Adnausuem, Consent-o-matic

Just remember that Mozilla is a seperate entity to Firefox.

Typo squatting.

Not even a slap on the wrist

Apple made $33B in revenue in Europe for the last quarter of 2024. That is about $2B a week or $360M a day.

The fine of $160M by the French gov is not even half a day of European revenue.

Because western tech has the same backdoors. look at the NSA leaks and western legislation that allows governments to mandate back doors with gag orders.

The banning of eastern tech is not because the tech may have back doors, it because they likely don’t have western back doors.

https://support.google.com/product-documentation/answer/15669061?hl=en

On my computer, I usually have KeePassXC unlocked for the entirety of being logged in.

Honestly, it sounds like you can solve the issue by only logging in when you need a password and setting the database to lock when minimised or your screen locks.

Now I know that makes using it more annoying but you can enable quick unlock so after your first login of the day you only have to use a pin or to unlock the database.

Because so many bad actors use VPNs for ban evasion or span sources, blocking the VPN endpoints from posting or commenting is a low hanging fruit way of dealing with some spam. This is Lemmy.World stance.

There are many others instances that work over VPNs so in the spirit of decentralization you can use another instance to access lemmy.world content.

Don’t. Do not mix personal and professional devices

Just remember Telegram also shared Taiwan user data do China during the protests.

It looks like a browser that enables security features that Firefox has but aren’t enabled by default.

As for the version. Firefox 128 is the Extended Support Release which means no new features are added only fixes are introduced in updates.

I wouldn’t trust it. Any registered carrier in a country would have to comply with wiretapping/interception laws of that country.

This one?

https://f-droid.org/packages/de.seemoo.at_tracking_detection/

I am happy with it, I run it on all compatible devices. In the ad vault it says how much money was wasted on ads to you, but I do not believe that amount shown.

Nothing. Because it discards any data returned from the click.

https://github.com/dhowe/AdNauseam/wiki/FAQ#how-does-adnauseam-click-ads

Facebook? More like FBI. Wouldn’t be the first time.

Telegram was built to protect activists and ordinary people from corrupt governments and corporation

Didn’t they announce that they were no longer sending data to China about users participating in the Hong Kong unrest, implying that they were giving data.

don’t have to break TLS to know what site you are accessing. The SNI of the cert does that.

The specific url however is protected by TLS.

They are bound by anti money laundering laws (AML) and are required to Know Your Customers (KYC).
https://support.kraken.com/hc/en-us/articles/know-your-customer-kyc-questionnaire

Yes it does compromise privacy because now when the exchange is asked who owns this wallet they have to hand your details to law enforcement.

Exchanges without KYC are getting rarer.

Doesn’t DoH and DoT completely kill this?

In an absolute sense, yes a modem can spy on you by hijacking requests and redirecting them to controlled locations. We use TLS to prevent this, even stronger with technologies like HSTS.

Does this happen in real life though? More then you think, but less of an impact then you think.

Some US providers will hijack DNS requests and redirect them to their own DNS servers, but this can be solved with DOH or DOT.

TLS interception is a thing but it requires the device you are using (phone, PC, tablet, laptop) to have a root certificate installed that the ISP also controls. Almost all browsers will only install root certificates from root certificate providers with good standing and have no quarm in untrusing the root certificate if things go badly.

Let’s flip this question. Why do you think an organisation should get my data?

Are they reputable? Are they secure? Are they domiciled in my country and follow the laws of my country?

Ideally this will be less of a concern in the future, when the vast majority of organizations no longer have utter shit for Cybersecurity.

Oh you optimistic madlad, never change.

Not one uses IIS.

How sure are you about that? I work for a global MSP and see it all the time.

Teams is built on top of the old SKYPE infrastructure. It is a bastardisation of Skype (communications) and SharePoint (data storage)

As it is built on Skype, all the acces Leo had as part of Skype still exist. MS is a US org and have the legal requirements to tap communications for Leo.

Shovel knight and FTL have sound tracks that are amazing.

No.

non ECC ram does funny things under high load.

If your password file gets lost/compromised/stolen your accouts are still safe with the MFA codes being stored elsewhere.

KeypassXC has otp support and they recommend storing those codes in a second database seperate from the passwords themselves.

How will they enforce it? I’m sure big/medium businesses will comply, but how can you track a cash transaction between private citizens?

Because that is not the point of the laws.

Infact the NL implementation of the laws specifically says it is for business to business and business to consumer.
There is no mention of private transactions.

… I don’t know of this is satire or not.

• There is now a feature labeled “Privacy-preserving ad measurement” near the bottom of your Firefox Privacy settings. I recommend turning it off, or switching to a more privacy-conscious browser such as Google Chrome.

CBDC?

Are you at all shocked that what is effectively a payday loan operator wants more info about you to sell ads encouraging you to buy things?

Never forget the several high profile hacks Sony has been the victim of and all the personal data they have had stolen.

This whole article is an advert for this companies own new secure messenger because…

Why Would We Stop Using Signal?

We had a security breach of some root keys for a legacy chat server we were running and it got attacked and destroyed. It was too hard to restore after the attack and was abandoned. We tracked down the data leak to Signal, as the engineers had used Signal to send these keys between themselves.

Human error. Why are you allowing private keys on untrusted devices?

What an absolute numpty.

Reminds me of the Defcon talk about how the feds caught a card skimmer because he mixed illegal and legal funds while using the same password for multiple sites. And the password was some Russian variation of ass.

Only 1000? Damn I must be slipping.

How are you on self hosting something? You could give a couple of these a try. Data stays with you so you get to decide how much to track.

https://github.com/awesome-selfhosted/awesome-selfhosted?tab=readme-ov-file#analytics

There is a German manufacturer called GigaSet which does stock. I am rather happy with their GS5 phone and they even have a senior option if you want a not as smart smartphone for a parent.