Privacy

32825 readers
1183 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
1
 
 

I found that Mozilla VPN uses Mullvad servers and I thought it may be a good way to use Mullvad while supporting Mozilla. Then after further research I found that Mozilla bought an ad firm for 'privacy-centric-advertising' and that sounded sus to me. Is it reasonable to suspect that Mozilla VPN may not be as private as Mullvad VPN?

2
 
 

Not sure if anyone else noticed but reddit is now testing a beta of an answers feature that generates answers based on reddit posts. Maybe this explains the phenomena people noticed of deleting posts only to have their posts reappear? Just saying if reddit was already bad for privacy it just got worse in my opinion.

3
 
 

I'm only on a free Proton plan but I'm still considering switching because of recent news. I've seen disroot's website before and they seem more politically left-leaning which I appreciate. How have people's experiences been?

4
45
submitted 9 hours ago* (last edited 8 hours ago) by [email protected] to c/[email protected]
 
 

I've been trying to find a good privacy respecting browser, but I can't really decide on what to use. I don't like the search results with Brave Search. DuckDuckGo shares my information with Microsoft and SearchXNG shows me NSFW images even with strict search on. I really like Presearch, but I'm not really sure what they're about.

EDIT: After tinkering with the settings of my SearXNG instance, it seems to have reduced the amount of NSFW images. I think I will stick with SearXNG for now.

5
27
submitted 16 hours ago* (last edited 16 hours ago) by [email protected] to c/[email protected]
 
 

If I pair my Android phone and my laptop, I can share files over Bluetooth from the phone to the laptop. I've started finding this a really convenient method for me to send files to a Linux laptop without needing to install a separate app on either the phone or my laptop. Especially when I'm away from my home network (I use SFTP at home).

How secure is this? Is there encryption by default and could someone else nearby with a receiver potentially decode the file you're sending?

6
 
 

Currently ripping my DVDs and building a Jellyfin server. Now on desktop and mobile streaming works fine but the Raspberry Pi 4 + Libreelec + Jellyfin/Jellycon Setup i tried has been somewhat janky - both in terms of navigation and also the framerate drops at times though it isn't really an issue.

Pretty sure the folks in the Jellyfin Subreddit/Forums would tell me to just get a Firetv stick, so I was more curious what experiences and recommendations you guys have.

Firetv + firewall whitelist?

Fix my Raspi install?

7
 
 

I don't know if it's the right place to ask.
I don't want a Google account. I don't use yt that much but I still need it.
I even tried yt revanced. None of them works

8
9
 
 

I'd like to make an informed decision on extensions I install. Usually I read about people caring about browser extensions. I install extensions in vscode, in zed, gnome, kde and probably in a lot of other tools like bash as well.

Usually, I do not think much about security/ privacy. I only install what I want/ need and delete what I do not need.

How can I judge which extension to install and which not? There are extensions releasing builds regularly but the last release of public code on github was years ago. Downloads and stars give a hint on popularity. With popularity the people who will look into the code increases but if there's no code, there's nothing to look into. And just because it's not popular, it doesn't necessarily mean it's bad software.

How do you judge which extension to install?

10
11
12
 
 

Am I just overthinking this?

I like Keepass2Android because of it's "QuickUnlock" feature, but it looks very old, is mainly distributed via Google Play and not on the official Fdroid repo. (Also, doesn't google now have the signing keys of all apps now? Kinda sus if Google could just sign updates and bypass the developers)

KeepassDX seems more secure, since the Fdroid and Google Play versions are separate, using (I assume) separate signing keys, so Google cant sign an update for the Fdroid version. Looks more "Modern" but it lacks the "Quick Unlock" feature, so biometrics is the only convient way to quickly unlock it, I prefer something like "Quick Unlock" feels more secure (since theres no shenanigans like replicating a fingerprint to fool the biometrics scanner).

TLDR: I really want the "QuickUnlock" feature of Keepass2Android, but with the Google policy of having the signing keys, I'm kinda sus.

Am I overthinking this?

13
 
 

I’m interested in a phone with a physical keyboard. There is a mod for the FairPhone I spotted, but that’s not fully supported in the US yet. So I’m looking at buying the inspiration for the mod the BlackBerry Key2. I’ve heard it can be hard to get other firmwares on it. I’m particularly eyeing CalyxOS. Has anyone had any luck with this.

14
 
 

Edit: I may have given too much weight the the Arkenfox dev's assessment. Upon more research and consideration, I think Librewolf could still be a better option compared to straight Firefox, though hopefully the Librewolf team receive more help/contributors in the future to ensure its success long term.


I've been a user of Librewolf for a about a year now, and it's always served me pretty well as a nice easy way to get a hardened Arkenfox Firefox.

However, recently I was curious why Librewolf wasn't recommended on PrivacyGuides, and took a look through their reasoning on their forum. That thread spans multiple years, and for the most part I thought their reasons for not including it were a bit unfair, especially after Librewolf started offering automatic updates.

But towards the end of that thread in October, a Privacy guide team member posted a link to the Arkenfox github issue tracker, where a Librewolf team member reveals how the project appeared to have lost steam after a critical member left, and they are struggling to keep it up to date with the latest Arkenfox updates, despite putting out new releases.

I'm not sure if those problems have been resolved since that time. One of the maintainers did mention they're still short staffed in this topic on taking over maintaining Mull.

After considering the arguments for and against in the PrivacyGuides thread, I think their conclusion for not recommending does have some merit. Using Librewolf adds an additional layer of trust, not only to not be malicious (which I don't suspect they are) but to also be able to adequately fulfill what they set out to do reliably.

Another big part of them not recommending it was the existence of the Mullvad Browser, which I didn't realize was in fact a very well hardened version of Firefox (essentially the Tor browser without the Tor part), and is far more effective for private browsing compared to Librewolf or an Arkenfox'd firefox.

Ultimately you'll have to come to your own conclusion, ~~but personally I'll be switching back to Firefox as my convenient daily browser full of addons, alongside the mullvad browser for (more) private browsing.~~

15
30
Docker Glueton+SearxNG (sh.itjust.works)
submitted 3 days ago* (last edited 3 days ago) by [email protected] to c/[email protected]
 
 

I recently learned about a great search engine called SearxNG. it can be self hosted and is a metaseach engine, AKA it uses everyone else's search engine and puts the top results out of all of them in your search results. I instantly loved this because it gave me AD free/ Sponsored free search results, aswell as the added benefit of keeping my search query's on my local machine. However i then realized, it asks other search engines like google and bing for querys. I did not like that, so i setup Gluetun as a network host in docker, which then takes all searx querys and tunnels them through the VPN. making it harder to figure out what im searching compared to my raw IP adress. i have the DockerFile and thought i would share. anything with $$$ needs to be changed.

https://pastebin.com/NfHcUWLs link to dockerfile

16
273
submitted 4 days ago* (last edited 4 days ago) by [email protected] to c/[email protected]
 
 

Copied from the reddit post:

Hi all, last night, a post from last year from my personal X account suddenly became a topic of discussion here on Reddit. I want to share a few thoughts on this to provide clarity to the community on what is Proton's policy on politics going forward.

First, while the X post was not intended to be a political statement, I can understand how it can be interpreted as such, and it therefore should not have been made. While we will not prohibit all employees from expressing personal political opinions publicly, it is something I will personally avoid in the future. I lean left on some issues, and right on other issues, but it doesn't serve our mission to publicly debate this. It should be obvious, but I will say that it is a false equivalence to say that agreeing with Republicans on one specific issue (antitrust enforcement to protect small companies) is equal to endorsing the entire Republican party platform.

Second, officially Proton must always be politically neutral, and while we may share facts and analysis, our policy going forward will be to share no opinions of a political nature. The line between facts, analysis, and opinions can be blurry at times, but we will seek to better clarify this over time through your feedback and input.

The exception to these rules is on the topics of privacy, security, and freedom. These are necessarily political topics, where influencing public policy to defend these values, often requires engaging politically.

The operations of Proton have always reflected our neutrality. For example, recently we refused pressure to deplatform both Palestinian student groups and Zionist student groups, not because we necessarily agreed with their views, but because we believe more strongly in their right to have their own views.

It is also a legal guarantee under Swiss law, which explicitly prohibits us from assisting foreign governments or agencies, and allows us no discretion to show favoritism as Swiss law and Swiss courts have the final say.

The promise we make is that no matter your politics, you will always be welcome at Proton (subject of course to adherence to our terms and conditions). When it comes to defending your right to privacy, Proton will show no favoritism or bias, and will unconditionally defend it irrespective of the opinions you may hold.

This is because both Proton as a company, and Proton as a community, is highly diverse, with people that hold a wide range of opinions and perspectives. It's important that we not lose sight of nuance. Agreeing/disagreeing with somebody on one point, rarely means you agree/disagree with them on every other point.

I would like to believe that as a community there is more that unites us than divides us, and that privacy and freedom are universal values that we can all agree upon. This continues to be the mission of the non-profit Proton Foundation, and we will strive to carry it out as neutrally as possible.

Going forward, I will be posting via u/andy1011000. Thank you for your feedback and inputs so far, and we look forward to continuing the conversation.

17
 
 

I still use my first ever made email address, at this point it's pushing 28 years old. However I have a major problem. I can rarely log into it anymore. There are so many attempts to login to the account daily from whoever out there that wants to gain access that the login is normally locked out for a period of time. At this point I've moved everything of financial value off of it as someone did get access once, but there are still plenty of random little things I'd like to hang on to it for.

I know I can just make a new one and ditch that one as a quick solution, but I figured i'd ask a wider community if they had any insights I might not have. It's a Microsoft account, and my windows is tied to it, but I'm pretty sure I can just migrate that to something new.

18
 
 

Since the recent Proton events I need to change providers and I found RiseUP.

I would like to know how good is this service and if I should consider it.

Moreover as I know that it is no open to sign up how to get a RiseUP account? THX for all

19
 
 

Nothing crazy, but it would be cool to be able to build automations in home Assistant off of my Microsoft teams status. (Pause music and whatever I'm casting to Kodi if I get a call, etc)

Maybe even browsing Lemmy? Maybe not though lol

If there's no good options, no worries, I certainly have no problem keeping it in a work sandbox (connected to the same guest network I keep the work computer on and stuff like that)

But I just wanted to see if there's any more value I could squeeze out of it

Thanks in advance!

EDIT I wouldn't be casting shit FROM the iPad or anything, just to be clear

20
 
 

In an unexpected mask off "secure" email and VPN provider Proton took the stance of siding with the fascist MAGA Reps. Proton's services are no option for me and many others any longer. Let's collect and discuss alternatives (E2E encrypted email and VPN) here 🔐👇

Always try to provide:

-Server location (jurisdiction)

-Governance

-Integrity/trustworthiness/transparency

-User experience/ease of use (grade 1 to 10, lets take Proton as a benchmark with an 8)

-Pricing and links

If you know alternative setups, feel free to share, too.

#ProtonExodus

Background: https://lemmy.ca/comment/13913116

Edit:typo

21
 
 

Unnecessary and deeply concerning bow to the new "king"

Update: position got backed up by an official Proton post on Mastodon, it's an official Proton statement now. https://mastodon.social/@protonprivacy/113833073219145503

Update 2, plot-twist: they removed this response from Mastodon - seems they realize it exploded into their face!

22
 
 

I use an RSS reader to curate my Lemmy feed, which means I see every post, including deleted ones. Every so often, posts will crop up with pessimistic content such as "Why try anymore?" etc. Most of the time these are a result of privacy burnout, where the individual has a threat model that is too strict for their own tolerance.

We all wish we have perfect privacy. We all wish the world could be more pro-privacy than anti-privacy. One day, that may be the case. For now, we have to accept that nobody can be completely private. Privacy is a spectrum, and doing what you can to minimize data collection goes a long way. You can't become private overnight, so taking small steps like these means you can grow a strong foundation for future privacy. Privacy takes time, so take it as slow as you need to.

Even if a company already has your data or another means to track you, by minimizing you are making it harder for them to extract that data, and it increases the odds that your data becomes stale. By caring about privacy to begin with, you're showing companies and other people that the data collection is not ok.

I've been a privacy activist for years now, and I will also face periods of privacy burnout. I handle it by stopping, taking a step back, and reevaluating my threat model. It's good to take breaks like those, because it means you don't push yourself past your limits and become burnt out.

It's really easy to get caught up in the "breaking news" of privacy, too. This is more of a personal stance, but getting caught up in politics and news often leads to stress and makes it harder to make real progress. (This is one of the reasons I use an RSS reader, I can curate my information without stressful headlines.) You don't need to use the most private software or jump ship the moment anything goes wrong. If you feel you need to switch, do it when you have time and when it won't cause problems elsewhere.

Take a look at how far you've come, and realize that even if you're not where you want to be yet, you've taken steps to get there. Every person who starts to care about privacy, even you, is one more person to help make the world a more privacy respecting place. It may not seem like you make that much of a difference, but it's not just you. You and everybody else who cares about privacy makes a huge difference.

Don't give up now. Privacy is an uphill battle by design, but the payoff is worth it.

Good luck!

23
55
submitted 4 days ago* (last edited 4 days ago) by [email protected] to c/[email protected]
 
 

I need to send a sensitive email anonymously to a VP at work. I was given information I should not have but it's important to get it to this person. I don't have much trust in local management to address the situation. I also need to protect myself because I won't be ready to leave this job for a few more months.

Any recommendations? It can be a simple one and done or one that's good for a limited time/number of emails.

TIA!

EDIT: I appreciate the recommendations! I will start checking them shortly. I'm hoping we can fix the situation locally but knowing that you recommended these helps me feel better about going this route if it becomes necessary.

24
 
 

All of us have made privacy mistakes at some point in our privacy journeys. In an effort to help those earlier on in that journey, please share some of the mistakes you've made, and how you could have prevented it.

25
view more: next ›