I thought people here might like to join this if you want to see what other privacy folk are talking about. I think it originated on Nostr.

I've been worried about this since Google switched to it in Feb this year.

Apparently the short answer is "you can't". Which is terrifying. Surely some clever peeps out there can find a way round it (for normies)?

I've been noticing over la last few years that is is becoming more and more difficult to login to accounts, whether a bank account, a membership account, sometimes even browsing websites for shopping, through my VPN server. Is this just my impression or is there something going on now whereby there are services that keep list of VPN servers that are then sold to backs so that these parties can keep out anyone from trying to login via a VPN. It feels like the general consensus is VPN=malicious rather than "VPN="this guy is just trying to protect his privacy". I use AIRVPN but was wondering if there are VPN services that are more sophisticate and try to circumvent these VPN server blocks? It becoming a real pain to the point I'm wondering what it the point of paying fro a VPN is I'm finding myself having to login through my ISP IP rather than my VPN IP.

When I connect to a VPN my Ubuntu laptop calls to an ip address BEFORE CONNECTING and the whois is:

inetnum:        185.125.188.0 - 185.125.191.255
netname:        UK-CANONICAL-20151111
country:        GB
...
organisation:   ORG-CGL14-RIPE
org-name:       Canonical Group Limited
country:        GB
org-type:       LIR
address:        5 New Street Square
address:        EC4A 3TW
address:        London
address:        UNITED KINGDOM

What is this and why?? Why does Ubuntu check in to Canonical HQ when I connect to internet??

I am going to show what it would look like if a society had no privacy whatsoever, and then compare it to a society where privacy is a top priority. I am going to show that what little privacy we have in countries such as the United States is the thread holding those countries together, and without it society crumbles. I am going to show that privacy is essential for a free society to function properly, and also help you appreciate the privacy you may not know you have. Let's begin.

A Privacyless Society

"Our" Personal Life

Privacy, by definition, is the ability to control your data. That means controlling what data is shared, who it is shared with, how long it is shared for, when it is shared, and by what medium it is shared.

If you have no privacy, that means you lose the ability to obscure any of your data. All of your data is shared with everyone

Personal information: full name, birthday, address, occupation, social security number, etc.

Documents: birth certificate, driver's license, passport, ID, etc.

Biometrics: Facial scans, fingerprints, handprints, retinal scans, DNA, etc.

Digital information: The content of all emails, every post made online, bank account balance, spending habits, social graphs, all pictures, all ~~private~~ instant messages, every show you watch, etc.

Other information: health and workout data, past relationships, every word you say, every thought you think, likes and dislikes, every place you visit, every waking second of your life, etc.

All of that data becomes available for anyone to use. As you can imagine, this data would quickly be used for mass government control. Anyone who thinks out of line would be punished.

Without privacy, you would also no longer be allowed to obscure personal belongings. All carrying devices such as backpacks and bags would need to be transparent. Since clothing counts as a carrying device, it would need to be transparent or nonexistent.

Yes, you heard me right, everyone would be mandated to be completely nude. The French TV series Nu carries this idea, where a society has been "frog boiled" into giving up all privacy, and all clothes. One man has slipped into a coma during this transitionary period, and is disillusioned with the society.

Access Control

With all data becoming public, you may wonder "Why even have passwords anymore?" To put it simply, even if all your data is public, you still wouldn't want someone impersonating you or posting on your social media. It's the same as how you wouldn't want anyone accessing your bank account, even if transactions are public.

This falls under the topic of security. Without privacy, security would become a citizen's most valuable tool. This begins to show you a hierarchy in personal freedom. Security is the foundation, privacy is layered on top of that, and only then should convenience be added. Unfortunately, in today's world, convenience comes first.

Breaches would become much less common as security is prioritized. The use of password managers, multi-factor authentication, time-based one-time passwords, passkeys, and hardware security keys would become common. However, because all biometric data is public, the "rule of three" for multi-factor authentication can't be completely satisfied.

Documents such as your birth certificate or passport can still be used to verify your identity, as long as the physical composition can't be counterfeit. The information itself becomes useless, and so all identification using the documents must be done in person.

Autonomy

This society has no privacy for individuals, but even if you tried to enforce transparency in higher powers, those powers literally have all the power. Governments and companies would hide behind closed doors, and cover up any misconduct. These powers would use the trivially available data collection to control every member of the public, and manipulate their decisions. Good news: Elections will take place almost instantly because all individual preferences are made public. Bad news: The election is rigged so it doesn't matter who you voted for.

The control over the public would stop at nothing, until we all are turned into mindless work drones. If you control every aspect of the population, then many pieces of a society are removed entirely. The public never makes any money, so there's no reason for taxes or rent to exist. The only transactions taking place would be between different companies and the government. Homelessness is solved by cramming everybody into government issued bunkers for maximum efficiency. Soylent becomes the largest company in the world, providing the only food for every citizen. The only people with any real autonomy would be refugees that are somehow evading the global satellite surveillance cameras, high ranking government officials, and CEOs drifting on their mega yachts.

Death and birth rates would hit an all time high as humans become a disposable asset. The most common cause of death becomes black lung disease from the increase of workers mining coal. Trees may or may not be planted depending on how near-sighted the powers are. As society shifts, some terms take on new meanings, such as "self-driving cars" adapting to the meaning of "cars you drive yourself".

The powers would eventually find neurotechnology to be the most efficient means of control. Installation would become mandated for the public, and manipulation tactics such as peer pressure would force everyone into submission. The device would kill a person at the first sign of corruption. People would be selectively bred and genetically modified to minimize the risk of defiance.

The point is, your data is valuable as a means of manipulating you. The more data you give, the more effective the manipulation is. Major influential powers use manipulation to gain more power, and all of society crumbles into an authoritarian regime. One day, though, throwing disposable humans at a problem will fail, and it will lead to the extinction of our planet(s).

A day in the life

I want to end this section by outlining a day in the life of a privacyless society. This is meant to be somewhat lighthearted and humorous.

Choose your character:

• Disposaperson
• CEO
• Government official

If you chose Disposaperson:

You are Disposaperson #42069. You wake up at 7:00 AM in bunker #42, shared by you and your ordinally closest friends. You got a restful 6 hours of sleep. It's election day, so you were treated to 2 extra hours of sleep than normal. You should be in peak mental condition when making big decisions, after all. Speaking of which, you take your mandated 30 minute brain activity period, to make sure you are still able to function mentally. You scroll through Dreamscape, a new app that lets you watch the nightly dreams of each Disposaperson.

As you are scrolling, you land on a deleted video. 'This dream has been removed under suspicion of defying government powers.' Thats good. you think to yourself. Our government is protecting us from misinformation. "I agree," your bunkmate says, while listening in on your thoughts. You scroll past the occasional ad reminding you to work hard and follow the rules.

Once your mandated 30 minute brain activity period is up, your bunker marches in an organized fashion to the cafeteria. The Disposaperson in front of you accidentally stumbles, and is immediately killed. You step over the corpse, just as you have been trained how to do since childhood.

Once in the cafeteria, you take your seat and suck government issued Soylent out of tubes. You feel happy that food is free and doesn't make a mess. You feel euphoric, even, and not just because of the serotonin injected into the food. You're definitely going to cast your vote to the leader promising to increase the frequency of this Soylent flavor by 5%. Listening to everyone else's thoughts, you can tell everyone is in unanimous agreement. I'm so glad everyone can agree on everything. World peace has been achieved.

After your daily meal, you have been assigned to work in sector 12. It's nice to finally be mining coal instead of planting trees. Doesn't everybody know planting trees is bad for the environment? Where else would the government put bunker 9736?

Once in the mines, you take a nice breath of the black air. You're encouraged to breathe as much as possible during the beginning as an adjustment period. You love mining coal because it benefits everybody. You're so fortunate to be living on a planet with so many natural resources to use up. Your first planet, Earth, didn't have this much coal. You're so glad the government blew that planet up to reduce the number of depleted planets floating through space.

You check the mine's digital leaderboard. You are in the top 1% of coal miners today. You are happy at your work. After all, any lower on the leaderboard and you would be killed off to purify the gene pool. Only the best of the best should be working.

Once mining is complete, it's time for the election to be polled. It only takes a few nanoseconds. Oh good! you think. 5% more Roast Beef Soylent! I wonder what "Beef" is anyways... After that last thought, you feel yourself slowly drifting to sleep. The only words in your head: 'Defiance detected.'

If you chose CEO:

Your name is... what was your name your birth parent gave you? You can't remember, but it doesn't matter. Your servants call you "Master" anyways. You wake up on the sunny beaches on your own private island on your own private planet. You had a restful 14 hours of sleep. Your smart watch alerts your personal Disposapeople that you are awake. Disposaperson #1337 brings you your breakfast: scrambled eggs, fresh milk, and sizzling bacon.

You get flashbacks to the time one of your Disposapeople tried to bring you oatmeal. You hate oatmeal. It's too similar to the food those Disposapeople eat, even though you are the CEO of Soylent. You don't thank your personal disposaperson, and eat your meal. You have a nice life, after Soylent became the leading company in the galaxy. It's nice to have all your work done for you.

You check your profits for the day. You get angry after you see that they are only up by 756%. You'll have to pull some strings with your government connections later to only keep the top 1% of coal miners. That should raise your profits, and encourage those workers to work harder and follow the rules. Haven't they seen the ads?

You are almost done with your meal when your spouse barges in. Your spouse urgently tells you to come quick. Your spouse tells you that your child has been infected with a deadly disease. You ask how that could have happened. The doctor informs you that your child likely caught it from a contagious Disposaperson who had been in the mines.

Outraged, you know that the only solution is to cut the number of workers in the mines. You make a few phone calls and order any miner not in the top 1% to be disengaged immediately. You and your spouse can now rest easy knowing that no more of those workers will be infecting your family anymore. Plus, your profits are up by 1,058%!

If you chose Government official:

Your name is Steve. You are the government official in charge of planet C-137. Today is election day, so you have to put on a good show to make it seem like there is competition. You make sure the news is convincing as many people as possible, and you partner with Soylent to launch an ad campaign. "Work hard, and follow the rules." You like it, it's catchy.

Your assistant informs you that the planet needs to cut back on planting trees, otherwise there will be no room for bunker 9736. You thank her for informing you. They say being polite to your assistants increases the chances of winning an election, after all.

You check the numbers. Good. you think. Bunker #42 is unanimous. An alert pops up: 'Potential defiance detected in worker #42069' You scan the worker to check if the it is voting for you. The worker isn't fully confident. You decide to feed the worker its favorite flavor of Soylent, and promise to increase production of that flavor by 5%. It's convenient to know every worker's preferences.

That should do it you think. You tell your assistant to disengage that worker once the election is complete, just to be sure. You tried Soylent once. It was the worst thing you've ever tasted, but you had to put on a good face, or else the CEO of Soylent wouldn't have partnered with you.

The phone rings. You pick up the phone. It's the CEO of Soylent. The CEO tells you that you have to disengage any coal worker not in the top 1%. You remind the CEO that it's already at 2%. The CEO tells you it's urgent. You need Soylent to vote for you in the election, so you give in under the pressure. You order your assistant to disengage any coal workers not in the top 1%.

You turn on the TV to watch the workers from the satellite cameras. You couldn't imagine what it would be like if anyone could hide their actions. Only criminals would do that.

It's finally time to cast the votes. You push a button, and the votes are collected almost instantly. You won the election, you should be happy... Why aren't you happy?

A Private Society

Let's compare that dystopia to a private society. In this society, privacy is a fundamental human right.

Your Personal Life

Your information is yours, and stays yours. Personal information is never collected. There's no reason to collect it, because you never need to identify yourself using personal data.

If you want to rent a house, you just start paying for it. If you try to stop paying rent, the house gets seized. No identity required.

Healthcare is either free or a very small price that you pay for on the spot. No identity required.

Voting is done in closed buildings so nobody can try going to the back of the line to vote a second time. No identity required.

You buy a car by paying on the spot. Budgeting money and saving up is a common practice. No identity required.

People are civil. If you get in an accident, you pay each other's medical bills. No identity required.

If you want to board a plane, you pay for a ticket and board. No identity required.

When you get a job, you work and get paid at the end of the day. No income taxes, no background checks. If there are references on your résumé (which are not required), jobs can call those references as a "background check". No identity required.

No taxes at all. There's no way to enforce it without tracking income, and there are plenty of other ways to fund the government. No identity required.

Education is either free or you pay for an access card to the building. If you stop the payments, the access card is revoked. No identity required.

Immigration is something that can be done while respecting privacy, but it's apparently a controversial topic, so I will avoid talking about it. I will leave this as an exercise for the reader.

Stores can prevent theft in many different ways without surveillance cameras. Some examples are putting products in lock boxes to be unlocked at checkout, or vending machines. I'd love to hear some of your clever ideas for this.

Your data remains yours. No more online accounts to read an article about bigfoot. No more "send us a picture to verify your age". No more surveillance cameras. No identity requirements.

All communications are private by design. Aliases are common. Also, you can wear clothes.

Security

Breaches hit near zero as security becomes a requirement. Software is mandated to be open source, and government used software is required to be heavily audited. People use proper multi-factor authentication in day to day life. Funds are kept secure by using anonymous digital currencies or cash. ATMs to swap these are around every corner.

Centralized banking exists, but is used less commonly. The ones that exist are closely regulated to make sure they use good privacy practices. Companies are regulated in the same way.

Innovations in physical locks skyrocket, since cameras are no longer strapped to your doorbells. People realize surveillance isn't safety, and that they can get hacked quite easily. Those who do have surveillance systems use a closed circuit to host it locally. Laws are in place so these cameras only record the owner's property. Not the sidewalk, not the road, not the neighbors. Notices must be clearly posted outside.

Self hosting becomes widespread, with the most common tool to self host being blockchain miners. Those servers can double as heating systems in the winter. This person tried mining cryptocurrencies to heat his apartment, but the post with the results got deleted.

The society runs on a full mesh network. This ensures that internet is free and not tracked or censored.

Powers

Companies and governments are fully transparent, so any misconduct is easy to spot and fix. Individuals have privacy, but businesses and corporations do not. This society prioritizes individual privacy, but also transparency.

If misinformation spreads, it is neither the government's nor a company's job to censor it. People will learn to spot misinformation on their own.

Open source software is mandated for use in the government. The government takes security very seriously. National security is not kept by obscuring actions, but by putting real protections in place.

Without being able to sell your data, companies charge for products and services, not software. This not only encourages self hosting, but provides a better business model for things that cannot be self hosted. Things like VPNs, cloud storage, streaming services, etc. are open source but paid. Essentially, you pay with money, not data.

People are not controlled by any entity, and so they can think freely and express freely. Of course, free speech always has social consequences, but it is still free speech.

Conclusion

I could flesh out a lot of the fine details, but you get the picture. Society can function and thrive with privacy, and you need privacy for a free society. It really helps you appreciate the privacy we have today, and helps you realize how our privacy is slowly being eroded. It's a fun thought experiment to see some creative solutions to work around some of the challenges with privacy. We should have privacy as an essential baseline, and work around the problems, rather than defaulting to "more cameras in schools!". Can an AI camera stop a bullet?

Anyways, thanks for reading! My mandated 30 minute brain activity period is over, so I have to go.

P.S. I've undoubtedly made some pretty stupid mistakes while writing this, but I wrote this in good faith.

Edit: Typo

glitr.io

hey. im working on a p2p file sharing app. its far from finished, but ive got enough to put it up for testing and demo purposes. it would be great if you would like to take a look and share feedback.

the aim is for this is to make it easier to transfer files between your own devices.

(my app-description combined with security-claims typically raises eyebrows, so id like to include a link to a related reddit post: https://www.reddit.com/r/cryptography/comments/1evdby4/is_this_a_secure_messaging_app)

some pending things to add:

• improved connection stability when over the internet.
• increased file size capacity (currently limited to around 50MB)
• add file-transfer progress indicator (useful for larger payloads).

feel free to reach out for clarity.

Which VPN to choose and why

The research group SECUSO (@SECUSO_Research) at Karlsruhe Institute of Technology 🇩🇪 (@KIT_Karlsruhe) has an account in the Play Store and F-Droid where you can download lots of privacy-friendly apps

I've noticed recently (a couple of weeks) that searching for emoji via the search bar in the emoji panel seems now to be impossible in Google Board when the app does not have internet access (for privacy reasons).

The error message translates to "Emoji search data in unavailable". It only says this when my native language/keyboard layout is selected, not on US English QWERTY. There, search works as usual

Is it something already talked about? I do not want to enable internet connection on this app because of Google telemetry (I don't have GSF installed and use GrapheneOS)

Thanks for any bit of information/advice on this

Just came across this. Would love someone knowledgeable to comment on the architecture, security.

cross-posted from: https://lemm.ee/post/61780502

For context: I recently switched to a Pixel 9, installed GrapheneOS and created a profile just for some apps I need Play Store for, which is sandboxed btw. I created a new empty google account for it too.

So I was just downloading an app and saw the option to download it on my old device too, which made me wonder how GP knows about it, since I don't think I have anything on my new phone that could link to it (except my SIM I guess)

Any ideas?

Just to warn those who use it, Ive just discovered a Google AdMob tracker embedded into the app.

(the original app, not element X)

https://reports.exodus-privacy.eu.org/en/reports/im.vector.app/latest/#trackers

So friends and me arguing over if Teleguard encrypts media too or only chats. My take is, everything, as stated on their site: -> Complex encryption system for all transmitted data... (plus it's swiss based).

Element says this on their site (2.4 Sharing Data in Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights): ... Shared information is exclusively limited to what we are technically able to see, which means end-to-end encrypted information is never accessed by our teams or shared externally. (UK-EU based)

So both encrypt media but Element saves them while Teleguard deletes the messages after receiving?

I know I could and should encrypt whole drives but I want another layer of protect specific folders when my devices are unlocked, a password. I want the folders to behave like regular folders where I can add or remove files as usual, without a clunky UX like password protected zips. I looked it up and didn't find any straightforward solutions.

Searching F-droid today for 'vpn', something called URNetwork came up, touting itself as better then a VPN, and sounding frankly too good to be true. Duckduckgo searches are finding very little not either going to them (ur.io, or their github, etc) or some site called Product Hunt that I've never come across before. Nothing useful or that gives me confidence even that this isn't a scam.

Does anyone know anything about this product?

I have an old gmail account. I stopped actively using this account many years ago, but I'm still keeping it open for various reasons. I just sign in once a year or so, delete a few bits of spam, then log out.

Yesterday when I tried to log in to do this, Google wanted a phone number to verify my identity. It would not allow me to log in without a verification code from a phone. I tried to find a way around this. I clicked 'try another option', which then asked for the 'last password I remember'. I tried the current password, and the previous password that I had before that - but just told me that this was not enough to verify my identity.

I checked the Google help centre. Following its chain of questions basically told me that the only reason Google would do this is if I had activated two-factor authentication, or if someone else had got control of the account (and then activated two-factor authentication). ... I'm sure I didn't do this, and I very much doubt someone else had the account.

Reluctantly, I put in my phone number (which I know Google has had in the past, because I use to use this as my main account). The first time, I left off the area code, and Google told me that the number wasn't registered with the account. But then with the area code, the phone number worked and I was able to log in. So clearly it did have that number on record.

The very first thing I did was to try to remove any mention of this phone number from the account. But it wasn't mentioned. There were no phone numbers listed as registered to the account, and two factor authentication was turned off. I couldn't find any mention of that phone number anywhere in my account, nor find any way to delete it. Nevertheless, it was required when I wanted to sign in.

So I'm somewhat concerned. I don't want this number registered to the account in any way. I don't want to ever have to use it to verify my identity. I don't want it to be associated with my identity. Google doesn't show me that the number is associated with my account, but obviously it is - because it was required for me to log in!

Google has lots of 'helpful' pages about what personal information they store, and how you can delete it. But this experience highlights that they definitely store more than is shown in the profile page, and that there is no built-in way to ask for it to be deleted (or to even know what the information is). It makes me wonder what other personal information they have secretly stored. Probably a lot.

I'm wondering what steps I should take to have this personal data removed. I'm under the impression that there are GDPR laws which might compel Google to delete personal data if I request it to be deleted. But it isn't clear what data they have; and it definitely isn't clear how to contact them.

Basically just the title, delete this if it's not the right community.

I hate iphones and apple stuff for obvious reasons. But I am forced to use it to some degree. I just want to get a community consensus on any problems with signal being shared, seen, monitored, or sent to apple servers or icloud while being used on an iphone.

I was posting some comments on Reddit, in the "Privacy" subreddit, about better privacy options than Android or iOS—like GrapheneOS. I just received a message from the bot deleting my posts that mentioned GrapheneOS or other privacy-friendly operating systems. I accept this, since I'm not the owner of the subreddit. But with all due respect, what's the point of having a place to discuss privacy if comments recommending great privacy-focused OS alternatives get deleted? I don’t get it.

It seems like people in that community want privacy, but apparently not enough to have an open discussion about alternatives. Sure, some people might disagree—that's normal in any discussion! Should we stop talking about the NSA because some people support what they do? I doubt anyone would suggest that.

Am I missing something here? Maybe I just don’t understand the reasoning.

cross-posted from: https://lemmy.world/post/2694719

cross-posted from: https://lemmy.world/post/2685916

OK, c’est pas vraiment "l’image du jour". Elle correspond plus à la période troublée que nous traversons actuellement.

i use GrapheneOS since December 2024 without even sandboxed google play services. the only non open source and not safe apps on my phone are instagram, messenger, telegram, whatsapp, tiktok, snapchat and i want to get rid of them but i wanna see the content from people on these apps. are there any wrappers for privacy, for these apps, such as aeroinsta for instagram (i already use it) in order to use them but protect my data at the same time? 😭