Privacy

2020 readers
65 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No reposting of news that was already posted
  4. No crypto, blockchain, NFTs
  5. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 5 months ago
MODERATORS
1
 
 

cross-posted from: https://lemmy.dbzer0.com/post/36880616

Help Combat Internet Censorship by Running a Snowflake Proxy (Browser or Android)

Internet censorship remains a critical threat to free expression and access to information worldwide. In regions like Iran, Russia, and Belarus, journalists, activists, and ordinary citizens face severe restrictions when trying to communicate or access uncensored news. You can support their efforts by operating a Snowflake proxy—a simple, low-impact way to contribute to a freer internet. No technical expertise is required. Here’s how it works:


What Is Snowflake?

Snowflake is a privacy tool integrated with the Tor network. By running a Snowflake proxy, you temporarily route internet traffic for users in censored regions, allowing them to bypass government or institutional blocks. Unlike traditional Tor relays, Snowflake requires minimal bandwidth, no configuration, and no ongoing maintenance. Your device acts as a temporary bridge, not a permanent node, ensuring both safety and ease of use.


Is This Safe for Me?

Short answer: Yes.

Long answer: pobably. Here is why:

  • Your IP address is not exposed to the websites they access. So, you don't have to worry about what they are doing either. You are not an exit node.
  • No activity logs. Snowflake cannot monitor or record what users do through your connection. The only stored information is how many people have connected to your bridge. Check docs for further info on this.
  • Low resource usage. The data consumed is comparable to background app activity—far less than streaming video or music.
  • No direct access to your system
  • No storage of sensitive data. Snowflake proxies do not store any sensitive data, such as IP addresses or browsing history, on your system.
  • Encrypted communication. All communication between the Snowflake proxy and the Tor network is encrypted, making it difficult for attackers to intercept or manipulate data.

You are not hosting a VPN or a full Tor relay. Your role is limited to facilitating encrypted connections, similar to relaying a sealed envelope.

Your IP address is exposed to the user (in a P2P-like connection). Be mindful that your ISP could also potentially see the WebRTC traffic and the connections being made to it (but not the contents), so be mindful of your threat model.

For most users, it is generally safe to run Snowflake proxies. Theoretically, your ISP will be able to know that there are connections being made there, but to them it will look like you're calling someone on, say, Zoom.

Historically, as far as we know, there haven't been any cases of people getting in legal trouble for running entry relays, middle relays, or bridges. There have a been a few cases of people running exit nodes and getting in trouble with law enforcement agencies, but none of them have been arrested or prosecuted as far as I know it. If you are aware of any cases, let me know so I can update this post.

Do not hesitate to check Snowflake's official documentation for further reference and to make informed decisions.


How to Set Up a Snowflake Proxy

Option 1: Browser Extension (Brave, Firefox, or Chrome)

  1. Install the Snowflake extension.
  2. Click the Snowflake icon in your browser toolbar and toggle "Enable Snowflake."
  3. Keep the browser open. That’s all.

Note: Brave users can enable Snowflake directly in settings. Navigate to brave://settings/privacy and activate the option under "Privacy and security."


Option 2: Android Devices via Orbot

  1. Download Orbot (Tor’s official Android app).
  2. Open the app’s menu, select "Snowflake Proxy," and toggle it on.
  3. For continuous operation, keep your device charged and connected to Wi-Fi.

Your device will now contribute as a proxy whenever the app is active.


Addressing Common Concerns

  • Battery drain: Negligible. Snowflake consumes fewer resources than typical social media or messaging apps.
  • Data usage: Most users report under 1 GB per month. Adjust data limits in Orbot’s settings or restrict operation to Wi-Fi if necessary.

Why Your Participation Matters

Censorship mechanisms grow more sophisticated every year, but tools like Snowflake empower ordinary users to counteract them. Each proxy strengthens the Tor network’s resilience, making it harder for authoritarian regimes to isolate their populations. By donating a small amount of bandwidth, you provide someone with a critical connection to uncensored information, education, and global dialogue.

Recent surges in demand—particularly in Russia—highlight the urgent need for more proxies. Your contribution, however small, has an impact.

By participating, you become part of a global effort to defend digital rights and counter censorship. Please, also be mindful of your threat mode and understand the potential risks (though very little for most people). Check Snowflake's official documentation for further reference and don't make any decisions based on this post before taking your time to read through it.

Please share this post to raise awareness. The more proxies, the stronger the network.

– llama

2
66
submitted 2 months ago* (last edited 2 months ago) by [email protected] to c/[email protected]
 
 

It's hard to make the full switch towards a more private life, but switching your mail already fixes a big underlying issue: that being, Google or other companies having access to all your emails. So, I'll cover the basics of making your online mailing more private.

Switching Mail Providers:

Your email is a big part of your online footprint and helps you keep track of your online identity. So, in order to keep that to yourself, I encourage leaving services like:

"Gmail" or "Outlook",

for others like:

"ProtonMail" or "Tutanota".

This is already a big step towards keeping all your emails private and safe. Both of these are free and respect your privacy on their free tier, but expand in features with paid plans. This takes time, as you have to switch your email on most accounts to this new email.

For the best privacy, you should delete most accounts and create new ones with this new email or with aliases. Some people, like myself, prefer to have multiple emails over aliases. For example:

(Self-hosting your own mail domain is possible, but it’s a harder process, and custom domains are not always accepted or reliable.)

(You should keep your old email for a year or so to make sure no important service was left behind locked to that email. Once that's done, you can delete the account.)

Tips:

If you can, you should try expanding your protocol with this:

  • Adding 2FA to any online website, especially email. I use ~~"Authy" ~~for this. -> Better use Aegis, good app!

  • Switching your browser to something like "Librewolf".

  • Switching to a password manager like "Proton Pass" or "1Password".

  • Encourage your close family to do the same once you're comfortable with the process.

  • Switch social media to private alternatives.

  • If you take any efforts to switch browser or install Aegis, try to use "F-droid", or even better, "Droidify". These being a FOSS app store, and a good Material alternative frontend. For apps not in here, consider "Aurora store", a more private **"Play store" **alternative

This is about it for me, quick posts from class, feel free to add into this topic bellow.

Edit:

Important additions after reading the comments:

  • Proton is a bit disencouraged by some for some political views published by the CEO under proton's account and image. They backed down, and I believe it isn't something too bad as for users to leave such a good privacy oriented suite of apps. I encourage anyone who cares about this topic to research before making the switch.

  • Mail is not 100% private with any option, and shouldn't be used for highly sensitive information. For that use end to end encrypted apps well respected, like "signal". Still is best to just don't send very sensitive information online.

  • As a comment pointed, for a mail to be as private as possible, both the sender and reciever should have a private mail, otherwise you can be private but the other person would still be having your mail conversations stored under "gmail" or similar.

Sorry if this post didn't give the best newbie advice, I tried to track back some of my old knowledge, but I'll take more time to research the next time. Take care and stay private!

3
4
5
 
 
6
 
 

I came across https://www.reflectacles.com/. I'm not sure if this type of gear is effective. Does anyone have experience or feedback on useful equipment for mitigating scanning in public spaces?

7
8
 
 

cross-posted from: https://lemm.ee/post/62277390

The UN Convention on the Rights of the Child clearly expresses that minors have rights to freedom of expression and access to information online, as well as the right to privacy.

These rights would be steamrolled by age verification requirements.

9
10
 
 

Found on Reddit's r/privacy, where either moderators or Automod have pulled the plug on it.

11
 
 

This article is in German. Link found in a popular, censored r/privacy Reddit post, a common occurrence.

Machine-translated article below:

Switzerland has an international reputation for being a safe haven for data – outside the EU, with political stability and a modernized data protection law. But this reputation is deceptive when you take a closer look at that Intelligence Act (NDG) throws. It has allowed this since 2017 Federal Intelligence Service (NDB) far-reaching interventions: cable reconnaissance, state Trojans, data retention and the exchange with foreign secret services are possible – sometimes even without concrete suspicion. Particularly explosive: In the run-up to the 2016 vote, the Federal Council assured that no nationwide surveillance was planned and that only data traffic abroad would be affected. In fact, it later became known that national traffic is also recorded. Terms such as »filtering « or »monitoring « have never been clearly defined politically – a breeding ground for lack of transparency and loss of trust.

Approval and control mechanisms exist, but their effectiveness is limited. Legally legitimized access to large amounts of data raises serious questions: How much surveillance can a democracy take? Where does security end, where does control begin? And what does this mean for companies that advertise their services based in Switzerland as particularly safe?

Also popular Swiss providers like Threema or ProtonVPN are fundamentally subject to Swiss law – and thus also to the NDG. This means that in certain cases, state access can also be legally possible here. Both companies advertise with technical end-to-end encryption or No-log policy, but technical security alone does not protect against legal access powers. Trust is good – but a critical look at the legal framework remains essential.

Yes, Swiss laws also allow official access to existing data. Switzerland is not a data protection paradise – even if it is often represented or advertised in the same way. At first glance, the location seems trustworthy, but the NDG allows extensive, sometimes suspicious monitoring. The reality of government access options contrasts sharply with the image that many providers and users paint. Those who hope for real digital sovereignty should not be blinded by the myth of the safe Swiss data port.

At the same time, in many other countries it doesn't look any better –, often even significantly worse. In the United States, for example, laws like the Patriot Act, the Cloud Act or FISA §702 (here is an overview) extensive access to data, including from providers operating outside the USA. In the United Kingdom and France there are also legal bases for tamper-free mass surveillance.

Germany does a little better in comparison –, above all thanks to the basic legal anchoring in the Basic Law, the independent case law of the Federal Constitutional Court and a lively public debate about data protection. But here, too, not everything is in the green: the use of state Trojans (Source TKÜ), the often opaque cooperation between secret services and the recurring political pressure on the long-failed Data retention show that fundamental rights are also under constant pressure in Germany. Nowhere is there absolute certainty – but how transparently and critically a society deals with surveillance makes the decisive difference.

12
 
 

cross-posted from: https://lemmy.sdf.org/post/33178194

Online dissent is a serious crime in China. So why did a Weibo censor help me publish posts critical of the Communist party?

[...]

The Cyberspace Administration of China is the premier censorship agency in China. The newly appointed boss, Lu Wei, popularly known as the “internet tsar”, begins to implement a series of severe purges of online speech. Countless accounts are cancelled, and many people are thrown behind bars for what they wrote online. But that’s just guesswork. In China, there’s no need for a good reason to block someone’s account. A powerful government agency can simply issue an order to make a person disappear from public life.

[...]

After three years as a censor, Liu [Lipeng] detests his job. He detests the white office ceiling, the grey industrial carpet and the office that feels more like a factory. He also detests his 200-odd colleagues sitting in their cubicles, each concentrating on their mouse and keyboard as they delete or hide content.

[...]

One day, Liu sends me a direct message on X. He is excessively polite. He writes: “Mr Murong, please forgive me for presumptuously disturbing you,” before asking whether I remember the email sent via Yu Dayou with the two screenshots. My heart is pounding. I say: “Yes, I remember that. I wondered who sent that email. I am most grateful.”

We have a long phone call like long-lost friends. We describe everything we have done since leaving China. He says: “I wish to testify that although I was a Weibo censor, I am not a bad person.”

[...]

13
14
15
16
17
18
19
20
21
22
23
 
 

[...]

The first rupture appeared on January 29 when cloud security firm Wiz stumbled upon an exposed ClickHouse database tagged “ds‑log‑prod‑001". Anyone with a browser could have accessed more than a million log lines: raw chat history, API keys, and even internal service tokens. Wiz engineers demonstrated that with two clicks they could seize “full database control", inject malicious code and pivot into the rest of DeepSeek’s infrastructure.

A week later mobile forensics specialists at NowSecure published a parallel autopsy of the iOS build. Their findings read like a checklist of everything Apple’s security team tells developers not to do: hard‑coded encryption keys, deprecated 3DES ciphers and App Transport Security switched off globally, allowing chats to travel unencrypted. The company urged enterprises to ban the app outright. However, DeepSeek’s parentage turned out to be even more troubling.

Corporate registries in Zhejiang and the Cayman Islands show the chatbot is a wholly owned offshoot of High‑Flyer Quant, a hedge fund founded in 2016 by the 38‑year‑old trader and CEO of Deepseek, Liang Wenfeng. Reuters reporting confirms that High‑Flyer pivoted from equity markets to artificial intelligence research in 2023, building two super‑computing clusters stuffed with Nvidia A100 processors before US export controls came into force.

[...]

Sources say the Computer Emergency Response Team of India (CERT‑In) is preparing a broader advisory under the new Digital Personal Data Protection Act that could push local app stores to delist the software if it fails a security audit. Other democracies have gone further: Italy, Australia and Taiwan have banned DeepSeek from public‑sector systems, with Taipei warning of “systemic espionage risk".

[...]

High‑Flyer Quant’s pitch decks boast of “harvesting alternative data at planetary scale". If every trade idea whispered into DeepSeek ends up in a Hangzhou warehouse, the company enjoys a real‑time map of market sentiment unavailable to Wall Street — and unpoliced by the Securities and Exchange Commission. For American fund managers and Indian startups alike, using the chatbot could be tantamount to CC‑ing a rival on every brainstorming session.

[...]

24
25
 
 

I know I could and should encrypt whole drives but I want another layer of protect specific folders when my devices are unlocked, a password. I want the folders to behave like regular folders where I can add or remove files as usual, without a clunky UX like password protected zips. I looked it up and didn't find any straightforward solutions.

view more: next ›