They are working on password sharing, but it’s not here yet (I remember reading it in an email not too long ago that mentioned all the things on the horizon in the coming year if I recall, so it might not be super soon, but “soon”). So it might be a fit for you in the future, but for now I’d suggest sticking with Bitwarden (or some other app that meets your requirements).
I’ve used both Enpass and Proton. Enpass is a bit more feature-ful, mainly because Proton Pass is new. I switched away from Enpass as I didn’t like that they basically had me pay for it three times, even though the first one was a lifetime license. But I needed my passwords. Finally decided to put in the effort to move away from them as their constant begging to subscribe was annoying. So switched to Proton since I already subscribe to the plan that includes Pass.
Proton is working on expanding features and have added a few in the short while I’ve had it. I’d suggest Bitwarden over Enpass personally, particularly if you want features Proton Pass doesn’t offer yet (like no desktop or web app yet, but they are working on both, so until then, I need to use a browser extension)
But I mean, wiremin doesn’t actually appear to connect you to strangers. It seems like it just sets up private chat rooms from its description. I don’t see anyway that it publicly posts in a fashion that would appear on all WireMin users apps.
Edit: it only seems to connect you to people you explicitly provide. So hence “chat app”.
It’s not part of the browser engine. It’s part of the browser “chrome” (part of its namesake), the thing around the browser engine. So this isn’t in Edge and goes without saying, it isn’t in Firefox etc.
It’s still bad. Chrome is still a popular browser.
Edit: it does keep track of your browser activity, just doesn’t share the whole bunch of data with their parties.
I only see evidence that this replaces FLoC, but not cookies. Even Google’s statements about what cookies and data they collect hasn’t changed. This is a Chrome specific capability. Topics replaces Federated Learning of Cohorts which didn’t use cookies either.
Edit: nevermind. FLoC was a technology that allowed ad data to be collected even when third party cookies are disabled. Essentially it allowed chrome to collect data that Firefox and Safari already blocked when third party cookies are disabled.
So this isn’t replacing cookies at all, just FLoC. And it’s not replacing something “worse”. It’s still totally something that Chrome is collecting without cookies or any need to do so.
You say that as if clearing out cookies isn’t also a thing one can do. All they’re doing is opting you into more directly handing them your data. And I didn’t see any mention that cookies will be discontinued by them anyway.
In the end, the big problem here is that it’s being routed as a privacy feature when it’s anything but. It’s just a different kind of privacy violation.
It’s simply not about privacy so it shouldn’t be labeled as such.
It seems odd to say the authorities aren’t trustworthy so let’s give authority to yet another person. Why do you want to give more power somewhere because you don’t like the other people that have that power. It’s still a corporation. Why trust corporations over government?
Edit: keep in mind one is supposed to abide by law, the one you want though is only beholden to itself.
There’s a decent bit in their site as to how fighting fingerprinting by trying to be more common can make you still stand out, so mullvad may not work out depending on how it implements this concept. Randomizing fingerprinting sounds like it could work (I haven’t researched it so I don’t have enough info to agree or disagree, but sounds legit at the very least) and expecting their report to understand that is beyond the scope of the tool. I mean, you couldn’t actually test that method is effective without recording it over multiple sessions/days/etc. Sure you want a unique fingerprint, but seeing a unique fingerprint once doesn’t mean it’s working.
It’s watch different videos. It’s petitioning your favorite creators to join a different platform. Get them to post videos on both platforms or something. That you think it’s just giving up and not doing anything is silly. How sad is the future if no one is willing to try for anything better anymore because it’s not comfortable? Damn.
YouTube videos being compared to a necessity like air is absolutely childish. That’s an entirely different concept and it’s only possible if you don’t do what I just suggested. So you’re basically fighting for that future. Good job. Maybe watch less YouTube? Books still exist. Many people get by in life just fine without being glued to a screen.
Only if you never mention the content’s subject matter otherwise you will drive traffic there, regardless of how you consumed it. You drive up desire for the content. A vegan can use a secondhand leather belt and not contribute to animal cruelty, but it may drive someone else to want a leather belt.
But it’s true. If you keep using the service, it won’t change. Why would it? If you give in every time, they have no reason to stop. I have no dog in the game so I can view this objectively. You clearly can’t. You are emotionally attached to the service and can’t give it up no matter how it abuses you. I used to use Google. I do not anymore. No more Gmail. I actually pay for my email service.
I dunno, there’s a couple out there. But you vote with your wallet(edit: or your personal data). If you don’t like what they’re doing, stop using it. Using it is simply condoning the practice.
Edit: I don’t really watch much online video outside of paid services. So I don’t have a direct answer. Sure, it’s easier for me to avoid, but that’s going to always be the case for someone for anything.
Eh, the violation that hackers incur will tend to have a much higher impact (though lower probability) than others like Google though. Someone who has had their identity stolen will likely have more issues with hackers than with Google. You are correct about the breadth of privacy being violated “legally” but it’s only gotten that bad because of how little it affects folks day to day lives to the point they don’t really care (not defending it, just stating the observation). So, yeah, you’re more likely to be violated by Google, but if you’re violated by a malicious actors, it will hurt a lot more.
Both are bad and both need to be protected against. Both will violate your privacy and neither should be ignored.
Different password and email for each site (I pay for Firefox Relay, only has one instance of a site that blocked it so far). Edit to add: Firefox Relay can also provide a phone number (for a cost) that you can use on sites instead of your own. There are caveats to keep in mind for when to use it, but it helps.
Proton Mail instead of Gmail.
Proton Drive instead of Google Drive / OneDrive. More expensive, so keep this in mind.
Proton VPN when concerned about the security of my internet connection.
Hosted VPS in a cloud provider for photo storage using an open source photo focused content management system.
Pihole hosted in a VPS to help block various trackers (and ads too, but that’s convenience, not privacy protection).
Wireguard to connect to VPS hosted services. Option to turn on full tunnel, but generally obsolete with Proton VPN as an option.
Proton is on here a bit mainly because they offer a decent suite of services. There are others that are available.
The thing is, none of this is free and protecting your privacy rarely will be. There are FOSS solutions to help, but you generally need to pay for hosting and access (even if it’s buying a raspberry pi). Proton is more accessible to many than something like setting up services on a VPS behind Wireguard.
If you wanna go full paranoid, you can use tiered personal VMs for web browsing. High security ones for things like banking and what not can be destroyed and spun up on demand. And others where it’s less important can be refreshed at longer intervals depending on your convenience requirements. Still need to ensure your host/base images are protected, but it will minimize exposure on the guest vm to malware. Less likely to have a keylogger get your bank login info if it’s a brand new VM each time.
Security is not equal to privacy, but security is absolutely a means of protecting privacy. They asked how to protect privacy which absolutely is in the realm of security.
You don’t gain additional privacy from using 2FA, but your personal info is less likely to be stolen versus person info protected by less secure authentication methods.
Privacy uses security to protect itself. Security doesn’t increase privacy. It increases privacy protection, which is what they asked about.
Edit: shout out to proton mail though. It has some quirks that might turn off some people (mainly not being readily compatible with IMAP clients without the use of the Proton Bridge. But it’s there for a reason and works. And honestly, most of the other stuff you said is pretty good too. The Microsoft/iPhone stuff is obviously arguable (I fall on your side of it) but in the end the best practices is to limit exposure. The less your data is accessible by others, the better. Using email masks (I use Firefox Relay) to minimize email leaks is another good idea.
Big instances would instantly lose every instance other than Meta’s. Why would they ever do that? Especially when the biggest instances are mostly approaching Meta with caution if not already defederating?
The fediverse doesn’t handle rogue actors all that well if they change the literal language used to communicate. It breaks it. Even Microsoft, the one who basically invented the strategy decided against it in the end. They broke the internet for a long while, but only because they were in a much stronger position than, say, Netscape, which was originally designed to fail anyway.
Meta would need to change the actual protocol if they wanted to get anywhere. Even then, instances can simply refuse to upgrade.
It is much more difficult than you think. And id much rather users see they can live without Threads than to force them into Meta’s corner. I’d rather help people get away rather than ignore their existence. If Threads is too annoying overall, I’ll vote defederate. But I want to see what happens first.
It wouldn’t work with any other instance though. You can extend it all you want, but the other instances need to comply. That’s why the extension prong of EEE doesn’t really work here. It only applies to themselves. They can extend it all they want but they’ll only get metrics from themselves and other Threads-based instances.
Short answer, probably not. Long answer, they may try, but everything needs to be within spec of ActivityPub and that at least means if they do inject something like that, itll be easier to find and developers can filter it out. So I’m hoping Meta realizes it’s a draw and not try. They could try to put in recommendations to the spec, but I don’t see those getting passed very easily. W3C wouldn’t bow to them that easily. They do have centralized power, but their power inside is fairly spread out, so they’d need to appeal to a lot of people, many of whom are very principled.
For example, a very basic concept is the tracking pixel. Embed an image the size of a pixel and host it on a server that tracks requests to it. It’s not a very advanced tracking system, but it’s common in emails and the like so as to guage how many people read an email or something. Broad metrics, but metrics nonetheless. If Meta automatically injects these into posts, it’s easy enough for developers to either filter out images below a certain resolution or simply disallow images from certain hosts. And it’s ‘easy’ because there’s limited places where Meta can place it so folks who watch out for this kind of stuff will be able to see any trickery Meta tries to pull.
Edit to add: also, many local methods of preventing tracking may also help. Hardening your hosts file or setting up a DNS black hole like PiHole for example. I highly suggest looking into PiHole if you haven’t already and are serious about not being tracked. It may not stop all, but it can stop a lot.
This isn’t how any of this works at all. Defederation does not increase your privacy from them. That’s not how federation works. They still will see your posts. Blocked or defederated. You just won’t see theirs. Blocked means you filter out their content. But they could theoretically show up in comments. Defederated means it won’t populate. But it doesn’t mean your content won’t get populated there. They simply can’t comment on content from or direct message folks on a server that defederated them.
Privacy through obscurity is as bad as security through obscurity.
Any real danger Meta presents is looming regardless of federation. I’m not against defederation. I’m just against defederating without purpose. And to be honest, what I’ve heard so far leads me to believe defederation will be my likely call if and when Threads goes live with ActivityPub (well, defederate with their primary instances at least, not sure of the details of how one can defederate with every Threads based instance, though it may be simple). But I don’t even know if they’ll federate with Lemmy/Kbin to begin with and I do not want to start some trend of instances needing to act on hypotheticals.
Tl;Dr - defederation does not increase your privacy at all. Not saying you shouldn’t defederate for other reasons, but your exposure is absolutely unchanged one way or the other. This article has federation entirely wrong.
Proton has a similar feature (not sure if it’s part of free or premium as I subscribed for proton ultimate so it just came with Proton Pass). It’s honestly crazy how nice having TOTP right in the extension for the account’s entry in the manager.
Also, I realize this is like the third time I’ve made a comment about Proton, so I’m probably gonna stop before folks think I’m like a shill or something.