1
42
2
268
submitted 12 hours ago by grid11@lemy.nl to c/privacy@lemmy.ml
3
391
submitted 18 hours ago by doodle967 to c/privacy@lemmy.ml
4
59
submitted 20 hours ago by Betawhat@lemmy.zip to c/privacy@lemmy.ml

Real question. I would like to know what drives you to hate Apple? (In terms of privacy of course because in terms of price it’s another story).

5
243
submitted 1 day ago by Zerush@lemmy.ml to c/privacy@lemmy.ml
6
21
submitted 1 day ago by kylefoss@lemmy.ml to c/privacy@lemmy.ml

I heard about silent.link but I want to know if I should trust it.

It claims to be an anonymous e-sim provider.

Let's say it is legit and not backdoored by the government and not a honey pot, would the government be able to find out that I own the anonymous e-sim on it if my other sim in my phone is another provider not silent-link. Like how on android you can use a sim for data and a sim for calls.

Also do you guys think the us government will put peoples name on a list from having silentlink?

The whole thing sounds too good to be a true a anonymous e-sim so let me know what you guys the privacy community think.

7
39
submitted 1 day ago* (last edited 1 day ago) by Charger8232@lemmy.ml to c/privacy@lemmy.ml

I was researching WebMail providers, and noticed that most WebMail providers recommended in privacy communities are labelled as proprietary by AlternativeTo.

I made a list of WebMail providers, private or not, to see which ones were actually open source:

Proprietary

AOL Mail: Free

Cock.li: Free

CounterMail: Paid

Fastmail: Paid

GMX Mail: Free

Gmail: Free

HEY Email: Paid

Hushmail: Paid

iCloud Mail: Free

Mail.com: Free

Mailbox.org: Paid

Mailfence: Freemium

Outlook.com: Freemium

Posteo: Paid

Rediffmail: Paid

Riseup: Free

Runbox: Paid

Soverin: Paid

StartMail: Paid

Yahoo! Mail: Freemium

Yandex Mail: Freemium

Zoho Mail: Freemium

Open source

Criptext: Free

Disroot: Free

Forward Email: Freemium

Infomaniak kMail: Freemium

Kolab Now: Paid

Lavabit: Paid

~~Mailpile: Free~~

Proton Mail: Freemium

~~Roundcube: Free~~

Skiff/Notion: Freemium

Tuta: Freemium

Unless I'm missing something, it seems like people overlook this when deciding on WebMail providers. Is it a distinction between a proprietary backend server and a proprietary app, or is there a different way to decide if a WebMail provider is proprietary vs. open source? Lavabit was labelled proprietary by AlternativeTo, but open source by Wikipedia.

Note

If I have labelled an open source WebMail provider as proprietary by mistake, please provide evidence by linking to the source code, and I will happily change it.

8
46
9
35
submitted 1 day ago by aa1@lemm.ee to c/privacy@lemmy.ml
10
123
submitted 1 day ago* (last edited 1 day ago) by makeasnek@lemmy.ml to c/privacy@lemmy.ml
  • Note: "relay" is the nostr term while "instance" is the AP/Mastodon/Lemmy term. They are functionally very similar and offer the same abilities to ban annoying users from "public square" type spaces. Moderation works identically.
  • In AP/mastodon/lemmy you are connected to one "main instance" and then connect to other instances "through" that instance. In nostr, you are typically connected to multiple relays and access content more directly.
  • Nostr is an underlying protocol like AP is for Mastodon/Lemmy. The main use of nostr currently is as a twitter/mastodon clone, but it has other interfaces as well (calendaring, video sharing, etc) that I am less familiar with.
  • Both networks are decentralized in nature

AP/Mastodon/Lemmy

  • Instance admins on your instance and the instance of the user you are DMing can read your DMs, block them, or modify them without your knowledge or the knowledge of the receiving user
  • If your instance goes down, so does your access to the wider network. It will take your DMs with it, and your identity.

Nostr

  • Relays cannot read the content of your DMs as they are encrypted. They can only see that user A is DMing user B and approximate DM size. (This upgrade reduces that visibility further)
  • Relays cannot manipulate DMs as they are encrypted and will fail a signature check
  • No relay can prevent you from DMing another user as your client will automatically route the DM through another relay (unless that user has blocked you, which they can do).
  • You can receive DMs from anybody as long as one relay lets your DM through (and you are usually connected to several)
  • Your DMs and other content is replicated across multiple relays. Downed relay? No problem. You don't lose your content or your identity as your identity is a private/public keypair not "user @ instance dot com"

Bluesky

Idk anybody care to fill this section in?

Image source: nostr post

11
12

I've recently heard about their services, and others like them, and wanted to know what privacy-focused people thought about them, what experiences they may have had, and whether this was recommended for people who have a footprint they want scrubbing (even if only in part) or not?

12
19
Decentralized Encrypted P2P Chat (chat.positive-intentions.com)
submitted 1 day ago* (last edited 1 day ago) by positive_intentions@lemmy.ml to c/privacy@lemmy.ml

Id like to introduce you to a decentralized chat app that works purely in the browser. Breaking away from traditional solutions that require registration and installation.

A decentralized infrastructure has many unique challenges and this is a unique approach. Ive taken previsous feedback and made updates. Its important to note, it is still a work-in-progress and provided for testing/review/feedback purposes. it would be great if you can tell me what you think.

Some of the features of the app include:

  • Free
  • Decentralised
  • No cookies
  • P2P encrypted
  • No registration
  • No installing
  • Group messaging
  • Text messaging
  • Multimedia messaging
  • Offline messaging (LAN/hotspot)
  • File transfer
  • Video calls
  • Data-ownership
  • Selfhosted (optional)
  • Screensharing (on desktop browsers)
  • OS notifications (where supported)

With no registration or installation required, its easy to get started.

13
12
TOFU vs 2FAS (lemm.ee)
submitted 1 day ago by humuhumu@lemm.ee to c/privacy@lemmy.ml

Both are interesting choice, which one do you choose?

14
179
submitted 2 days ago* (last edited 2 days ago) by cmgvd3lw@discuss.tchncs.de to c/privacy@lemmy.ml

With the recent WWDC apple made some bold claims about privacy when it comes to so called Apple Intelligence. This makes me wonder if they did something to what Microsoft did with Recall feature, would people be less concerned and to an extend praise their effort?

Do you trust apple with their claims?

15
162
submitted 3 days ago by downdaemon@lemmy.ml to c/privacy@lemmy.ml
16
113
submitted 3 days ago by jjlinux@lemmy.ml to c/privacy@lemmy.ml

I just got this email from Sony. My kids use their profiles offline (meaning they don't even have a playstation account) on their PS4, and use my games. And now they want to allow kids to link their other accounts (my kids only have a SimpleX user to chat with their family, LOL).

The sad thing is that a lot of parents will go: "Nice, they can now have it all in one place!"

Love how they say this at the end:

Stay tuned for more details. In the meantime, we recommend talking to your child about account linking so that they can safely enjoy these new features while playing on PlayStation.

They fucking call these FEATURES!

17
149
submitted 3 days ago by jjlinux@lemmy.ml to c/privacy@lemmy.ml

I just love this guy when he's riled up. Makes me feel all warm and cozy 🤣

18
105
19
14
submitted 2 days ago by Gangly3090@lemmy.ml to c/privacy@lemmy.ml

Hi, while I know the link name may be... self-explanatory. I cannot seem to find any actual information on this link and it was strangely not blocked by my NextDNS(and other services) configuration. I'll explain the full story here:

So in April, ago I set up NextDNS and added it to my devices, it worked fine and blocked several in app ads. Then comes today, the game which had it's ads blocked the entire time which was also blocked by other DNS provider I was using before like Adguard and Mullvad suddenly has it's ads pop up again. I thought this was weird so I tried switching over back to AdGuard and Mullvad to see if my config was missing something. The ads still came up on opening the game So I re-added my NextDNS to my phone and checked the logs on their website, everything was fine besides the afromentioned "http://googleadsservice.online/" which wasn't blocked, the name seemed pretty on the nose so I added it to my Denylist and voila, no more ads. But I checked the logs for the URL and it turns out it's been a thing completely unblocked since I first set up?? That is to say there are several pages worth of the URL going through on my logs. I tried looking up the URL but found nothing. So I was hoping someone knew exactly what this was and why none of the DNS providers seem to block it. Thanks in advance

20
78

What is the best cloud storage that gives a nice balance between features and privacy? I know you can manually encrypt files to use any provider, but I would prefer an open source E2EE for the sake of convenience.

Currently I have heard about the following:

  • proton
  • filen
  • sync
  • icedrive
  • pcloud

(Not including GDrive, Onedrive etc..)

21
40
submitted 3 days ago* (last edited 3 days ago) by JameUwU@lemmy.ml to c/privacy@lemmy.ml

Hello Lemmy, this is my first time posting instead of commenting so if this is the wrong place or I'm formatting this wrong feel free to let me know how to fix it.

One of my healthcare providers (US) has just alerted me I've been affected by a Data breach (from February, so glad to see they took it seriously and alerted people quickly). The breach supposedly affects Full name, address DoB, and health information such as illnesses and medications. They have sent a 2 page information packet that gives recommendations such as calling the three creditors and a "free" 5 year subscription to an experian credit monitoring service. Upon checking the website they want my full name, DoB, SSN, Address, email, phone number, and I'm sure if they could my blood type and fingerprints.

What I would like to know is are these services they are providing me with "safe" for a threat model that involves keeping my information out of the hands of advertisers, bad actors and people who don't need it? Do they already have this information and are just asking to verify who I am? I'd prefer not to have my identity stolen due to someone else's computer having a security flaw. What's my best course of action to preserve my privacy while not having my identity stolen?

Thanks for any help in advance.

22
43

This post contains a canary message that's cryptographically signed by the official BusKill PGP release key

BusKill Canary #008
The BusKill project just published their Warrant Canary #008

For more information about BusKill canaries, see:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Status: All good
Release: 2024-06-11
Period: 2024-06-01 to 2024-12-31
Expiry: 2025-01-31

Statements
==========

The BusKill Team who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is June 11, 2024.

2. The current BusKill Signing Key (2020.07) is

   E0AF FF57 DC00 FBE0 5635  8761 4AE2 1E19 36CE 786A

3. We positively confirm, to the best of our knowledge, that the 
   integrity of our systems are sound: all our infrastructure is in our 
   control, we have not been compromised or suffered a data breach, we 
   have not disclosed any private keys, we have not introduced any 
   backdoors, and we have not been forced to modify our system to allow 
   access or information leakage to a third party in any way.

4. We plan to publish the next of these canary statements before the
   Expiry date listed above. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.

Special announcements
=====================

None.

Disclaimers and notes
=====================

This canary scheme is not infallible. Although signing the 
declaration makes it very difficult for a third party to produce 
arbitrary declarations, it does not prevent them from using force or 
other means, like blackmail or compromising the signers' laptops, to 
coerce us to produce false declarations.

The news feeds quoted below (Proof of freshness) serves to 
demonstrate that this canary could not have been created prior to the 
date stated. It shows that a series of canaries was not created in 
advance.

This declaration is merely a best effort and is provided without any 
guarantee or warranty. It is not legally binding in any way to 
anybody. None of the signers should be ever held legally responsible 
for any of the statements made here.

Proof of freshness
==================

04 Jun 24 14:10:16 UTC

Source: DER SPIEGEL - International (https://www.spiegel.de/international/index.rss)
Fortress Europe: Migrants Abandoned on the Edge of the Sahara
Israel-Gaza-Krieg: Menschenrechtler Aryeh Neier über Schuldfrage und Strafverfolgung (Kopie)

Source: NYT > World News (https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
Middle East Crisis: Israeli Airstrikes Kill Iranian General in Syria
Live Updates: India’s Election Results Suggest a Setback for Modi

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Shock for India's Modi as opposition set to slash majority
Gaza ceasefire plan turns into deadly game of survival

Source: Bitcoin Blockchain (https://blockchain.info/q/latesthash)
000000000000000000014cd79802b29c1dcd7fc6debee1e3968cfc216b59bf16

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeY3BEB897EKK3hJNaLi8sMUCOQUFAmZfIwgACgkQaLi8sMUC
OQXZYA/9ElVoUy3Um3IXFSwUGO+ctkvKd6idD7RuOBjqZyfadr4emrDrfQKYbCpa
Gik4M1H/GWobO/RaDjeSjQtGUmlPn8anhoFzmI6pPz7fBSfg5VGemllyHI2ypPpf
cJ1jLrmzpDGxLqPd/R/WsoE8dY9E7q20JgNESAqEYyjmjxqOjx6EnIjBjy8u+xL3
YWBw5BQn/1XbLXw4X7WJNH1cNIIZDgePdIb8Wq6wEDTzFzAvfw5BPhJ2rVaChV9P
6d25htXLy5FU/qvomiy1C+ZskzbZPKGDNgr8lC/MPeNgLi0d/ps2Rgut/CGjKreW
UiBmp3xslizR2/WhpRrcz0VLYxdNolfPY0odpgXkvQSEqGiZ1gOw5OQIN0f8HMiL
nOXnnxFVgdO/I/x9X2DwKAGwuts/GSeWOHdeNxvflyDGEYJHt9YMT7kXcJ0/dl6z
QSNHDoCMzMkxBCX23mlgY8pDSjw0Lqud0HDIChi1DFuNk7m1SfMIKGOn0ZAPsNqX
RuMiLCMOPzdE8BBBpKFwZFtx0zyC78xAOBK1M8DqlUexT3CBGFjOwCmGY27dLFZe
6ygdrqptb5uDOXFsw63cWSOilCnEcx7M8FDX7QjuV6EUQwvsxpeKvHZIFVlJNQCX
L5F8Lig/y4Q9iCjGiu3oT5zPuuEXPhKkyPsIeM9lC+zP/eC8rL4=
=E7lp
-----END PGP SIGNATURE-----

To view all past canaries, see:

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

23
98
24
68
submitted 5 days ago by Psych@lemmy.sdf.org to c/privacy@lemmy.ml

I am now using disroot . I don't care about anonymity or anything as I just wanna use it to connect to my bank, ID and buy/book shit etc. Which all have my phone number, address, name etc anyway so no point in that . I just want the security privacy to be good enough that no one can easily hack it, steal my OTP, inbox etc and I want it to be big and trusted enough that they won't sell it/sell it and go Scott free also gmail asks email or phone number for verification and then brick acc if I don't comply so I'd like to skip those kind of ones . Is disroot enough for my uses ? Also I'd like a free one as I barely use emails like 3 or 4 times a year .

25
27
submitted 4 days ago* (last edited 4 days ago) by Psych@lemmy.sdf.org to c/privacy@lemmy.ml

I just want one to sign up for telegram, yes yes I know there can be privacy concerns but I'm only going to use it for piracy anyway and gonna enable 2FA . I don't have any mode of online payment and I'm broke anyway, so it has to be free . Looking back on some old reddit threads some seems to work for the people some don't, but those sites are irrelevant today as most have turned to shit or is shut down . I remember google voice being able to do that but I need to have a phone number to make a google account now so I guess its just jumping through hopes for no reason .

I have tried some top results on DDG which all sucks but do drop your reccomends .

Edit : To clear some mistakes in case I wasn't clear I didn't mean using 2FA for anonymity but so that no one else can log in the acc too as it is a public OTP number .

view more: next ›

Privacy

29491 readers
1581 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS