Hi guys I was looking for an E2EE cloud storage with reasonable pricing (I need nothing special just for personal use) and found filen.io pretty compelling. Does anyone here use filen? How is your experience with it?

Convincing people to use apps such as Signal is hard work and most can't be convinced. But with those you manage to convince, do you feel happy to talk to them on Signal?

The problem is these people use Signal on Android/IOS which can't be trusted and IOS has recently been in the news for having a backdoor. And it has also been revealed that american feds are able to read everyone's push notifications and they do this as mass surveillance.

So not only do you have to convince people to use Signal which is an incredibly difficult challenge. You also have to convince them to go into settings to disable message and sender being included in the push notifications. And then there's the big question is the Android and IOS operating systems are doing mass surveillance anyway. And many people find it taking a lot of effort to type on the phone so they install Signal on the computer which is a mac or Windows OS.

So I don't think I feel comfortable sending messages in Signal but it's better than Whatsapp.

These were some thoughts to get the discussion started and set the context.

So something pissing me off is websites like lusha or dropcontact who use AI to give their customers your mail address if they only enter your name (which they get from LinkedIn, your company's website,...).

Our mailaddresses have the most basic format of firstname.lastname@company.com

So after threatening another one of those nuisances with a GDPR complaint, it got me thinking that this will become the new normal. We will have to live with it that someone tries to guess our mailadress instead of getting them from some shitty address dealer.

An idea to get rid of the problem in the future would be to add a random secret to work mail addresses, like

Firstname.lastname.secret@company.com Where the secret could be anything consisting of several letters. That way you can ensure that only people who you shared your contact details have your mailadress. What's your thoughts?

Popular social media platforms and video streaming services pose serious risks to user privacy, with children and teenagers most at risk, the Federal Trade Commission found in a report published Thursday.

The report, which stretches more than 100 pages, details the data, advertising and recommendation-system efforts by these companies, and how they rely on information about users to sell ads. Users also “lacked any meaningful control over how personal information was used for AI-fueled systems” on the companies’ platforms, according to the report.

“While lucrative for the companies, these surveillance practices can endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identify theft to stalking,” FTC Chair Lina Khan said in a press release...

LinkedIn users in the U.S. — but not the EU, EEA, or Switzerland, likely due to those regions’ data privacy rules — have an opt-out toggle in their settings screen disclosing that LinkedIn scrapes personal data to train “content creation AI models.” The toggle isn’t new. But, as first reported by 404 Media, LinkedIn initially didn’t refresh its privacy policy to reflect the data use.

The terms of service have now been updated, but ordinarily that occurs well before a big change like using user data for a new purpose like this. The idea is it gives users an option to make account changes or leave the platform if they don’t like the changes. Not this time, it seems.

To opt out of LinkedIn’s data scraping, head to the “Data Privacy” section of the LinkedIn settings menu on desktop, click “Data for Generative AI improvement,” then toggle off the “Use my data for training content creation AI models” option. You can also attempt to opt out more comprehensively via this form, but LinkedIn notes that any opt-out won’t affect training that’s already taken place.

The nonprofit Open Rights Group (ORG) has called on the Information Commissioner’s Office (ICO), the U.K.’s independent regulator for data protection rights, to investigate LinkedIn and other social networks that train on user data by default.

“LinkedIn is the latest social media company found to be processing our data without asking for consent,” Mariano delli Santi, ORG’s legal and policy officer, said in a statement. “The opt-out model proves once again to be wholly inadequate to protect our rights: the public cannot be expected to monitor and chase every single online company that decides to use our data to train AI. Opt-in consent isn’t only legally mandated, but a common-sense requirement.”

Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++

Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

Not just locally on the device! There must be an error when calling or texting the number.

Data must work for internet for Signal, VoIP, etc.

This is for a UK PAYG SIM.

There should be no way for anyone to demand my number, or for me to leak it, or doing so should be irrelevant as it does not work.

Edit: word, polic->police

Even more of a police state.^[[1] https://youtu.be/8c_UdWo4Zek | https://lemmy.world/post/19890492]

On Thursday, Oracle co-founder Larry Ellison shared his vision for an AI-powered surveillance future during a company financial meeting, reports Business Insider. During an investor Q&A, Ellison described a world where artificial intelligence systems would constantly monitor citizens through an extensive network of cameras and drones, stating this would ensure both police and citizens don't break the law.

This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn't this done more often? What are the Pros and Cons. I bet the price is similar as well.

I'm wondering which is more free (as in freedom) so I can make the right choice. I've also heard people say the regular PinePhone is better than the Pro version. I am planning on using it as a daily driver. I understand it's not perfect yet, but I'm dedicated to make it work, I don't do much with my phone. I also just want to help support Linux-based phones and would like to see it become more popular in the future! I'm planning on dropping my Google Pixel w/ GrapheneOS for this.

Need at least the camera, if not that plus a microphone and speakers, not the lock or bell.

Libre Software (Obviously) + End-to-End Encryption

Small and easy to hide, so the camera isn't stolen, attacked or bypassed.

Best answer yet

Hi :) How concernt are you about leaking your personal information by using a custom-domain for emails? Because anyone could see, who registered the domain, correct?

I've been trying to delete as many online accounts as possible to reduce the threat of my personal information / duplicate passwords / my cell number getting out there. I know, it's probably not worth the effort but it does at least clean up my password manager and MFA app.

I've tried had trouble getting my personal information scrubbed and my account deleted at Robinhood and LendingTree. Both have policies that claim they're unable to delete user accounts due to federal regulations.

Here's the bit from Lending Tree: https://www.lendingclub.com/legal/privacy-policy

Data Retention: Due to the regulated nature of our industry, we are under legal requirements to retain data and are generally not able to delete consumer transactional data, credit or deposit account application data, or other financial information upon request. Certain regulations issued by state and/or federal government agencies may require us to maintain and report demographic information on the collective activities of our membership. We may also be required to maintain information about you for at least seven years to comply with applicable federal and state laws regarding recordkeeping, reporting, and audits. Criteria used to determine the period of time information about you is retained are primarily related to legal requirements and usefulness of the information for the purposes it was collected.

In both of these cases, I haven't used the account in many years (RH: 2020, LT: 2018). It serves no purpose to maintain this account other than to exist as data for some malicious actor to acquire and act upon.

With data leaks happening practically every day, I'm really not comfortable with financial agencies with varying degrees of security keeping my information forever. I would think it would be in their own best interest to comply with a deletion request to prevent anyone from scamming them.

Also, I can't tell you how many websites I've lost access to because my phone number was tied to log in. I previously had a company-issued cell phone and not longer have access to that. Any website that requires a phone number for MFA is just horrible. I'm trying to sign into another financial site now and apparently I'm not able to do so without a phone number I had eight years ago.

Wondering if anyone is familiar with this federal regulation that requires they hold on to this information and if there's some sort of way around this either with a lawyer or federal form or something.

cross-posted from: https://lemmy.ml/post/20406932

I may go for short term work in either South Korea or Saudi for a few months. Does anybody have any idea, how safe it is to use a VPN as a foreigner in these countries? Worse case scenario, can I use a VPN in a Azure VM and scp torrent downloaded files or something?

Hi guys wanted to know how can i use mull browser in higher refresh rate than 60hz? I know it will make me standout and more prone to fingerprinting and it's fine for my use case

When it comes to Intel Management Engine, I actually think it's not a threat if you neutralize it. I mean to just set the HAP bit on it. Because if that isn't enough then that means all computers in the world which use Intel CPU can be accessed by NSA but if NSA had this much power then it seems obvious that they aren't using it and why wouldn't they use it?

There's a github project to neutralize/disbale Intel ME: https://github.com/corna/me_cleaner Disable is overwriting intel ME as much as possible with zeros, leaving only a little remaining to be able to boot the computer. The newer the intel chips are, the less likely it is to be able to disable it. But all chip sets can be neutralized which means to set the HAP bit which is an official feature. In theory we can't actually trust the HAP bit to really disable intel ME permanently. It's more like asking Intel to do what they have promised because it's proprietary. But I think it really does permanently disable it because otherwise NSA would be abusing this power.

That's why I think the newer laptop models are better because it's probably not necessary to disable, it's enough to just neutralize withthe HAP bit. And with a newer modern laptop they can have open source Embedded Controller firmware which is better than proprietary Embedded Controller firmware.

I'm interested to hear what you think as well.

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn't find clear answers. I could use a DNS service that provides blocklists but isn't it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn't find relevant results.

On Android, I didn't find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink's DNS.

So what's the best way to filter ads and trackers on both 3rd party apps and on OS's like Android (specific Samsung phones) while still using a VPN?

UK Banks: HSBC, Lloyds, Starling, Monzo, etc.

Update I have come to a decision. Thank you to all who contributed suggestions. Please feel free to keep the discussion going to help others.