Privacy

4546 readers
9 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
1
 
 

CEOs of all companies have done or said something shady/inappropriate/immoral during their lifetime. Let's collect and discuss alternatives!

Stop using anything anything you don't produce yourself or someone you know who is not shady in any way (implant a chip in their head to scan their brain for any shady thoughts or wrongdoings throughout their lifetime).

Alternatives to:

  • Every single OS
  • Every single software/hardware
  • Every single phone manufacturer
  • Every single car manufacturer
  • Every single construction company (move to a hut in the forest)
  • Every single farmer (stop eating vegetables and fruits)
  • Every single food producer (stop eating/drinking anything unless you produce it yourself or dig a well for water)
  • Every single everything
2
 
 

thought you guys would find this blog post from Brian Leiter today funny. he's a pretty good guy and a respected scholar so no shade on him, clearly just misinformed. i wonder if this is in some way downstream of the recent political drama around proton.

3
 
 

Unnecessary and deeply concerning bow to the new "king"

4
51
submitted 1 week ago* (last edited 6 days ago) by SatyrSack@feddit.org to c/privacy@lemmy.world
 
 

Import into your F-Droid client directly by tapping this link: fdroidrepos://fdroid.ironfoxoss.org/fdroid/repo?fingerprint=C5E291B5A571F9C8CD9A9799C2C94E02EC9703948893F2CA756D67B94204F904

https://gitlab.com/ironfox-oss/IronFox

IronFox is a fork of Divested Computing Group's Mull Browser, based on Mozilla Firefox. Our goal is to continue the legacy of Mull by providing a free and open source, privacy and security-oriented web browser for daily use.

5
 
 

Last year, I outlined the specific requirements that an app needs to have in order for me to consider it a Signal competitor.

Afterwards, I had several people ask me what I think of a Signal fork called Session. My answer then is the same thing I’ll say today:

Don’t use Session.

6
 
 

Insurance giant sued by Texas for using surveillance without consent to jack up premiums, deny coverage

7
 
 
8
 
 

This post contains a canary message that's cryptographically signed by the official BusKill PGP release key

BusKill Canary #009
The BusKill project just published their Warrant Canary #009

For more information about BusKill canaries, see:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Status: All good
Release: 2025-01-14
Period: 2025-01-01 to 2025-06-01
Expiry: 2025-06-30

Statements
==========

The BusKill Team who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is January 14, 2025.

2. The current BusKill Signing Key (2020.07) is

   E0AF FF57 DC00 FBE0 5635  8761 4AE2 1E19 36CE 786A

3. We positively confirm, to the best of our knowledge, that the 
   integrity of our systems are sound: all our infrastructure is in our 
   control, we have not been compromised or suffered a data breach, we 
   have not disclosed any private keys, we have not introduced any 
   backdoors, and we have not been forced to modify our system to allow 
   access or information leakage to a third party in any way.

4. We plan to publish the next of these canary statements before the
   Expiry date listed above. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.

Special announcements
=====================

None.

Disclaimers and notes
=====================

This canary scheme is not infallible. Although signing the 
declaration makes it very difficult for a third party to produce 
arbitrary declarations, it does not prevent them from using force or 
other means, like blackmail or compromising the signers' laptops, to 
coerce us to produce false declarations.

The news feeds quoted below (Proof of freshness) serves to 
demonstrate that this canary could not have been created prior to the 
date stated. It shows that a series of canaries was not created in 
advance.

This declaration is merely a best effort and is provided without any 
guarantee or warranty. It is not legally binding in any way to 
anybody. None of the signers should be ever held legally responsible 
for any of the statements made here.

Proof of freshness
==================

14 Jan 25 01:01:33 UTC

Source: DER SPIEGEL - International (https://www.spiegel.de/international/index.rss)
A Miracle? Pope Francis Helps Transsexual Prostitutes in Rome
Boost for the Right Wing: Why Did a German Newspaper Help Elon Musk Interfere in German Politics?

Source: NYT > World News (https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
What an Upended Mideast Means for Trump and U.S. Gulf Allies
Russia and Ukraine Battle Inside Kursk, With Waves of Tanks, Drones and North Koreans

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Gaza ceasefire deal being finalised, Palestinian official tells BBC
Watch: Moment man is saved from burning LA home

Source: Bitcoin Blockchain (https://blockchain.info/q/latesthash)
0000000000000000000042db9e17f012dcd01f3425aa403e29c28c0dc1d16470

Footnotes
=========

[1] https://docs.buskill.in/buskill-app/en/stable/security/pgpkeys.html

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeY3BEB897EKK3hJNaLi8sMUCOQUFAmeFuPcACgkQaLi8sMUC
OQXctQ//Zv7RZXPKMMyjMjfE2LjrL6RVESIZMT2tUO/y0wx8XTXKBpgOA7fTh2eC
BHkLajpU/S3LOb+wBniuo29tpGJHG5MBWDwyNUAWXqZfJ/A9YNikNYq9lOn6nKSH
oHyLB8h2nP9rfQ2wXUtN6lFJVKWU5Ef5pjMQb8flJO2kbou7QpgcOzxvRqrXOUcN
UumjSlDTtwIOYOX+Ee8SamI4LyApOlwxIGMbFcbRMcJNhtioS4qCGNGw1pqhvqmF
pi1kIaqd79I8y1U9ufncvC+pbCEvRdo+wb7ZsXA9ZYpYfJSQJzSkdCGgkbe0b1Tx
6CNlcgoXIVaEH6/W+C2DFlyG1u4JuH22eXIrloYnjOxlqSJCd0Dw1EeO33tg3xg3
tfeO9pGOcZPOwlBL509VlE9z6W3czyKJk7Z4RwYXCFYWWi8vlHvRQg0LNu0C4Jyw
fRV2LlMSeUgBz9xyE62jh/BUNZzXsD0ntprR1eRTkeW4kOGEc6Wql4lBKE08sajT
YdgTi4ojrcfTdS7Sgzh1Onh5h/nF7hoyCX0lINgyTrJFMynC6qadTZtiJ2yO8GT+
Ovk9ZJMggBMNr4Vbw6CyrU/4yYMyrEd5dzXYZLZ41lMMpjwM8OBJ/yp1pcGo9vk4
NTAjUQUvOj6nrA/r3j2ywFMDZtFR/jBjXULWE77ca3iJmc/FUdg=
=xahN
-----END PGP SIGNATURE-----

To view all past canaries, see:

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

9
 
 

I’ve been using the app for a while paird with jellyfin but it’s time for my yearly purge of privacy violating apps, services, and websites.

I can’t find much online about infuse.

10
 
 

Previously I was looking for search engine that turned out it wasnt worth remembering afterall. As people helped, i thought its easier to just list every site its not. The site I was looking for turned out to be maintained by some rightwing assholes, but I thought maybe it could still be useful as it collects scrapers from many engines into one site. But since it apparently blocks lqbt domains, its basically worthless since who knows what else it blocks. Apparently anything those fucks touch is tainted.

I tried describing the site based on what I remembered and how it appeared to me. now it feels shameful even leaving it as context. The picture gets conveyed through the comments anyway for those interested.

I'm sorry it ended up like this, I should probably have done this much eariler and not give the site any benefit of the doubt.


So, instead lets make this into list of search engines so this post might have at least something positive about it. I already started gathering the list earlier as by product of the unfortunate search. It might be better to just scrap this all and start with new post but it would also erase what happened and the lesson learned.

I know there are lists already, but I dont think they all have every engine, especially smaller or newer ones. We could also gather information about engines' maintainers, stuff that helps determine what to expect from them. I'll try gathering it here on this post from the comments and if I find something myself.

Lets avoid all ai searchers since those ought to be in their own category anyway.

List of search engines

  • bing
  • kagi
  • yacy
  • ask.com
  • searx
  • brave
  • ecosia
  • mojeek
  • duckduckgo
  • marginalia
  • startpage
  • giburu
  • yippy
  • qwant
11
 
 

The ads you're viewing in popular apps have been co-opted by companies harvesting your location data — and now hackers have it.

12
 
 

What's the deal? I'm testing using https://coveryourtracks.eff.org/ Is it truly unique (and repeatable), or is it perhaps being randomized on every request?

I've tried normal Firefox, Mull, and IronFox. With and without jShelter.

I'm using my phone. Stock Android on a Pixel 7 Pro.

In DDG Browser I have a "nearly unique" fingerprint.

I installed CanvasBlocker and disabled privacy.resistFingerprinting in IronFox (since CanvasBlocker said to), and my fingerprint is still unique. I guess I'm not surprised since I think CanvasBlocker is designed to randomize canvas fingerprinting.

Any tips on having even a shred of privacy when browsing the web on Android?

Update

The biggest identifying characteristics are screen size and user agent. User agent can be faked with an extension. I can't exactly change my screen size.

I don't know what exactly what I did, but I managed to improve to "nearly unique" in IronFox. I think all I did was install Cookie Autodelete. It's an extension I've used for a long time in Mull, and finally got around to installing it. Then I installed "User-agent Switcher" and chose a Chrome user-agent and now I'm back to "Unique". 🤔

EFF mentioned Tor Browser having some other best anti-fingerprinting, so I tried installing that. "Unique Fingerprint". Again, maybe that's fine if it means it's randomized on every request. Does anyone know if that's the case? If part of the fingerprint is a hash of canvas data and WebGL data, etc. Then I can easily see your fingerprint being unique if a browser or an extension is intentionally fuzzing that data.

Update 2

I tried Fennec with just jShelter, uBlock Origin, and Cookie AutoDelete (not that I think those last two matter).

Obtained a "randomized fingerprint" result. Success?

13
 
 

I am ashamed to admit I went back to Facebook recently hoping to reconnect with some old friends.

I used a VPN, and had ublock origin on. Facebook never told me to turn these things off.

After about a month, Facebook suddenly banned my account, allowing me to appeal. To do that appeal, they are requesting selfie in which I am moving my head around.

This seems incredibly invasive to me and I'm not entirely sure they aren't just doing this to permanently ban me based on biometrics. If they had just asked me not to use ublock origin, I would have done that.

The original ban notice said I was using a technology that wasn't allowed on Facebook.

The first email said: "We’ve noticed some unusual activity on your Facebook account and have restricted its access to advertising. Any ads connected to your account are currently disabled.

To learn more, please review our Advertising policies affecting business assets.

If you believe your account was incorrectly restricted, click the Fix issue button below to verify your account.

You have until July 07, 2025 to fix the issue before the account is permanently disabled.

We used technology to detect this violation and carry out this decision. Further violations of our Advertising Standards may result in your account being disabled or restricted."

What's so weird is I don't use Facebook marketplace or anything like that. Then they said the account was just banned.

"Your Facebook account has been suspended. This is because your account, or activity on it, doesn't follow our Community Standards on account integrity.

If you think we suspended your account by mistake, you have 180 days to appeal our decision. If you miss this deadline your account will be permanently disabled."

As a minority who has been arrested and feels marginalized by society, but isn't pretending to be anyone other than me, I'm left wondering why this occurred. I didn't get any notices about this at all prior to their asking. I also was arrested at one point and so when I add former friends, I don't know if some people are mortified to know me and so report the account and that is why this is happening or what is going on.

Does anyone know if doing some awful video like this would restore the account, or are they just trying to get more biometric information to ban me permanently? I really wish there were an alternative to Facebook. I hate it and they are so vicious with how they suddenly ban people.

I am unlikely to be willing to do a selfie in which I look left right up and down or whatever, as I don't believe Facebook will delete it.

Right before the ban, I was talking with an ex from a long time ago, who seemed friendly at first. Now I'm wondering if this person reported me and this is why this happened. They said they had to go to lunch, be right back, and it was sort of late for lunch.

I really hate the world and the planet sometimes. Facebook is just terrible and mean and I don't actually believe that such a 3D selfie, which is sort of what they seem to want, is going to not be stored in some government database.

14
 
 

I know this has been discussed a lot across the fediverse already, but I recently learned about the Fogg Behaviour Model (FBM), and thought it would be interesting use it as a frame.

Basically, the model says that people change behaviour when they are motivated, have the ability, and are given the right prompt or nudge in the right direction.

How do we nudge people who are...

  • In the top left, i.e. are motivated, but lack the ability to use privacy-friendly alternatives?
  • Are in the bottom right, i.e. have the ability, but don't care or have the motivation?

Unfortunately, my impression is that most people are in the bottom left, and think of the invasive surveillance of Big Tech like the weather; "I just have to deal with it". How do we give these people the ability and motivation to escape the data vampires?

15
 
 

Hackers have reportedly breached Gravy Analytics, a parent company of Venntel that sells smartphone location data to the U.S. government. The hackers claim to have stolen considerable data, including customer lists, industry information and individuals' location data. They are threatening to make the data public.

16
 
 

I have never liked Apple and lately even less. F.... US monopolies

17
 
 

It actually was pretty easy. All I did was install Fennec and then tweak a few settings.

  • I switched the browsing protection to strict

  • I installed ublock origin

  • I went to about:config and enabled resist fingerprinting

I ran some fingerprinting tests and my slightly modified Fennec performs about the same as Mull

18
 
 

In the light of Divest OS shuting down i am searching for a new Android browser that doesn't send telemetry data to Mozolla and I stumbled over IronFox. Does anyone have any opinions or other recommendations?

19
20
 
 
21
 
 

The gift card store secured the public cloud storage server containing customer ID documents, which was not protected with a password.

22
 
 

This enforcement action marks the first significant implementation of India’s 2022 regulatory framework governing VPN apps. The rules mandate that VPN providers and cloud service operators maintain comprehensive records of their customers, including names, addresses, IP addresses and transaction histories, for a five-year period.

23
 
 

Apple users may get $20 each for up to five Siri-enabled devices.

24
25
 
 

If USG is pushing for citizens to use Signal than it means it's a US honeypot only. lol

view more: next ›