NextDNS analytics

I liked using it but 15€/year for navigation is too much for me. I'm going to stick to osmand now. At least osmand is open source. It has roughly the same features. It's just not that beautiful. I paid for osmand btw. What's your alternative? Edit: And I like paying for osmand because it is open source.

It's listed on fedidb, but tosdr.org says You are being tracked via social media cookies/pixels on its points list.

https://www.livemint.com/news/india/if-you-don-t-want-jyotiraditya-scindia-says-sanchar-saathi-app-is-optional-amid-strong-opposition-protests-11764659707854.html

I have a store bought consumer router connected to my ISP's router which is in bridge mode, and it's one of the few remaining proprietary mystery boxes in my network that I don't know how to audit. I recently made a post about whether I should switch to PFsense, and this was one of my motivations (though I forgot to mention it in that post). Is there an effective way to check whether my router is part of a Mirai botnet or some other malware that scanned the internet and found some vulnerability in my router? As far as I know, once infected, things like updating the firmware or pressing the reset button aren't guaranteed to remove it because it can just take control of those processes and persist. In my specific configuration, can malware from the internet even see my main router or just the ISP router it's connected to? In my threat model, I'm most concerned about my local traffic to and from my server being exfiltrated by some cybercrime group as a lot of it is HTTP or HTTP proxy data. Not so much general internet bound traffic which is usually HTTPS or VPN. Obviously I don't want to be "participating" in botnet attacks or other cybercrime infrastructure either.

If I keep all incoming connections blocked, but also all outgoing connections blocked except my browser (no MS/Win service is communicating with anything online), would my attack surface be just the browser? So it wouldn't matter if Win is not updated?

I tried wyze and find it silly how video clips are limited to 5 seconds unless you give them money every month. I want something where the footage is saved on a local sdcard/hdd without any cloud reliance. Even better if I don't have to be locked into using the manufacturer's app, but I'm flexible on that.

Hello everyone! [Journiv](https://journiv.com/) is a self-hosted private journaling application that puts you in complete control of your personal reflections. Built with privacy and simplicity at its core, Journiv offers comprehensive journaling capabilities including mood tracking, prompt-based journaling, media uploads, analytics, and advanced search. All while keeping your data on your own infrastructure. Journiv [v0.1.0-beta.9 ](https://github.com/journiv/journiv-app/releases/tag/v0.1.0-beta.9)is out with * Markdown support * Inline media (images and video) with viewer. * Many bug fixes and improvements. Watch [demo](https://www.youtube.com/watch?v=SV7aM4BoSfg) **The Journey Ahead** Journiv is in active development, with a fully functional backend, a web frontend, and mobile apps launching soon. It is self-hosted, and designed to be your companion for decades. Journiv is being built because our memories deserve to be ours, forever. **Learn More** * [Spin up Journiv](https://journiv.com/docs/installation) * [Journiv on DB Tech Youtube Channel](https://www.youtube.com/watch?v=2lNEr0EmgFg) * [Journiv on noted.lol](https://noted.lol/journiv/) * [Watch other demo videos](https://www.youtube.com/@JournivApp)

It seems many if not all of today's AR glasses use Bluetooth, which means that if you're close enough, it should be possible to detect people who are wearing them (and/or anything else that's using Bluetooth)

So a bit ago I got an add for "canned rambutan". I had looked up Rambutan a few days prior after hearing it mentioned 10 hours into the video game Baby Steps. I wasn't using a VPN at the time and I didn't have fingerprinting protections active but I only mentioned it to a few sources (according to my browser history) all of which generally are implied to be private. Which of these do you think is the reason the ad networks know? - Wikipedia - Startpage Search - Duckduckgo Search - My ISP - Firefox - My Firefox Extensions - Kubuntu - CachyOS - The omnipotent algorithm connecting my mentions of Baby Steps with my progress through the game. - Does this only make sense if my browser history is incomplete? - Maybe I was using DNS over HTTPS via Cloudflare at the time of my search. Any guesses as to where the weak link is?

cross-posted from: https://lemmy.zip/post/54163653 > > The Indian telecommunications authority, the Department of Telecommunications (DoT), has instructed eight messenger services to implement a permanent binding to inserted SIM cards. Affected are WhatsApp, Telegram, Signal, Snapchat, ShareChat, as well as the Indian services Arattai, JioChat, and Josh. According to the directive, the companies must ensure within 90 days that their services can only be used with a physically inserted SIM card.

Happy winter and merry festivities! Last year I made [a post](https://lemmy.ml/post/23393825) outlining many gift ideas for privacy enthusiasts. I'm back this year with an updated list. Privacy enthusiasts, by nature, are sometimes difficult to buy gifts for. This list is here to make it easier for you to come up with ideas, even if you don't directly gift what's on the list. I've decided to make a rule this year: **only physical items**. You can't put a subscription under the tree. ## [3D printers](https://en.wikipedia.org/wiki/3D_printing) 3D printers can turn plastic into any shape you want. While a lot of 3D printers include proprietary privacy-invasive software, there are open-source options such as [RepRap](https://www.reprap.org/wiki/RepRap). The privacy benefit of these comes in the form of [homemade firearms](https://en.wikipedia.org/wiki/Homemade_firearm). Traditional firearms include many elements to trace the ammunition back to the firearm, but homemade firearms (such as ones made using a 3D printer) exclude these. The reliability of the firearm depends on the quality of the 3D printer, but the designs are getting easier and easier to make. ## Accessories Especially for phones, there are a few of privacy accessories that are simple but effective. - [Faraday bags](https://en.wikipedia.org/wiki/Security_bag#Faraday_Bag) - [Lens covers](https://en.wikipedia.org/wiki/Lens_cover) (which some phone cases include) - [Microphone blockers](https://en.wikipedia.org/wiki/Microphone_blocker) (which is more effective as a [recording jammer](https://inv.nadeko.net/watch?v=FyeCn7HlLck)) - [Monitor filters](https://en.wikipedia.org/wiki/Monitor_filter) (better known as privacy screen protectors) ## [Anonymous dress](https://www.notrace.how/threat-library/mitigations/anonymous-dress.html) Anonymous dress is clothing that conceals your identity in public. Obtaining these items of clothing is a chore, so it's always easiest when it is gifted by somebody else. Black, unthemed clothing does the best job of protecting privacy. The holy grail of anonymous dress is: - A [balaclava](https://en.wikipedia.org/wiki/Balaclava_(clothing)) to hide your face. - A [baseball cap](https://en.wikipedia.org/wiki/Baseball_cap) to further hide your face, although a [sun hat](https://en.wikipedia.org/wiki/Sun_hat) does a better job. - A hooded [down jacket](https://en.wikipedia.org/wiki/Down_jacket) to hide body shape and skin color. There are significantly long down jackets that extend below the knees that can somewhat conceal your gait too. Last year I included jackets that spoof AI recognition or blind infrared cameras, but those are very difficult to find and can be very identifying. - [Elevator shoes](https://en.wikipedia.org/wiki/Elevator_shoe) to conceal your height. - [Sunglasses](https://en.wikipedia.org/wiki/Sunglasses) to hide your eyes. [Reflectacles](https://www.reflectacles.com/) do the best job of this. - [Touchscreen gloves](https://en.wikipedia.org/wiki/Glove#Sport_and_recreational) to prevent fingerprints and still be able to use touchscreens. Normal gloves work when paired with a [capacitive stylus](https://en.wikipedia.org/wiki/Stylus_(computing)#Capacitive). - An [umbrella](https://en.wikipedia.org/wiki/Umbrella) to hide your clothing from surveillance cameras. ## [Ciphers](https://en.wikipedia.org/wiki/Cipher) Not all encryption is digital. Traditionally, complex codes and ciphers were created to conceal messages. Hardware devices like the [enigma machine](https://en.wikipedia.org/wiki/Enigma_machine) were used to further aide the process. Modern versions of those devices, as well as related items such as [invisible ink](https://en.wikipedia.org/wiki/Invisible_ink) are still around and can be a fun project. ## [Computers](https://en.wikipedia.org/wiki/Computer) Laptops, desktops, and servers are all useful devices for accessing digital services privately. While there is no best choice, some lists can help shine some light on which hardware is considered secure: - [PrivSec.dev Laptop Hardware Security](https://github.com/PrivSec-dev/privsec.dev/blob/Laptop-Hardware-Security/content/posts/knowledge/Laptop%20Hardware%20Security/index.md) - [Qubes OS Hardware Compatibility List](https://www.qubes-os.org/hcl/) ## [Concealment devices](https://en.wikipedia.org/wiki/Concealment_device) Concealment devices are things that look like ordinary objects, but in some way or another, have a hidden compartment used for storage. These are excellent ways to hide sensitive items such as cash, backup security tokens, and more. These are excellent gifts if you're giving one-on-one rather than at a party. ## [Cryptocurrency wallets](https://en.wikipedia.org/wiki/Cryptocurrency_wallet) Cryptocurrency wallets are devices used to securely store (the keys for) cryptocurrency such as the private cryptocurrency [Monero](https://www.getmonero.org/). The two best options are: - [Ledger](https://shop.ledger.com/pages/hardware-wallet) - [Trezor](https://trezor.io/compare) ## Dumb tech Dumb tech is the opposite of smart tech. It doesn't connect to every device in your house. It doesn't broadcast that data to a corporation. It doesn't get exposed in a data breach. It doesn't get hacked. It doesn't go down when the internet goes offline. Things like dumb TVs or dumb cars are becoming harder to find but more and more valuable for privacy. ## [Mail](https://en.wikipedia.org/wiki/Mail) Mail is almost always sensitive. For that reason, it's useful to protect the contents by using [security envelopes](https://www.walmart.com/browse/office-supplies/security-envelopes/1229749_6318396_8064009). For delivering packages privately, it's also useful to have a [label printer](https://en.wikipedia.org/wiki/Label_printer) capable of printing shipping labels. ## [Money](https://en.wikipedia.org/wiki/Money) [Banks](https://en.wikipedia.org/wiki/Bank) and [payment service providers](https://en.wikipedia.org/wiki/Payment_service_provider) are almost always incredibly privacy invasive and offer poor security. While some of these issues can be mitigated with services like [Privacy](https://www.privacy.com/), it doesn't fix the underlying issue. Anonymous payments not only protect your privacy, but protect your money too, and having the ability to make payments like these is what allows privacy to further grow. Anonymous payment methods include: - [Cash](https://en.wikipedia.org/wiki/Cash) - [Gift cards](https://en.wikipedia.org/wiki/Gift_card) (when purchased with cash and adequate anonymous dress) - [Monero](https://www.getmonero.org/) (which is physical when paired with a cryptocurrency wallet) - [Stored-value card](https://en.wikipedia.org/wiki/Stored-value_card) (when purchased with cash and adequate anonymous dress) ## [Optical discs](https://en.wikipedia.org/wiki/Optical_disc) Optical discs are a physical way to store movies, shows, music, games, and more. The idea is that, instead of paying a subscription and streaming content, you can pay a one-time fee and get the full quality media offline. This is also excellent for [ripping](https://en.wikipedia.org/wiki/Ripping) to create a digital archive to stream from your own servers for free. ## [Paper](https://en.wikipedia.org/wiki/Paper) Your most sensitive information is put at risk the moment it becomes digitized, so pen and paper isn't so bad for some uses: - Earlier this year, Amazon [removed the option to download and transfer ebooks](https://www.reddit.com/r/kindle/comments/1inr9uy/fyi_amazon_is_removing_download_transfer_option/). It's becoming increasingly harder to "own" an ebook, especially without using privacy-invasive software. For that reason, [books](https://en.wikipedia.org/wiki/Book) are much better for privacy. - Calendar apps are convenient for reminders, but they often sync to cloud services or include telemetry. Physical [calendars](https://en.wikipedia.org/wiki/Calendar) are a good way to have peace of mind knowing that your personal events are away from prying eyes and can be erased without a trace. - [Notebooks](https://en.wikipedia.org/wiki/Notebook) are also useful for the same reasons as books. There are also numerous benefits to writing things down instead of typing them. ## [Paper shredders](https://en.wikipedia.org/wiki/Paper_shredder) Paper shredders destroy sensitive documents to prevent obtaining sensitive information by digging through landfills. However, shredded documents can be recovered using [automated software](https://www.unshredder.com/). The paper shredder industry hasn't discovered fire yet, it seems. ## [Power cables](https://en.wikipedia.org/wiki/Power_cable) Most cables carry both power and data. However, that can be exploited by cleverly designing fake power stations that discreetly steal data when plugged into devices. Some cables only deliver power, without delivering data. These are incredibly useful for protecting vulnerable devices in public settings. ## [Printers](https://en.wikipedia.org/wiki/Printer_(computing)) Printers suck. So much so that [not even Framework wanted to make one](https://inv.nadeko.net/watch?v=os_fHy1mB_M&t=565). Nevertheless, a new printer called [Open Printer](https://www.crowdsupply.com/open-tools/open-printer) is in the works. Until it's finished, the best option is to gift a printer that allows printing over a wired connection. ## [Promotional merchandise](https://en.wikipedia.org/wiki/Promotional_merchandise) There is no shortage of promotional merchandise for privacy. Some of my favorites include: - [Electronic Frontier Foundation](https://shop.eff.org/) - [Naomi Brockwell TV](https://shop.nbtv.media/) - [Privacy Guides](https://shop.privacyguides.org/) I also recently found products like [this](https://www.redbubble.com/i/hoodie/I-Do-Not-Consent-To-Being-Recorded-White-Text-by-lostfigment/172562280.BN4XF) that serve a functional benefit of telling people you don't want to be recorded without explicitly talking to them. ## [Rayhunter](https://efforg.github.io/rayhunter/) Rayhunter is a device created by the [Electronic Frontier Foundation](https://www.eff.org/) to detect [Stingray](https://en.wikipedia.org/wiki/Stingray_phone_tracker) attacks. It can be installed on [supported devices](https://efforg.github.io/rayhunter/supported-devices.html), which are great gifts for high threat model people. ## [Safes](https://en.wikipedia.org/wiki/Safe) Safes are a secure box to store sensitive items. I shouldn't need to explain why this is a good idea. ## [Security seals](https://en.wikipedia.org/wiki/Security_seal) Security seals are a special type of sticker that makes it very clear if the seal has ever been broken. This is useful to place on the case of computers or other containers that shouldn't be opened often. ## [Security tokens](https://en.wikipedia.org/wiki/Security_token) Security tokens are hardware devices used to authenticate accounts at a hardware level. When setup correctly, they are one of the most secure way to login. The most popular open source options are: - [Nitrokey](https://www.nitrokey.com/products/nitrokeys) - [OnlyKey](https://onlykey.io/) - [SoloKeys](https://solokeys.com/) ## [Smartphones](https://en.wikipedia.org/wiki/Smartphone) [GrapheneOS](https://grapheneos.org/) is the most private and secure operating system available. They [recently announced](https://xcancel.com/GrapheneOS/status/1977413966231175393) that they are partnering with an OEM to manufacture devices designed for GrapheneOS. However, until that device is made available, [Google Pixels](https://store.google.com/category/phones) are still the only device GrapheneOS can be installed on. ## [USB flash drives](https://en.wikipedia.org/wiki/USB_flash_drive) USB flash drives are the unsung heroes for so many areas of privacy. Whether it be installing operating systems such as [Qubes OS](https://www.qubes-os.org/) and [Tails](https://tails.net/), or creating offline [Seedvault](https://github.com/seedvault-app/seedvault) backups for GrapheneOS, USB flash drives have a multitude of uses. Just remember: it's better to have many, smaller USB flash drives than one, large USB flash drive. ## [Wi-Fi hotspots](https://en.wikipedia.org/wiki/Wi-Fi_hotspot) Wi-Fi hotspots are (for privacy use-cases) hardware devices that allow connecting devices to the cellular network in a much more private way. The best one that supports an excellent privacy organization is the [Calyx Internet Membership](https://calyxinstitute.org/membership/internet). ## [Wired headphones](https://en.wikipedia.org/wiki/Headphones#Wired) Wired headphones not only provide higher quality audio output, but they also avoid the [history of security issues with Bluetooth](https://en.wikipedia.org/wiki/Bluetooth#Security) and the surveillance capitalism that comes with [Bluetooth Low Energy beacons](https://en.wikipedia.org/wiki/Bluetooth_Low_Energy_beacon). Which type of wired headphones you gift depends on a lot of factors, but one that pairs nicely with Google Pixels are the [Pixel USB-C earbuds](https://store.google.com/us/product/usb_c_earbuds) sold by Google themselves. ## [Wireless routers](https://en.wikipedia.org/wiki/Wireless_router) Wireless routers often leak everything sent through them. For that reason, custom software such as [OpenWrt](https://openwrt.org/) was designed to replace the privacy invasive software preinstalled on routers. OpenWrt also created their own router called the [OpenWrt One](https://openwrt.org/toh/openwrt/one). Earlier this year, they announced that they would be creating a new router called the [OpenWrt Two](https://openwrt.org/voting/2025-02-12-openwrt-two). It hasn't come out yet, but maybe it will be on the list next year. # Conclusion There is no shortage of privacy tech. The same technology that empowers privacy is the thin veil slowing down the world from its dystopian target. Giving the gift of privacy means giving the gift of a better future for those of us fighting on the front lines. ### Lack-of-AI notice I’ve been burned before, so I always try to mention that none of my content is AI generated. It isn’t even AI assisted. Just because something is comprehensive and well-structured does not make it AI generated. Every word I write is my own. Thank you for your understanding.

I've read about creating separate users at the OS level, but I'm hoping for something a tad lighter. Are separate Firefox profiles and/or multi-account containers a thing in any of the various Firefox spinoffs for Android? Testing in Fennec browser, in the little kebab menu, I see an option to sign in, but that's not what I want. I don't see anything related to profiles. When I browse to the page for the multi-account containers extension, it says not compatible w/ Android. Does one of the other Firefox spinoffs for Android have either of these features (profiles or multi-account containers)?

Apparently Europe finally got Whatsapp to enable 3rd party chats making it easier to switch to more privacy friendly alternatives [article](https://about.fb.com/news/2025/11/messaging-interoperability-whatsapp-enables-third-party-chats-for-users-in-europe/) However the only other app that currently works with it is "BirdyChat"?? Have anybody found any news about when serious alternatives will be integrated?

If I am already using a rooted but proprietary smartphone (Samsung Galaxy S23), downloading my apps from other sources than Google Play, how would Google be able to control what I do with it? If necessary, I could just stay on my current OS build as well. All in all, while politically and philosophically, Google's new policy is bad, I don't feel threatened by it with my current understand of the situation and technology...

I use Linux on all my personal computers and privacy respecting ROMs on phones, and Pi-Hole, but a part I haven't really taken a look at is my network at home. I currently have my ISP's smart router in bridge mode connected to a brand name Wi-Fi 6 router with a wireless "mesh" range extender. I really like the range extender because it has an Ethernet port so it's basically a "free" Ethernet plug for that room connected to a high power Wi-Fi transceiver that's faster than a lot of on board Wi-Fi antennas. But I feel like it's probably not the best thing privacy and security wise? I already don't use the app and luckily it still has a web interface for management, but I don't know how secure the firmware is or if it has any corporate "analytics" or not. I'm thinking a PFsense or similar router software on Linux box to connect to the bridge port of my ISP's router since I was told the "Ethernet" cable connecting from it to the fiber modem won't work with a store bought router, I assume it has some kind of DRM? I already have an old PC in mind to convert to a router. I assume I could just use the onboard Ethernet port to talk to the router and add my own USB NIC to connect to the main switch? I don't know what to do for Wi-Fi though, could I buy two dedicated access points and put them on different floors, and have them both connected to the wired network? How hard would it be to have those be the same Wi-Fi network and have devices actually switch between them depending on location? Also, most of my NICs and switches are from the thrift store or eBay for higher end used server parts. Is that bad? As in how worried should I be about the firmware running in those being tampered with by whoever owned it last?

Hello. I installed Linux Mint on a new desktop that I built about a week ago, and I'm starting to get used to it, so it's probably time to start using it for some actual life things. A couple of these do involve talking with family members all in Facebook Messenger, as well as the necessity of using Google Workspace for some work-related functions. I'm aware that using both of these is a compromise of privacy in and of itself, but I'm still interested in mitigating the damages best as I can. What steps can I take to make the usage of these as private and non-invasive as possible? If it helps at all, the browser I'm using is Firefox and the operating system is Linux Mint.

We have no idea what content is most viral on YouTube, Meta, TikTok, LinkedIn, or X – because they refuse to share basic data. On the DSA’s Birthday (Oct 4th) we've led a “mass data access request” along with @mozilla and DSA40 Data Access Collaboratory, where a series of ~20 orgs requested daily data on their top 1,000 most-viewed posts in EU Member States. Every single one refused. Join us in demanding platform transparency. Posted on mastodon: https://chaos.social/@algorithmwatch/115620980818833875

With the UK apparently floating ideas of a VPN ban it's got me worried about the future of anonymity online. Now people have already pointed out that a VPN ban doesn't make sense because of all the legitimate uses of one and wouldn't even be enforceable anyway, but that got me thinking. What if governments ordered websites (such as social media sites) to block traffic originating from a VPN node? Lots of sites already do this (or restrict your activity if they detect a VPN) to mitigate spam etc. and technically that wouldn't interfere with "legitimate" (in the eyes of the gov) VPN usage like logging onto corporate networks remotely It's already a pain with so many sites either blocking you from access or making you jump through a million captchas using VPNs now. I'm worried it's about to get a whole lot worse

Or have to go through great lengths to escape. In my country you can't buy any medicine without showing your ID... I mean, you technically can, but if you are registered they "give" like an 80% discount, so everyone thinks it's a great deal, not realizing that's the normal price, they are just pretending you can still go and buy a simple cold medicine without sharing your ID, phone, email, and street address with the drug store and whoever they decide to sell that information to, you just have to pay absurdly more. Yeah, you can lie about all the other information, but not really about your ID number. Probably soon, to get the "discount", you are going to have to verify your email or phone number as well.

> Contrary to headlines suggesting the EU has “backed away” from Chat Control, the negotiating mandate endorsed today by EU ambassadors in a close split vote paves the way for a permanent infrastructure of mass surveillance. > While the Council removed the _obligation_ for scanning, the agreed text creates a toxic legal framework that incentivizes US tech giants to scan private communications indiscriminately, introduces mandatory age checks for all internet users, and threatens to exclude teenagers from digital life. The article is non-paywalled, freely readable on the link --^

I purchased a custom domain to use with mailbox.org. The MX records are setup and basic tests are working. I'm getting myname@customdomain.com showing up in my mailbox.org account. But I got confused with setting up a family member with theirname@customdomain.com Do they need to pay for a plan too? There not worried about the privacy they just want the custom email address. Is there anyway to do this for free or cheaper, without self hosting email? Side question. I've been paying for anonaddy to hide my normal @outlook account. Are there any benefits in keeping anonaddy to send emails to my custom domain. Instead of just using a catchall, or pre-configuring some aliases? The only benifits I see are - Anonaddy can make accounts on the fly - On The Fly accounts might be easier to disable than things sent to a catchall - Anonaddy dosnt reveal your domain (maybe this is the big draw card?) Thanks.

I mean for fingerprinting protections I go minimal with extensions. I only have Ublock origin. I want to keep dark reader but for fingerprinting issue I'm not doing it. So if I keep js disabled with Ublock origin (I'm doing it for a while now) and then install dark reader will websites still be able to tell that I have dark reader installed?

Greetings! I've been daily driving a Raspberry Pi 4B as a home server for quite a while now and thought it was a great time to make the switch to a proper NAS. My current Home Server setup uses 2 Raspberry Pi's. One is where i selfhost all of the stuff i need, and one hosts my website. The Pi only has 4gb of RAM, which is ok for me. But i can't really say much about it's performance. In Jellyfin, it's struggling with streaming music. Not even a movie, a single MP3 file, it struggles with it. I tried solutions like Nextcloud for a Selfhosted Cloud Storage Solution, but it would always wipe out it's config every time the pi reboots. I am looking forward to buy a Synology NAS. Their Web interface seems intuitive (theres even docker support too) and easy to use. However, i really am concerned on what data can Synology collect off of it. So, what data can Synology collect off the NAS and is it safe in a Privacy nerd's view?

Cross posted from: https://feddit.uk/post/40232992 european funds recovery initiative Search Search... Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR HOME Related News Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR Last week we at [EFRI](https://efri.io/finleaks-a-retaliation-platform-full-of-defamation/) wrote about the *[Digital Omnibus leak](https://efri.io/the-digital-omnibus-leak-a-stealth-attack-on-the-gdpr/)* and warned that the European Commission was preparing a stealth attack on the [GDPR](https://efri.io/the-digital-omnibus-leak-a-stealth-attack-on-the-gdpr/) Since then, two things have happened: The Commission has now officially [published](https://digital-strategy.ec.europa.eu/en/library/digital-omnibus-regulation-proposal) its Digital Omnibus proposal. noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy. **What noyb has now put on the table** On 19 November 2025, noyb [published a new piece](https://noyb.eu/en/digital-omnibus-eu-commission-wants-wreck-core-gdpr-principles) with the blunt headline: “**Digital Omnibus: [EU](https://efri.io/recent-development-on-crypto-regulation-in-the-eu-and-in-the-us/) Commission wants to wreck core GDPR principles**” Here’s a focused summary of the four core points from noyb’s announcement, in plain language: **New GDPR loophole via “pseudonyms” and IDs** The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR. This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”). Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions. Different companies handling the same dataset could fall inside or outside the GDPR. For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”. Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept. arzh-CNnlenfrdeitptrues european funds recovery initiative Search Search... Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR HOME Related News Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR Last week we at EFRI wrote about the Digital Omnibus leak and warned that the European Commission was preparing a stealth attack on the GDPR Since then, two things have happened: The Commission has now officially published its Digital Omnibus proposal. noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy. What noyb has now put on the table On 19 November 2025, noyb published a new piece with the blunt headline: “Digital Omnibus: EU Commission wants to wreck core GDPR principles” Here’s a focused summary of the four core points from noyb’s announcement, in plain language: New GDPR loophole via “pseudonyms” and IDs The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR. This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”). Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions. Different companies handling the same dataset could fall inside or outside the GDPR. For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”. Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept. **Weakening ePrivacy protection for data on your device** Today, Article 5(3) ePrivacy protects against remote access to data on your devices (PCs, smartphones, etc.) – based on the Charter right to the confidentiality of communications. The Commission now wants to add broad “white-listed” exceptions for access to terminal equipment, including “aggregated statistics” and “security purposes”. Max Schrems finds the wording of the new rule to be extremely permissive and could effectively allow extensive remote scanning or “searches” of user devices,ces as long as they are framed as minimal “security” or “statistics” operations – undermining the current strong protection against device-level snooping. **Opening the door for AI training on EU personal data (Meta, Google, etc.)** Despite clear public resistance (only a tiny minority wants Meta to use their data for AI), the Commission wants to allow Big Tech to train AI on highly personal data, e.g. 15+ years of social-media history. Schrems’ core argument: People were told their data is for “connecting” or advertising – now it is fed into opaque AI models, enabling those systems to infer intimate details and manipulate users. The main beneficiaries are US Big Tech firms building base models from Europeans’ personal data. The Commission relies on an opt-out approach, but in practice: Companies often don’t know which specific users’ data are in a training dataset. Users don’t know which companies are training on their data. Realistically, people would need to send thousands of opt-outs per year – impossible. Schrems calls this opt-out a “fig leaf” to cover fundamentally unlawful processing. On top of training, the proposal would also privilege the “operation” of AI systems as a legal basis – effectively a wildcard: processing that would be illegal under normal GDPR rules becomes legal if it’s done “for AI”. Resulting in an inversion of normal logic: riskier technology (AI) gets lower, not higher, legal standards. **Cutting user rights back to almost zero – driven by German demands** The starting point for this attack on user rights is a debate in Germany about people using GDPR access rights in employment disputes, for example to prove unpaid overtime. The German government chose to label such use as “abuse” and pushed in Brussels for sharp limits on these rights. The Commission has now taken over this line of argument and proposes to restrict the GDPR access right to situations where it is exercised for “data protection purposes” only. In practice, this would mean that employees could be refused access to their own working-time records in labour disputes. Journalists and researchers could be blocked from using access rights to obtain internal documents and data that are crucial for investigative work. Consumers who want to challenge and correct wrong credit scores in order to obtain better loan conditions could be told that their request is “not a data-protection purpose” and therefore can be rejected. This approach directly contradicts both CJEU case law and Article 8(2) of the Charter of Fundamental Rights. The Court has repeatedly confirmed that data-subject rights may be exercised for any purpose, including litigation and gathering evidence against a company. As Max Schrems points out, there is no evidence of widespread abuse of GDPR rights by citizens; what we actually see in practice is widespread non-compliance by companies. Cutting back user rights in this situation shifts the balance even further in favour of controllers and demonstrates how detached the Commission has become from the day-to-day reality of users trying to defend themselves. **EFRI’s take: when Big Tech lobbying becomes lawmaking** For EFRI, the message is clear: the Commission has decided that instead of forcing Big Tech and financial intermediaries to finally comply with the GDPR, it is easier to move the goalposts and rewrite the rules in their favour. The result is a quiet but very real redistribution of power – away from citizens, victims, workers and journalists, and towards those who already control the data and the infrastructure. If this package goes through in anything like its current form, it will confirm that well-organised corporate lobbying can systematically erode even the EU’s flagship fundamental-rights legislation. That makes it all the more important for consumer organisations, victim groups and digital-rights advocates to push back – loudly, publicly and with concrete case stories – before the interests of Big Tech are permanently written into EU law.

[Donate](https://grapheneos.org/donate) [Discord Server](https://discord.gg/grapheneos) [Message Link](https://discord.com/channels/1176414688112820234/1176434676311797760/1442528725370540208)

Hello everyone! First of all, thanks a lot for the [amazing response](https://lemmy.world/post/38696249) and interest in Journiv. We have [hundreds of stars](https://github.com/journiv/journiv-app/stargazers), thousands of [docker pull](https://hub.docker.com/r/swalabtech/journiv-app) and many many [feature request](https://github.com/journiv/journiv-app/issues) (and bugs reports) on Github in just two weeks (sleepless two weeks for me :)). [Journiv](https://journiv.com/) v0.1.0-beta.8 is out and in it I have added the most requested features. **Highlights:** * OIDC support (now pretty stable) * In app [one click export-import](https://www.youtube.com/watch?v=rQRpQbyExMU) with history. So you always have your memories safe and backed up even if you don't want to deal with docker backups * Role Based Access Control for user management. * Many quality of life features and bug fixes. * Read the release notes [here](https://github.com/journiv/journiv-app/releases/tag/v0.1.0-beta.8) Journiv began as a deeply personal project, a way for me to capture memories, reflections, and the stories behind thousands of photos and videos of my fast-growing kids. What started as a tool for my own parenting journey has grown into something that fills a real gap in the self-hosting community. If you’re curious, you can read the full story behind Journiv [here](https://journiv.com/blog/the-story-behind-journiv). I’m grateful that Journiv is now helping others preserve their memories as well. **The Journey Ahead** Journiv is in active development, with a fully functional backend, a web frontend, and mobile apps launching soon. It is self-hosted, and designed to be your companion for decades. Journiv is being built because our memories deserve to be ours, forever. **So this Thanksgiving, give your family the gift of memories that last forever!**

**Solved:** Thanks to all who commented, especially those who took the time to respond to my follow-up questions. Your responses were enough to convince me of the value of buying a custom domain in order to keep one's true email address private w/ the added benefit of working on websites that block known domains of temp/forwarding service providers. Key takeaways: - Forwarding services' shared domains are useful for blending in w/ the crowd. (credit to @Cricket@lemmy.zip) - Custom domains are handy when you don't care about blending in and you want to use a website that blacklists known domains of disposable/forwarding service providers, including the paid-tier domains. - Deciding whether to enable catch-all: - Enabled: You can make up new addresses without having to configure the alias manually each time, but it's also easier for spammers to guess valid addresses. - Disabled: It's more difficult for spammers to guess valid addresses, but you'll have to configure your aliases manually *unless* you have regex matching for automatic creation of new aliases. With regex matching for automatic creation of new aliases, disabling catch-all has few if any downsides. - Regex matching: Seems to provide the best of all worlds by making it harder for spammers to guess valid addresses without having to configure aliases manually each time. - For aliases, including a string of random characters after the company name makes it harder for spammers to guess your other aliases and/or learn where else you have accounts by spamming emails to every `$companyname@example.com` and seeing which ones bounce back. (credit to @erebion@news.erebion.eu) **Original post:** I've recently signed up for an email forwarding service w/ aliases so that I can keep my true email address private when I sign up for new websites and services. I should clarify that I'm less concerned about *concealing my identity* as I am about protecting my real email address, identifying who leaked my info when my email address is compromised, and being able to stop the spam by turning off that alias. While updating my existing profiles to point to aliases instead of my real address, I've hit a snag - some sites (Steam, Slack, etc) won't allow me to update my email address to any known domains from my email forwarding service. On these sites that block email forwarding addresses, for now I'm either updating my existing email address w/ a plus sign if the website allows it, otherwise I'm just leaving my existing email address unchanged. It's not the end of the world, they already have my real email address, and I can probably go a Very Long Time without needing to check those inboxes anyway, but I'm still miffed that I can't completely migrate my existing accounts to my new scheme. I've read numerous posts about the benefits of custom domains to enable portability of email service providers, and I'm wondering if custom domains are the answer to these sites that disallow forwarding addresses, but I have questions: - How do other people deal with this situation? - Do these websites that block known email forwarding domains typically work on a whitelist or blacklist model? If the former (whitelist), then I'm thinking a custom domain will have the same problem, but if the latter (blacklist), then I reckon a custom domain with catchall might work. - Particularly owners of custom domains, do you find your custom domain is allowed more often than not or do you run into the same problem? EDIT: Clarified my objectives.

The drama and accusations the GrapheneOS developers are spewing and engaging in are giving me a bad taste in the mouth and make me doubt the OS’s reliability am I the only one?

Hi everyone, I’m considering setting up: A dedicated email address (e.g., first.last@proton.me or similar) A separate phone number (via Free, Google Voice, or another provider) Exclusively for: Administrative tasks (taxes, banking, etc.) Communication with family and close friends Goal: Minimize my personal data exposure to GAFAM and other platforms, while keeping a reliable way for loved ones to reach me. **Issue: Even with this separation, if my friends or family share my info (e.g., my number or email) with their services (Facebook, WhatsApp, etc.), my identity will eventually be linked back to these platforms. How can I mitigate this risk?** Questions: Is this approach actually effective, or am I missing something? What solutions do you use to protect your data in similar situations? Are there alternatives for staying in touch with loved ones without exposing my identity to GAFAM? Thanks in advance for your insights and advice!

>The CLI is now in beta version and available for Visionary supporters, with a broader availability across paid plans coming soon.

So, I have a profile at Tumblr to archive a specific media's contents. (It's in Portuguese) I currently use tumblr, but is there some other page I should use to get better privacy? I've been considering Mastodon.

Christmas is coming, we recently had a newborn, and we aren't sharing pictures of them on social media. But of course, we'd like to share photos with family, and a digital photo frame seems like an ideal way to do that. I'm _considering_ a solution with Immich, and found [ImmichFrame](http://immichframe.online/). This _doesn't_ recommend making it available to the internet, however, but running it on a Raspberry Pi with only the images we intend to share this way seems like a reasonable amount of risk. Regarding Immich Frame, how does it handle when the server is unavailable, when say, my IP address changes? Ideally, I don't want this gift to become a series of tech support problems, there's good reason I haven't offered family access to anything else I self host. Also, what frames do y'all recommend? Not looking to break the bank here, as I may be buying several. I assume something simple and Android would be best, maybe even something that can have its OS replaced with stock? I'd hate to get stuck with something locked down and unworkable, or that introduces its own broad privacy/security issues. Lastly, please feel free to suggest other alternatives. Maybe there's a solution that sends images encrypted and decrypts them on device, and doesn't require me to self-host Immich, for example?

Our latest blog post is aimed at people who 'get it' about online privacy, but who struggle to convince friends and family to take it seriously. We hope it helps!

I just got a message on my app forcing me to agree to let the app look at when I scroll and scan what apps I have on my phone, in the name of "preventing hackers" which kinda sucks. Any banks that actually respect your privacy in Australia? or does anyone have tips to make banking more private? Yes I know graphene-os has sandboxing, no I'm not buying a new phone.

Cross posted from: https://feddit.uk/post/39979350 [TRANSLATED ARTICLE] **EU chat control comes – through the back door of voluntariness** The EU states have agreed on a common position on chat control. Data protection advocates warn against massive surveillance. What is in store for us? After lengthy negotiations, the EU states have agreed on a common position on so-called chat control. Like from one Minutes of negotiations of the Council working group As can be seen, Internet services will in future be allowed to voluntarily search their users' communications for information about crimes, but will not be obliged to do so. The Danish Council Presidency wants to get the draft law through the Council "as quickly as possible", "so that the trilogue negotiations can begin promptly", the minutes say. Feedback from states should be limited to "absolute red lines". **Consensus achieved** The majority of States supported the compromise proposal. At least 15 spoke in favor, including Germany and France. Germany "welcomed both the deletion of the mandatory measures and the permanent anchoring of voluntary measures", said the protocol. However, other countries were disappointed. Spain in particular "continued to see mandatory measures as necessary, unfortunately a comprehensive agreement on this was not possible". Hungary also "seen voluntariness as the sole concept as too little". Spain, Hungary and Bulgaria proposed "an obligation for providers to detect, at least in open areas". The Danish Presidency "described the proposal as ambitious, but did not take it up to avoid further discussion. The organization Netzpolitik.org, which has been reporting critically on chat control for years, sees the plans as a fundamental threat to democracy. "From the beginning, a lobby network intertwined with the security apparatus pushed chat control", writes the organization. “It was never really about the children, otherwise it would get to the root of abuse and violence instead of monitoring people without any initial suspicion.” Netzpolitik.org argues that "encrypted communication is a thorn in the side of the security apparatus". Authorities have been trying to combat private and encrypted communication in various ways for years. A number of scholars criticize the compromise proposal, calling voluntary chat control inappropriate. "Their benefits have not been proven, while the potential for harm and abuse is enormous", one said open letter. According to critics, the planned technology, so-called client-side scanning, would create a backdoor on all users' devices. Netzpolitik.org warns that this represents a "frontal attack on end-to-end encryption, which is vital in the digital world". The problem with such backdoors is that "not only the supposedly 'good guys' can use them, but also resourceful criminals or unwell-disposed other states", argues the organization. **Signal considers withdrawing from the EU** Journalists' associations are also alarmed by the plans. The DJV rejects chat control as a form of mass surveillance without cause and sees source protection threatened, for which encrypted communication is essential. The infrastructure created in this way can be used for political control "in just a few simple steps", said the DJV in a statement Opinion. The Messenger service Signal Already announced that it would withdraw from the EU if necessary. Signal President Meredith Whittaker told the dpa: “Unfortunately, if we were given the choice of either undermining the integrity of our encryption or leaving Europe, we would make the decision to leave the market.” **Next steps in the legislative process** The Permanent Representatives of the EU states are due to meet next week on the subject, followed in December by the Ministers of Justice and Home Affairs, these two bodies are due to approve the bill as the Council's official position. The trilogue then begins, in which the Commission, Parliament and Council must reach a compromise from their three draft laws. Parliament had described the original plans as mass surveillance and called for only unencrypted suspect content to be scanned. The EU Commission had originally proposed requiring Internet services to search their users' content for information about crimes without cause and to send it to authorities if suspected.