Posteo’s lack of custom domain support can be augemented by using Addy.io or other similar email proxy/forward services.

If you can handle steep learning curve with less proven stability, Mikrotik.

This is a reality of any software. Those requirements exists by themselves or in some combinations, but once you want them all, the difficulty grows exponentially.

The Sunbird model works. Their model isn’t that hard to replicate, and have the steps laidout for you to copy. However, it doesn’t offer some perks you want with limitations. For example, you can only have 5 devices linked to 1 Signal account. There is no 2FA, fine grained access control, nor audit log. The search functionality is not particularly good.

There are ways to overcome those limitations but you will need some tech savvy dude with proper security backgroud/training to design, implement, and manage that. It steps into semi-custom developement and integration, and be warned, it is hard to done right, especially anything with security.

Say your organization is doing something like Amnesty International (at least sounds awlful lot similar to me), you want a solution that

• encryption
• shared inbox between trusted members
• minimal meta-data leak to providers (service providers and network node operators)
  • hide who is sending/receiving
• easy to search/indexed
• fine grained access control
• audit log of who responed to who
• multi-device
• single stable address/contact point (how “stable” you need it to be?)
• 2fa?
• easy to use

Am I correct? To be honest, it is quite a tall order. I can’t really think of a solution right now. Email is definitely out of the question because you can’t hide who is sending and receiving the email.

ALPR already exist. The situation won’t get better or worst, no matter what license you release under.

I don’t understand why you need encryption. It seems you are concerned about access control and metadata on the security side. If that’s the case, it is more advisable to host your own email server. However, be aware that once the email is sent, your recipient email system may be hosted by other email providers that you might not desire. You can reduce the metadata leaks by using encryption, but as you are aware, not everybody kin to use it. And to be effective, it must be used by both sides.

I played with something in Zoho before. Forgot what it actually named. In essence, you create a group, then you add members to that group. The group would have an email address. Anyone can send email into the address and everybody in the group will be notified (like forwarded). I believe members can also use the group address to reply.

I think I had every thing setup correctly. SPF, DKIM, and DMARC are all green in Proton. Still, mysteriously end up in spam folder when I test with friends.

Hey, I still got one.

I tried, and failed hard. When I bought my domain 10 years ago, I didn’t put efforts in reseaching domain reputation and got a .xyz tld. Now that tld smmes to be abused by spammer and also affecting my mail which go straight into spam folder.

I thought Google Workspace mailboxes aren’t scanned?

Why it fall flat and lose player in the first place?

Use separate profile for different devices. Make a group when you chat with others.

Being privacy consious and the act of requesting to had your info removed is just put you on their radar as “normies” doesn’t care.

it can. I’m not saying it does, but it absolutely can

WhatsApp? It can by piggybacking the content on the client itself. It can’t read on the server if it’s as advertised as following the Signal Protocol.

But that kind of functionality either need targeted deployment, or have that built-in to the client in public channel. It doesn’t matter if they does it or if they can do it, the logic of that functionality still have to exist somewhere. I would believe some nerds would pickup some indicators and had that reversed engineered long ago.

Without a solid proof, I would on the err side and refrain from claiming such.

They both are bad in privacy in one way or the other. WhatsApp is collecting vast trove of data about you, though it can’t read the chat itself. Telegram doesn’t have end-to-end encryption enabled by default, means anyone have access to the server can read your chat history, though you’re last subject to data collection.

If you’re doing illicit activity though, WhatsApp is better than Telegram because the chat contents are the evidence those law enforcements are going after, not the connection. They can’t arrest you because you make friends with a criminal, but they absolutely can because you have a criminal action recorded in chat history.

Disable iCloud backups, and do backup manually with iTunes plus the backup password set.

I recently switched to NextDNS. I used to run my own AdGuard Home with multiple DNS provider as upstream.

https://lemmy.ml/post/15430684

I asked a similar question before. Some recommended Revolut. Haven’t try yet tho.

Despite the bad title, the article itself is worth a read, though the topics covered are being discussed long ago, but serves as a good reminder.

A point the author raises is about data security in end-to-end encrypted communications when using with AI. Remember that end-to-end encryption is specifically protecting data in transit? It doesn’t do anything after the data is delivered to the end device. Even before the age of “AI”, the other end can do whatever he wants on that piece of data. He can shared the communication with another person next to him which the sender might or might not know of, upload it to social media, or hand it to the law enforcement. And the “AI” the tech industry going forward is just an other participant of the communication built right into the device. It can do exactly the same as any recipients wants to. It can attempt to try to (badly) summarize the communication for you, submit that communication to any third party, or even report you for CSAM as it determines your engaging in “grooming behavior.”

And the author also asked the question, “Who does your AI agent actually work for?” However, this question is already been answered by Windows Recall, the prime example of an AI agent. It collects data in an attempt to “help” us recall things in the past, but it will answer questions from anyone have access to it. Be it, you, your family/friend, or even law enforcement. The answer is anyone.

Libretube with HLS experimental on. You need to refresh VPN location constantly if you use one.

Addy.io

Not as “disposal” and you need to pay for it, but it would be totally fit your use case in that you want to hide your identity to your VP, reply to those mail, and in some level protect your personal information as they won’t store or leak your mail, granted you don’t use Gmail as a recipient address.

well. as another said, one is pretty unique the moment they seek online privacy. this is the sad reality of it. You want to blend in, less unique? Ditch privacy is a way to go. Is this a shit choice, of course it is. The otherway around is embrace the uniquess on every refresh of the page. However, I still have a hard time to beat some very sophisticated fingerprinting engines. Or you can disable Javascript and you won’t be fingerprint-able at all along a VPN.

It can still tell you’re on Linux via WebGL

Less unique is equal to what majority of other’s do.

So

• Windows
• Chrome (stock settings, maybe some addons like grammarly)
• No VPN

SEPIA

I always want to try it but never. Form the docs it seems a complex, no so plug-and-play system.

It is working so well that I get an infinite loop of it on the same page.

Except many services are very aggressive to Tor exit nodes, namely Google and Cloudflare. Everytime I just met with CAPTCHA after CAPTCHAs, and eventually I gave up on the site.

Yeah, I should cut ties with Google but cutting YouTube on NewPipe is hard. I’m on Proton and watching YouTube is already hard.

It’s simply the “secure” isn’t meant for users but the cooperations. Make it “secure” to their busibess.

How about torrenting?

Utill you’re no longer live in the US. I can’t find Ptivacy alternatives after moved out.

So use what browsers? Chrome sounds more secure (I didn’t read previous post), yet I don’t want an advertising company looking at my browsing habbits, nor supporting them dominating the browser market share and have a powerful influence on every web standards.

I never used it, but I would assume yes after reading the frontpage and the doc. At no point there is a PSK set between sender and reciever, not I see any signs for key exchange between devices.

This is not a definitive answer though as I didn’t read the source code of Nfty, nor the UnifiedPush spec.

“NAPO’s goal in the meeting was to ensure that the proposed rules protect not only officer’s private information from being sold and made public, but also safeguard law enforcement’s access to certain publicly available data that is vital to aiding victims and preventing and solving crimes,” the group said in a newsletter published last month.

Read: We want to look at your private data but not ours.

What a jackass.

It is the recent use after free vuln actively exploited found in FF, which both Fennec and Mull relies as upstream. This compounds on changes made to Android NDK and the source of FF move into the monorepo, making them harder to build. Hence, they’re still vulnerable to the attack.

Triangulation needs to know where the signal comes from (angles). Which mode’s device doesn’t have the capability of doing this. The most they can do is estimate by signal strength.

I only know you can use it via Matix with a bridge, but the setup is quite involved, not just an App on your phone. Plus the metadata is still shared with Meta, like who you talked to and when, which they can build a profile and a social graph.

Although I don’t use FUTO keyborad, I don’t think collecting typing data is a problem, as long as it is done locally. There shouldn’t be a binary choice between privacy and better user experience.

Free? No. SPN is an add on service that cost 9.99€/mo or 99€/yr. You can host a community node but seems you can’t use it directly. They say they are going to reward who host a node but it is unclear what the actual reward is.

https://wiki.safing.io/en/SPN/Nodes/Hosting

Then I will they just doing half the work. They can just get the site account walled for that goal, not a half patch work of blocking VPN users.