Privacy

37671 readers
974 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
1
 
 

Is T-Mobile Fiber (in the US) friendly to Wireguard, or am I going to have blocking issues?

T-Mobile is installing fiber throughout our neighborhood. While I'm not a huge fan of T-Mobile, I actively loath Comcast, and that (or DSL) are currently our only options. At less cost for guaranteed Gb up/down, it's a no-brainer switch.

Except that we're always on VPN. I've got a perma-connection through Mullvad on the router, and a bypass for VPN the company my wife works for uses; there's no unencrypted anything going through the network provider. Comcast has never been an issue, but before I go through switching to T-Mobile it'd be nice to confirm that they aren't going to try to block VPN traffic.

As in the title, it's Wireguard; does anyone use anything else anymore? Don't answer that; it's rhetorical.

Can anyone in the US confirm they're successfully using Wireguard on T-Mobile Fiber?

2
 
 
3
85
submitted 1 day ago* (last edited 1 day ago) by [email protected] to c/[email protected]
 
 

So, first off, to make it for daily browsing use I did some basic alterations to the browser by allowing it to keep history, caches, cookies, disabling always-on incognito, and so on. I also installed my favorite addons (Dark Reader, Sponsorblock, I try to be as minimalistic in my choices as possible). This of course harms the privacy, but you can just ctrl+shift+p to basically turn all of that shit off when you decide you need to get serious. I kept the letterboxing on, its hard to get used to initially but after about a month of using Mullvad as a daily driver I got used to it. It seems most sites aren't able to detect my alterations to the browser.

I don't think any other privacy browser spin (Librewolf, Waterfox, Brave, Tor Browser etc) comes anywhere close to the snappiness and privacy intersection of Mullvad Browser. I'm able to skirt bans due to using anonymity services trivially and the captchas are short and quick and not a never-ending slug fest. Its good enough at faking a unique identity out of the box that most things cannot tell that its fake. I'm in such love that I'm going to swap away from my current vpn (IVPN, sub should end in November) to Mullvad due to how well polished this project is. I'm really interested if their multihop service can get around VPN IP bans better than Tor can.

Kudos to the Mullvad team 🥂 I hope you make an android version soon!

4
 
 

Since Monero is a privacy coin, why is there no libre monero app available without any anti-features? There's a Zcash app, a couple of bitcoin apps, who no Monero?

https://search.f-droid.org/?q=Monero&lang=en

I don't use the standard that if something is on F-Droid then it's private. I check that an app does not have any anti-features to know that it can be used anonymously

5
 
 

The Privacy Iceberg

This is original content. AI was not used anywhere except for the bottom right image, simply because I could not find one similar enough to what I needed. This took around 6 hours to make.

Transcription (for the visually impaired)

(I tried my best)

The background is an iceberg with 6 levels, denoting 6 different levels of privacy.

The tip of the iceberg is titled "The Brainwashed" with a quote beside it that says "I have nothing to hide". The logos depicted in this section are:

The surface section of the iceberg is titled "As seen on TV" with a quote beside it that says "This video is sponsored by...". The logos depicted in this section are:

An underwater section of the iceberg is titled "The Beginner" with a quote beside it that says "I don't like hackers and spying". The logos depicted in this section are:

A lower section of the iceberg is titled "The Privacy Enthusiast" with a quote beside it that says "I have nothing I want to show". The logos depicted in this section are:

An even lower section of the iceberg is titled "The Privacy Activist" with a quote beside it that says "Privacy is a human right". The logos depicted in this section are:

The lowest portion of the iceberg is titled "The Ghost". There is a quote beside it that has been intentionally redacted. The images depicted in this section are:

  • A cancel sign over a mobile phone, symbolizing "no electronics"
  • An illustration of a log cabin, symbolizing "living in a log cabin in the woods"
  • A picture of gold bars, symbolizing "paying only in gold"
  • A picture of a death certificate, symbolizing "faking your own death"
  • An AI generated picture of a person wearing a black hoodie, a baseball cap, a face mask, and reflective sunglasses, symbolizing "hiding ones identity in public"

End of transcription.

6
 
 

cross-posted from: https://feddit.org/post/12078124

The author addresses the issue.

7
24
TM Signal (lemmy.world)
submitted 1 day ago* (last edited 1 day ago) by [email protected] to c/[email protected]
 
 

The scariest part of this recent news is that TM Signal seem(ed) to be interoperable. People using TM Signal could interact with actual Signal users. How are you to know whether or not your groups have people using bastardized versions of Signal? Are things like Session interoperable with Signal?

8
9
 
 

I mean Amazon is a hard service to switch from.

Nearly everything you need is available to order from there. Now of course whatever is the next best thing can still get your address and name (unless you use an alt name and address) but I’m talking about apps or services that have better privacy polices regarding storing personal information.

10
 
 

hi, are there any cools peeps here that use RSS feed for news articles? like say i only wanted to read news about "red bees" how would u do it pls?

11
 
 

Peer-to-peer as it's easier to get an app over getting a server. Must be libre software and E2EE too, obviously.

12
72
submitted 3 days ago* (last edited 3 days ago) by [email protected] to c/[email protected]
 
 

Important

As with all of my long-form, well organized, (mostly) grammatically correct posts that I have been writing for over a year, no AI was used in the making of this post. Every word I write on my own, and I spend hours writing and editing these posts. One of my posts was removed for being "AI slop", which hurt, because it was one I was most proud of writing. From that incident, I considered no longer posting on Lemmy, but I still felt my work is needed, so here I am again.

It's very obvious that there are human mistakes and human additions to my posts that cannot be replicated by AI. It was not the first time one of my posts has been accused of being written AI, but I want it to be the last. There are people who enjoy writing and will put in the work to actually write a piece, such as me. I will prove that I am human by any means necessary.

The content I write is not designed to be short, nor is it designed to be summarized in a short manner. If you are not someone who enjoys reading long text, or prefers reading text with a more condensed meaning, this is not for you. I am also trying out increasing the number of references I use during the post, which is different from my usual style of only referencing more uncommon topics.

Thank you for your understanding.

Introduction

For the sake of people with whom I still keep in touch, I will avoid referencing too many anecdotes while writing this. These individuals have taken great strides in both privacy and security, even if they have a long way to go. It is not my place to publicly degrade these individuals and their experiences, especially knowing that they are reading this. It was wrong of me to have done this in the past, especially without permission.

The topic of this post will, however, cover some common experiences I have observed between numerous individuals, rather than singling out the stories of singular individuals. These stories will be used scarcely and only to help clarify the points I am making through examples.

Threat Model & Privacy Journey

My privacy journey officially started around 6 years ago as of writing this. It was when I was first introduced to the privacy risks of Google, as well as the privacy benefits of Firefox and Tor Browser. In the 6 years that I have spent learning about privacy, my preferences have changed between different extremes.

I used to be a die-hard user of Firefox-based browsers such as Mullvad Browser, and wouldn't dare use a Chromium-based browser. I became obsessed with browser fingerprinting, and Firefox-based browsers seemed to be the only way to mitigate it.

Slowly, though, my views shifted. I became more security-oriented, and became concerned with the security of Firefox. (That topic is a whole can of worms that I have covered in the past. Please don't fight about this in the comments.)

Eventually, I switched to Chromium-based browsers such as Vanadium and Trivalent. Even though I used to be polarized, I eventually switched sides as my threat model changed.

That's where this discussion begins. I have never, in the 6 years I have researched privacy, made a proper threat model. This should not immediately discredit me. I have come to learn that a threat model is a good idea in most cases for most people, and if you haven't made a threat model already, you should.

I have tried many times before to define a concrete threat model, without success. The reason I have not been able to is because of how my privacy journey went about. When I began my privacy journey, I had a goal in mind: "Make myself as private as I reasonably can first, and then work backwards to see what I am actually fine with doing." It's not a bad goal, just an incredibly tedious and difficult one. You first become very experienced in privacy by learning hands-on, and then you are able to make rational decisions after gaining experience and knowledge.

Of course, I never reached the point where I was fully private. Such a thing is not possible. Instead, I accidentally "ignored" some areas of privacy, or didn't push further in areas that became too inconvenient. I essentially did a depth-first search to determine my threat model.

Once I was reasonably satisfied with my state of privacy, I worked backwards to restructure my digital life in a more convenient way with my newfound experience and knowledge. The way I discovered my threat model is extremely difficult and will bring you to extremely low points past privacy fatigue. I would never recommend anyone go through what I went through, which is the main reason I have devoted my time to ease the privacy journeys of others.

One thing I made sure to prevent while learning about privacy is forgetting where I came from and how I got where I am today. This comic illustrates why:

I want to remember all the pitfalls and mistakes I went through, that way I can present easy solutions and workarounds for those just starting their privacy journeys. Even still, I occasionally have to remind myself that not everybody knows what 2FA is, even though I have gotten so used to using it as a part of day to day life. As my threat model has changed, so too has the advice I have given.

Convenience vs. Everything

Convenience makes a lot of rich people a lot of money. If you can make something as convenient and addictive as possible, you gain the undivided attention of someone, and can dictate a lot about that person's life.

Privacy, security, autonomy, and a few other categories are all subcultures of the same concept: freedom, especially digitally. The subcultures often overlap because they are all sides of the same coin.

Digital freedom is a broad topic, but being free digitally means breaking the chains of digital addiction and taking control over where you place your attention. For that reason, digital freedom will inherently feel less convenient. Giving yourself control over your digital life means that, in some cases, you will end up doing more work to manage it properly, but it means that you dictate how it functions, rather than being handheld by questionable entities.

In other ways, however, digital freedom is far more convenient. Take a password manager, as an example. Many people are prone to reusing the same, weak, memorized password for a multiple accounts. That means if an unsavory party gains access to one account (which is more common the more accounts you have), all of your accounts are compromised. Furthermore, remembering and typing passwords is cumbersome and prone to error.

A password manager is incredibly convenient because it fixes those problems. It generates strong passwords for you, changes passwords for every account, stores them all securely so you don't need to remember them, and even types the passwords for you. This is one area where digital freedom is more convenient.

It's often thought that convenience and digital freedom are at whits with each other, but it simply isn't true. You trade convenience in some areas to gain convenience in others. Privacy activists can function the same as those who don't care about privacy, the difference is how they go about it.

The Privacy Hump

"The first step is always the hardest" is a phrase used to encourage taking the first step towards a goal, because it gets easier after the first step. For privacy, this phrase is complicated.

Some steps towards privacy, such as switching your web browser, are very easy, can be done in under a minute, and have a large benefit in privacy. These steps can be first steps, and are not hard at all.

Other steps, such as fully switching to a password manager, are tedious and can get very messy very quickly. I had the displeasure of working for a company that stored all passwords in plaintext on a shared document. I immediately got to work transitioning these passwords to a proper password manager with proper access control, but it was an unpleasant and tedious task. Many of the passwords were incorrect, had multiple entries, or had unclear login pages. One login page was described only by the location of the browser bookmark on the computer of the secretary.

Even if a password manager is a tedious task at first, once your accounts are transitioned to a password manager it becomes infinitely easier to manage and use. These first steps can be the hardest, but provide even greater privacy and security benefits.

With that, I've found that privacy has a "hump". The first steps are easy and can hook you on privacy, and once you are in a comfortable place with privacy the steps become equally as easy, but in between those points in a privacy journey are the hardest.

Conclusion

If privacy were more widespread (and it is becoming increasingly more common), there would be no need for a "privacy journey", because privacy would be the default. Unfortunately, that utopian society currently resides only in the daydreaming minds of authors and privacy activists.

I could add more to this post, but I don't want it to become unbearably long. If you want key takeaways while missing plenty of the interesting portions of this post, I will not deny you the satisfaction:

  • I don't write using AI, even if my writing style is similar
  • Privacy journeys are long and difficult at times
  • Privacy is convenient in some ways, but not in others
  • The hardest part of privacy comes towards the middle of the journey

If you decided to read this post in its entirety, then thank you. As always, I had plenty of fun writing this. I hope it helps at least one person.

Cheers!

13
 
 

I fuckin' signed in to YouTube with my existing account damn it

14
46
submitted 3 days ago* (last edited 3 days ago) by [email protected] to c/[email protected]
 
 

As we all know, privacy starts with security, which leads many people in this community to seek out secure services / software, some relentlessly so.

Then life happens, and suddenly you find yourself naked in a back alley in Hanoi (or if you already live in the region, you might instead find yourself naked in Santiago de Chile), stripped of all belongings and at best some vague recollection of an unusually good night. What is your strategy to regain access to what you need to get back home?

An no, the staff at the hotel does not recognize you.

15
 
 

cross-posted from: https://sopuli.xyz/post/26553553

The author has no Instagram himself, but through his friends who photograph him at events, others still know about his activities.

Such leakage through other parties might be the greatest risk to privacy.

16
 
 

Looking for an alternative to tiles.

I realize lowjacking your stuff is kind of against the idea of privacy in the first place, but the convenience of being able to find lost items is big.

Are there any other locators that can use cellular service or just use BLE?

17
 
 

Hey guys, I have a Google Pixel 8a Smartphone. It is a Degoogled Pixel 8a, currently with Calyxos. Is this the best custom ROM for privacy + security?

I also need to try to make it an Hardened phone. Not a Spy phone..not a Surveillance phone. Basically trying to make it an safe phone, anonymity phone.

What VPN could I use for this phone, and is there any other guides or settings guides you can recommend me.for my phone?

The sim card is a kyc one but im stuck with it.

Thank you.

18
 
 

Hey guys, im just got rid of gboard and im already missing the autocorrect and swipe to type features. I know there has to be a privacy friendly option out there. Thank you for your help; im fat fingering every other key, pls save me

19
 
 

Im always om the look out for foss games. Any recommendations? Gonna be on a bus trip for 5 hours. 🤣🤣

20
200
submitted 6 days ago* (last edited 5 days ago) by [email protected] to c/[email protected]
 
 

This is an open question on how to get the masses to care...

Unfortunately, if other people don't protect their privacy it affects those who do, because we're all connected (e.g. other family members, friends). So it presents a problem of how do you get people who don't care, to care?

I started the Rebel Tech Alliance nonprofit to try to help with this, but we're still really struggling to convert people who have never thought about this.

(BTW you might need to refresh our website a few times to get it to load - no idea why... It does have an SSL cert!)

So I hope we can have a useful discussion here - privacy is a team sport, how do we get more people to play?

21
 
 

I've seen a lot of people on the community say that brave is bad and has made quite a lot of questionable decisions. But Firefox itself also has made equally bad decisions. Mozilla has faced ongoing criticism regarding their default settings, their approach toward users, the high compensation of their CEO at over $3 million USD annually, and their investments in various companies that may not align directly with their core mission. Additionally, there have been instances where Firefox has implemented a temporary, one-time tracker that transmits certain data to Google during the initial installation on Windows or Mac systems. Brave has also undoubtedly made such decisions as well but the point here is that Both Firefox AND Brave have made questionable decisions and to specifically dunk on brave just because it's chromium is unfair in my opinion. That's all, thanks for reading my post :)

22
 
 

Example, WhatsApp, use the whole 25 character profile name limit:

Bob Moved To Signal.org
Alice MovedTo Signal.org
CharlieMovedTo Signal.org

Say Signal.org, not Signal, so they see it is an app.

Use your about section too.

Same on Discord, Steam, Instagram, everywhere.

23
24
88
submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]
 
 

Today, I’m excited to introduce Waterfox Private Search, now available in open beta. This represents an important step in our journey toward creating a more independent and privacy-respecting browsing experience.

Waterfox Private Search is a meta-search engine that I’ve developed with a clear goal: to eventually serve as the default search option for Waterfox, reducing our dependency on Microsoft and other intermediaries who typically serve as gatekeepers between you and your search results.

ETA: The search link:

https://search.waterfox.net/

25
 
 

Honestly, Phi-4 is just 8GB, which even my laptop 2070 can do and it's not that much worse that ChatGPT for most stuff.

Runs pretty well as an AppImage on my linux boxes. On my workstation I run it with a 3090 and the new Gemma LLM has like 20GB and that's a really good model in my experience so far.

It's also by microsoft (disclaimer: absolutely fuck microsoft), which owns chatgpt, so makes sense that it's somewhat capable.

view more: next ›