Privacy Guides

Last year, I outlined the specific requirements that an app needs to have in order for me to consider it a Signal competitor.

Afterwards, I had several people ask me what I think of a Signal fork called Session. My answer then is the same thing I’ll say today:

Don’t use Session.

We didn't like the VPN videos out there on the internet - so we made our own! Its now available to watch on PeerTube at the link above!

cross-posted from: https://lemmy.ca/post/35853890

So, for privacy and security reasons, I use a VPN. This is normally Mullvad (with DAITA and quantum resistance enabled), but I have ProtonVPN, Windscribe, and Orbot handy in case something doesn't work.

However, lately I've noticed my connections being blocked. This is across three different ISPs: Sky, Virgin, and Wifinity. I have tried all three VPNs and Orbot, and I have tried several protocols (WireGuard, OpenVPN, IKEv2, Stealth, and of course SOCKS5) to no avail.

The logical solution would be to use a bridge in Orbot, but the button seems to have been removed. Also, by using Orbot, I will not be protected by my DNS.

I am currently using iOS, but my other machines run Linux and I will be getting a GrapheneOS phone in the near future.

Can anyone help?

Basically create an alias for every combination to prevent privacy cross contamination.

For instance, not only should you make an email alias for an Eventbrite account, but for every organization you sign up for events with. You are required to enter an email (any email) for the event, which can be seen by both Eventbrite and the organization. If you enter in the email of your Eventbrite account then the org could give that away, resulting in email spam and you can't be sure if it was either Eventbrite itself or the org that sold you out. If that happens then you would probably want to delete email address but then you have to change it in other places you need to send/receive emails from.

Another example is Discourse forum sites. While Discourse is open source and self-hostable, you may not always be sure if a Discourse site is self-hosted or using paid hosting. A lot online places have both their own website and a separate discourse site. Bitwarden's forum site doesn't have a sign-in option using your Bitwarden.com account, and Raindrop.io uses canny.io to track app feedback which has also uses its own login. (I'm actually glad I made an alias for every single Discourse forum site before realizing all of this).

I just did this on a website that said my Simplelogin alias isn't allowed for signup, but changed it successfully after the fact from a disposable email.

(I'm aware that many Lemmy users hate Reddit. this discussion would be useful for anyone that Lemmy users that also use Reddit)

This came as a big surprise to many users on places like r/help and r/bugs, including me. Reddit made this post last week on it: Say goodbye to new.reddit on Dec 11, 2024 : r/modnews.

Seeing this r/privacy post: sh.reddit (shreddit) is a Google spyware machine designed to de-anonymize you : r/privacy, New New reddit (2023 Reddit redesign) pings Google repatcha on every single page load. I saw the comments but its not clear how to counter this other than using old.reddit.com (which I like even less than 2023 reddit) or using 3rd party apps.

https://windowsreport.com/mozilla-firefox-removes-do-not-track-feature-support-heres-what-it-means-for-your-privacy/

For instance, People I know that are using Eventbrite for private event registration. To sign up for the event with or without an account, you have to write and confirm your email in the boxes, I did some looking up to see if hosts can see the email. I didn't find any answers so I made a Reddit post asking, and got a reply saying "No, they can't. Eventbrite deletes them as soon as you submit the form." I wanted to be sure so I created a private test event and registered for it in a private window. I then went to my event dashboard and clicked on the ticket # where I can in fact view it (the email shown is made up).

I only asked Perplexity after trying to find out myself. It did in fact find the answer (link #8: View your Attendee Summary report): "Review attendee purchase details like email address ..." I've found LLMs and search tools like Perplexity to be unreliable for answering questions like this for websites, as well as software. Which means I may not turn to them in cases where they actually would help. It's too bad they hallucinate a lot too.

cross-posted from: https://lemmy.zip/post/26286036

A guide to keeping your plans private through every step of an abortion in any state, including Florida and South Dakota

I didn't know where else to go, so if this is not the place, please let me know and I'll delete this.

I'm ready to port over to JMP.chat, and was wondering if anyone could share a referral link/code for me to avoid the 15 dollars activation of the number. I would really appreciate it.

First and foremost, I'll get this out of the way: I abhor all commercial social media. I don't trust them, I know users are the product, and - ultimately, I feel they're nothing but a cancer on society.

But, I also have to acknowledge that, for one or two use cases at least, they seem pretty unavoidable.

For me, that one use case is Facebook Marketplace. Here in Australia, there's simply no better alternative if you want to reach a large number of potentially interested buyers (or even buy some stuff yourself). The supermarket noticeboard is no more; the Trading Post was bought long ago and died on the vine; and Gumtree has devolved into a cesspool of nothing but scammers and fuckwits.

So, I use FB Marketplace. My FB account isn't in my name, uses a throwaway email address, and has no followers or friends. It's only a member of the local buy/sell groups that I'm interested in, and it performs no "social" activities (posts, likes, etc) at all.

Until now, I generally only use FB marketplace with a "clean", dedicated browser on my computer, running in private mode and via a VPN. But, it means I frequently miss messages from interested parties when I'm away from my computer.

I also sometimes use the mbasic.facebook.com site from a private Firefox tab on my iPhone, but FB has just started telling me I need to use Chrome (no. fucking. way.) or Safari (maaaaaybeeeee?) after October 28th.

When I was on Android, there were a few wrapper apps that I was able to use but, so far, my searches for an equivalent on iOS have turned up nothing.

So, knowing full well this may lead to nowhere, I thought I'd ask this community: does anyone have a good, privacy-friendly way to use FB on iOS?

Thanks in advance for any useful tips or suggestions.

Since it looks like Firefox might not be a good option for the long haul due to some disappointing decisions from its management, I'm on the lookout for privacy-friendly alternatives. I came across Cromite, which is based on Chromium and has an ad blocker. Has anyone tried it? From what I've seen, the built-in ad blocker seems pretty basic and not very customizable. Still, I think any alternative we choose should be based on Chromium, especially if we don’t want to wait ages for Ladybird.

cross-posted from: https://links.hackliberty.org/post/2932106

Image Transcription:

WHAT WILL A CASHLESS SOCIETY MEAN?

THE PROS

CONVENIENCE — THERE WILL NO LONGER BE ANY NEED TO CARRY CASH AROUND

THE CONS

EVERY TRANSACTION YOU MAKE WILL BE TRACKED YOUR SPENDING HABITS CAN BE LINKED TO YOUR CARBON FOOTPRINT

YOU WILL ONLY BE PERMITTED TO SPEND ON THINGS THE GOVERNMENT APPROVES OF. THINGS THAT ARE DEEMED TO BE LUXURIES — MEAT, FUEL, TRAVEL — CAN BE RESTRICTED

YOUR MONEY CAN BE PROGRAMMED WITH AN EXPIRY DATE — IF YOU DON’T SPEND IT BY A CERTAIN DATE, YOU'LL LOSE IT

THERE WILL BE NO ‘BLACK’ ECONOMY. IT WILL NOT BE POSSIBLE TO AVOID TAX, BUT THEN YOU WILL NOT BE ABLE TO GIVE POCKET MONEY TO CHILDREN OR GRANDCHILDREN AND NEITHER WILL YOU BE ABLE TO BORROW OR LEND MONEY TO FRIENDS WITHOUT THAT BEING TAXED BY THE GOVERNMENT

PARKING AND SPEEDING FINES WILL BE TAKEN AT SOURCE, WITHOUT THE POSSIBILITY OF CHALLENGE AND POSSIBLY EVEN WITHOUT YOUR KNOWLEDGE

IF YOU PROTEST THE ACTIONS OF THE GOVERNMENT, YOUR MONEY CAN BE SWITCHED OFF. IF YOU THINK THAT’S UNLIKELY, IT’S ALREADY HAPPENED TO TENS OF THOUSANDS OF CANADIANS WHEN THEY PROTESTED AND IT ALSO HAPPENED TO A BRITISH JOURNALIST

A CASHLESS SOCIETY MEANS THE END OF HUMAN FREEDOM

IF YOU WANT THAT, DO NOTHING

IF YOU DON'T, THE FIRST THING YOU MUST DO IS RESPOND TO THE GOVERNMENT'S PROPOSAL ON DIGITAL ID, UPON WHICH A CASHLESS SOCIETY MUST BE BASED

https://www.gov.uk/government/consultations/draft-legislation-to-help-more-people-prove-their- identity-online/consultation-on-draft-legislation-to-support-identity-verificat

Image Credit: Brett Scott

• https://blog.torproject.org/new-release-tor-browser-1357/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680

Mozilla Firefox itself and all Mozilla Firefox forks should be updated accordingly once a new build is released.

@privacyguides collaborators, it’s time to review the recommendation of Firefox as a good browser option…

From: @sarahjamielewis
https://mastodon.social/@sarahjamielewis/113245689258934184

cross-posted from: https://lemmy.zip/post/23512234

A new Federal Trade Commission (FTC) report confirms what EFF has been warning about for years: tech giants are widely harvesting and sharing your personal information to fuel their online behavioral advertising businesses.

Report: https://www.ftc.gov/news-events/news/press-releases/2024/09/ftc-staff-report-finds-large-social-media-video-streaming-companies-have-engaged-vast-surveillance