For an example, my country's government app contains Google Trackers on it. Does it mean Google can see my face scans on it/my full name on it?

Hello everybody, I’m looking for a password manager that I can share with the three other associates in my company. I often hear people around here talk about KeePass and Bitwarden, but I found several different options for each and I’m not sure how to choose. I’m not that tech-savvy : our main focus is stone and low-carbon construction, and my personal passion is understanding what happens when a joint between stones fails... Our needs are : - We share several accounts that use a common email address. When a password is changed, it needs to be updated automatically for everyone. - We also have individual accounts. It’s not an issue if other associates can see those passwords, as they’re strictly for professional use. - We need the passwords to be synchronized across devices, so we’re willing to pay for a suitable solution. Any help is welcome ! **Edit :** First, thanks for all the answers. After reading all the contributions I realised that for the moment we need something that works out of the box as we don't have a freelancer to help us anymore. When we find one we will consider changing the password manager, and many other things ! I will try to make a table with the pro and cons of the various solutions I will study from now on and to post it here. So with all the insights my new criteria are : - various vaults (one shared, and individual ones), - Probably european, - Low maintenance : works out of the box, synchronised by the provider (for the moment) again, thanks a lot. I'll keep you updated **Edit 2 :** I made a comparison table of the solutions hosted by the provider analysed so far : | Name | Proton Pass | 1Password | Padloc | Bitwarden | Dashlane | Passbolt |-------------------------|---------------|----------------------|---------------|-------------------|----------|--------- | | Essentials | Business | Team | Team | | business | Shared vault | Yes | Yes | Yes | Yes | Yes | Yes | Company location | Switzerland | Canada | Germany | US | France | Luxembourg | Company server provider | Proton | Amazon | DigitalOcean | Microsoft Azure | Amazon | GCP (google) | Open source | Yes | Not clear | Yes | Yes | Partially| yes | Linux client | Yes | Yes | Yes | Yes | No | yes | Price / user | 4.99 € | 6.99 € | 3.49 € | 4.00 € | 6.00 € | 4.5€ To be clear, I don't use linux... yet. But I will probably not use it at work before a long time **Edit 3 :** I updated the table with passbolt. Passbolt enterprise is hosted in their own server, but the business version is hosted by google

An interesting paper, which gives an overview on a few decentralization solutions while also pointing out their limitations. It aims at suggesting a reference framework for a decentralized internet, as was its purpose initially. Before the age of [Evildoers](https://www.google.com/). Before the age of [Zuckerberg](https://www.instagram.com/reel/DJuqDATOsQW/?l=1).

> AI systems exist to reinforce and strengthen existing structures of power and violence. They are the wet dream of capitalists and fascists. Enormous physical infrastructure designed to convert capital into power, and back into capital. Those who control the infrastructure, control the people subject to it. While it sways away from the initial thesis of how the use of LLMs could be detrimental to our very being and expression of identity - at least that's how I interpret what they're saying - it ends in a fantastic claim on how AI is a tool of the ruling class. Worth a read!

https://xcancel.com/GlobeEyeNews/status/2006995809632661935

NOTE: This is still a work-in-progress and partially a close-source project. To view the open source version see [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app. I have open source examples of various part of the app and im sure more investigation needs to be done for all details of this project. USE RESPONSIBLY! Im aiming to create the "theoretically" most secure messaging app. This has to be entirely theoretical because its impossible to create the "most secure messaging app". Cyber-security is a constantly evolving field and no system can be completely secure. If you'd humor me, i tried to create an exhaustive list of features and practices that could help make my messaging app as secure as possible. Id like to open it up to scrutiny. [Demo](https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story) (Im grouping into green, orange and red because i coudnt think of a more appropriate title for the grouping.) Green * P2P - so that it can be decentralized and not rely on a central server for exchanging messages. The project is using WebRTC to establish a p2p connection between browsers. * End to end encryption - so that even if the messages are intercepted, they cannot be read. The project is using an application-level [cascading cipher](https://www.reddit.com/r/crypto/comments/1oi4xqt/multiprotocol_cascading_roundrobin_cipher/) on top of the encryption provided by WebRTC. the key sub-protocols involves in the approach are [Signal](https://www.reddit.com/r/signal/comments/1orsjw2/signal_protocol_in_javascript/), MLS and AES. while there has been pushback on the cascading cipher, rest-assured that this is functioning on and application-level and the purpose of the cipher is that it guarantees that the "stronger" algoritm comes up on top. any failure will result in a cascading failure... ultimately redundent on top of the mandated WebRTC encryption. i would plan to add more protocols into this cascade to investigate post-quantum solutions. * Perfect forward secrecy - so that if a key is compromised, past messages cannot be decrypted. WebRTC already provides a reasonable support for this in firefox. but the signal and mls protocol in the cascading cipher also contribute resiliance in this regard. * Key management - so that users can manage their own keys and not rely on a central authority. there is key focus on having local-only encryption keys. sets of keys are generated for each new connection and resued in future sessions. * Secure signaling - so that the initial connection between peers is established securely. there are many approaches to secure signaling and while a good approach could be exchanging connection data offline, i would also be further improving this by providing more options. its possible to establish a webrtc connection without a connection-broker [like this](https://github.com/positive-intentions/chat/issues/6). * Minimal infrastructure - so that there are fewer points of failure and attack. in the Webrtc approach, messages can be sent without the need of a central server and would also work in an offline hotspot network. * Support multimedia - so that users can share animations and videos. this is important to provide an experience to users that makes the project appraling. there is progress made on the [ui component library](https://ui.positive-intentions.com/) to provide various features and functionality users expect in a messaging app. * Minimize metadata - so no one knows who’s messaging who or when. i think the metadata is faily minimal, but ultimately is reletive to how feature-rich i want the application. things like notification that a "user is typing" can be disabled, but its a common offering in normal messaging apps. similarly i things read-reciepts can be a useful feature but comes with metadata overhead. i hope to discuss these feature more in the future and ultimately provide the ability to disable this. Orange * Open source - moving towards a hybrid approach where relevent repositories are open source. * Remove registration - creating a messaging app that eliminates the need for users to register is a feature that i think is desired in the cybersec space. the webapp approach seems to offer the capabilities and is working. as i move towards trying to figure out monetization, im unable to see how registration can be avoided. * Encrypted storage - browser based cryptography is fairly capable and its possible to have important data like encryption keys encrypted at rest. this is working well when using passkeys to derive a password. this approach is still not complete because there will be improvements to take advantage of the filesystem API in order to have better persistence. passkeys wont be able to address this easily because they get cleared when you clear the site-data (and you lose the password for decrypting the data). * User education - the app is faily technical and i could use a lot more time to provide better information to users. the current website has a lot of technical details... but i think its a mess if you want to find information. this needs to be improved. * Offline messaging - p2p messaging has its limitations, but i have an idea in mind for addressing this, by being able to spin up a selfhosted version that will remain online and proxy messages to users when they come online. this is still in the early stages of development and is yet to be demonstrated. * Self-destructing messages - this is a common offering from secure messaging apps. it should be relatively simple to provide and will be added as a feature "soon". * Javascript - there is a lot of rhetiric against using javascript for a project like this because of conerns about it being served over the internet. this is undestandable, but i think [concerns can be mitigated](https://www.reddit.com/r/CyberSecurityAdvice/comments/1ev5kqn/is_this_a_secure_messaging_app/). i can provide a selfhostable static-bundle to avoid fetching statics from the intetnet. there is additional investigation towards using service workers to cache the nessesary files for offline. i would like to make an explicit button to "fetch latests statics". the functionality is working, but more nees to be done before rolling out this functionality. * Decentralized profile: users will want to be able to continue conversations across devices. It's possible to implement a p2p solution for this. This is an ongoing investigation. Red * Regular security audits - this could be important so that vulnerabilities can be identified and fixed promptly. security audits are very expensive and until there is any funding, this wont be possible. a spicier alternative here is an in-house security audit. i have made attempts to create such audits for the signal protocols and MLS. im sure i can dive into more details, but ultimately an in-house audit in invalidated by any bias i might impart. * Anonymity - so that users can communicate without revealing their identity is a feature many privacy-advocates want. p2p messages has nuanced trandoffs. id like to further investigate onion style routing, so that the origins can be hidden, but i also notice that webrtc is generally discourage when using the TOR network. it could help if users user a VPN, but that strays further from what i can offer as part of my app. this is an ongoing investigation. [Demo](https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story) Aiming to provide industry grade security encapsulated into a standalone webapp. Feel free to reach out for clarity on any detailsor check out the following links: * Docs: https://positive-intentions.com/ * Reddit: https://www.reddit.com/r/positive//_intentions * Mastodon: https://infosec.exchange/@xoron IMPORTANT NOTE: It's worth repeating, this is still a work in progress and not ready to replace any existing solution. Provided for testing, demo and feedback purposes only.

https://media.ccc.de/v/39c3-a-post-american-enshittification-resistant-internet https://youtu.be/39jsstmmUUs EDIT: Swapped the YT link for their website.

F***Musk

I’ve always been very private oriented: I started using linux-debian 20 years ago after discarding windows and apple. I rarely buy online but when I did, to be as private as possible I used to create an account using fake data by the e commerce platform I wanted, get my order and then ignore the account until I wanted yo use it again. Most of the times I used a vpn. This worked till the platform banned me. Now I’m thinking about investing in ETFs to build some capital for my retirement and platforms recommended to me like trade republic or scalable capital seem to be exclusively smartphone reliant. I wouldn’t use fake data to create accounts here, nor would it be possible (bank data involved). The trouble with smartphones: I don’t want to be that guy changing smartphones every 2 or even 4 or 8 years. Spending $200 to $800 for a phone for such a short period of time is just a dumb idea, but I don’t know if it would be safe to use my 2018 android 8 smartphone to invest in ETFs. This 2018 model is my first smartphone. It’s a second hand one somebody gave me because he thought I really needed it. I would have never bought a new smartphone on my own. However, unsupported models are not secure for investing and this model stopped being supported years ago. Another trouble I see: to use scalable capital or trade republic I’d have to download their app in my smartphone. Google is a company I don’t trust. Each time I needed to use something from their app database I got it using [aurora](https://f-droid.org/packages/com.aurora.store), but I’m afraid scalable capital will automatically ban me if I download their app from f-droid instead of doing it officially using google. Using google to create an account would mean giving them my real data, because otherwise I risk being labeled a scammer. Correct me if wrong. I’d love to invest using only a browser on a desktop.

These are ALL the listening ports and live connections on a freshly installed Linux system, this being DietPi. I dare you to do a tcpdump or netstat or whatever on a fresh Windows installation. The ssh connection I *actively* chose to enable and the dhclient is a must have for hosts to dynamically get an IP address allotted, unless you set yours statically. *If you are struggling with privacy invading connections on your Windows system but don't feel like you can or want to switch to Linux, may I suggest https://safing.io/download/* 

Searching for Web browsers in the Aurora Store and checking for trackers I was really surprise that TOR Browser has 2 trackers according to Exodus. WTF!!!!

https://www.change.org/p/stop-google-from-limiting-apk-file-usage I hope that my rooted One UI 7 doesn't get the update through some backdoor in the Google Play Services package... Or the next time I unblock Google Play to update the very few paid apps that I use...

I personally love proton pass’s frontend app, but i don’t wanna host my data on proton’s servers(personal reasons). Is there any other password managers that support iOS, android, and browser extension, that is as good. (I tried bitwarden wasn’t good cuz on mobile I had to reenter master pass over and over. I tried keypassxc, but the frontend sucks and dealing with syncing between devices is a pain in the ass.) I appreciate everyone’s help!

So my cousin was here and saw a grocery receipt on the table and asked if I was using it and if he could take a picture of it, I was like what, why? So, there is this app that pays you some cents for receipt pictures and supposedly it pays you if it finds items that have cashback... shit sounds sketchy as fuck, I saw that on their app they sell credit cards and you can invest in some crap, but what I really found disturbing is this thing about them paying you to send them all your receipts... what the fuck are they doing with that info lol Crazy stuff, but I'm completely out of touch with cellphone things, is this crap normal??? I was quite shocked by it, and checking the company online, Méliuz, I just see stuff about it buying bitcoin.

I've found that my circle of contacts use the default messaging app for group chats even more now. I couldn't get them to use Signal but at least they're posting in the RCS group chat more instead of on Meta platforms.

But in all seriousness, this is a continuation of a previous post, namely: https://programming.dev/post/43003673 #### TLDR I wanted to contribute to decentralization and to fighting censorship from home. This is were the project is right now. I bought a shower rack, discarded its wheels and just attached it - with wires, ouch - to the underside of a shallow support table on which my TV stands.  #### 1a I get my 1 Gbps connection from a pretty generous ISP. For one, they hand out static public IP addresses for free! Not that I understand what that would cost any ISP... #### 1b The connection is distributed with a gigabit switch - which by the way supports jumbo frames 🤙 - to two routers. #### 2a - router one This router is configured to route everything through a WireGuard interface (peers set to some Mullvad server, been "subscribed" for over six years now). Everything that goes through this router is encrypted. Too bad they still don't support DAITA on routers... I'm working on a workaround though, where I'm playing with the thought of forwarding traffic within a Linux machine through its DAITA-enabled Mullvad app, but that's another story... #### 3a - access point one This is where I access the internet whenever I need encryption. Both wirelessly and wired. Here you will find endpoints such as PCs, smartphones and my only one IoT - a vacuum. This is also where a PC is running an i2pd daemon to share some bandwidth and a Snowflake proxy to enable Tor for people that live in places that ban normal Tor connections. #### 2b and 3b - router and access point two Router two simply routes traffic between my unencrypted LAN and my ISP. Access point two is where I access my various servers residing on 4b. They are, for now, a Tor bridge. Upcoming: A Headscale "server"? Because the Tailscale control server is one of the few parts of Tailscale that isn't open source. #### Hardware and software * 1a - some ONT provided by the city * 1b - TL-SG105E * 2a,2b - Raspberry Pi 4 with OpenWrt * 3a - ASUS RT-AX58U with Asuswrt Merlin * 3b - ASUS RT-AX58U v2 with Asuswrt Merlin NG * 4b - Raspberry Pi 5 with Raspberry Pi OS Lite Good night

I recently found out that my mobile provider "leaks" (if you can say that) while I've using a VPN. On wifi it is completely fine. On my phone when I go to the Speedtest app, my Mobile ISP will show up like full name while connected to a VPN. However, if I'm on wifi it will show the VPN's server provider name instead. Also instead of the wave wifi icon it shows "LTE". Is my mobile data actually leaking even though I'm connected to a VPN? How can I fix this?

Regarding PGP being used between 2 providers, eg Google and Proton, what prevents Google from viewing the messages client side after they’ve been decrypted?

cross-posted from: https://hexbear.net/post/7177319 > cross-posted from: https://news.abolish.capital/post/15995 > > > The House was debating a powerful National Security Agency spying program when Rep. Dan Goldman, D-N.Y., rose to side against privacy hawks. > > > > The spring 2024 debate was over forcing the feds to get a warrant to search foreign communications for intelligence on Americans. Doing so would cost crucial time, Goldman said, citing his own tenure as a federal prosecutor. > > > > > “I can say with confidence that requiring a warrant would render this program unusable.” > > > > “Based on that experience, I can say with confidence that requiring a warrant would render this program unusable and entirely worthless,” he said last year. “Even if it were possible, the time required to obtain a search warrant from a judge would frequently fail to meet the urgency posed by a terrorist or other national security threat.” > > > > Goldman’s argument won the day. > > > > Progressives had been rallying around the warrants provision but, under heavy pressure from the Biden administration, enough of them retracted their support and sided with Democrats like Goldman to doom the measure. It lost by a single vote. > > > > With his election victory last November, Donald Trump would inherit the warrantless surveillance powers. > > > > [ > > > > Related > > ------- > > > > ### Trump Might Get Unfettered Surveillance Powers. How Did We Get Here?](https://theintercept.com/2024/11/05/trump-surveillance-power/) > > > > The April 2024 vote still stings for civil liberties advocates, who thought they could count on progressives as they sought to build a bipartisan coalition with libertarian-minded Republicans. Now they are girding for another battle next April, when the Foreign Intelligence Surveillance Act, or FISA, is up for reauthorization. > > > > The vote will happen in the [middle of a primary season](https://theintercept.com/collections/midterms-2026/) where many incumbents — including Goldman — are trying to burnish their progressive bona fides as they [face challenges from the left](https://theintercept.com/2025/11/13/democrats-midterms-primaries-government-shutdown/). Already, some Democrats on a key committee are citing the Trump administration’s approach to privacy to explain their renewed support for a warrant provision. > > > > Whether enough of them flip back could decide the future of one of the most controversial post-September 11 spying programs. > > > > In a statement to The Intercept, Goldman did not commit to supporting a warrant requirement. > > > > “Donald Trump’s blatant weaponization of the federal government makes accounting for potential abuses of power critically important,” Goldman said. “As we work through the FISA reauthorization process next year, I will be especially focused on those concerns, as I have been since Trump took office in January.” > > > > **Tie Goes to the Spy** > > ----------------------- > > > > The vote last year capped a monthslong period of intense lobbying pitting the Biden administration against privacy advocates. > > > > Congress passed Section 702 of the Foreign Intelligence Surveillance Act in 2008 to give its legal blessing to a massive spying program the administration of George W. Bush had already launched without authorization. > > > > [ > > > > Related > > ------- > > > > ### Episode Five: What Fourth Amendment?](https://theintercept.com/2025/11/05/collateral-damage-episode-five-fourth-amendment/) > > > > Under the law, the government was allowed to search through reams of surveillance conducted abroad for information on U.S. citizens and permanent residents. The Fourth Amendment did not apply, [supporters of the law said](https://www.penncerl.org/the-rule-of-law-post/why-the-fbis-querying-of-intelligence-collection-under-fisa-section-702-is-not-domestic-spying/), because those communications had been collected from wiretaps and hacks directed abroad by the cyber spies of the NSA. > > > > Critics said that even surveillance directed abroad inevitably hoovers up the emails and text messages of Americans. The FBI, for example, [conducted 200,000 “backdoor searches”](https://www.brennancenter.org/our-work/research-reports/fisa-section-702-backdoor-searches-myths-and-facts) of American communications in 2022 alone. > > > > In a [series](https://theintercept.com/2018/01/17/fisa-section-702-nsa-internet-surveillance-senate/) of [reauthorization battles](https://theintercept.com/2023/12/11/house-intelligence-committee-section-702-surveillance/), civil liberties advocates have squared off against [administrations from both parties](https://theintercept.com/2017/09/29/trump-administration-lobbying-hard-for-sweeping-surveillance-law/) trying to force government agencies, including the FBI, to get a warrant before they rooted through foreign surveillance for information on Americans. > > > > Advocates have won some procedural reforms but, on the biggest question of a warrant, they have fallen short every time. Last year, the House voted 212–212 on an amendment offered by a conservative Republican that would have added a warrant requirement. Under House rules, a tied vote fails. > > > > The party breakdown showed how much surveillance scrambles typical partisan divides. Eighty-four Democrats and 128 Republicans voted for a warrant requirement, compared to 126 Democrats and 86 Republicans opposed. > > > > Numerous Democrats flipped their vote at the last minute under [heavy lobbying](https://prospect.org/2024/04/12/2024-04-12-reformers-narrowly-lose-fisa-reform-patriot-act-2-0/) from the Biden administration, which took a traditional, centrist view of the need for expansive spying powers [to ward off terrorists](https://theintercept.com/2023/11/06/hamas-counterterrorism-mass-surveillance-section-702/) and other foreign foes. > > > > > “Pretty much every single person in the Biden administration was lobbying pretty hard.” > > > > “It was top-to-bottom — pretty much every single person in the Biden administration was lobbying pretty hard,” said Kia Hamadanchy, a senior policy counsel for the American Civil Liberties Union. “There was a lot of fearmongering, which I don’t think was substantiated.” > > > > Supporters of the Biden administration offered some cover to the lawmakers who switched their way by including modest, procedural reforms in the legislation. > > > > The last-minute flippers included several members of the House Judiciary Committee, which traditionally has favored privacy protections more than members of the Intelligence Committee, who have overlapping jurisdiction over foreign surveillance. > > > > It was hardly surprising that Democrats buckled under pressure from the Biden administration, but it was shortsighted, civil liberties advocates say. > > > > [ > > > > Related > > ------- > > > > ### Top Senator Warns Sweeping New Surveillance Powers Will “Inevitably Be Misused” by Trump](https://theintercept.com/2024/12/18/trump-fisa-surveillance-spying/) > > > > “In 2024, it was already clear that Donald Trump and the people around him might well return to power,” said Sean Vitka, executive director of the progressive group Demand Progress. “Some Democrats refused to install guardrails when they had the chance.” > > > > Even worse from the perspective of civil liberties advocates, many Democrats voted to further expand the foreign spying law with a new provision that would allow the government to force “electronic communication service providers” — including, potentially, nonprofits, political campaigns, or news organizations — [to help it spy.](https://theintercept.com/2024/12/18/trump-fisa-surveillance-spying/) > > > > Sen. Ron Wyden, D-Ore., warned that that power will “inevitably be misused.” > > > > **House Judiciary Firms Up** > > ---------------------------- > > > > With Trump in the White House, some of the Democrats who voted against a warrant provision seem to be warming up to the idea, according to their comments at a recent House Judiciary Committee hearing on FISA reform. > > > > Several Democrats who advocates were counting on last time — including now-ranking member Rep. Jamie Raskin, D-Md., who eventually voted against the warrant requirement — spoke in favor of passing further reforms next year. > > > > Democrats at the hearing put the Section 702 program, named for the law that gives the surveillance power, in the larger context of the Trump administration’s erasure of privacy safeguards, including efforts to combine previously siloed Social Security, IRS, and student loan databases. > > > > > “In 2025, we no longer have to wonder if we were right to worry.” > > > > They also pointed out that, when it came to Section 702, Trump has gutted the Privacy and Civil Liberties Oversight Board, and FBI Director Kash Patel has eliminated an office tasked with auditing the FBI’s use of the surveillance program. > > > > Raskin said the results of a two-year “experiment” with modest FISA reforms have been “alarming.” > > > > “For years, the leaders of this committee have warned of how executive branch surveillance powers could be abused by a president who didn’t care about protecting civil liberties, who used cutting-edge technology to spy on Americans, and who ignored basic principles of due process and constitutional freedom to achieve their own ends,” he said. “In 2025, we no longer have to wonder if we were right to worry.” > > > > Rep. Jared Moskowitz, D-Fla., voted against a warrant requirement last year but spoke in broad favor of reforms at the hearing. His office did not comment on whether that includes a warrant requirement. > > > > Moskowitz’s primary challenger Oliver Larkin, a member of the Democratic Socialists of America, said in a statement that he supports forcing the government to get a warrant. > > > > “Rep. Moskowitz has put civil society, political opponents, minority and undocumented communities, and journalists at risk of the Trump administration’s privacy abuses and political targeting of dissent,” Larkin said. > > > > Another Judiciary Committee member who voted against a warrant requirement, Rep. Steve Cohen, D-Tenn., did not respond to a request for comment. His [left-leaning primary challenger](https://theintercept.com/2025/12/04/denver-primary-melat-kiros-diana-degette-justice-democrats/), Tennessee state Rep. Justin J. Pearson, said in a statement that he supports a warrant provision. > > > > “Democrats should be opposed to warrantless government surveillance no matter which party the president represents,” he said. “It should not have taken Donald Trump’s second election for some members of our party to finally stand up for their constituents’ basic civil liberties.” > > > > **Will GOP Cave?** > > ------------------ > > > > The problem for civil liberties advocates going into the April reauthorization is that they now face losing some of the Republicans who rallied to their side the last time. > > > > “People tend to be more skeptical about executive authority when the president is a president from the different party,” Hamadanchy said. > > > > They are also unclear on two key questions: Just how many Democrats will flip back, and where Trump will land on the issue. > > > > Some Democrats seem to be holding firm on their opposition to a warrant requirement despite challenges from the left. During an April committee hearing, Goldman said the FISA debate “pales in comparison” to the privacy violations being committed under the auspices of Elon Musk’s so-called Department of Government Efficiency. > > > > Goldman, who is positioning himself as a progressive in his primary race, [citing his support for the Green New Deal and Medicare for All](https://www.politico.com/newsletters/new-york-playbook/2025/12/17/goldman-lander-and-26-federal-plaza-00694095), is facing a challenge from New York City Comptroller Brad Lander. > > > > “Brad would vote to add a warrant requirement,” said a spokesperson for the Lander campaign. “The Trump administration’s abuse of power has highlighted the need for stronger 4th Amendment protections and now more than ever the House should take action to protect people’s privacy.” > > > > Lander’s [entry into New York’s 10th Congressional District race](https://hellgatenyc.com/lander-opportunity-dan-goldman-congress-race/) gives civil liberties advocates a vessel to challenge Goldman on the issue. Another Democrat who spoke on the House floor against the warrant requirement, Rep. Jim Himes, D-Conn., has not drawn a primary challenger yet. > > > > Trump is a bigger enigma. In 2018, his first administration opposed a warrant requirement, but last year he briefly urged Republicans to “[KILL FISA](https://theintercept.com/2024/11/05/trump-surveillance-power/)” — apparently because he [confused the 702 surveillance program](https://www.cato.org/commentary/trump-fisa-fact-check) with another that was used to spy on an adviser to his 2016 presidential campaign. > > > > In support of the current law, surveillance hawks will likely cite the findings of a [recent report](https://s3.documentcloud.org/documents/26177517/26-002-review-of-the-federal-bureau-of-investigations-querying-practices-under-section-702-of-the-foreign-intelligence-surveillance-act-2.pdf) from the Justice Department’s Office of the Inspector General. > > > > Based on internal oversight reports from the DOJ’s National Security Division, the inspector general said, “it appears that the FBI is no longer engaging in the widespread noncompliant querying of U.S. persons that was pervasive just a few years ago.” > > > > The report came with a crucial caveat. The inspector general relied on the FBI’s audits rather than conducting its own reviews of agents’ searches. The April 2024 to April 2025 period the report covered also meant that it tracked only a few weeks of Patel’s tenure. > > > > The post [Dan Goldman Supported Warrantless Spying on Americans. Now His Primary Opponent Is Hitting Him for It.](https://theintercept.com/2025/12/28/fisa-warrant-surveillance-dan-goldman-primary/) appeared first on [The Intercept](https://theintercept.com/). > > > > --- > > > > **From [The Intercept](https://theintercept.com/feed/?mk=fl_is_on_feature_page&mv=1) via [This RSS Feed](https://theintercept.com/feed/?mk=fl_is_on_feature_page&mv=1).**

Page 35. I haven't confirmed anything, so do your own research! Happy new privacy respecting year!

According to a [complaint](https://www.ftc.gov/system/files/ftc_gov/pdf/Apitor-Complaint.pdf) filed by the U.S. Justice Department, following a referral from the Federal Trade Commission (FTC), Disney allegedly failed to tag kid-directed videos on YouTube as "Made for Kids" (MFK), a label that instructs YouTube to block personal data collection and stop displaying personalized ads on correctly designated content to protect children's privacy.

Hey everyone, I have a free protonmail account for years now and will be losing access to my (main) university mail soon. My proton mail is filling up and I will need a reliable personal mail address going forward. What is the current status with privacy oriented mail providers in the EU? I am willing to pay for my mail service but ideally not too much, protonmail is 4€/mo which is a bit much I think. What is the general opinion now after some months on the protonmail ceo? Will the Swiss privacy laws cause issues soon? What about tuta and mailbox.org? I think I want to switch to my own domain soon so supporting custom domains is definitely something I look for. Also the ability to use imap and not have a separate app would be good. Last time I checked half a year ago I found mailbox to be the best compromise but I decided it’s not worth the hassle yet to deal with my mail provider.

>edit: I changed my location and that seems to have worked for now. still a strange thing that it was localhost and not "site blocked" or something if my location was the issue. my VPN (ExpressVPN) was set to NJ. I switched to Toronto. **___** 🤷 hi all!! has anyone else had this issue and been able to fix it? it happens on any browser (vivaldi, brave, lightning, vivandium...), phone or desktop, if I'm connected to my VPN. I'm using startpage specifically because it's supposed to be privacy-focused... I don't want to keep disconnecting my VPN every time I have to make a search. (internet connection is working perfectly and no issues with other sites) (I have some other search engines I use for specific things, but looking to troubleshoot this if anyone knows the solution...)

Late night reading. :)

I used to run this already sketchy software with its even sketchier crack on my old notebook because I really didn't give a fuck about how syphilitic it was, but now that I need it again and only have my current device, I'm kinda worried. ps: it needs internet connection.

Is it worth unlocking the bootloader on my phone? It's a Samsung with One UI 7.0 (I've been avoiding upgrading to 8.0 since they don't let you unlock it after that). I just want to avoid having Google Services and AI installed. I use my phone to take photos of my art / send it to friends on signal and hate the idea of it being scanned by AI. I use a camera and gallery from fdroid but somehow the default photos app still has access (I know because it makes GIFs of pictures I took even though I marked permissions as "not allowed"). I also would love to get rid of the default apps I don't use. While I can unlock the bootloader (for now), I can't install a custom ROM because there are none compatible with my phone, so will I just be forced into using 8.0 at some point anyway? :( ATP I'm pretty much ready to give up smartphones and get a digital camera for anything I don't feel comfortable feeding to tech companies.

Learned a lot from this essay/presentation. One point that I "liked" is how Trump and US based big tech virtually (pun intended) hold other countries hostage, either with export/import tariffs or by threatening to stop trade ("adapt this policy or forget about trading with us") or with sensitive data. Also, this is the organization that he is working for. They have some tools for and guides on privacy too: https://www.eff.org/

Smart TVs with an internet connection: Lets grab screenshots and send them to cooperate analysis advertisement department.

I'm gonna delete the account after selling my Quest 2 for the Steam Frame

TLDR: 1) I recommend the cyber security related podcast Jack Rhysider's Darknet Diaries. 2) This seemingly (former) normie guy who got hacked and then recovered gave me some insight into how cybercrime can affect people. Probably more related to cyber security and hygiene in general rather than pure privacy. I follow the amazing Jack Rhysider's Darknet Diaries and came across this video in one of his playlists on his YouTube channel. I appreciate and admire people who work with cyber security on either red or blue teams. I am also a huge fan of hackers that use their skills to stand up against oppressive regimes or for instance those hilarious guys that make videos of when they hack scammers. I mean, I obviously realize logically speaking that it must be a truly awful and horrible experience to become the victim of a sinister and malicious cybercrime, but until I saw this video, I had never really felt it. And I still haven't been a victim myself. I've invested a lot of time and energy in learning IT and networking in order to stay safe, both against private individuals but also against state level actors. But that's a different story. It's heartbreaking to hear how the hacker turned his hopes and dreams upsidedown, almost making him want to quit. Hats off for you (young?) man! His dexterity is fucking next level and it's inspirational!

Sorry if this is yesterday's news to you all, but I just found out about this Android app that makes it easier - as in, less steps - to encrypt and send any message in a highlight-copy-paste fashion, with automatic integration in several e-mail front ends. It still receives security updates and the repo is still maintained, but the app is no longer being actively developed to add new features. https://github.com/open-keychain/open-keychain

I think it is possible to embed invisible information into videos and images. This way peopple could track where you got an image from, the source from which you copied it, and people who copy your image to share it again. https://github.com/ShieldMnt/invisible-watermark Services like youtube or twitter could embed such watermarks into content they serve to specific users without them knowing; Smartphone-cameras could mark images in secret. I guess blurring, rotating or dithering the image could destroy watermarks. Or maybe just sharing a screenshot of an image instead of the original image. Format conversions may help too. Keywords: digital-watermarking. tracking.

There is a lot of totalitarian shit going on, this being only one of the recent tragedies: https://www.youtube.com/watch?v=Fshsk8MCAf4 I always try to say to myself: don't wallow in grief, organize and act! Except for advocating for online privacy in one's everyday life and being politically active when I have the ability to, do you have any tips on what one can contribute with technologically, from home? I have: - A 1Gbps up/down connection - An RTX 3080 - A few Raspberry Pi:s - 20TB storage - A static public IP if I ask for it What I have found so far: - running a Tor bridge or guard/middld relay - bridge for the sake of our peers living in places where Tor in inaccessible and middle relay to contribute with bandwidth - running a Monero node - although my GPU is LHR, so perhaps it wouldn't contribute much to decentralization...?

I don't like Facebook, but my mother and my father-in law both have facebooks. I tried some different social medias but I can't make my mom go because the social medias are from other countries and stuff. Are there any American social medias where my mom would feel comfortable putting her face on? I usually don't put my face on social medias, sometimes I'll put a photo of a guy who kind of looks like me, and choose a photo that's taken from really far away, and people who don't know me that well will think it's me. My mom likes to put a headshot and then pixilated photos of the American flag and quotes from celebrity women she likes. That's kind of a facebook thing. Are there any social medias like that? Merry Christmas to all the Christians. I'm not Christian, so I get to be here. See you after church. I get to enjoy myself, and you're in uncomfortable clothing, hahaha.

Not sure if this is the correct place to ask, but I am using GOS on my 9 Pro and getting very mediocre SOT, like 5hrs. And that is WITH the following modifications: - Play Service has unrestricted battery for notifications - Everything else, if applicable, has restricted battery and no background network. I have 2 profiles but only 1 is active, the Owner one. The secondary i rarely use and I make sure to "end session". The main Owner profile runs default launcher, browser, some messaging apps, youtube, some google stuff, proton stuff. VPN is not on. Display is high res (lowest setting). Smooth display is off. All other stuff like wake on lift, tap to check, AOD...etc. are all OFF. What is your SOT and what settings did you make?

I have never liked PayPal and I am still forced to use them. Did you knew the longest password you can use us 20 characters? (I'm located within the European Union) Anyhow, I want something more private, but still quite convenient to use and have something in between my bank details and the site I'm shopping on. Years some companies make virtual temporary cards. I remember I tried getting privacy.com back in the day but couldn't as it was for Americans and Canadians at the time. Suggestions? :P