Black belt in Mikado, Photo model, for the photos where they put under ‘BEFORE’
- 56 Posts
- 655 Comments
(Fucking paywall article)
Summary
A catastrophic data breach at Discord’s third-party vendor Zendesk has exposed sensitive user information, including ID documents and selfies uploaded for age verification[1][2]. At least 70,000 people were impacted by the breach, with hackers leaking users’ driver’s licenses, approximate locations, real names, and emails[2:1].
The hackers are attempting to extort Discord and have already shared leaked selfies of users posing with their IDs in a Telegram group, along with a spreadsheet containing detailed information on a thousand users[2:2].
This breach validates critics’ concerns about tech companies collecting sensitive identity documents, particularly in light of recent age verification requirements in countries like the UK[2:3]. As one security expert notes in Gadgeteer, “a password is easy to change, but an ID document is often a nightmare to change, and the ID number anyway stays the same”[3].
Discord says it is working with affected users and authorities but won’t give in to the hackers’ demands[2:4].
Yes, iy’s always to use with a grain of salt. As said, it ads a security layer, but can be an privacy hole, despte that mail directions are easier to track as phone numbers, at least in the EU, you can’t be mapped back to an user, this is only possible in crime investigations by the police with an court order. Mail adresses on the other hand are unique identifiers which are way easier th track, except you use an disposable mail or alias. Anyway, eg.in Vivaldi 2FA is safe and apart optional, as also the account itself, only needed when you want to use sync or the use of Vivaldimail, blog and other services it offers. In much other services it’s also only an option.
2FA is an important security layer, if the service, after sending you the activating SMS with the code, delete your number (normal in serious services), it’s also not an privacy problem. In big us corporations on the other hand, it is, eg.Google store tour number and also probably share it, there 2FA is not an option. Instead a number, some services also admit alternatively a second e-mail account to receive the activation code, there, if you have doubt, you can use an disposable mail, so there isn’t any privacy problem.
Upgrading is always needed in every OS, because with the time are appearing new exploids and other malware which need corresponding paches in the OS, if not these security holes becomes bigger and bigger. There are also new web system which need an update of the OS to not loose compatibilities. These updates anyway are done mostly automaticly- In Windows with an advice that an update is in the queue and it will be installed in the next reboot. Luckyly in last Windows a thing of 3-5 minutes, often less.
Updates are only irrelevant, if you use the OS exclusively local, eg. an old Windows XP in LAN for the intern use in a company with their own soft, an Vintage fan to play some old games in an old PC without internet access, or an automatism in a factory, which also don’t need more than a very basic OS, without any extra features than for what it is made for.
I know, it’s normal that after a good Windows release always follow an crappy one, independent from the bloatware which it always have. W7 good, W8 crap, W10 good, W11 crap…, but at least, for an advanced user possible always to gut all of these trash and even eliminate this crappy Fisher Price UI in W11, which try badly to imitate the UI of an Mac, eliminating, I don’t know why, a lot of setting to customize the UI, needing scripts to do it.
Yes, Windows currently is a stable, usefull and good OS, exept that it is by default full of bloatware, spyware, unnecesary telemetries, services “to improve the user experience” which nobody needs…all not easy to gut, but possible. They say that Windows is easy to handle, but only seens so at the first look, to convert it in a good OS it needs an advanced user. In Linux is way easier, there is nothing hidden, but also has his drawbacks. In my new Laptop with W11, the first impression was that it was the worst UI I’ve ever seen, impossible the startmenu and the taskbar, not even customizable in a bad copy of an Mac desktop, apart of all other from the mencioned crap, which I culd strip out, to get rid of the UI, turning it back of the good customizable one from W10, I used a nice FOSS app, Windhawk, something like an userscript manager which permits to do almost everything with the UI. Settings are instantanly, no restart needed. Now I use an snappy fast and reasonable private W11 which use less than 1GB RAM, to my like, with an small Taskbar on the top of the screen, an Startmenu as it should be and some more tweaks.
I don’t use Proton VPN, but Portmaster, which apart is FLOSS, only it’s SPN is paid OpenSource. Well, Portmaster is the best Firewall and traffic monitoring app out there, but depending of which filtering you use, it can be even very brutal, and enough to block some server conections which Proton use. I saw it blocking big corporations, with the result that I can’t even access none of their services, even without VPN. I think that you must see which site is blocked from Proton and except it from the filtering, or pay some bucks and use the SPN, which is anyway better, with it you can use multiple tunnels depending on the sites you want to visit. Or using an proxy extension, like VPNLY or CyberGhost, which are free, without limits, no logs and private. The Portmaster anyway avoid that web pages can sneak any tracking crap in your PC.
Well, a backdoor isn’t a problem if it is an client side encryption, with it they may access the cloud data but they will see only this, encrypted data, because not even the ckoud provider can desencrypt these data. If you are investigated, they must visit you in person with an court order to give them the locally stored or memorized encryption password or spend a lot of time and effort to crack the code, almost impossible depending the used encryption systemwith normally 256 bits or more. The backdoor only make sense if the Cloud provider stores an recovery code to restore your data when you lose ore forget your encryption password, which isn’t the case when they want to offer an safe and no knowledge service. In these loosing your encryption password is loosing your data, the price of security.
I use FreeTube since time with the SMplayer, or using direct the SMplayer, entering the Video URL. SMplayer is a Gem. It works also in Windows in a similar way, described in your great post, not only in Linux, setting SMplayer as extern player in FreeTube and when FreeTube won’t play the Video in the list, clicking on the little square icon at the bottom left of the video thumbnail and it will open in the SMplayer. except few times in Videos with special protections, these can be watched only in YouTube itself, luckily only few.
Yes, not so difficult to spy phone calls and SMS, but it’s way less risky for privacy and security as in Smartphones, full of sensitive data on an OS and tons of apps which logs and spy on you, spreading the information not only to the ISP and govs, but also to private advertising companies and others, which is way worse. Phone lines are way less dangerous for privacy and security as the Internet, log data stored by the ISP are deleted after an max. of three month, data on the internet are forever and can’t be deleted, because they are spreeded everywhere.
At least in my case, I don’t use my Smartphone for other things as for calls, I don’t use any messenger apps nor storing sensitive data on it, desconected GPS and localisation apps. For me smartphones as such are spyware by definition, more if the include AI like they are doing currently.
Yes, embed redirect was a good solution, also using an iFrame script, but this currently works only in few videos, in the most it got the error "watch video in YouTube· It’s almost a daily battle between YouTube, devs of adblockers and scripts and front-end instances, some solutions work for some days and on the next day YouTube begins to nag and block again. What we need is an real alternative of YouTube, but that need time to create something with this hugh amount of contents which nothing else has. Continue the battle against the crap, clickbaits and forced playlist pauses (well, there at least the extension still works for the moment), hoping the best.
Meanwhile Pluto TV, Bandcamp, channels from local public TV, Odysee, Rakuten TV, Internet Radio… etc…for info, music, movies, docus…
They are all valid, but most front ends are broken by Google.
I use often Andisearch where i search the video and where I can watch it in the search result, sandboxed and through random proxy, also using the SMplayer on desktop, entering the video URL- Avoiding also that YT put any crap in my PC with the Portmaster
Cute cat photos are always the answer, or your favorite Reggeton music. The best encrypted message is when it not seems as such.
Well, there are also others, but I had mencioned only the FOSS alternatives. The others I found are proprietary, iOS only, paid or discontinued.
Mabe you can find those which you want to use in AlternativeTo
Maybe somewhat later the Helium Browser (still not for mobile, in Alpha version), ungoogled Chromium, if not, Vivaldi, for all platforms, even as automotive app, (the only one)
Any browser does it, it is needed for several reasons, every browser need to know the amount of users it has to calculate it’s market share. But statistical telemetries are not a privacy issue, it’s like an employee which count the amount of cars and trucks on a highway, to know if it is needed to enlarge the highway or not. A browser need to know it for its capacity of servers and sync, if they offer it. Normally the telemetries includes in which OS is used the browser and in which country, all this is legit and not a privacy problem.
Bad only when it also include logs and profiling of user data and activity, as Chrome and EDGE do, and worse if this is sold to third parties. Decent browser don’t do it.
Yes, a lot of people believe it, FF devs discuting in Google groups, Vivaldi in a own Mastodon instance. Mozilla since time is an Google pet which can’t survive without the support from Google.
- https://news.ycombinator.com/item?id=43340948
- https://groups.google.com/g/google-web-toolkit/c/QSEjbhhHB4g
It’s not the engine which use a browser, all engines are 100% FLOSS, it is important what you do with it.
AFAIK at least in the EU because have to admit also browsers with a different engine as WebKit. WebKit is same as Blink a fork from the KHTML engine by KDE, butway less advanced as Blink or Gecko, who outscore WebKit in modern webformats. This is why Apple don’t want other browsers which make Safari obsolete. Anyway, sooner or later Safari will be the next IE.
Yes, it’s proprietary because some script parts are. It’s not so easy to go full OpenSource for an Chromium browser which is more an online suite than a simple browser, because Google and M$ will kill to be able to fork it for Chrome and EDGE, which will have catastrophic aftermaths for all other Chromium browsers, include Vivaldi. Way easier to be OpenSource for simpler Chromium or Gecko forks. Anyway I think in a market saturated with browsers (over 100 different), beeing OpenSource isn’t in the main interest for the user anymore, prevailing more the ethics and transparency of the manufactor, 100% given in Vivaldi. Apart, as say, it’s the only decent browser from the EU on level eye with the US big Brother browsers. Alternatively there is Mullvad, butit is , apart of the privacy features, a very basic browser, more an platform for the Mullvad VPN, no own sync, only with Mozilla, Konqueror with the KHTML engine by KDE is discontinued, same as sadly the French UR browser. Thats it.
The filter block all cookies which can be desactivated in the consent menu, same do the consent-o-matic extension. The rest is anyway blocked by the tracking blocker, site permission settings in Vivaldi and, in my case, also by the filters in the Portmaster which I use. If you also use the Site Bleacher Extension (somewhat outdated, but still extreme effective), Cookie-autodelete, CookieBro or similar (removes automatically cookies, local storages, IndexedDBs, service workers, cache storages, filesystems and webSQLs after leaving the page), “you never has visited this page”. Means, there are enough manners out there which you can use to show them the middle finger and which make this cookie consent pop up useless.
It’s this the problemm tecnically the EU is on the high, but as always policy, burocrathy and the users themself to use itThe last the most difficult to convince the people to use EU products, insteat of US ones. Everybody using Whatscrap, Fakebook, X, search with Googke, buy on Amazon, use Kindle, M$ Office,…not out of necessity, but out of ignorance and habit.
That is the right way, ads are a legit manner to create incommings if they are contextual, but not if they are abusive and surveillance based, tracking and logging the user activity. As in YT, it’s not the problem to have ads in the page or as banner at the border of an video, but it is, that the interrupt an conciert documental with several no scippable long ads, popups to use Premium, clickbaits and other crap, which serve nobody, less the author. In this case using an adblocker is mere selfdefense and legit to cut this crap and nags. A good manner is eg. how Bandcamp do it, there you can freely listen almost every song or album, without ads, and there you can buy and download it when you want, paying direct to the artist and Bandcamp an revenue. Or as Vivaldi does, using afiliate links and search engines added by default, which pay an revenue to Vivaldi, if the user use these, who is free to delete those which he don’t use. These and similar methodes are a legit and ethical way to create incommings, without putting in risk the right of privacy of the user, selling his data.
- •
- 2M
- •
Well, one thing are TV sats and way other communication and military sats. That you can have hundreds of TV channels for free with an cheap sat reciever and parabolic is certainly nothing new