I thought it’s more involved. Like the face ID tech used in phones

Yeah, I don’t think these cameras are used to ID people routinely. Government already has my photo - I have passport anyways. However, face scan is much more sophisticated and they cannot take it with overhead cameras

I draw a line between a photo and biometric face scan. I have a photo ID, so my government already has my picture, but face scan that is tied to my identity and allows for accurate identification is something new

No, I think that many people in my line were first timers, so they did both

Oh, sorry, I’ve assumed that you are in US since you posted an article about FTC.

I don’t know if there is a similar service in Europe. I think you could get a virtual card linked to a crypto wallet, but this obviously comes with downsides

There is Privacy.com that gives you virtual cards to use for purchases. Money go from your bank account to them. Destination is visible on payment description still, but it may fool bank’s algorithm. Or you can get paid plan from Privacy.com and mask destination completely.

I guess there is a chance to see some of code, but I doubt about it being properly open sourced.

While we’re publishing the binary images of every production PCC build, to further aid research we will periodically also publish a subset of the security-critical PCC source code.

Source: https://security.apple.com/blog/private-cloud-compute/

Apple’s PR is better. With Microsoft all news titles were like “OMG Windows will take screenshots of all you do and send it to AI”, and with Apple it’s more like “Apple is carefully adding AI to their products, respecting user privacy as they always have been”.

Of course, when one looks into technical details they would find that MS Recall is strictly local and runs only on special hardware that people don’t even have yet.

Apple Intelligence does send your data to cloud and scans everything you have in Apple ecosystem, not just screenshots. Of course they say it’s done in very privacy respecting ways, and provide a lot of technical information to back this claim. But at the end it’s closed source and is subject to change at any time.

Having said that, Apple users are used to and value that Apple magically takes care of everything, so they are happy to pay premium for Apple’s products whatever the company does.

Yay, I can get some targeted ads about data center hardware!

Mullvad has a feature to add random noise into traffic patterns, actually

This is a good point. Maybe setting up a VPN at home would the good option for when I’m on the go

Thanks for the suggestion, but anonymity is not my goal with VPN. I known about tor etc, and it is not working well for everyday web surfing

Lots of good advice here, but many might be too extreme. I find such all-or-nothing approach intimidating for people who just started to think about improving their privacy situation.

Let’s see… you are angry about bloatware. It can come from two sources - mobile service carrier and phone manufacturer. How to get rid of it?

1. Buy only “unlocked” phones. Then the carrier will not be able to push anything to your phone. You will also be free to change the carrier as you wish.
2. Buy phones from manufacturers that don’t install too much bloatware. Google Pixel has only Google apps, Motorola also is almost vanilla Google. Fairphone is more exotic, but an interesting option. iPhone is OK too if you want Apple ecosystem, but customization is not a thing there.

Now, we are in a privacy focused community and I saw your later comments about Google being an opposite of privacy. I would argue that vanilla Pixel is much better than bloated and locked Samsung already. I see you get recommendations to replace the OS that your new phone might run, and these are valid, but come with significant downsides. There are other ways to improve your privacy stance by changing the way how you use your phone without changing what phone or what OS you run on it.

I use SimpleLogin for email alias, and username usually has to be associated with email address. So I just use whatever SimpleLogin generates for me

I’m using pi-hole + uBlock origin.

Adblock DNS, Pi-Hole, hBlock - these three do essentially same thing but at different layers - blocking DNS requests based on blacklists. I’m not familiar with hBlock, but I assume blacklists on each of these 3 are very similar. Using all three doesn’t slow down your internet connection much, unless your pihole server is underpowered. You can drop pi-hole from the mix if you are not using it’s other features (statistics, local DNS, etc). hBlock looks nice, and should add zero latency, but works only for local machine. So you still need network-wide blocker. Make sure you set your DNS on router, so all devices would get protection.

uBlock Origin is smarter than simple DNS blocking, but protects only your browser sessions.

Closest one for lower latency. However, the closest location happens to be in a major metro area and is banned by many financial organizations that I use, so usually I connect to the next closest.

I don’t trust Proton enough to use it exclusively. Personally I use their free email tier as a secondary mailbox.

• They are not fully open source (I found only web client source code)
• Their last independent audit was in 2021 and was done for beta version of their email
• The audit itself was for security, nothing related to privacy
• They advertise their email service as encrypted: encrypted:

End-to-end encryption Proton Mail is a private email service that uses open source, independently audited end-to-end encryption and zero-access encryption to secure your communications. This protects against data breaches and ensures no one (not even Proton) can access your inbox. Only you can read your messages.

Which I see as deceptive: end-to-end encryption is working without user involvement only for emails between Proton mailboxes. In other cases user needs to establish PGP encryption on their own. Inbox may be not accessible by Proton (we actually have no clue because server side code is closed source), but unencrypted incoming messages can be easily intercepted by Proton relays.

I’m not saying that Proton does all this nefarious stuff, but their marketing is questionable.

I’m probably being overprotective. However, teachers have a lot of kids to watch over. My kid would probably not go adventuring on their own, but we cannot rule out a kidnapper or some natural emergency situation.

This looks interesting. But the only pre-built hardware option they have on the list, Nano G1 Explorer, is way too big for a little kid. But I may get it for adult family members for emergency situations.

I’ve heard good opinions about Garmin before, but that was in context of navigation and fitness tracking. Would it work for my use case, tracking a family member?

I’ll check that one out, thanks!

Do I need to have an iPhone to use an AirTag?

Yes, because 5 year old child is not supposed to venture away from school.

It’s like governments and corporations are competing at control over information flows. In EU bureaucracy wins more often, and in US corpo lobbyists win more often.

Can’t say I find this competition healthy…

I see that some folks here suggest that a change in how taxes are reported is a solution to this.

For me it sounds weird. The problem is with having big tech trackers deployed on most web sites by site owners who don’t care about privacy implications. It doesn’t look like tax prep firms are profiting from user data, it’s just their negligence.

I hope that they will do a good thing and replace these invasive trackers with something better.

But meanwhile, people can use their desktop software. I’ve seen H&R block software a few years back - it was slightly buggy, but it worked. I don’t think they put Meta trackers there.

Yeah, it might be true for federal taxes, but US tax system is complicated…

I’m not zealous about it… I’m selling my privacy for 1.5% cashback to banks and for 5% to Amazon! However, I’m consolidating my banking to fewer banks than earlier. And I stopped using services that aggregate financial accounts to provide insights - budgeting, projections, investment advice, etc.

On the other hand I use Privacy.com for smaller vendors, but more often for security reasons than privacy. Monero for some services, like VPN.

Also, no real name or address in store loyalty programs.

Interesting, can you share any links regarding finding client DNS?

Well, my question was specifically about DNS. I don’t think that the sites or services you use have any way to know what DNS are you using.

ISP can capture DNS traffic, but this is where threat model comes into play… Like if you are concerned about some entity to collect you profile based on data from ISP which includes both your DNS queries and your IP

How using selfhosted DNS makes you easier to be tracked?