposal, the guts of the Patriot Act, in terms of electronic surveillance and wiretapping and eavesdropping, what did it do?

The Patriot Act did various things. Some of it was updating from a telephone-era language to Internet language. So before the wiretaps affected devices, but maybe we couldn't do wiretaps with software. Well, that didn't make sense anymore in the Internet age -- hardware, software, they should be the same.
...
What was your reaction to the warrantless wiretapping program that the president conceded existed?

This was enormous news. When The New York Times told us about the NSA wiretap program, for people like me, it was as though there was this alternate universe. We had thought we had a legal system and we knew what the moves were, and it turns out that the NSA was doing something entirely outside of that.

And yet the president says, "I authorized that." As a lawyer, as somebody who specialized in information technology and the law for a quarter of a century, what's your bottom-line take on this?

I was outraged. I tend to be fairly level in the way I approach things, and I had a sense of outrage that they would just disregard the law. The law said the exclusive authority for wiretaps were these other statutes, and the president looked at exclusive authority and said, "Except when I feel like it." It was as though the lessons of Watergate had been forgotten. It was as though the lessons of centralized executive power and the problems that come with that had been forgotten. And now the president just said, "I think I can do it my way."

So you're saying the president violated the law?

My view is that the president violated the law, yes.

how to find out who's been watching you and how to start watching them

Countersurveillance: the attempt to avoid being watched. Last month, I briefly addressed how to avoid being detected when browsing online. This month, we will delve into spying on those who are spying on you. How do we ascertain when someone is investigating you and maybe doing research on you on the internet, and how do we turn the tables and start doing same to them?

Some time in the recent past, I got into a conflict with a party that spilled into the arena of the law. I've since settled the case out of court, and on the day of the settlement, I signed a confidentiality agreement, so I cannot reveal specifics about the case. What I can say is that a couple of months after my attorney agreed to represent me and to file suit against the other party, I was reviewing my Google Analytics (henceforth GA) report for my blog, which I do on a nightly basis, when I see the following: Someone, whose identity was unknown to me, had typed my name into a search engine, clicked on one of the search result links, loaded my blog on their computer, and had proceeded to go through the stuff I had written. In the interest of full disclosure, finding out who is watching you is much easier when your name is unique; I know of no one else on the internet who has the same first AND last name as I do. If your name is not unique, you cannot be certain that the person who typed the words into the search engine is looking for you; the search engine user may have happened upon your website while looking for someone else, and got interested in you or what you had to say. But once my mind came to grips with the fact that somebody had conducted an online search of me, I formed a theory that the person doing research on me was either the party I was suing, or connected with the lawsuit, or associated with the attorney for the party I was suing. A few days later, I happened to be at a local courthouse, at the registrar of voters, trying to find out how to get a mail-in ballot sent to me. Afterwards, it occurred to me that if I was curious to see the latest developments in a court case involving me and another party, and I wanted to search the database of lawsuits that had been filed in the very county that I happened to be in, to see how my lawsuit was progressing, the place that I'd want to be is at a courthouse in the county where the lawsuit was filed. I asked around, inquired at the information desk, and was directed to the courthouse Records department. There, I saw a few computers that members of the general public can sit in front of and type in keywords to look up court records. After I conducted my own search on the name of the party I was suing, I confirmed that on the day my name was used as a search term by an unknown person or persons, the party I was suing, i.e., the defendant, had gotten served with the papers containing the text of the lawsuit in which I was plaintiff. While I cannot be 100% certain, I think there's a high probability that said party, after having been served with court papers, had gone online to find out more about me. The next week, I was at my attorney's office and I confirmed that my attorney's process server had traveled to the city where the GA report had indicated the online search may have originated, and served the defendant. In the next few weeks, the GA report indicated that my name was used twice more as a search term, but in both cases, the searches originated from a city that court records told me the defendant's attorney had his office. This could all just be a coincidence, of course, but I also think there's a high probability that the lawyer for the defendant may have conducted an online search of me, wanting to look through what I had written, perhaps in an attempt to find out anything that could be used to hurt my legal case against the attorney's client.

While a trip downtown to the courthouse may be fun, if you have an interest in the proceedings of a legal case, you can just as easily get updates from the comfort of your own home. You simply locate the website for the county courthouse that your lawsuit was filed in, and as long as you have the case number, or you know the date the case was filed, you can use the courthouse website to see how your (or anyone else's) legal case is progressing. However, perhaps because of privacy concerns, you cannot go online and perform a keyword search through county court records; you still need to physically be present in front of a county courthouse computer in order to search by a party's name.

On November 1, 2011, Google put into place a new feature of their evolving privacy policy; if a person typing keywords into Google's search engine is using a browser that is already logged into a Google account, Google no longer discloses the keyword search terms on your GA report. Therefore, if you now perform a search for my name on Google while logged into your Google account, and say you visit my blog, if I were to use GA to generate my blog's traffic analysis report, my name as a keyword would no longer be visible to me. What I'd see, instead of my name, is Keyword (not provided): None of us like being watched, but knowing we are being watched by other people keeps us honest (if not a little paranoid). Because of Google's new privacy policy implementation, you have less information in your GA reports than before, and therefore you are far less certain than before that someone is actually investigating you. However, you can still use GA to develop profiles of online users who may be watching you:

1. If your blog, like mine, is about many different topics, and the online user's keyword is (not provided) and the first page the user alights upon is your blog's landing page, instead of a specific blog post, that may be an indication that the user typed in your unique first and last name as the keyword, while using a browser that is logged into a Google account.
2. If your blog URL is not easy to remember, such as tpc247.blogspot.com, but using the URL is how the user accesses your blog's landing page, then the source of traffic to your blog's landing page is direct; this is an indication that the user typed your blog URL (or at least the first few letters of the URL) into the browser's address bar and pressed 'Enter', or the user has your blog in his or her browser bookmarks. Another possibility is that the user may have searched for your unique name, copied and pasted the blog's URL from the search results into the browser address field, then pressed 'Enter', possibly in order to evade detection by GA.

The aforementioned profiles are, of course, just guidelines, and do not necessarily match someone who may be investigating you. The user may have entered one or more keywords that are not your name, and ended up on the landing page of your blog. The user who perhaps copied and pasted your blog's URL from the search results into his or her browser address bar may not have been motivated by evading detection, but may have performed this extra work out of habit, or maybe as a lark, i.e., he or she may have just felt like doing it at that time. However, the information from these profiles, in combination with all the other data that GA provides you, such as geography and technology information, can be used in totality to track your website visitors, and any possible return visitors, in order to help you paint a better picture of who may be watching you.

Out of all the visits that GA tracks, there are still many where a keyword is provided, and occasionally that keyword may be your unique name. Even if you are a celebrity, you may still want to know who is googling your name and landing on your website or blog. In GA, I have created a filter with the following condition: where a user's keyword contains my first name, or my last name, or the keyword exactly matches my first and last name, then I can isolate that segment of user, and find out more about his or her visit. I'd like GA, at some point in the future, to be able to let me create an email alert (GA calls them Intelligence Events), so that I am notified by email when certain conditions in a filter in my own GA instance are met, such as the aforementioned profile. However, as we go to press, it looks like the only email alerts that you can create in GA are for when your website traffic has significant statistical variation, i.e., website traffic goes up or down by a certain percentage.

Gentle reader, all of this is to say that, so yes, I've been watching you, and now I know that you know that I know that you've been watching me.

How To Execute Javascript in Firefox 6 and Beyond

For anyone who maintains a website, blog, application or mobile app, one of the best tools for getting a sense of who your audience is, and how many people are visiting, consuming and using your work of art, is Google Analytics. When you first start using this free service, you soon may realize that one of the most frequent users of your creation is you. There are at least two main ways to prevent Google Analytics (henceforth GA) from tracking your own visits; one is IP-based, and the other is browser-based. The IP address-based way involves creating a GA filter, and works well if you happen to possess a static IP, or most of the IP address or addresses for your office, company or home is predictable and doesn't change often, i.e., you possess a range of IPs that you lease from your internet service provider and dole out to your employees or home computers. However, this scheme quickly falls apart if your ISP allocates dynamic IP addresses, or you visit your site from a cafe, school or library.

With the browser-based approach, since it is browser-specific, you have to remember to always use the same browser. A major downside is that, sometimes unpredictably, when your browser environment changes, such as during a major upgrade, or if something goes wrong when you are using your web browser to do something unrelated to GA or your website, such as during installation of a browser add-on, or if you were to erase all your cookies in an attempt to get past the LA Times paywall or in an attempt to reset your browser (this happened to me recently when I was using Amazon to purchase some music, and I inadvertently clicked on the option to download the music file using Amazon's downloading app, when I just wanted to download the mp3 file, so I had to delete my cookies to reset my browser so that I could be presented with the user interface to choose the correct option), or your operating system or browser crashes and reverts back to an earlier state, you may need to reapply or reinstall your browser-based solution again.

From what I gather, there are many ways to implement a browser-based approach. I have read that one way is to use the NoScript add-on and to not authorize GA to run scripts. Another way is to install the Google Analytics Opt-out Browser Add-on. The one I am most familiar with involves creating a GA filter, and then manually setting a cookie to exclude yourself from GA tracking. I used Brian Yang's instructions, but as an update, note that under his "Create the Cookie", Step 2:

Remove everything from the address bar and paste in the following and hit enter.

This may not apply to other browsers, but if you use Firefox, the information provided by Mr. Yang is no longer applicable, and Step 2 is obsolete. In the latest versions of Firefox (as we go to press, we are at Firefox 15.0.1), if you try to run the Javascript snippet in the address bar, nothing will happen, and you may see

pagetracker is not defined

According to Mozilla, the makers of Firefox, after Firefox 6, "javascript in the url-bar runs with a null security principal for security reasons". The workaround is to visit your website or application that already has the GA tracking code, then in your browser, click on Firefox / Web Developer / Web Console, and in the command line, execute or run your Javascript there. After Firefox 6, you can no longer run Javascript from the address bar.

If you don't have a creation or work that has the GA tracking code enabled, and you're here to find out how to avoid being tracked altogether, may I suggest that, instead of trying to avoid GA, you can retain some of your privacy, but still give us, the people who labor in the kitchen to make the food that you eat, a consolation prize, which is a bit of information about your visit; in a previous blog post, we show how you can use Tor to browse the web; once you close the Tor browser, you erase any evidence of previous visits and avoid being tracked between browsing sessions. Gentle reader, thank you for your continued patronage.

How to Make and Receive an Anonymous Donation

A couple of months ago, I came across the following letter to Dear Abby, seeking advice:

Dear Abby: Many years ago I shoplifted a $30 item from a department store. Now I'd like to clear my conscience and make amends, but how?

I want to remain anonymous, so I can't send a check. Sending cash by mail seems unwise, and even with Google I have been unable to find a corporate address for an appropriate division. Can you help?

Anonymous in the USA

~

Dear Anonymous: Because you have made an honest effort and haven't been able to come up with an address to send the money, try to find out if the department store sponsors an activity for charity and donate to that. Or, alternatively, give the money to a charity of your choice, which may salve your conscience and do a good deed at the same time.

Abby's answer seemed like a good faith effort to placate a restless soul wishing to right a past wrong, by suggesting that, if direct reparation was not possible, the guilty party could always settle a karmic debt through indirect reparation, by doing good works or giving to charity. As much as we'd all like to think we have been unfairly persecuted, picked-on, held to a higher standard than anybody else, or made to be the butt of jokes and the target of undeserved abuse or ridicule, few of us can say that we have never been nasty ourselves, bullied someone, screwed someone over in a way that makes you cringe even now, or teased someone mercilessly for a reason that society now very much frowns upon. Wherever you go, people are people, but we as human beings all know the value of a dollar, or at least are familiar with the concept of money and a unit of currency and what it can buy. If you have wronged a party in the past financially, you may think back with some shame about how you'd like to assuage your guilt, without fully owning up to the misdeed, or, better yet, express your sorrow and regret, without publicly identifying yourself. Perhaps you want to save yourself public embarrassment, or avoid having a target painted on your back, or you may want to prevent the people around you, who have stood by you in the past, from losing face. What to do? Make an anonymous donation with bitcoin ("btc" is the shortened form)!

If you have wronged me financially in the past, and would like to make an anonymous donation to me, you may send it to this address:

13TwEVYFgdDMsoXrwzbpDrV9ipXznpE8ZJ

This represents your new bank account number, and Wikipedia says your bitcoin address is a string of characters that will always start with a '1' or a '3', and will usually be around 33 characters (34 in my case). Here's how to get your own bitcoin address account number and start accepting donations: download and install the bitcoin client software on your computer. Once you're up and running, you now have something akin to a live, active bank account on your computer, in the form of a bitcoin digital wallet that keeps track of bitcoin coming in and going out. You are now part of the bitcoin network. You can get free bitcoin here.

There are of course many other reasons, besides crushing guilt, atonement and redemption, for why you'd want to conceal your identity when giving money to someone. An editorial in the Riverside Press-Enterprise says it best:

Federal Judge Morrison England Jr. ruled in Sacramento that contributors to the campaign for Prop. 8 in 2008 should not be exempt from campaign disclosure rules. Prop. 8 supporters filed suit in 2009, claiming that releasing donor names behind the $43 million campaign would subject contributors to retaliation and harassment, thus chilling free speech. Prop. 8 made same-sex marriage unconstitutional in California, and is the subject of a separate, ongoing legal battle.

Hot-button issues can generate angry disputes and bare-knuckle politics, certainly. And no one should face intimidation and threats for political views. But the First Amendment guarantees free speech, not freedom from the consequences of speaking out. People who want to express strong views on public issues — even by way of campaign donations — should not expect any shield from objections by those who disagree.

We live in a world where donating to the wrong political cause, which also happens to be deeply unpopular in your area, may result in serious consequences to your business, your livelihood, your income, family, and may be a possible detriment to your social state and emotional & physical health. To make things more interesting, the Supreme Court recently ruled, by a narrow majority in Citizens United vs Federal Election Commission, that limits on corporate speech (i.e., money spent by corporations in furtherance of some political cause or in support of a political figure) are unconstitutional. So we also now live in a world where, at least for the foreseeable future, corporations, just like you, are entitled to their opinions, and are allowed to say what they want, within reason (more on this later). We live in a nation where money is speech.

There's nothing wrong with a point of view, unless that point of view can get you in trouble. Whether it be reporting a crime to the police, but fearing retaliation, blowing the whistle on corporate financial fraud, or saying something contrary to what everyone else believes, there is the idea in this country of your basic right to freedom of speech, but just watch what you say. A recent article by James Temple makes the point that:

The Federalist Papers, which sought to encourage ratification of the Constitution, were written under a pseudonym. Unidentified sources were critical to the Washington Post's Watergate scoops, and the New York Times' publication of the Pentagon Papers.

And the promise of anonymous speech online allows people dealing with disease, depression, sexuality questions and countless other life challenges to seek out information and support, without necessarily revealing their situation to bosses, ministers or parents.

"The United States was founded on the presumption that anonymous or pseudonymous speech was a part of civic discourse," said Michael Froomkin, professor at the University of Miami School of Law, who has written several papers on this issue.

Of course, there are limits to what you can say anonymously. If you publicly defame someone, or even imply that somebody in an official capacity has committed a crime, that person can petition the court to force the forum wherein you posted your anonymous comment to reveal your identity, so that person can sue you for libel or slander, as was reported last month in the Los Angeles Times:

The commentator, Almostinnocentbystander, had wondered on the newspaper's popular Huckleberries Online blog if $10,000 missing from the Kootenai County Republican Party might be stuffed in local GOP chairwoman Tina Jacobson’s blouse, prompting Jacobson to file suit against "John Doe" for defamation.

U.S. District Judge John Patrick Luster in his ruling Tuesday rejected the idea that freewheeling Internet commentators necessarily have the right to hide behind the 1st Amendment — not even under the special privilege that often attaches to newspapers’ anonymous sources.

“While the individuals are entitled to the right of anonymous free speech, this right is clearly limited when abused,” the judge wrote in his order, released in Kootenai County District Court.
...
Dave Oliveria, who administers the Huckleberries Online blog, took the comment down a little more than two hours after it appeared.

Still, he and attorneys for the newspaper argued in court papers that the ability to comment anonymously draws in readers and points of view that would be lost if everyone had to ‘fess up to their identities.

“It’s based on a belief that we have freedom of speech in this country, even if it’s anonymous, and people ought to be able to say what they want in whatever fashion,” Spokesman-Review Editor Gary Graham said in a telephone interview.

Should you decide to take a stand and support anonymous (or pseudonymous) free speech by investing in bitcoin, you can buy them by visiting an exchange like http://mtgox.com, or, if you don't mind paying a higher fee, you can buy your bitcoin with much less of a paper trail, and, should the mood strike you, get btc possibly faster, by using a service like http://www.bitinstant.com (you deposit money at a physical bank branch, and you get your btc about an hour later).

Freedom of speech! Just watch what you say.

Burger King Bacon Sundae Reportedly Causes Marital Discord in Muslim Couple, Fight at Restaurant

On April 17, a person identifying himself as Dave from Newark called the Len Tillem show, with a rather incredible story: he was in the employment of Burger King, promoting their new Bacon Sundae, when he was assaulted by a man. Dave then claimed he was subsequently fired by Burger King, and to add insult to injury, Dave was now being sued by the same man who assaulted him:
About 2 months later, June 14, Burger King formally introduced its new Bacon Sundae, and news of the introduction reminded me of this call. I tried to find out more about this purported incident, and discovered an apparently real Facebook user, by the name of Casey Foster, commenting on Dave from Newark with a degree of certainty and authority, indicating that the call was fake:

Now, Casey Foster's claim that the call was a joke could be false, and not necessarily because the man is a bad actor or acting maliciously; Casey's information could be incomplete or simply inaccurate, leading him to believe in a conclusion based on incorrect assumptions. Which brings us back full circle: is this story true? The jury is still out. Either scenario is plausible: someone who has a dietary restriction on pork for religious reasons might become very upset if this stricture of faith-based adherence has been violated, even unknowingly. People who like to play pranks sometimes successfully insert themselves into media events covered and broadcast by radio, television or newspaper, and the payoff is they become the topic of Internet chatter. Or the story could be fake, but the motivation may be more than the satisfaction of some joker, but that Dave from Newark could be part of a clever product placement or guerrilla marketing campaign, paid for by Burger King.

Whether the story comes from a credible witness or not, we have to be aware of the real possibility that a news story can be manufactured. A recent example of fake news making its way into the global consciousness came from the LA Times, published on May 10, 2012:

On May 1, The Times and a number of other media organizations followed the outrageous story reported in a British newspaper of a vengeful dentist in Poland who pulled out all of her ex-boyfriend’s teeth
...
Unfortunately, MSNBC.com reported Wednesday, the story was a hoax.

MSNBC did some digging into the story and found:

• Police in Wroclaw, Poland, had no record of such an incident.
• Poland’s Chamber of Physicians and Dentists also had no record of any such incident, nor of the dentist named in the article.
• The Daily Mail could not recall where the story came from.
• And the American Dental Assn. said [that] such a case was highly improbable.

MSNBC (now NBC News) reports that the source of the news story, the Daily Mail, provided the following non-explanation for how an unverified story became world news:

The article, which has been shared on Facebook more than 75,000 times since it was published on April 27, appears under the byline of staff reporter Simon Tomlinson.

But Tomlinson said he does not know where the story came from and distanced himself from it when questioned about its origins.
"I've drawn a bit of a blank," he said in an email. "The (Daily) Mail Foreign Service, which did the piece for the paper, is really just an umbrella term for copy put together from agencies. My news desk isn’t sure where exactly it came from."

Beware of fake news!

How to Retain, Save, or Migrate Your Bookmarks When Upgrading Tor on Windows

So now that you can use Tor to bypass paywalls on websites that have metered content (though I encourage you to pay your fair share to media organizations like the LA Times that are doing a great deal of social good), we will discuss how, on Windows, you can retain, save, or migrate your bookmarks, when upgrading Tor on Windows. You can use Tor to browse the web anonymously, maintaining your privacy and keeping your online activity hidden from despotic governments and intrusive corporations. "I'm not doing anything wrong, so I have nothing to hide." True, although most of us would not welcome indoor cameras in our homes, because as your home is your castle, your own home computer should be your castle.

From participating in and reading online discussion, I've gathered that the method we're about to detail below cannot be applied to Tor installations on Mac and Linux operating systems. For now, the following process should work on Windows only, with some caveats.

1. Soon as you see "there is a security update available for the Tor Browser Bundle", download the new package. Henceforth, the Tor installation that you plan to replace will be the old, and the Tor installation that contains the latest fixes and security updates will be the new.
2. In your old Tor folder, there is a folder containing your bookmarks information. On Windows 7, this will be in

   C:\Program Files (x86)\Tor Browser\FirefoxPortable\Data\profile

   Inside this folder, copy the file named places.sqlite and place it on your desktop.
3. Navigate to C:\Program Files (x86), and move the entire folder containing your old Tor into a temporary location, such as your recycle bin. Do not permanently erase the old folder just yet, until you've confirmed that the new Tor works. You may want to keep the old Tor around in case the new Tor doesn't work correctly on your computer (more on this later).
4. Download and uncompress the new Tor folder, and place it in C:\Program Files (x86)
5. Inside the new Tor folder, click to run Start Tor Browser.exe
6. Once the new Vidalia is open, running, and has notified you that you are connected to Tor, wait for the new Tor browser to open up automatically. Once it has done so, immediately close and exit the browser and Tor.
7. In Windows, navigate to the location in step 1. Once you are in your new Tor's "profile" folder, confirm that there is a file called places.sqlite. You are going to replace the new Tor's places.sqlite with the old Tor's places.sqlite.
8. Locate the places.sqlite file that you had copied and previously set aside from your old Tor, which should be on your desktop. Copy the places.sqlite file from the old Tor into the "profile" folder. Confirm that you want to replace the new Tor file with the old Tor file.
9. Navigate away from the "profile" folder window, to the "Tor Browser" window, and click to run Start Tor Browser.exe. Wait for the new Tor browser to open up, and you should now see your old bookmarks.

As an aside, I have been confronted with how buggy Tor on Windows can be. To this day, I still haven't been able to figure out the root of a problem I encountered when upgrading Tor, but I have devised a workaround.

I'm currently running tor-browser-2.2.35-13, I attempted to upgrade to tor-browser-2.2.37, and was met with the following:

Vidalia was unable to start the configured web browser

Vidalia is the graphical controller and view of Tor's connections and settings. Startled and confused by this weird message, I get the sense that, for some unknown reason, tor-browser-2.2.37 just doesn't work for me. I decide to download and install the next level up, tor-browser-2.3.12-alpha-2. Everything seemed to be going ok, up to Vidalia starting and telling me I was connected to Tor. The next step was for the Tor browser to automatically pop open on my screen, but it never did. All that would happen was that Vidalia would run, but the Tor browser never appeared or opened up. I assumed this was because there was a bug with the alpha release, so I attempt to revert and go back to my last known working version of Tor Browser Bundle, 2.2.35-13. This time, when the Tor browser opens up, instead of the familiar message "Congratulations. Your browser is configured to use Tor.", I now have a new problem:

The proxy server is refusing connections

Firefox is configured to use a proxy server that is refusing connections.

Check the proxy settings to make sure that they are correct.
Contact your network administrator to make sure the proxy server is working.

Whiskey. Tango. Foxtrot. Maybe I should go into Windows Registry and remove all traces of Tor. In regedit, I deleted all registry keys I could find after searching for

Tor Browser, tor-browser, tbb, tor, vidalia

Presumably, I had wiped the slate clean, and could reinstall Tor like I was installing Tor for the first time. I again tried the last known working version of Tor. Darn, no go! I got the exact same "proxy server is refusing connections" messages as before. I then decided to abandon Tor Browser Bundle, and try to install Tor on Firefox. In an act of desperation, I tried installing TorButton for Firefox, even though this is no longer in active development. This was to no avail, because I got the same messages; in fact, what I ultimately did with Firefox was erase my Firefox tabs and wipe out all the cookies I had accumulated. I then tried to install Tor on Google Chrome, and again got the same "proxy server is refusing connections" messages. To my utter shock, I had run out of ideas and had no working Tor browser on my computer, and had no clue even what the problem could be or where to go next. At a definite low point, frustrated, preoccupied, I kept fiddling around, until I hit on a bit of luck. Recall that I had three different "Tor Browser" folders from the installation packages for 2.2.35-13, 2.2.37-1, and 2.3.12-alpha-2. Keeping them all straight was a hassle, so I simply relabeled my last known working version as "Tor Browser, last known working, now broken". This was 2.2.35-13. Out of habit, I clicked on Start Tor Browser.exe, and lo and behold, Tor was working again! As an experiment, I went to the "Tor Browser" folder for 2.2.37-1, and simply changed the name of that folder, from "Tor Browser", to "Tor Browser_a". That worked too!

In conclusion, your inability to connect to Tor, signified by the "proxy server is refusing connections" messages, can be overcome if you simply rename your "Tor Browser" folder to another name other than "Tor Browser". For me, I renamed it simply "Tor Browser 2.2.37-1" and now I've got working Tor with all the latest security updates.

So what is the root of the problem? Given that I had gone into my Windows registry, and tried to remove all traces of Tor, I am at a loss. Frankly, I don't have the patience or the motivation to delve into and figure out the problem. My best guess is that something happened with Tor, Windows, or the interplay between the two, that has Windows associating the folder C:\Program Files (x86)\Tor Browser\ with a defective version of the Tor protocol. Even going into Windows registry and trying to remove all traces of Tor seems to be of no effect.

Once I got Tor working again, and figured out the workaround, was the moment where the Pope gets off the airplane and bends down to kiss the ground.

Update: Since filing an official bug report, I have been in contact with a Tor developer, who told me that the problem of seeing the message "Vidalia was unable to start the configured web browser" can be avoided if you make it part of your routine to store your Tor folder on your desktop, instead of in C:\Program Files (x86):

Only installed applications go in C:\Program Files (x86). The Tor Browser Bundle is self-contained and does not actually install itself onto your computer, it just runs whenever you click the Start Tor Browser.exe icon. If you run Tor from the Desktop, then you should not have any problems with Vidalia not being able to start the browser - now or when you upgrade.