privacy

I just did this on a website that said my Simplelogin alias isn't allowed for signup, but changed it successfully after the fact from a disposable email.

cross-posted from: https://lemmy.ca/post/34778760

I'm not familiar with them personally, and don't plan to switch away from Signal anytime soon, but this might help anyone that was looking into Threema :)

Some discussion about it:

• https://www.securemessagingapps.com/
• https://discuss.privacyguides.net/t/threema-instant-messenger/1679

TLDR, it looks good from a technical aspect but being a paid app makes it harder to recommend, and it doesn't do well with the network effect as a result

(I'm aware that many Lemmy users hate Reddit. this discussion would be useful for anyone that Lemmy users that also use Reddit)

This came as a big surprise to many users on places like r/help and r/bugs, including me. Reddit made this post last week on it: Say goodbye to new.reddit on Dec 11, 2024 : r/modnews.

Seeing this r/privacy post: sh.reddit (shreddit) is a Google spyware machine designed to de-anonymize you : r/privacy, New New reddit (2023 Reddit redesign) pings Google repatcha on every single page load. I saw the comments but its not clear how to counter this other than using old.reddit.com (which I like even less than 2023 reddit) or using 3rd party apps.

cross-posted from: https://slrpnk.net/post/15995285

cross-posted from: https://slrpnk.net/post/15995282

Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of 'non-google' approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.

Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that's true or not..

One of the most pervasive ways of being tracked online is also the most invisible. VPNs, browsers, extensions, and more all promise to protect you, but can they really?

Invidious link: https://invidious.nerdvpn.de/watch?v=tMCcpV2c4K4

For instance, People I know that are using Eventbrite for private event registration. To sign up for the event with or without an account, you have to write and confirm your email in the boxes, I did some looking up to see if hosts can see the email. I didn't find any answers so I made a Reddit post asking, and got a reply saying "No, they can't. Eventbrite deletes them as soon as you submit the form." I wanted to be sure so I created a private test event and registered for it in a private window. I then went to my event dashboard and clicked on the ticket # where I can in fact view it (the email shown is made up).

I only asked Perplexity after trying to find out myself. It did in fact find the answer (link #8: View your Attendee Summary report): "Review attendee purchase details like email address ..." I've found LLMs and search tools like Perplexity to be unreliable for answering questions like this for websites, as well as software. Which means I may not turn to them in cases where they actually would help. It's too bad they hallucinate a lot too.

cross-posted from: https://lemmy.world/post/22790935

cross-posted from: https://lemm.ee/post/48995777

cross-posted from: https://lemmy.world/post/22758570

Archived, if you prefer that: https://ghostarchive.org/archive/Bif16

I’ve been using DuckDuckGo for years now but am becoming increasingly interested in Ecosia and Ekoru for their environmentalist efforts. I’ve read the privacy policies for both, and it seems they both share user data with Bing. However, if I use a VPN, set my user data to something generic like Chrome on Windows, and whitelist the search engine on my adblocker, I should be able to support them by viewing ads without being tracked by Microsoft. Is that worth it, or do you have another recommendation?

cross-posted from: https://lemmy.zip/post/25327109

Le Monde reports that confidential movements of powerful leaders like Joe Biden, Donald Trump and Kamala Harris could be tracked through a fitness app used by their bodyguards.

Archived version: https://archive.ph/Xopbm

SpinScore: https://spinscore.io/?url=https%3A%2F%2Fapnews.com%2Farticle%2Fbiden-trump-macron-bodyguards-security-strava-0a48afca09c7aa74d703e72833dcaf72

Samsung has gone hard promoting AI in their phones, and now OnePlus has also announced some heavy AI-based features in their new Android OS. Pretty much every other brand is now doing the same, so you can't escape it.

I've been in the market to upgrade my nearly 6-year-old phone, but seeing all these AI features, especially when they rely on Google's Gemini (or other cloud AI), and it feels deflating.

Will privacy ultimately have to be sacrificed "from now on"?

By not using these AI features, you pay a lot for features you won't be using. And the usefulness of the device becomes limited as nearly all functions now have AI-based components to them.

I'm totally fine with on-device AI, but many features I'm seeing don't seem to be on-device, and I've spent years trying to stop sending my data to companies like Google. I don't want to go backwards for the sake of market trends.

What are your future plans when it comes to smartphones?

Earlier today I came across a Reddit comment with a link to an Instagram post. The link had ?igsh= at the end.

When I clicked on the link, I got this popup. It had a name and profile photo that was different from that of the post being shared.

Join Firstname Lastname on Instagram

See photos, videos, and more from Firstname Lastname.

[ Open Instagram ]

not now

I avoid link trackers. However, I did not realize it was this bad.

To my knowledge, TikTok does the same thing and lists the name of the person that shared the link. Assuming this increases engagement, any website could enable such a feature, even on old links that you shared in the past.

You should manually remove any trackers before sharing, or use an app for it.

Technically, I have some online activity I could try to refer to for work purposes, but it would mean sharing content tied to usernames/profiles I think of more as casual and personal. I could delete those profiles and move the relevant work to usernames/profiles I'm willing to share, but then I'm less likely to use those as much for portfolio building as I wouldn't want to contribute/do things online under a more public-facing profile, or link my personal ones to said profile.

Any which way I think about it involves crossing private/public streams I'd prefer to keep uncrossed, but I'm thinking I may be overlooking some compromises that could work, so what might those be?

There was another thread with a paywalled article, but here's the actual study that found that smart TVs use "automatic content recognition" to build an ad profile for you based on what's on your screen... including HDMI content streamed from a laptop, game console, etc. Yikes.

At a high level, ACR works by periodically capturing the content displayed on a TV’s screen and matching it against a content library to detect the content being viewed on the TV. It is essentially a Shazam-like technology for audio/video content on the smart TV [38]. ACR is implemented by all major smart TV manufacturers, including Samsung [9] and LG [55 ].

Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI; (2) opt-out mecha- nisms stop ACR traffic; (3) ACR works differently in the UK as com- pared to the US.

So it seems like you're opted-in by default, but you can stop ACR traffic by simply configuring six different options on Samsung, or eleven different options on LG.

Oh, and this doesn't seem to happen when you're using native streaming apps like Netflix or Disney+, because hey, they wouldn't want to infringe on those companies' rights by spying on them, right?

So here is the thing. Given the Eqifax breach I kinda feel like giving yet another agency to much information for them to monitor your credit is just another source of a possible future data breach.

cross-posted from: https://lemm.ee/post/42694373

Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++

Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.

On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.

So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?