Every time when a YouTube video is embedded in Lemmy, a bot appears, suggesting to use Front-end Piped (or another) instead of YT, which is certainly recommended, due to YouTube's inherent privacy concerns.

However, then it is not understandable, why in the case of images Imgur links are happily allowed, which is infinitely worse in terms of privacy, which shares user and usage data with the worst existing advertising companies, which makes it in little less than spyware.

As a suggestion I present 2 alternatives, which in addition to, as EU products, strictly adhere to the GDPR standard and even more.

As the main FileCoffee service, this, apart from images, supports ALL types of files, whether multimedia, video, documents, presentations or texts. Supports 15 MB/file and with optional registration to also use it as a personal host (100% free with mail, password) up to 30 MB/file, encrypted. Inclusions script one click for ShareX on Windows or MagicCap on Linux or Mac

The second is vgy.me, also privacy oriented, but supports only images, encryption, 20 MB/image, EXIF Data are removed, API for web pages.

Hello! I stumbled on a post a while back about privacy tools. I can't seem to find it again. I had bookmarked a few sites it linked to and finally got around to looking at them

One of those websites was Safing. I hadn't heard of it before. The website says that it's a firewall tool, but I can't seem to figure out why it's better than the Windows default firewall. Does anyone here use it? What does it provide that Windows doesn't have built in? Is there an avantage to using it if I have a PiHole on my network/use a VPN? Is it meant to be a single-machine firewall or a whole-network firewall?

I have a question, what do companies do with your phone number ? can they trace who you are and what you do ?

I'm looking for a privacy-respecting open-source android keyboard, and so far I've found:

• OpenBoard
• AnySoftKeyboard
• FlorisBoard

Does anyone have any experience with these (or other alternative keyboards)? Which one would you recommend?

The Mullvad Browser is a privacy-focused web browser developed in collaboration with Mullvad VPN and the Tor Project. It aims to eliminate data collection and provide user-centric browsing services, ensuring online activity remains private and secure. The browser has the same fingerprinting protection as the Tor Browser, but connects to the internet without Tor Network or VPN instead. The Mullvad Browser provides anti-fingerprinting protections.

The idea is to provide one more alternative – beside the Tor Network – to browse the internet with more privacy. To get as many people as possible to fight the big data gathering of today. To free the internet from mass surveillance.

Here: >> mullvad browser official <<

A few minutes ago, I'm just reading the news from the RSS feeder app called Feeder and then suddenly I got a notification from x from Linux handbook which I was seeing in the feeder app. How?

Interesting services, curious if anyone has opinions

Hello everyone.

Currently me and my GF have our finances organized in a Google sheet file (hosted on Google drive), being that file integrated with a Google form.

What we do is having on our cellphones a shortcut to the form, where we input all our expenses, they are directly and automatically registered in the sheet, and on another tab we've built some sort of dashboard based on all the values the form registers.

So given this context, is there any option or group of options that are open source, and that achieve this same purpose / scenario?

If possible everything acessible on a cloud or at least onlinez so we don't lose this flexibility and accessibility on our cellphones.

Thanks in advance

Hello nice people,

I've been using NiceHash app for some time 5-6 years ago. (It was a simple app for mining cryptocurrency and you get paid in bitcoin on their wallet, then you could transfer bitcoin to another wallet.) It was working fine until they got hacked (or fooled us) and lost all crypto. Luckily I didn't loose much like some guys did. I decided not to use the service anymore and I'm still receiving stupid e-mail newsletters. I tried to unsubscribe and It asks me for login, I know password, but don't have 2fa anymore. Also I don't have backup 16 words.

Now support told me that this is the only way and I feel ridiculous about taking selfie just to unsubscribe. Am I protected against this somehow? I live in Europe and I think Nicehash is located in neighbourhood.

And of course I never wanted to subscribe...and I don't think I ever verified account with a document.

What are my options other than just filtering that shitty domain as spam?

edit: typo

GDPR Compliance Check

For those who haven't heard of it before, Gumb is

A platform for managing meetings, gatherings, and events for communities of any size. - gump.app/en

I have investigated this app because it is used by a club where I am occasionally active.

Landing Page / Homepage

Fonts: The landing page is using google fonts, so those fonts are loaded (8 requests) from fonts.gstatic.com when opening the website. The first issue here is that google fonts are not listed in the privacy policy at all. Second, by a German court ruling google fonts are not compliant with the GDPR:

The use of external font services cannot be based on Art. 6 § 1 p.1 f GDPR, as the use of the fonts is also possible without having to establish a connection from visitors to external servers. - LG München Az. 3 O 17493/20

Images: Furthermore the website is loading images from firebasestorage.googleapis.com (105 requests). Following the argumentation of the previously mentioned court ruling, using firebase for images could also be considered non-compliant because images could easily be served without having to establish a connection from visitors to external servers.

Youtube Embed: The website includes a youtube iframe (13 requests to www.youtube.com) with an introduction video. While youtube themself offer an iframe option called "Enable privacy-enhanced mode", the Gumb homepage embeds the »normal« iframe that places tracking cookies which again violates the GDPR. The iframe furthermore sends

• 6 requests to play.google.com/log,
• 4 requests to https://googleads.g.doubleclick.net
• 1 request to https://static.doubleclick.net
• 4 request to https://jnn-pa.googleapis.com

Tracking: The website uses, as stated in their privacy policy, Google Analytics (GA) which results in a request to https://region1.analytics.google.com/g/collect... and https://www.googletagmanager.com. However, writing "we use GA" in the privacy policy is not sufficient. GA requires consent from the website visitor.

There are a few more unnecessary requests, but I think the point is clear.

All of that is happening without any consent from the visitor!

Mobile App

Gumb offers mobile Apps for Android and iOS, of which I only checked the Android version. While I can't say for sure that the app violates the GDPR because it immediately asks for credentials, the Exodus Privacy Report (of the latest version 1.0.84) still looks rather bad:

• Amazon Analytics
• Amazon Mobile Analytics
• Google Analytics
• Google CrashLytics
• Google Firebase Analytics
• Google Tag Manager

Web App

Next to mobile apps, Gumb offers a web app too. Well, what can I say - there are requests to

• https://fonts.googleapis.com
• https://www.googletagmanager.com
• https://region1.analytics.google.com/g/collect...
• https://www.google.de/ads/...
• https://stats.g.doubleclick.net/g/collect...
• https://ipgeolocation.io/

even without being logged in or any given consent.

Conclusion

For a tool from Switzerland with paid subscription plans and the purpose of managing events/meetings etc. it uses a lot of google (tracking) services... Very sad to see as the app looks otherwise really modern and useful. Do today's developers know that applications like Gumb can be implemented without selling their users' soul to google?

For example using privacy screen protectors or phone cases with a manual shutter over the camera.

You may have heard of the "Countering Violent Extremism" program under DHS.

They've deployed the tactics used to fight terrorists against domestic citizens. For example, incels. When I posted on the web forum incels dot is, I didn't know it was Department of Homeland Security operation against men who say they are romantically deprived. I didn't know I was interacting with larping feds who encourage extremist rhetoric. Consequently I was put on a watchlist and am subject to intrusive monitoring.

I share a lot of my experience here.

https://twitter.com/WrongedIncel

My question is, my computer is hacked by them and they are privy to my computer activity -- as in, right now, they're seeing me type this post. How can I get these rats out of my computer? I just run Windows 11.

College Board shares SAT Scores with Facebook, TikTok, and others

https://gizmodo.com/sat-college-board-tells-facebook-tiktok-your-scores-gpa-1850768077

"Gizmodo observed the College Board’s website sharing data with Facebook and TikTok when a user fills in information about their GPA and SAT scores. When this reporter used the College Board’s search filtering tools to find colleges that might accept a student with a C+ grade-point average and a SAT score of 420 out of 1600, the site let the social media companies know. Whether a student is acing their tests or struggling, Facebook and TikTok get the details.

The College Board shares this data via “pixels,” invisible tracking technology used to facilitate targeted advertising on platforms such as Facebook and TikTok. The data is shared along with unique user IDs to identify the students, along with other information about how you use the College Board’s site. Tok, and a variety of companies."

#privacy @privacy

I was looking for something different from Tor and not like I2P. Someone give a look on Lokinet? What's your thoughts?

Edit : I know that is based on oninon nodes I mean about the privacy feature and what have to offer more

A new DoS protection mechanism for Tor leveraging Proof-of-Work.

I have used SearXNG for a while, but I switched to LibreX after the search engine started glitching. Recently, though, LibreX has stopped returning any results. I am currently on Mojeek, but the results aren't that great.

I have also tried Qwant, but I wasn't too keen on it. Startpage will be impractical, as I use a VPN and this engine often blocks me because of it. I don't want to use Brave Search for a number of reasons. MetaGer has too many important features behind its paywall. I'm not sure about DuckDuckGo, but I could use it if there was no other option.

Any suggestions, or am I being too picky?

Sounds like Meta wants to force you to give them your phone number.

I was taking a look at the Naomi Wu situation (A Chinese DIY tech youtuber who went missing after being watched by the government) and in one part they mentioned that she was concerned about her privacy, so started using Signal, but had a default chinese keyboard that had a keylogger and the police had looked into what she was talking on there.

I'm not sure if it was a mobile only thing, but it was mentioned that the keyboard app was used in like 70% por chinese smarthphones.

Now, I use AnySoftKey and refuse to use default keyboard apps, but how far can we reach on the keyboard security thing? Is typing on a computer or using a physical keyboard on a mobile device 100% safe? I think the keyboard issue is often overlooked and would like to know what recommendations your have? Or what should be known more?

Hello everyone! I would like to part ways with my Google Chromecast. Fortunately, I had an extra Raspberry Pi 4B (4GB version) in my drawer, which I used to install LineageOS. Afterwards, I installed F-Droid and a customized launcher to give it a more AndroidTV-like appearance.

Now, I have a couple of questions:

1. What can I use as an alternative to Google's screencasting?
2. Is it advisable to enable SSH with root access on the Raspberry Pi?

Thanks!

Last week I received an email from Meta Plattforms Inc about their new ToS and Privacy Policy addressed to my first Name.

But I don't have any accounts on any services from Meta Platforms (I deleted them a few years ago). Therefore I contacted the DPO and requested a copy of my personal data and asked them to delete it according to GDPR.

They told me that there is no account associated to my email, I should provide my account details to the account in question, which I don't have. They are unable to help me with the data I provided and I should contact the irish or my local data protection authority and bring my claims before court.

So they obviously have at least my first name and my email address and refuse to comply with GDPR.

Has anyone had any simmilar experiences or any recommendations on my further actions?

I don't have the time and money to sue Meta, but I will contact my local data protection authority.

I am new to Librewolf and downloaded Multi Account Containers addon along with libredirect, skip redirect and ublock origin. I am currently signed in a container with a Google account and set the URL to always open in that container. However I do not want to allow any Google-affiliated redirecting links to automatically open within that container and sign me in with that account, letting Google know what I had been browsing or searching for even when I would not want them to. This issue is restricting me from making Librewolf my default browser.

How do I make it so that all these links, whether clicked on from somewhere within the browser or an external application, open in a separate container or without a container or in a private window, if possible?