Not affiliated with Waterfox at all, but I am a user, and this seems like great news for me.

Hello, we would like to find out where our cousin, who recently started secondary school, is located. Additionally, we wish to set hourly restrictions on the apps they can access. Privacy is a concern when it comes to technologies created by large tech companies. Do you have any recommendations for Microsoft Family alternatives that prioritize maintaining privacy? Thank you.

• integrated DNSCrypt, Tor and Purple I2P
• can work as firewall if DNSCrypt or tor is enabled and InviZible Pro app is set up to run in VPN proxy mode

Firewall config:

• You can set up apps to go on clear net by enabling LAN
• you can set up apps to go trough Tor by disabling LAN and enabling WiFi or Data connection, tor needs to run
• you can block apps by disabling any available connection

Open-source tests of web browser privacy.

[EDIT] - Check the comments for more information and links 🔽 🔽 🔽

[Edit Edit] - Brave Browser caught adding its own referral codes to some cryptocurrency trading sites - More in the comments 🔽 🔽 🔽

I like this post it lays out privacy choices on a spectrum from the basic to the truly nightmare-fueled fever-dream paranoid:

It should fake JavaScript API and provide fake info to trackers. There no many users and Mozilla is not tracking it for security.

• JShelter: Home
• FSF announces JShelter browser add-on to combat threats from nonfree JavaScript
• JShelter Firefox add on

Do these news articles on the same day suggest that politicians are either out of touch with technology, or that removing encryption has little to do with protecting children?

https://english.elpais.com/international/2023-09-18/in-spain-dozens-of-girls-are-reporting-ai-generated-nude-photos-of-them-being-circulated-at-school-my-heart-skipped-a-beat.html

https://www.independent.co.uk/news/uk/crime/meta-encryption-suella-braverman-child-abuse-b2414479.html

Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

I have been reading about internet privacy for a long time. As time went on, I got a vpn subcription, a custom domain, a paid email hosting, etc. No regrets on the services themselves.

I recently had this conversation with a colleague of mine, complaining about the rising cost of everything including internet subscription services: netflix, spotify, youtube, you name it. I could simply disregard my colleague's complaints as I didn't have any of those and know the ways of obtaining materials. However, once I start adding up the privacy related services I'm willingly paying instead... they also add up into a considerable amount.

So, do you pay for anything privacy related, how much do you pay in total, and is it affordable for you? For example, many VPN providers offer yearly subscriptions around 40-50 USD.

We believe that the key encapsulation mechanism we have selected, CRYSTALS-Kyber, is built on solid foundations, but to be safe we do not want to simply replace our existing elliptic curve cryptography foundations with a post-quantum public key cryptosystem. Instead, we are augmenting our existing cryptosystems such that an attacker must break both systems in order to compute the keys protecting people’s communications.

...

Our new protocol is already supported in the latest versions of Signal’s client applications and is in use for chats initiated after both sides of the chat are using the latest Signal software. In the coming months (after sufficient time has passed for everyone using Signal to update), we will disable X3DH for new chats and require PQXDH for all new chats. In parallel, we will roll out software updates to upgrade existing chats to this new protocol.

Summary

The UK Parliament has passed the Online Safety Bill (OSB), claiming it will enhance online safety but actually leading to increased censorship and surveillance. The bill grants the government the authority to compel tech companies to scan all user data, including encrypted messages, to detect child abuse content, effectively creating a backdoor. This jeopardizes privacy and security for everyone. The bill also mandates the removal of content deemed inappropriate for children, potentially resulting in politicized censorship decisions. Age-verification systems may infringe on anonymity and free speech. The implications of how these powers will be used are a cause for concern, with the possibility that encrypted services may withdraw from the UK if their users' security is compromised.

Haven't seen a lot of talk about URLCheck.

It can clear useless URL parameters, unshorten shortened links, scan links with VirusTotal (API key required) or redirect you to privacy friendly websites like Nitter or Libreddit.

If you are interested checking it out, check out my guide I made on it too!

PS. I'm not affiliated with the dev/app in any way. Just wanted to share this useful app that no one has been talking about.

Dark day for online privacy in the UK.

California's attempt to force "age verification" on us all is having legal problems.

"Based on the materials before the Court, the CAADCA’s age estimation provision appears not only unlikely to materially alleviate the harm of insufficient data and privacy protections for children, but actually likely to exacerbate the problem by inducing covered businesses to require consumers, including children, to divulge additional personal information."

So I'm in a somewhat unfortunate situation. My circle of friends doesn't want to switch to another messenger and we are currently stuck on the worst possible platform for security: Telegram.

The problem is that it is very hard to convince anyone to switch, if they are all perfectly fine and like Telegram. I mean I can get why they like it: The UX and UI of Telegram are amazing and there are well functioning clients available for any platform. It has more features and gimmicks than any other messenger I know BUT it lacks one mayor thing: E2EE. And that's mostly what I care about. The second problem is that I was the person who recommended the switch to Telegram right after WhatsApp was bought by Facebook. I know, that was a bad recommendation, but back then I didn't know shit about privacy or why E2EE mattered. I was just like "Hey, it's not by Facebook, so it must be better". And now everyone I know is there and won't leave.

If - in the hypothetical situation of me setting an ultimatum and deleting my Telegram after that - I wanted to make them switch somewhere else: What messenger would that be? Currently I'm mostly thinking Signal. I know it's not perfect either, it is centralized, and the servers are in the US, but it has a bigger user base already than most of its competitors like Threema or Matrix/Element and it is very easy to set up and use. I'm already a user of Signal, Threema, Matrix, WhatsApp and Telegram (every platform for some contacts, but most of them on Telegram sadly), so having yet another option is not a problem for me, as well as getting rid of one is also no problem. I'd love to delete both Telegram and WhatsApp in this move.

So, in conclusion, what I need is a messenger that has all or most of the following:

• best possible security (E2EE is minimum)
• easy to use (no complicated setup, simple UI)
• already has some users (not too niche)
• cross-platform and multi-device (should run on Android, iOS and Windows/Web)
• some flashy dumb features like stickers and so on to keep them entertained

My choice would be Signal. But I am unsure if that is the best choice or if I should just wait a bit and see what all of the new EU laws about messengers and gatekeepers bring to the game and if anything chances with that.

Before embarking on my privacy journey, I setup a very basic IoT of all Amazon products - FireTV, several Alexa Echos, and a Ring doorbell camera. Now I am desperately trying to find an affordable replacement for them. I am planning on buying the Nvidia Shield TV to replace FireTV and open to suggestions, but I'm unsure about the others. FOSS would be great too, though I don't think I can go full hog and build my own devices.
The only FOSS, privacy-centric Echo alternative I know of is the NeonAI Mycroft Mark II, but this is $400 per unit. Since this would be a fortune just to put one in each room, I'm wondering if anything else more reasonable has emerged yet.
As for the Ring doorbell, I've seen various recommendations for Arlo, Eufy, and Ubiquiti/Unify, but I can't tell if any are actually much better than Ring in terms of privacy and security, especially for the steeper prices. Would love to know the community favorites.
Thanks in advance for the help!

Extensions: Ad Block Plus, Ad Guard, FastForward, Skip Redirect, Firefox Translations, Youtube NonStop, AdBlocker for YouTube, Cookie Autodelete, Search by Image.

Thank you!

Long range (LoRa) mesh networks are interesting alternatives to communication, especially when state actors are blocking internet access for various reasons.

More details about meshtastic: https://meshtastic.org/

About its current state of encryption: https://meshtastic.org/docs/overview/encryption

I know that scanning images for Scam is kind if a dystopian and scary. However, that doesn't mean that we need to open ourselves for abusive materials to be sent to us.

What I think we need is some publicly available ML models that can be run on each device voluntary to block SCAM from being shown or stored.

Publicly available models would help but implementing them could be a slippery sloap. If popular encrypted messaging apps start having this feature built in its possible it will become illegal to turn it off or use versions of the app with scanner removed. This would mean that we would effectively stuck with a bad egg in our code.

Maybe the best answer is to not give individuals with questionable history the ability to message you.

Does anyone else have a thought?

I am currently in the market for some wireless access points and thought I'd get some suggestions here first. I am currently using some old eero pro's as access points with a firewalla router. The firewalla isn't old and I am happy with it so I am not looking to replace it with something at this time.

Are there suggestions for more privacy focused networking equipment? Or is that just a dumb question to ask?

Title. How many extensions would be the average to not be profiled? Obviously not having any or having 23 will make you pretty easy to fingerprint, so how many is the average or safest?

For transparency sake, I'm the new maintainer of this website. Just wanted to share it here. I was thinking of creating a community for it, but I don't know if it is worth it.

I hope someone find it useful. If you want to contribute, collaborate or just share your opinion, you're more than welcome! The repository for the website is here https://codeberg.org/ThePrivacyRaccoon/website

As the title say, I have 2 android phones , both factory reset and logged in with google accounts. Checked the dns logs on both-

Phone 1 connects to google server but is minimal

Phone 2 is going bonkers, connecting to google server , xtracloud server etc.

Phone 2 battery drops 5% in a hour and phone 1 doesnt drain at all.

Which bring me to the conclusion that phone battery draining has something to do with google accounts as phone 1 google account has fake name and details but other has real name and also a phone number linked to that account.

Please feel free to correct me. Thanks