Messenger messages are supposedly e2e encrypted, but that doesn’t mean the clients don’t then turn around and give those messages to Meta. The clients do scan the messages and are known to add that information to your advertising profile which is also sold. So, while the messages themselves might be protected in flight, and they may not be shared with Meta in full, they are not private. Also, the meta-information about who you’re contacting is not encrypted, but that’s also the case with most apps, including Signal, as that is difficult to pull off while still being easy for people to find you.
Phone number can be problematic to share in some areas of the world, so it does depend on where you are, but email shouldn’t be an issue in general. So easy to get an additional, private email address and use both at the same time.
I also don’t have most mainstream social media anymore but have noticed a significant drop in people asking for it these days. Might just be my location in a city with a lot of progressive, tech savvy people, though.
I mostly use phone number and/or Signal these days.
I rarely consider anything “too far” unless you’re doing something totally ineffective or duplicating effort, and not talking about redundancy. I think most people who say this are either the people who we need to be secure from or people who are ignorant to the threats. I’m not saying the same threats affect us all, but there’s always a possibility you could become a target through whistleblowing, protest, being attractive, pissing off a random stranger, etc. And usually by the time you are a target, it’s too late. Your information is already out there and it’s difficult to stop broadcasting more with all of the tracking systems in place all over.
It’s often not clinical paranoia that causes people to worry about security and/or privacy, primarily it’s a desire for a minimal amount of privacy, hiding from predators, and/or basic protection from fascist regimes of various strengths that have taken over most governments. Often keeping a little privacy also is the best way to prevent becoming a target in the first place.
Not lock-in in the traditional sense where you’re locked to a particular technology, but effectively lock-in by making a commonly used feature for migration not available for free. This wasn’t discussing uncommon cases like having your own domain in front of a free email service since that’s not then fully free.
The most common use of free email services is to use the service’s domain and if you need to switch, then needing to change your email at tons of different places. I am still stuck on gmail for a couple of accounts because changing the email with those services means creating an entirely new account and thus losing all history, etc. Example is the Shop app. Without forwarding I’d end up having to keep the gmail app on my phone to get notification of new emails which is problematic since those apps come with additional tracking services which is the whole reason for migrating from gmail.
Point seems to be that people are switching from gmail to proton for free email, but it’s going to be even more difficult if Proton becomes like Google turned out since you’ll have to pay to get all the email to your new address while you are transitioning to whatever is next. Instead go to that next thing now before you get “locked in” by having all of your important emails going there. With gmail at least you can forward the emails for free from the places you forget to change your email with at first.
I don’t think the OP is saying to switch to gmail. They’re saying if you think switching from gmail is hard, just wait until you have to pay to forward all of your email if you need to move away from Proton mail if they end up being as bad as Google. They’re saying use something else that’s neither gmail nor proton mail.
Thunderbird desktop does have telemetry and can be disabled. You can always block it from connecting to those URLs, too, if you want. It shouldn’t affect functionality as far as I know. Android Thunderbird doesn’t have telemetry yet since it’s a continuation of the K9 app. But the help saya they plan to add it as soon as they figure out the best way to allow users to opt out.
I don’t know much about what it’s doing with geotrust, but I assume it’s something to do with certificates for the webapp portions of the application. Probably would need more info to be sure.
And I believe the detectportal URL is for checking for internet access.
Unbound on the router which connects upstream with DNS over TLS. Ports 53 and 853 are NATed to the piole and several other DNS servers like Google’s are blocked so devices can’t bypass the pinhole very easily. This is only on my primary VLAN. Other VLANs are given the Unbound DNS by default but are allowed to bypass if they insist. I have one VLAN for guests and one for trusted devices in addition to the primary one.
They’ll never understand, or never admit yo understanding, that if you put a door in a wall, everyone will exploit it. Just think of how city defense worked before flight. Every invader would go after the gate and it was much, much easier to penetrate than the rest of the wall. But in this case that gate will be totally unguarded, so anyone who figures out how to open it, will open it for everyone. And will make tools for others to use to unlock and open it easily and it will be very difficult to change it if it’s the same gate with the same key used by everyone. Imagine if door locks were all the same. No one would bother locking their doors if it was that easy to unlock instantly. And that’s what the real goal is. To make people stop using security.
My Meta account got locked without explanation and support couldnt tell me why, but suspiciously right after they implemented their new policies allowing hate speech but also I had deleted all of my posts going back to 2006 not long before that and had only been using it fir groups, so it wasn’t as big of an impact so wasn’t worth suing them to find out why I was locked out exactly or to start a new account.
I’ve decided not to invest in any more Pixels, personally. Even if they reverse the decision this time, it just means it will happen later, so then future versions of the OS will be out of reach or at least not as good as they could have been. I probably will keep my Pixel 7 Pro with Graphene until the battery is too bad for daily use.
The issue with any crypto mining is that you can’t uaually do it casually. You are generally competing with others to return the result first in order to get paid for a block. If you mine too slowly, you’ll never actually complete any blocks. If you mine too fast, you use a lot of energy. The only way I found it economical for an average person over the long term is if it’s not a popular coin, but popular enough to have some value or you generate a lot of excess power from solar and your power company either doesn’t buy it or the rate is miserably low. There are short term scenarios where it can work, but much like the stock market, you need to be paying very close attention to profit margins, power rates, crypto price, current local temperature, etc.
Right, but taxing a CPU, PC Bus, and PC memory takes more electricity than doing the same amount of “work” on a GPU with longer, more specialized pathways, allowing more work on a single cycle, but less flexibility on the type of work. So if it takes 1hr fully taxing a CPU, PC bus, etc, vs 1 hour fully taxing a GPU and its integrated memory and bus, the one using the GPU is going to take more electricity. Also, you can chain GPUs which can’t be done the same with CPUs since GPUs all have their own discrete bus and memory on a single card. Problem became that GPU production couldn’t keep up with demand so they became more expensive for the hardware, but overall, the cost of electricity vs value of the blocks combined with producing fewer blocks on a CPU once the chains reach a similar complexity as a competing cryptocurrency, means that overall you’re more likely to make more profit from GPU based mining than CPU based mining.
It’s a complex calculation to figure out and many people mine without realizing the money they’re spending on electricity, home cooling, and parts wear is more than they’re making on the crypyo.
Even if the algorithm will perform better on CPUs than other crypto algorithms, there’s still the fact that the processor in a GPU is much less complex and so: many more tasks can run in parallel because they’re all very similar, the bus is much shorter, bandwidth to memory is much higher, and memory is generally much higher performing. So overall, mining on a GPU will generally be more energy efficient than on a CPU. And of course crypto becomes harder and harder to mine as they grow, by design.
Not sure that’s true. And mining on a CPU is even less efficient. Your hash rate will be way lower unless you’ve got a really high-end system with a really low latency bus and RAM. And if your hashrate is too low, it would take months for you to find a single block unless you’re pooling with a bunch of others and splitting the profit. It’s quite variable, but very, very few people can make profit on any popular coins. Too many people to compete with to find a block.
Oh and don’t forget cooling cost. The fans in the computer, the fans in your house, and your air conditioner in your house need to disipate the heat and there’s a lot more generated per clock cycle from a CPU than a GPU using comperably old technologies. If you live somewhere that you’re producing more electricity with solar than you consume, then it’s probably not a cold climate.
That makes them think you aren’t available, but if you have any kind of voicemail it means they know it’s a real number so autodialers will probably still try later. I think this request is how can we fool the spammers (automated or otherwise) to think the number is totally invalid so they stop calling it.
That is difficult since there’s probably some indication from the phone company other than just a voice message that indicates a number is invalid/unallocated.
That said, muting is the way I do it, but now most autodialer systems are configured to call twice in a row to get around the Do No Disturb settings on most cell phones, so it is more annoying now.
You still have an upstream DNS server that you rely on to provide updates to your unbound server. Problem is that corporate or extremist government controlled DNS servers can track all of your requests as well as censor any domains they don’t approve of. And if DNS servers or their users don’t use secure protocols, then those requests additionally are tracked by ISPs or any other systems the requests travel through as well as them having the ability to block individual requests they don’t want fulfilled like the Great Firewall does or most corporate internal systems sometimes do to prevent employees from accessing social media or other sites they deem not work related.
If you want to be as secure and private as possible, your best option is to set up your own build servers and automate builds, and validate the components used by each product conform to your needs and standards for security and privacy, and deployment to your own repository that your devices use for updates.
Beyond that, there are tradeoffs based on your needs with each app store out there. If you need total privacy on what you install and your devices are already not connected to the internet, then a VPN or Tor to obfuscate your identity might be all you need. If you’re more concerned about components of applications that contain spyware, then some stores like fdroid has a lot of data available to hep you decide if the app is OK for your needs, otherwise you’d need to build your own packages or verify them manually before installation. And there are various other tradeoffs between more accessibility vs. more security and/or privacy.
Can’t do that with email. Email doesn’t have the necessary protocols to keep a file from being copied, scrub file systems, or maintain external links to trusted time keeping sources or control over the hardware to prevent screenshots or other methods to save the data as it’s being displayed to the user.
There are some possible partial implementations like encrypting a file and only allowing decryption and display on a remote server. But then what’s the point of making it an email in the first place? And if the method for viewing the data is something like a website, that doesn’t prevent screenshots or other ways of storing the data.
The only way to truly have self-destructing content of any kind is to use a device that’s fully controlled, a sever that makes sure the device is not compromised, and a neutral third party you trust to keep all recipients from tampering with the server and devices. Otherwise, if one of the users gets control of any component, they will be able to compromise the system. Unfortunately, there are no trustworthy companies who aren’t under pressure to profit fr your data or from governments to allow access to your data. So there can never be a commercial product like that. And email doesn’t have any of this as it’s designed to be portable, not controllable.
Depends on the carrier and the specific deal. I have a Pixel 7 Pro from T-Mobile. And it was able to be unlocked after one year of service in good standing. T-Mobile has traditionally been pretty good about that, though that kind of thing often shifts once companies have major mergers. And the Sprint merger screwed them up in a lot of ways that are still working their way down to customers losing services and features.
Signal isn’t that kind of app. It protects your data in flight, but only has minimal protections after the recipient gets the message. It’s a whole other game to protect data at the endpoint. If you can’t trust your recipients to protect data, then you shouldn’t send them data needing protection. In order to do that you need control over all levels of the device receiving the data, hardware, operating system, file system, and software. Anything else will always leave openings for data at rest at tge destination to be compromised by untrustworthy recipients.
Not a new thing, and I can definitely see good uses for this information. What they should have done is made it so that the one being tracked gets a log and real time notification any time someone is tracking them. This would alleviate some of the toxic spying behavior simply by making it transparent rather than covert.
Not really. I can’t think of a major social media software company that isn’t exploitative. If that’s where their specialty lies, then they either learn new skills which takes time, requires partially resetting your career, and money only to have that company then absorbed by an exploitative big company in a decade and do it all again, or just keep your job that started as a decent company and got corrupted already.
Unfortunately, not everyone has a choice in who they work for in end-stage-capitalism. Work is about survival, not ideology. The majority of Americans are not far-right capitalists, but the vast majority of CEOs are, and it’s not really possible to survive long enough to start a small business in most of the US without investment from a far-right capitalist or inheritance (usually also from a far-right capitalist family member).
Google is a Reddit partner now, so they probably don’t want discussion of anything that removes them from the loop, thus privacy is very limited to “privacy from everyone but Google” or whatever corporate blob is currently funding Reddit. This is why Reddit is dead to me, basically it is now all about profit and communities can only exist if they contribute to that goal.
They got that idea “ask for forgiveness not permission” pushed to them by capitalist extremists for too long. I despise that concept in any context, whether justifying rape or violating privacy or anything else. But I even see it in TV shows these days portrayed as normal. Gross 🤮