Apple’s “find my” network can find your phone when it’s turned off, because the phone continues to transmit low-energy Bluetooth which other devices in that network receive and report. So if you’re in a crowd with a switched-off iPhone and other people have their devices on, it’s still possible for your location to be tracked. There may be other modern phones that do this too, continuing to transmit low power signals to nearby devices. If you really don’t want to be tracked, you can’t be sure Airplane Mode or turning the phone off will be sufficient.
Zuckerberg hung out with Trump at Mar a Lago and attended the inauguration, then got rid of Facebook and Instagram’s fact checking, relaxed their rules on posting hate speech and discrimination, ended Meta’s diversity initiatives, removed bathroom facilities at meta for transgender and nonbinary employees, made speeches in defence of Trump and expressed gratitude for finally being able to have “a productive partnership with the United States government”, while removing communications channels for employees and threatening them with being fired if they talked to media about any of this. He has gone full MAGA.
This article covers most of it: https://www.nytimes.com/2025/01/30/technology/mark-zuckerberg-meta-trump.html
There are virus scanners for Android - I have Bitdefender on mine - but I don’t know how effective they are. Back in the day they were a bit of a gimmick; I don’t know whether they’re better now.
I have seen other apps from F-Droid do this. NewPipe, I think, used to prompt me for updates even though I had installed it from F-Droid. But I was always a bit unsure so I tended to just go back to F-Droid to install newer versions. Maybe it’s a thing some apps do but I don’t know why they should need to and I don’t entirely trust it.
I don’t see this as the USA turning into China. China has many problematic aspects, and being an immigrant or an LGBTQ+ person in China is probably not fun, but China at this point is less stupid and understands competitiveness. China would not defund all its science overnight, hamstring its technology and trash its whole economy with tariffs on goods it cannot produce domestically, withdraw vaccines in the face of new epidemics, and cancel sustainable energy projects and funding while denying climate science. The new US Government is just shooting the country in the foot again and again.
Chrome excites arbitrary code from google.com (this wasn’t something widely known until recently and appears to effect all the chromium downstream browsers).
I hadn’t heard about that. Can you link me to some info about it?
My comment was just advising people to be media-literate and consider the source, though I also said that this in itself doesn’t make the article questionable (I actually think it’s quite credible). And I linked to Wikipedia’s article about this news website. I wasn’t trying to defend Israel or be controversial, and it was a bit of a surprise to see this get deleted.
MintPress News is pro-Iran, Syria and Russia (Wikipedia). But that doesn’t mean what they say here is false, just that we should approach it with our critical faculties working.
My favorite is the sites that silently truncate your password to a maximum length only they know, before storing it. Then when you come back you have to guess which substring of your password they actually used before you can log in. Resetting doesn’t help unless you realize they’re doing this and use a short one.
Using LastPass now, after we learned so much about them from that breach, is inadvisable. Security is the whole point of a password manager, so no matter what the price, a password manager run by a company that can’t do security, and tries to hide their poor practices behind a wall of secrecy and deceit, is not a good option.
BitWarden is free, or $10 per year for premium, or $40 for the family version where you get 6 accounts. It’s open source and the developers are quick to respond to issues. It’s a refreshing contrast to the culture of secrecy and complacency that is LastPass.
1Password is also well thought of, but not open source.
Slightly off topic, but it turns out Android has a different VPN vulnerability:
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
Even if the phone doesn’t know who you are, the shop that sold you the phone or the SIM, or the credit card company you paid with, can know who you are. So you’d have to use cash. Even without these, your movements can be tracked through a burner phone and informed guesses made about who you are (e.g. if the phone has been at your home or with your friends).
Turning off your phone doesn’t necessarily protect you from tracking either:
https://www.androidauthority.com/android-15-powered-off-api-pixel-9-track-switched-off-3425472/
Easiest, as others say, just not to carry a phone.
23andme already got hacked and 7 million people’s private data was compromised:
https://www.theguardian.com/technology/2023/dec/05/23andme-hack-data-breach
You’re no more likely to lose keys with KeePass or KeePassXC than with an online password manager, as long as you keep good backups, and maybe sync KeePass to cloud storage.