help-circle
rss
![](https://sopuli.xyz/pictrs/image/19b00b29-ebe3-4bc9-aa31-fad244444186.webp) Chatcontrol is once again stopped. Good work again everyone who stood up, this is once again a win everytime it is a win. Next country that is up for Presidency is Poland 🇵🇱 who are anti-chatcontrol. [Patrick Breyer website](https://www.patrick-breyer.de/en/posts/chat-control/) [chatcontrol timeline](https://www.patrick-breyer.de/en/posts/chat-control/#timeline) [StopScanMe](https://stopscanningme.eu/en/organise-now.html)
fedilink

Results in Duckduckgo have changed?
I'm finding the results are not helpful as they used to be and sometimes way past the topic I'm searching. This is very prevalent when I'm searching for pirate sites. I'm falling back to Searxng whenever this occurs. Has anyone noticed it too? Has DDG upped their moderation?
fedilink

I realized why governments are so fast in approving digital ID cards on smartphones
In my (European) country now we can have a digital copy of the driving license on the phone. It specifically says that it's valid to be presented to law enforcement officers during a check. I saw amazed in the beginning. They went from limited beta testing to full scale nationwide launch in just two months. Unbelievable. And I even thought "wow this is so convenient I won't need to take the wallet with me anymore". I installed the government app and signed up with my government id and I got my digital driving license. Then yesterday I got stopped by a random roadblock check and police asked me my id card. I was eager to immediately try the new app and show them the digital version, but then because music was playing via Bluetooth and I didn't want to pause it, i just gave the real one. They took it and went back to their patrol for a full five minutes while they were doing background checks on me. That means if I used the digital version, they would had unlimited access to all my digital life. Photos, emails, chats, from decades ago. What are you are going to do, you expect that they just scan the qr code on the window, but they take the phone from your hand. Are you going to complain raising doubts? Or even say "wait I pin the app with a lock so you can't see the content?" "I have nothing to hide" but surely when searching for some keywords something is going to pop-up. Maybe you did some ironic statement and now they want to know more about that. And this is a godsend for the secret services. They no longer need to buy zero day exploits for infecting their targets, they can just cosplay as a patrol and have the victim hand the unlocked phone, for easy malware installation Immediately uninstalled the government app, went back to traditional documents.
fedilink

Streaming-devices without adware?
I bought a monitor since the smarts in my smart-tv died, making the entire display unusable. Now I wanted to use a separate SBC for smarts in the "dumb" monitor. I would have gone for a modded fire-stick, but Amazon in their infinite wisdom, sunset all versions except the 720p potato and the smart-speaker-cube. I'm currently using a RaspberryPi 4 and looking at argon one for a remote control case. Googles widevine does limit the DRM on some content I "own" though. With Amazon on course to EOL the more sane sticks, are there any well-moddable streaming-sticks/boxes, that bring the relevant codecs and DRMs?
fedilink

You guys remeber Hungarian? The country that tried to run chatcontrol again just a few days ago? Ye those guys..
fedilink

cross-posted from: https://lemmy.world/post/22814154
fedilink

Seeking suggestions for how to connect to two subnets via two VPNs on Android
On linux, this is trivial. I have my private subnet over Wireguard and hosts with static IPs all on the 10.79.x.y subnet. All other traffic goes through my commercial VPN provider. Problem is, ya cain't do that on Android, as it supports exactly one VPN connection at a time. The best you can do is white/blacklist traffic to either go through the VPN, or not. Do how do I achieve this? My commercial VPN provider will not nest and route on their end; I could route all traffic through my VPS servers, but that's a lot of traffic for my little VMs. It may, however, be my only option: 1. Phone is connected to my VPS over WG VPN 2. VPS is connected to internet via commercial WG VPN 3. Routing tables on VPS send 10.79.x.y to destinations over the private VPS 4. Public destinations get sent over commercial VPS Am I missing an easier, more efficient work-around for Android's utterly stupid networking limitations?
fedilink

Germany and Poland may say yes to chatcontrol! Take Action! Send email your politicians now! Links: [patrick-breyer.de](https://www.patrick-breyer.de/en/posts/chat-control/#WhatYouCanDo) [Permanent Representatives Committee](https://op.europa.eu/en/web/who-is-who/organization/-/organization/COREPER/)
fedilink

The “Nothing to hide” argument is a logical fallacy
In my post on why [mass surveillance is not normal](https://lemmy.ml/post/20561931), I referenced how the Wikipedia page for the [Nothing to hide argument](https://en.wikipedia.org/wiki/Nothing_to_hide_argument) labels the argument as a "logical fallacy." On October 19th, user [Gratecznik](https://en.wikipedia.org/wiki/Special:CentralAuth?target=Gratecznik) edited the Wikipedia page to [remove the "logical fallacy" text](https://en.wikipedia.org/w/index.php?title=Nothing_to_hide_argument&oldid=1252045004). I am here to prove that the "Nothing to hide" argument is indeed a logical fallacy and go through some arguments against it. The "Nothing to hide" argument is an intuitive but misleading argument, stating that if a person has done nothing unethical, unlawful, immoral, etc., then there is no reason to hide any of their actions or information. However, this argument has been well covered already and debunked many times (here is [one example](https://spreadprivacy.com/three-reasons-why-the-nothing-to-hide-argument-is-flawed/)). Besides the cost of what it takes for someone to never hide anything, there are many reasons why a person may not want to share information about themselves, even if no misconduct has taken place. The "Nothing to hide" argument intuitively (but not explicitly) assumes that those whom you share your information with will handle it with care and not falsely use it against you. Unfortunately, that is not how it currently works in the real world. You don't get to make the rules on what is and is not deemed unlawful. Something you do may be ethical or moral, but unlawful and could cost you if you aren't able to hide those actions. For example, whistleblowers try to expose government misconduct. That is an ethical and moral goal, but it does not align with government interests. Therefor, if the whistleblower is not able to hide their actions, they will have reason to fear the government or other parties. The whistleblower has something to hide, even though it is not unethical or immoral. You are likely not a whistleblower, so you have nothing to hide, right? As stated before, you don't get to make the rules on what is and is not deemed unlawful. Anything you say or do could be used against you. Having a certain religion or viewpoint may be legal now, but if one day those become outlawed, you will have wished you hid it. Just because you have nothing to hide doesn't mean it is justified to share everything. Privacy is a basic human right (at least until [someone edits Wikipedia to say otherwise](https://en.wikipedia.org/wiki/Right_to_privacy)), so you shouldn't be forced to trust whoever just because you have nothing to hide. For completeness, here is a proof that the "Nothing to hide" argument is a [logical fallacy](https://en.wikipedia.org/wiki/Formal_fallacy) by using [propositional calculus](https://en.wikipedia.org/wiki/Propositional_calculus): Let `p` be the proposition "I have nothing to hide" Let `q` be the proposition "I should not be concerned about surveillance" You can represent the "Nothing to hide" argument as follows: `p → q` I will be providing a proof by counterexample. Suppose `p` is true, but `q` is false (i.e. "I have nothing to hide" and "I am concerned about surveillance"): `p ∧ ¬q` Someone may have nothing to hide, but still be concerned about the state of surveillance. Since that is a viable scenario, we can conclude that the "Nothing to hide" argument is invalid (a logical fallacy). I know someone is going to try to rip that proof apart. If anyone is an editor on Wikipedia, please [revert the edit](https://en.wikipedia.org/w/index.php?title=Nothing_to_hide_argument&action=edit&undoafter=1223324525&undo=1252045004) that removed the "logical fallacy" text, as it provides a very easy and direct way for people to cite that the "Nothing to hide" argument is false. Thanks for reading! \- The 8232 Project
fedilink




Decentralized VPNs - clueless edition
EDIT: sorry for the rambly post here's a quick clarification I wanted a decentralized/open source variant of something like NordVPN etc. Crypto-based options I found: Sentinel, Mysterium , Orchid All of those are on the Blockchain and use their own coins as a payment system, both to pay usage fees and to pay out node-hosts. Not sure if that's my jam. ------ I tried to use the search and came up short - so point me elsewhere if there's already a discussion. Let me preface this by saying I'm pretty green when it comes to a lot of the deeper aspects of FOSS privacy tools. Meaning that i'm probably more clueless about this topic than I realise. Had a bit of a shower thought moment earlier and googled if decentralized VPNs are an option for the occasional torrent. Did a bit of a google and came up with a couple of options, seemingly all tied into a blockchain with their own coin for payments - either using or hosting a node. I'm a bit allergic to cryptobros and their blockchain-everything-mentality but I suppose it's not a terrible system for the usecase? So are there people on here who have hands-on experience with this? Is it a valid tool for safe**r** browsing and torrenting? Are there any obvious alternatives I should look into? Are there any obvious risks I'm not aware of? Is the concept flawed altogether?
fedilink

I answered: Why does “open source” matter?
Nobody on my post [asking for controversial privacy topics](https://lemmy.ml/post/22764288) asked this question, but I feel I should cover it anyways. People sometimes assume that software is safe simply because it is open source. That is a misconception, and I would like to cover that in this post. # What does "open source" mean? When software is "open source," it means that the developers have made the source code for the software public and allows anyone to help contribute to the code, or create their own versions of the software based on the source code. By contrast, proprietary software is software that has not made the source code visible to the public. There are similar terms to open source, such as "source-available," "open-core," and "libre," which I won't cover in this post. For the sake of simplicity, any source-available software will be called "open source," since the specifics don't quite matter for the majority of this post. # What are the benefits open source software? Open source software provides many benefits over proprietary software: **Code auditing:** Because anyone can inspect the code, anybody can look for vulnerabilities or invasive code to make sure that the software is safe. With proprietary software, the developers would have to hire a third party auditor to inspect the code. That means you have to trust the auditor, and you have no way to verify first-hand that the code is safe. **Bug reporting:** While both open source and proprietary software have bug reporting systems, open source software tends to have more thorough and transparent bug reporting. Bug reports are generally on a public issue tracker such as GitHub, which can also help prevent duplicate bugs from being reported. Having these reports public also makes the next benefit easier: **Bug fixing:** Anyone can contribute to open source software, which means the workload is distributed. Instead of a small team of developers being the only ones working on the software, anyone can look at the public issues and code their own fixes for the software. **Resurrecting projects:** Both open source and proprietary software can one day stop being developed. Even big companies such as Spotify can [retire software](https://en.wikipedia.org/wiki/Car_Thing), which can lead to hardware devices becoming unusable or insecure. (The code for Car Thing has been [reconstructed](https://github.com/merlin04/superbird-webapp), by the way.) Open source projects that fall out of development can easily be forked and maintained by a new developer. It's rare to see proprietary software handed off to a new owner. **Accountability:** Open source projects hold the developers directly accountable for any vulnerabilities or invasive code, meaning the developer's interests are aligned with its users and not malicious purposes. This also incentivizes creating code without paywalls, since anyone could release a version of the code with the paid features "unlocked". However, even with all these benefits, open source software isn't perfect. # Why has proprietary software become so popular? Since ads and paywalls can generally be removed from open source software, it doesn't make it a very appealing choice to for-profit organizations. Generally, these organizations want to monetize and control their software, which means injecting ads, paywalls, and other invasive elements. This is done most easily if the software is proprietary. It's also rare to see open source software becoming so popular, because generally open source software receives its funding from donations and doesn't have the budget to advertise the software. There are exceptions, such as [OBS Studio](https://obsproject.com/) or [Blender](https://www.blender.org/), which have mostly become the most popular software in their categories. # Is open source software safe? There is another downside to open source software that many people don't talk about: it is much easier to exploit than proprietary software. Because all the source code is visible to the public, it makes it easy for malicious parties to craft vulnerabilities. Proprietary software is generally a stab in the dark until a vulnerability is found, since you can't see exactly how it was coded. Software being open source does mean that it becomes more likely to find and fix vulnerabilities, but being open source doesn't automatically make software safe. Which device do you think would be more likely to obtain a virus, a device running (stock) Android or a device running iOS? You're most likely more inclined to say the device running (stock) Android is more likely. Android at its core is [open source](https://source.android.com/). While correlation is not causation, and there are other factors at play, it's much easier for someone to try to craft a malicious app for Android than for iOS because of its open nature. Proprietary software isn't automatically safe, either. It can be just as vulnerable as any other software. However, open source software has the potential to become much more secure than proprietary software, simply because more people can find and fix vulnerabilities. That's probably why Apple open sourced their [Private Cloud Compute](https://github.com/apple/security-pcc) code before launching a [bounty program](https://security.apple.com/blog/pcc-security-research/) for it. Anyone can code malicious open source software. It's riskier, since it's more likely to be noticed, but it's still possible. Microsoft could open source Windows one day, and it wouldn't make it any more safe until somebody identified and fixed the issues. Open source software doesn't automatically make something private or secure, but it does provide *integrity*, because the developer is showing that they will be accountable for any malicious or vulnerable code, and that anyone is free to look through the code. # Final notes I hope this gives you a better idea of what it actually means if something is open source. Even unsafe proprietary software can be run safely under the right conditions. If your threat model requires you to use as much open source software as possible, I made my own list of open source software called [Open Source Everything](https://github.com/An-anonymous-coder/Open-Source-Everything) that you can look through. I hope you enjoyed reading this! \- The 8232 Project
fedilink

Most VPN users don’t think about this way they could be tracked
Maybe I'm completely wrong about everything I'm going to say and in that case we can laugh about this theory I guess but here it goes.. Most people are only worried about if the VPN provider is keeping logs or not. But even if they don't keep logs you could still be tracked by anyone who can see incoming and outgoing connections to the VPN server. This would be easier to explain if I drew some images but I hope you understand anyway with just text. What it looks like for these adversaries is: 1. they know your IP and who you are. 2. They see you connect to a VPN server. 3. They see VPN server connecting to many different servers and they don't know which one is you. But when it comes to number 3, they could actually figure out which one is you. Obviously, if you are the only person connected to the VPN server they will see that there is no one else besides you using it and then any outgoing connection from the VPN server must be you. If there are just a few users. Maybe three users are just connected to the VPN server but not doing anything, just idle. Another user is spending time reading reddit. Then you connect to the vpn server and within a minute a new outgoing connection from the vpn server starts and goes to lemmy. Pretty good guess that is you from their perspective. And to make the guess even better, when the connection to lemmy ends, you decide to immediately end your connection to the VPN server. I'm confident this would be enough evidence in a court and then it's definitely enough for data harvesting and mass surveillance. All this analysis can be done automatically with AI, even if there are hundreds users on a VPN server, the AI will over a larger amount of time (not just hours but days/weeks/months) collect enough data to be able to profile users and make good guesses which domains you are visiting even if the VPN prpvider doesn't have logs. What is the solution to avoid this type of tracking? Tor baby, tor. Leeegggoooo Whonix!
fedilink

Archived, if you prefer that: https://ghostarchive.org/archive/Bif16
fedilink

I’m hosting a React Frontend that needs to have a cookie banner
Does anyone maybe have a template? I don’t plan to store any cookies and I won’t run any analytics. I want it to be not invasive and it should just say that I’m not storing any more data than necessary to keep your session and I won’t ever run any analytics. I hate these things and I hate tracking cookies but I have to put something there.
fedilink

Is Google Chrome sandboxed by default on Linux?
I already know that it's spyware but in the case that I need to use it for work and school on my Linux laptop, do I need to worry about configuring something so that it won't have access to my whole system like it does on Windows? I'm on ZorinOS/Ubuntu. Thanks in advance
fedilink

What’s happening to Invidious instances?
It seems that YouTube is killing them all but I don't know the technical details, via FreeTube I noticed, from this link (https://api.invidious.io/), that there are very few left and they require signup, and probably financial support from users.
fedilink



Make your voice heard. Tell your government that chatcontrol is not something that we will agree on! Links: [EU document](https://www.parlament.gv.at/dokument/XXVIII/EU/4730/imfname_11434222.pdf) Links:[patrik breyer website](https://www.patrick-breyer.de/en/posts/chat-control/#hungarianproposal)
fedilink


Did anyone achieve something coveryourtracks.eff.org would consider a “good score”?
No matter what browser I use, every time it states my browser has unique fingerprint for Mull with uBlock and Badger installed and "randomized" with Brave. I don't even know if there are any other than unique or randomized. It will be more of an OPSEC post rather than referring to Cover Your Tracks in particular. I got the worst results in **1. Screen size and colour depth** - one in 92k with Mull - one in 200 with Brave and Vanadium **2. Http_accept headers** - one in 3k with Mull - one in 6k with Brave - one in 2,1k with Vanadium **3. Language and time zone** (target's community is located in the same country as mine, so score above 200 doesn't bother me much) **4. Touch support** - one in 143 with Mull - one in 4.35 with Brave and Vanadium **5. User agent** - one in 151.26 with Mull, probably bad, cause Chrome and Chromium browsers have nearly 70% market share in my country. - one in 44 with both Brave and Vanadium **6. WebGL Vendor & Renderer** - one in 8.58 with Mull - one in 314 with Brave - one in 604 with Vanadium **7. Hash of WebGL fingerprint** - one in 8.81 with Mull - one in 3.27 with Brave - one in 939 with Vanadium The rest of categories has score <10. If you think others will be crucial in my case, feel free to ask what score they got. The post would get too long if I were to list all results. Device: - Pixel 6 Pro with GrapheneOS - Optionally I can look up for my good old Oppo A52 (slow af but has OEM Android 12 if remember right) Browsers I tried: - Vanadium 131.0.6778.104 - Mull 132.0.0 with uBlock Origin and Privacy Badger - Brave 1.73.91, Chromium 131 Is there any way to make sure I am not recognisable by my browser data? I can't block every single cookie or data requests, as I am sure too many rejections of them will probably result getting flagged as a shady user, then admins will personally inspect fingerprints of all my accounts. This is just a downward spiral to me getting banned for making multiple accounts (my target). The goal is not to make me as anonymous as Snowden, but to spoof my fingerprint so good to get unrecognisable from the typical mouth-breathing internet users who don't give a flying fuck about so called, broadly understood *online privacy*. Ironically, that's pretty much reverse goal than when I was installing GrapheneOS. Threat actor: discussion forum with invite-only registration. Something like Reddit, but they take multiple account prevention seriously. I am 99,9999% sure they ban all access via VPN, proxies and TOR in advance, so those are out of discussion. Burner SIM cards with internet access are the solution here, both for getting unique IP from LTE provider and for SMS verification during registration. Furthermore, different providers will probably give every single account's fingerprint a pinch of uniqueness (if admin staff has any way to see which mobile comm provider I used) There's a catch: if I switch my SIM card to another one and the second one will get the same IP address as the previous one - I have to get in radius of another BTS and get different IP, or It will look like one person is using the 2 (or more) accounts. The inviter and all his invitees will get banned. Tbh I don't know how big chance there is for this making happen.
fedilink

Redact, but open source?
So many people seem to recommend this app, but its obviously not open source and requires an email to signup, which seems unnecessary. Are there any good open source alternatives that are a one-stop-shop of sorts rather than a bunch of mottled scripts? https://redact.dev/
fedilink

IMG_0001
"Between 2009 and 2012, iPhones had a built-in "Send to YouTube" button in the Photos app. Many of these uploads kept their default IMG_XXXX filenames, creating a time capsule of raw, unedited moments from random lives." One of these good examples of failed privacy, have fun...
fedilink

Archive link: https://ghostarchive.org/archive/hWxVX Owners of newer iPhones should turn on Bluetooth and check their settings to ensure they’ll receive notifications. Under Settings, go to Privacy & Security, and toggle Location Services on. Scroll to the bottom of that page, tap on System Services, and activate Find My iPhone. Also, search for the Find My app, visit Me in the bottom right corner, then tap Customize Tracking Notifications to double-check that notifications are enabled. Also, make sure that you don’t have Airplane mode activated, or you won’t receive any notifications. When you click on the iPhone alert for an unrecognized AirTag, you may be given the option to play a sound on the AirTag to help locate it. If you own a more recent smartphone from Apple, you might be able to use precision location data to find the hidden device. Months after the release of the AirTag, Apple launched the Tracker Detect app for Android phones, where users had to initiate the scan. Google and Apple since have continued working together to make it easier for Android phones to detect unwanted AirTag trackers and for Apple phones to spot Android trackers. Recently, Google rolled out automatic smartphone alerts for unknown Bluetooth trackers, similar to what iPhone owners receive for AirTags.
fedilink


What is the cheapest functional VPN?
It's so difficult with so many options and all these bullshit "discounts", coupled with the fact that different VPNs charge different prices based on what country you're connecting from... What is the cheapest functional VPN you've come across? Bonus points if it supports IPv6.
fedilink


The big divide in the privacy community (threat model)
Everything I say will be generally speaking for all privacy communities so not specific to this community or another one unless I say otherwise in a short section. Almost every single time I start a topic or make a reply and also many of the posts I read because they are interesting, there's always this one guy or several guys who have to say the same old argument about "that's tin foil, feds don't do that, unless you are a president or something like that then you don't need to have that in your threat model". That's the divide I'm talking about because the privacy community can be split into two categories that are opposed to each other on that point. And it's a big issue because it becomes core in the types of discussions we can have. For example in techlore's community they are very much against people who take privacy seriously. If you go to there community and start talking about leaving phone at home, using grapheneos, qubesos, intel me, etc, you will get run over by lots of angry people telling you not to talk about that and then you get censored and maybe banned. Techlore himself have made several videos recommending against grapheneos and he prefers Google. I mentioned that community because I think it's at the extreme end of the spectrum of this divide. The problem with all the people on that end of the divide is they can't know what they're saying is true but they are saying it like its a fact. Where are they even getting those ideas from? Are they insiders working high up in the ranks for intel agencies like fbi, cia, nsa? Are there basically hundreds of Edward Snowdens out there? I don't think so. I think the cause for the divide is unfortunately political. It's about where are you getting your news from and which political party do you prefer. We're not going to talk about that in this topic more than to say I think that is the cause of the divide. Technology is great to discuss because it's just logic and facts and objective arguments. But bring in politics and it becomes a mess and that's the problem with this divide in the privacy community. There's also another possible cause which is actually very likely as well, which is that at least some of the people on that side of the divide are feds spreading propaganda to get us to lower our guard against them. The problem with both sides of the divide trying to talk to each other is all the unknown data we deal with in privacy and security discussions. And there is a lot of those unknown data. Those black holes get filled with arguments based on the political ideas from their side of the divide. It's just not possible to have discussions with people on the other side of the divide. With all that said I think privacy@lemmy.ml is one of the best privacy communities and have done a good job trying to get both divides together but personally I mostly just try to ignore the ones from the other side of the divide and listen to only those on the same side of the divide.
fedilink

Printer
Which printer (not 3d) is safe to use and does not have privacy risks? Transfering files via usb only without any internet connection? Should I avoid any brand or model? Namaste.
fedilink
19

Privacy starts with secure hardware: are second hand laptops secure?
For example, Signal is a great app to use for private communication but if you use Signal on Windows OS then how private is the communication really? Typical Windows users aren't good at security and Windows users also have a high amount of malware which can spy on the conversations. It was just an example for privacy starts with the hardware. I have read a lot of people in privacy communities recommend buying older thinkpads and basically anything that Heads supports. The problem is not that they are old, the problem is they are second hand. You don't know what the previous owner have been doing on the laptop and who might have had access to it. Remember, Windows users are typically not good at security and malware spreads commonly in Windows. If a malware flashes a ROM then you buy their laptop and erase the hdd or ssd or buy a new hdd/ssd, then you flash coreboot to the computer. After all this the malware can still remain in the firmware and you would never know unless the malware makes itself obviously known by a ransom attack or stealing all your crypto or something. There is nothing you can do to prevent this risk other than avoiding used computers. Then there's the entirely other debate if it's even worth it for security & privacy to buy an old brick that is supported by Heads. And I'm not experienced enough on that topic yet although I'm learning about it and getting closer to being able to come to my own conclusion with the help of all the experts who have written about it. These old bricks don't get microcode updates for the CPU which means you will be vulnerable to many Spectre and Meltdown attacks. QubesOS can mitigate it to some degree such as by disabling hyperthreading, but QubesOS can't mitigate it completely, only microcode updates can and these old bricks don't receive them. But the main point I wanted to make in this topic is about risk with used second hand laptops. Because of that I think it probably is best to buy a new unused laptop. Off the shelf for cash is best but maybe not depending on which country you live in. fed upgrade factories are a thing and some countries have it happening more than others. In that case maybe it's better to order a laptop from one of those laptop vendors who ship it with tamper proof container, although it will be very expensive with taxes/customs but worth it.
fedilink

What’s the point of Privacy Frontends that support loggin in with your normal accounr?
Hello, while I use frontends where possible in place of the original websites/apps I do find it interesting that some of them, mostly referring to the Youtube ones still allow you to login normally? I understand this is to bypass blocks and that in theory the frontend still tries to limit what it sends back to Google but in practice how does this work without killing the privacy aspect?
fedilink

Pay “contact-less” with your phone
Hi guys, do you know a good and privacy friendly way to pay with your phone (like Google Pay)? I am using Graphene OS on a Pixel 8 and lice in Germany so some services might not be available here 🙈
fedilink


> An international law enforcement operation has taken down Matrix, an encrypted messaging service used by criminals. French media mainstream relay the propaganda of the cops, telling that the interception has been made with "innovative technology", but without any details. They also telling that : > European authorities have dismantled Matrix, an encrypted messaging platform made by criminals for criminals. https://cybernews.com/cybercrime/authorities-take-down-matrix/ An expression found in other media; it may be communication from cops. Do you have any idea how that has been possible ? Do you think they may be issue with matrix or some of the softzare that implement it ? Or do you think that cops compromise terminal (phone or computers) ? I'm more and more suspicious with open network, that let organization enter into the federation, and let it intercept communication.
fedilink

Hi guys As title says there is no add Button or anything. How can i add hidden items?
fedilink

I answered: Are VPNs essential?
# Introduction 8 days ago I made [this post](https://lemmy.ml/post/22764288) asking for the most controversial privacy topics. My [first post](https://lemmy.ml/post/22784969) answering a controversial question got so few upvotes that it was almost my worst post to date. I don't do these for upvotes, though. I do them for fun :) So, with that, here is the second post demystifying some controversial privacy topics. [@TranquilTurbulence@lemmy.zip](https://lemmy.zip/u/TranquilTurbulence) [asked](https://lemmy.ml/post/22764288/15111932) "VPN: essential or snake oil?" I try to avoid topics that have been thoroughly answered multiple times, or has such a direct answer that it would be too short to make a post about. This topic is a bit of both, but worth writing anyway, because I do have my own insights. Some people [didn't like](https://lemmy.ml/post/22784969/15120427) that I break the main question down into multiple sub questions. It is valid criticism, but it's my style of writing, so I will stick to what I'm good at. # What does a VPN do? A Virtual Private Network (abbreviated "VPN") is a way of proxying your internet traffic through a third party. There are many reasons why you would want this: **Hiding your IP address:** VPNs will replace your IP address with a random IP address assigned by the VPN provider. IP addresses are unique to your router, meaning you can be uniquely identified. IP addresses are usually static, meaning it never changes, but sometimes your ISP may assign you a dynamic IP address, which will change every few months or so. If you open up ports on your router (for various purposes), it can leave your network vulnerable to certain attacks as long as the attackers know your public IP address. **Hiding your location:** Your IP address can narrow your location down to the city you live in. In some cases, such as shared Wi-Fi (like on a college campus) or public Wi-Fi, the IP address can be more easily identified to the specific block or building you are in. Any internet connection made can see your IP address, and can automatically use that to attempt to locate you. **Encrypting your traffic:** VPNs can allow your traffic to be encrypted, so that your ISP or other people connected to the same network can't see which sites you visit or (in some cases) what data is sent. The reasons why this is important are too long to list, but you can work it out on your own. **Network based ad blocking:** Some VPN providers allow you to block ads before they even reach your device, which can increase your loading times and save you data on metered connections. This can be achieved without a VPN through your own DNS filters, but it is a feature of VPNs too. **Access blocked content:** VPNs can be used as a way to bypass censorship if your network regulates your traffic (such as at an office or school). A VPN can bypass these restrictions, allowing you to access content freely. **Accessing region-specific content:** Content on streaming services such as Netflix, video sharing sites such as YouTube, or many other services may restrict what content is available to you based on your country. A VPN can allow you to bypass these restrictions in some cases. Those can all be ways to enhance your privacy, security, anonymity, and freedom while browsing the internet. VPNs do come with some downsides, though. # What are the downsides of using a VPN? When you browse the internet without a VPN, you are placing your trust in your ISP or cellular provider to uphold your privacy, and placing trust in the network devices such as your router to uphold your security. In practice, that is almost never the case. Using a VPN doesn't automatically make it more trustworthy, but it does place that trust in the hands of your VPN provider instead. Some VPN providers are more trustworthy than others, but there are good options to choose from. You still have to trust an entity to uphold your privacy and security, but VPNs can be a much better place to keep that trust. Not everyone may want to use a VPN though. Besides distrust, VPNs have other downsides. VPNs will slow down your internet speeds, may block certain functions such as torrenting, and may incriminate you in some countries. Ultimately, the choice to use a VPN is yours. If you believe the upsides outweigh the downsides, then a VPN is a good tool to have. If your threat model requires anything a VPN provides, it's an essential tool. Some functions of a VPN can be achieved through careful setup of a DNS and elite anonymity proxy, but VPNs will always be the easiest option. # Which VPN providers are the best? There are currently 3 top VPN providers for privacy. All of them are open source, and all of them have their pros and cons. I haven't listed every feature for each, but here are the notable differences: ### [Proton VPN](https://protonvpn.com/) Proton VPN provides a free tier VPN with some functionality limited, as well as a premium tier if you have a Proton subscription. If you already have a Proton subscription already, and don't mind putting all your eggs in one basket, Proton VPN is a good option. ### [Mullvad VPN](https://mullvad.net/en/vpn) Mullvad VPN is probably the most private VPN available. It is only paid, but it allows you to pay any way you want, including cash and cryptocurrencies. No signup is required, because you are given a randomly generated account number for payment. You can regenerate the number at any time. ### [IVPN](https://www.ivpn.net/en/) IVPN is unique and relatively unknown. The main benefit I see is that it is the only VPN of these three that is available on [Accrescent](https://accrescent.app/) for Android, allowing you to have extra confidence in the integrity of the app. Eventually Mullvad VPN and Proton VPN will be available on Accrescent. These VPNs will uphold your privacy and security, and won't log your internet traffic. VPNs in the past have been used to aide law enforcement by handing over those logs, so it is good that these don't. # Conclusion VPNs can be an essential tool if you need them, and there are options that respect your privacy. Always be aware of the risks, no matter how trustworthy a VPN provider may be. Thank you for reading! \- The 8232 Project
fedilink

Has anyone else received stuff like this?
fedilink

    Create a post

    A place to discuss privacy and freedom in the digital world.

    Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

    In this community everyone is welcome to post links and discuss topics related to privacy.

    Some Rules

    • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
    • Don’t promote proprietary software
    • Try to keep things on topic
    • If you have a question, please try searching for previous discussions, maybe it has already been answered
    • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
    • Be nice :)

    Related communities

    much thanks to @gary_host_laptop for the logo design :)

    • 42 users online
    • 57 users / day
    • 383 users / week
    • 1.5K users / month
    • 5.7K users / 6 months
    • 1 subscriber
    • 3.09K Posts
    • 77.1K Comments
    • Modlog
    Lemmy
    A community of privacy and FOSS enthusiasts, run by Lemmy’s developers

    What is Lemmy.ml

    Rules

    1. No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia. Code of Conduct.
    2. Be respectful, especially when disagreeing. Everyone should feel welcome here.
    3. No porn.
    4. No Ads / Spamming.

    Feel free to ask questions over in: