cross-posted from: https://sh.itjust.works/post/5572424

This might have been discussed to death by now, unfortunately I couldn't find any discussion on it on Lemmy. Though I would love to be corrected on that!

---

How does an always on incognito Chromium with uBlock Origin on medium mode (and other hardening/privacy settings enabled) compare to Brave (with e.g. Privacy Guides' recommended settings) with respect to security and privacy on Linux^[1]^?

Commonly heard whataboutisms:

• "With the looming advent of Manifest v3, this discussion might not be very relevant for long." I'm aware.
• "Just use Firefox/Librewolf or any other privacy-conscious browser that isn't Chromium-based." I already do, but some websites/platforms don't play nice on non-Chromium-based browsers due to Google's monopoly on the web. Sometimes I can afford to not use that website/platform, but unfortunately not always.
• "Brave's [insert controversy] makes them unreliable to take services from." Honestly, I think that if both solutions are as effective that a reason like this might be sufficient to tip the balance in favor of one. Because ultimately this all comes down to trust.
• "Just use Ungoogled Chromium." Some more knowledgeable people than me advice against it. Though, I'd say I'm open to hear different opinions on this as long as they're somewhat sophisticated.
• "Just use [insert another Chromium-based browser]." If it has merits beyond Brave and Chromium with respect to security and privacy, I'll consider it.

Thanks in advance!

---

1. I can be more specific about which distro I prefer using, but I don't think it matters. I might be wrong though*.

XMPP and Matrix are two competing federated end-to-end encrypted messengers. XMPP is far better, on server cost decentralization, speed over Tor, degoogled push notifications, multi-identities, and overall privacy. So if Matrix is inferior centralized bloatware, why is it more popular? Especially among techies, who should in theory understand these concepts.

This brand new video gives a quick overview of the technical reasons that XMPP is the gold standard king of federation. And it briefly discusses how Matrix manages to push it’s agenda: https://video.simplifiedprivacy.com/xmpp-vs-matrix-why-matrix-sucks/

Some critics will say that “Matrix is a complete package, while XMPP is fragmented”. This is essentially propaganda, because all the XMPP clients interact (Dino, Gajim, conversations, monocles). The only one that doesn’t interact is OTR encryption from pidgin which provides an alternative for hardcore cypherpunks who want to destroy the encryption keys when the conversation is done. So because one single client has an alternative use case, the Matrix cheerleaders want us to fill out Google Captcha spyware to register on Matrix.org because it costs so much to self-host.

TL;DR

Google’s ‘ad auctions’ face a privacy challenge in the Netherlands. Google has been accused of intrusive online surveillance by more than 82,000 people who have signed up to a class action lawsuit against the tech giant in the Netherlands.

Adobe starts paying out stock contributors for helping train AI. To train Firefly, its generative AI model, the company only uses content that it has rights to through its stock image platform Adobe Stock or that is in the public domain. Adobe has now started to make good on its promise to compensate Adobe Stock creators who may lose out from the widespread adoption of AI.

UK backs down on encryption-breaking plan. The plan was to compel service providers, including messengers, to scan encrypted chats for child porn. Although the British government promised not to force companies to use unproven technology to snoop on users, it may try to enforce the so-called “spy clause” in the future if better and more secure (in the government’s eyes) technology emerges.

WhatsApp denies it will have ads. The Financial Times has reported that WhatsApp is considering inserting ads into lists of conversations with contacts in a bid to increase its revenue. A rebuttal from WhatsApp head Will Cathcart followed. “This @FT story is false. We aren’t doing this.” Still, the FT stood by their story, claiming that before it was published they had reached out to WhatsApp, and they had not denied such conversations could have taken place. Citing sources within WhatsApp, the FT then reported that another option that was being discussed is to introduce a paid ad-free version of WhatsApp.

X unveils verification system based on govt. ID. X, formerly Twitter, has begun offering its paid subscribers a new way of verification. Now, they can upload their government-issued IDs along with their selfie, and get an “ID verified” label on their profile along with “prioritized support.”

By occupying or operating a Nissan vehicle you automatically agree to their dogshit ToS and privacy policy. You give Nissan the right to collect and sell the following data:

"Name, email address, phone number, mailing address, geolocation, zip code, age, date of birth, driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information, social security number as an employee, service or warranty information regarding vehicles, employment and related information, such as employee identification number National or State Identification Numbers, and dependent information for the administration of certain employee benefits or programs.. Also: Inferences drawn from any Personal Data collected to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes Vehicle- and driving-related information: the vehicle’s operation including, without limitation, Vehicle Identification Number (VIN), geolocation and navigation information, speed and distance information, driving habit and style, battery use management information (for electric vehicles), battery charging history (for electric vehicles), battery deterioration information (for electric vehicles), electrical system functions, diagnostic trouble codes, maintenance conditions, software version information, and other data, your use of the vehicle and any corresponding services, websites and smartphone applications, vehicle status information (e.g., information about door locks, open doors, engine status, etc.), data about accidents involving the vehicle (e.g., the direction from which the vehicle was hit, and which air bags have deployed)."

And that's just Nissan. Privacy Not Included* reviewed many other car brands in their report

I am soon moving out for university and am going to meet a bunch of new folks. But I was wondering how do you go about approaching this with privacy in mind?

It is a little bit whonky to ask someone you just met to download Signal, if it is a group of people then it is more acceptable, or like how do you keep in contact if they don't use any of the messaging platforms you use such as Signal and Telegram, and if you don't use any of the ones they use such as Whatsapp or Instagram DMs (yes zoomers in the US use these) or Snapchat? Do you just use SMS where videos are absolute shit quality and you have no privacy there either?

Let me know how you deal with this issue.

Nowadays, our cars are anything but a private space — they are full blown data collection nightmares on wheels.

New Mozilla research has revealed that popular global car brands — like Chevrolet, Nissan, Toyota, Kia, Audi, Jeep, Honda, Volkswagen, and more — are collecting your deeply personal data, like your genetic information and sexual activity. This invasive harvesting of information is collected via a web of sensors, microphones, cameras and the phones, apps, and connected services you use in your vehicle.

Car companies are brazenly collecting deeply personal information about people the moment they get into a car, often without explicit consent to do so. And that’s why the Mozilla community is now coming together to force car companies to respect our right to privacy. Add your name to ask car companies to stop collecting, sharing and selling our very personal information.

Find out more about our research on cars in the official launch blog post.

For example, ones that implement these guidelines? https://madaidans-insecurities.github.io/guides/linux-hardening.html

Alternatively, packages for Fedora that would set this up automatically

Saw a youtuber saying Apple doesn't sell data to third party organizations. Is this true? And what about google's android on pixel devices?

Maybe I'm going to change my phone with a pixel one and I'm thinking to instal Graphene OS. There is somebody that can try to instal my bank app and tell me if it works? Searching online I did not find any way to check. Thanks.

The Justice Department makes the accusation in its response to motion from X asking that the consent decree be dismissed

WP gift article expires in 14 days.

https://ghostarchive.org/archive/BovSX

What would i lose or gain?

It’s your data. Do you know what Big Tech is doing with it? Our tech columnist found Google, Meta and Microsoft are taking your conversations, photos or documents to teach their their AI.

WP gift article expires in 14 days.

https://ghostarchive.org/archive/YernV

I use Mozilla VPN (Mullvad underneath), and it has the option for multi hop, which is really just two hops. Is there any major privacy gains with it or no?

And before you say VPNs are not the magic bullet for privacy, I already know that I use Linux, GrapheneOS, hardened Firefox, etc etc.

Test Messages Will be Sent to All TVs, Radios and Cell Phones

I'm currently in the process of switching from YouTube to Piped and was getting fed up with rewriting YouTube links myself. I finally found an extension that can do this with a relatively easy setup:

Redirector Firefox

Redirector Chrome

Thought maybe more people might find this interesting. My setup is in the pic.

Edit: @[email protected] Just suggested using LibRedirect which is even better than Redirector. Also since Redirector isn't really maintained anymore.

when not connected, i get 400mbps. connected to mullvad, i only get 150mbps

the server isnt very far from me physically (sub 100miles) and says it can support 1gbps. any way to fix or is this just an inherent flaw with vpns? using wireguard

on windows 11

Tried to use OSMAnd last week to navigate around on vacation. For some reason it seems to be incapable of searching for house numbers, which is an instant dealbreaker. I'm very confused as to how or why this is a thing on such a mature product.

I was able to share a location from GMaps WV over to it to get navigation working, and from there the navigation was awesome!

Currently also testing Magic Earth and Organic Maps but I'm very interested to hear from those with more experience.