Take control of your Discord message history. Browse and archive your messages, and easily request deletions — all while respecting Discord's guidelines

cross-posted from: https://lemmy.sdf.org/post/30517126

[...]

The start of a new government in Germany is accompanied by a turnaround in transatlantic relations and an unprecedented anti-democratic takeover of power by tech broligarchs in the United States. "Therefore, mass surveillance by tech companies is even more of a political issue than before, which a new government cannot ignore," the CCC writes on its site.

[...]

The CCC demands:

• A ban on biometric mass surveillance of public spaces and the untargeted biometric analysis of the Internet. In particular, any form of database that analyses images, videos, and audio files from the Internet for biometric characteristics in an untargeted manner will actively be dismantled. The corresponding powers of the Federal Office for Migration and Refugees will be revoked.
• Mass data retention without occasion will be rejected. Instead, more effective and rights-preserving law enforcement measures, such as the so-called ‘quick-freeze’-procedure and the ‘login trap’, should be pursued.
• Automated data analysis of information held by law enforcement agencies and any form of predictive policing or automated profiling of people are rejected. Cooperation between German and US intelligence services will be restricted, and any kind of automated mass exchange of content or metadata will be prevented.
• The full evaluation of surveillance programmes (‘Überwachungsgesamtrechnung’) will be published, continuously updated and legislation will adjust the scope of state surveillance powers accordingly.

[...]

[Edit title for clarity.]

I think those websites are over using trackers in their websites for extra profit with no care for the privacy of their users, I highly recommend avoiding them.

• The Guardian.
• The Verge.
• Wired.

For comparsion:

• Associated Press(AP).
• Al Jazeera.
• ABC.
• BBC.
• CBC.
• DW.
• France24.
• Sky News.
• The Register.
• Tech Policy Press.

Update: added Wired and more websites for comparison.

cross-posted from: https://lemmy.world/post/26342568

At launch, access to Mullvad Leta was restricted to users with a paid Mullvad VPN account, but it is now free and open to all.

Mullvad Leta has been audited by Assured.

• FAQ
• Terms of Service

Just a heads up, some of the details in the FAQ and Terms of Service seem a bit outdated and might not be accurate anymore.

Some relevant information from their FAQ section is as follows:

What can I do with Leta?

Leta is a search engine. You can use it to return search results from many locations. We provide text search results, currently we do not offer image, news or any other types of search result. Leta acts as a proxy to Google and Brave search results. You can select which backend search engine you wish to use from the homepage of Leta.

Can I use Leta as my default search engine?

Yes, so long as your browser supports changing default search engines.

Navigate to https://leta.mullvad.net/ in your browser and right-click on the URL bar.

From there you should see Add “Mullvad Leta“ with the Mullvad VPN logo to the left.

If you do not see this, you can attempt to add a custom search engine to your browser with:

• The name set to: Leta
• The URL set to: https://leta.mullvad.net/?q=%25s

You can select which backend engine to use as follows:

• Google: https://leta.mullvad.net/?q=%25s&engine=google
• Brave: https://leta.mullvad.net/?q=%25s&engine=brave

Did you make your own search engine from scratch?

We did not, we made a front end to the Google and Brave Search APIs.

Our search engine performs the searches on behalf of our users. This means that rather than using Google or Brave Search directly, our Leta server makes the requests.

Searching by proxy in other words.

What is the point of Leta?

Leta aims to present a reliable and trustworthy way of searching privately on the internet.

However, Leta is useless as a service if you use the perfect non-logging VPN, a privacy focussed DNS service, a web browser that resists fingerprinting, and correlation attacks from global actors. Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.

For most people Leta can be useful, as the above conditions cannot ever truly be met by systems that are available today.

What is a cached search?

We store every search in a RAM based cache storage (Redis), which is removed after it reaches over 30 days in age.

Cached searches are fetched from this storage, which means we return a result that can be from 0 to 30 days old. It may be the case that no other user has searched for something during the time that you search, which means you would be shown a stale result.

What happens to everything I search for?

Your searches are performed by proxy, it is the Leta server that makes calls to the Google or Brave Search API.

Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.

All searches will be stored hashed with a secret in a cache. When you perform a search the cache will be checked first, before determining whether a direct call to Google or Brave Search should be made. Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta

What could potentially be a unique search would become something that many other users would also search for.

What is running on the server side?

We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system.

The cached search results are stored in an in-memory Redis key / value store.

The Leta service is a NodeJS based application that proxies requests to Google or Brave Search, or returns them from cache.

We gather metrics relating to the number of cached searches, vs direct searches, solely to understand the value of our service.

Additionally we gather information about CPU usage, RAM usage and other such information to keep the service running smoothly.

cross-posted from: https://lemmy.world/post/26343161

Apple reportedly filed an appeal in hopes of overturning a secret UK order requiring it to create a backdoor for government security officials to access encrypted data.

"The iPhone maker has made its appeal to the Investigatory Powers Tribunal, an independent judicial body that examines complaints against the UK security services, according to people familiar with the matter," the Financial Times reported today. The case "is believed to be the first time that provisions in the 2016 Investigatory Powers Act allowing UK authorities to break encryption have been tested before the court," the article said.

Although it wasn't previously reported, Apple's appeal was filed last month at about the time it withdrew ADP from the UK, the Financial Times wrote today.

"The case could be heard as soon as this month, although it is unclear whether there will be any public disclosure of the hearing," the FT wrote. "The government is likely to argue the case should be restricted on national security grounds."

Which is better and why?

Is there an indication of superiority based on the fact Android has somewhat implemented DOH whereas they ignore DNSSEC completely? Or are they ignoring it because it's so good. That said, NextDNS also ignore DNSSEC.

cross-posted from: https://feddit.org/post/8724158

An alternative to a VPNs - afair it routes your traffic through a Tor-style network, it's FOSS software made in Austria

We're very happy to share Techlore's video review of the BusKill Kill Cord.

Can't see video above? Watch it on PeerTube at neat.tube or on YouTube at youtu.be/Zns0xObbOPM

Disclaimer: We gave Techlore a free BusKill Kit for review; we did not pay them nor restrict their impartiality and freedom to publish an independent review. For more information, please see Techlore's Review Unit Protocols policy. We did require them to make the video open-source as a condition of receiving this free review unit. The above video is licensed CC BY-SA; you are free to redistribute it. If you are a video producer and would like a free BusKill Kit for review, please contact us

To see the full discussion about this video on the Techolore forums, see:

• discuss.techlore.tech/t/buskill-secure-your-laptop-in-seconds

Support BusKill

We're looking forward to continuing to improve the BusKill software and looking for other avenues to distribute our hardware BusKill cable to make it more accessible this year.

If you want to help, please consider purchasing a BusKill cable for yourself or a loved one. It helps us fund further development, and you get your own BusKill cable to keep you or your loved ones safe.

Buy a BusKill Cable
https://buskill.in/buy

You can also buy a BusKill cable with bitcoin, monero, and other altcoins from our BusKill Store's .onion site.

Stay safe,
The BusKill Team
https://www.buskill.in/
http://www.buskillvampfih2iucxhit3qp36i2zzql3u6pmkeafvlxs3tlmot5yad.onion/

cross-posted from: https://scribe.disroot.org/post/2088202

Archived

[...]

For their own people [the Chinese Communist Party, CCP, has] imposed a dystopia, including the “great firewall” to control information from the outside. It also exerts strict control over domestic Internet information, uses a vast surveillance camera network with facial recognition and monitors financial transactions done online. If the CCP can think of any way to impose more control over their subjects they will do it.

Abroad they traditionally used RICE (Reward, Ideology, Coercion and Ego) techniques to not only recruit spies, they have used it to win over politicians, scientists and other useful people. They have weaponized overseas Chinese community groups, taken over their media and even set up police stations around the world.

Through software like ByteDance’s TikTok they are capable of sweeping data collection, while Chinese hackers steal all sorts of information and attack online systems. Huawei used their telecommunications equipment to collect yet more.

They have worked to subvert algorithms even in foreign Web sites by flooding the Internet with disinformation and misinformation. Their infamous “little pink” and “50-cent” armies roam the Internet spreading their agenda.

MAKING PROPAGANDA

AI is taking this to an exponentially higher level.

The CCP is investing heavily in AI because it opens opportunities for the CCP’s United Front Work Department (UFWD) and Ministry of State Security (MSS) to vastly increase its power worldwide.

While Hailuo [a very popular AI used to create videos which is based in Shanghai] can be very useful in creating propaganda, TikTok owner ByteDance’s just released OmniHuman-1, which is explicitly for deepfakes and is shockingly good. It is able to produce videos from pictures, video and audio fed by the user to create videos realistic enough to require paying attention.

[...]

The gullible will fall for outrageous deepfakes in partisan social media, but these are pretty easy to discredit. It is the more subtle videos that are concerning because they can be used subtly to change the narrative, such as editing a video of the US Secretary of State and swap out “one China policy” for “one China principle.”

[...]

The release last month of DeepSeek-R1 AI by Hangzhou-based High Flyer rightly attracted a vast amount of attention. Users amused themselves trying to get around the Chinese Communist Party’s (CCP) imposed censorship, but more alarmingly hackers discovered unprotected data ports [in Deepseek], that data was being shared with TikTok and many reminded us that by law they must share any data with the CCP.

[...]

Perhaps intentionally to avoid widespread press scrutiny, the most powerful AI agent ever, UI-TARS, was released during the DeepSeek hoopla. AI agents by American companies require a paid subscription but offer powerful research capabilities and other functions by taking over a browser and doing work for you.

Unlike previous AI agents, UI-TARS comes in two varieties, one taking over the browser like the others, but with a second option to take over the entire computer or phone.

It can install software, scrape any bit of data it likes and make all sorts of modifications all on its own following whatever instructions it is given whether online or not. That could completely change how we work, play and communicate on our devices.

UI-TARS is open source, so unlike the American AI agents, developers can access, modify and distribute the software for free. This should encourage widespread adoption, including under different branding as long as they retain the original copyright notice, license text and notices in the source code, which non-coders never read.

Why would they do this for free instead of requiring a subscription? To make sure it gets on to as many devices as possible.

How nice of ByteDance, the developer of UI-TARS.

[...]

Soon people will be downloading off-brand UI-TARS without knowing it, and there could be hundreds or even thousands of brands running it. Your [...] AI agent running on UI-TARS can act as spyware tracking your every move and stealing all your data for Beijing, and it will know everything about you — opening up blackmail opportunities on a massive scale.

[...]

As is the case on TikTok, results playing up the CCP line would also be prioritized and content scrubbed from the results as DeepSeek-R1 AI does now, albeit still rather clumsily. DeepSeek-generated articles and books, propaganda videos made with Hailuo AI and deepfake videos made or modified by OmniHuman would feature prominently.

Millions of people around the world could soon be constantly surveiled through their own cameras and microphones, monitored and tracked and living in an alternate information reality — just like in China.

The CCP would have the ability to control nearly every aspect of these people’s lives — just like in China.

But unlike the Chinese, they would not even know how much power they have lost to the CCP.

cross-posted from: https://feddit.nl/post/29675306

I am not the author.

I found this blog to have both a short summary of the reasons as well as a pretty complete overview of the options for protecting against this specific threat model. I can just send this to people and they'll understand the why and the how.

cross-posted from: https://lemmy.ml/post/26673961

Had never heard of this before today. Anyone tried it?

EDIT: "Being a fork of Mozilla Thunderbird, the software collects some data about the user, less than the original Mozilla Thunderbird, as outlined in Thunderbird's privacy statement. No data is submitted to Betterbird, some data may be submitted to Mozilla. No telemetry and no crash reports are submitted, however, add-on updates and blocklists are downloaded from Mozilla sites. Betterbird offers a product Start Page which processes access data as described above."