seems to be the soft spot of Mull. It leaks too many "Bits of identifying information"

how do i anonymize it?

mull resets about:config modifications after quit

I've been using this phone number from JMP.chat and I've barely used it for much of anything (Started February 27th, 2024), and somehow its telling me I need $35? I tried out their service plan but it was way too expensive. I only bought it once and took off my credit card after because auto pay kept auto depositing money into my account too frequently. Maybe I'm doing something wrong?

Edit: Found out what happened, it's $6.99/GB for the eSIM, I'm billed 5GB at a time. So $35 total.

I was wondering what viewpoints and opinions this community has when it comes to cryptocurrency.

Personally, I'm not against it, but I'm not for it either. I like the concept of bringing back cash anonymity, and also decentralization (obviously). Although I don't think it will be viable for at least another decade.

Is there a fork of Android (or a way to harden it) that locks down the OS similarly to how Apple does it?

Apple's implementation can actually protect you from commercial spyware. I'm impressed.

I have started to develop an AI voice assistant using python and some other software. I am building it with privacy and security in mind. I am open to contributions. https://github.com/sidgames5/excalibur

All questions are in bold for ease of use.

The major carriers in the United States participate in NSA surveillance (except for T-Mobile apparently, because it's based outside of the US. Except they bought Sprint, which participates.) and that, along with other major privacy issues, means that the market for private carriers is incredibly slim. When I found out that some carriers, such as Mint Mobile, piggyback off of Verizon, I wondered: What's stopping a carrier from simply E2EE everything from Verizon, and then using Verizon to transfer the data? Obviously, the encrypted data could still be collected and sold, but it wouldn't matter if the encryption was setup properly, right? I'm looking to better understand how this works, and, if a solution exists, potentially be the first to make it happen. The reason I'm not suggesting creating a carrier without piggybacking is due to the sheer cost and lack of support it would have, which would lead to poor adoption. Also, if carriers simply don't support E2EE, couldn't carrier locked phones install the software (since most install software anyways) required to make E2EE work?

Hi,

I am (very, very early) in the process of degoogling. I am definitely not a high risk as far as needing to be completely locked down. It's more about trying to have a little more control over how my data is used.

I am looking at Graphene OS, but I am a little confused how certain apps (that rely on Google services) work. I have a Pixel 8 and will have it for the foreseeable future.

The apps I currently use that I would still need (or their equivalents) are:

• Clash Royale (Supercell)
• Notion (Notion Labs)
• Clickup (Mango Technologies)
• Business Calendar 2 (Appgenix)

1. If I installed these exact apps "sandboxed", what exactly does that mean from a user standpoint? Will I have to use a separate account, reboot my phone, etc, or is it a quick process to use the app?

2. Is there a list of apps that I could browse to find equivalents to the above? Recommendations here are also ok.

3. I saw that Firefox isn't exactly private(?) and that Vanadium is better in that aspect but I don't understand why. Can someone ELI5, and help me see if this is a relevant concern for me?

Thank you! 😁

may be of interest to this community

As cars become ever more sophisticated pieces of technology, they’ve begun sharing information about their drivers, sometimes with unnerving consequences.

Kashmir Hill, a features writer for The Times, explains what information cars can log and what that can mean for their owners.

Hi all,

I am travelling soon to the US, for my vocation and as a long-time private person I will be taking some steps to maintain my privacy as I enter the country.

As this is an interesting area of the topic, I have decided to throw the question open to all of you.

What precautions (IT, physical, mental, otherwise) do you undertake when travelling internationally?

M.

I have an app on my Android phone called Calls Blacklist. I whitelisted my contacts and block everything else. It blocks calls coming in on my mobile number, but I also have a Google Voice number that it doesn't block calls for. Weird thing is that I only seem to get blocked spam calls after placing an outgoing call using the Google Voice app, and the blocked calls are always from the last number I dialed. They try to call at different times for about a week then stop. Could someone have access to my outgoing G-Voice call info? How would I find out if they do?

I just read in interesting and informative post from @Charger8232, and decided to write one of my own.

Perhaps there could be a megathread created?

EDIT: Items in italics are subsequent additions.

Remember these rules:

• Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn't align with yours, or uses some anti-privacy software, doesn't mean you can downvote them! Help them improve by giving suggestions on alternatives.

• Don't promote proprietary software! Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren't sure, you can always ask! This is a place to learn. Don't downvote people just because they don't know!

• Don't focus solely on me! Since this happened in another one of my posts, I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn't mean you can't still give suggestions for mine, but don't prioritize mine over another.

• Be polite!* This falls under "Be respectful", but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

Here is my setup:

Web browsing

• I use Mullvad Browser for general browsing.

• I use Tor Browser for extra protection, when necessary.

• I use Firefox + Arkenfox User.js for general browsing on FreeBSD and on my Raspberry Pi, as Mullvad has not yet been ported to FreeBSD or aarch64.

• I use MetaGer for web searches, but I keep switching between different private options.

• I always use ProtonVPN (free tier) through WireGuard.

• I use NextDNS for extra content blocking.

• I use Redirector (by Einar Egilsson) to redirect me to alternative frontends for popular services (e.g. YouTube -> CloudTube)

Desktop

• I use several trusted Linux distributions, as well as FreeBSD, on my PCs and MacBook.

• My MacBook's UEFI is password-protected, but I have not done this on other machines:

  • I haven't got around to securing my main laptop at the UEFI level yet.
  • My ThinkPad is second-hand and quite old. The BIOS cannot be locked, and the PXE settings have been password-protected by the previous owner.
  • All of my other devices are simply too old and rarely leave the house anyway.

• I recently installed Tails, but I haven't yet had cause to use it.

• I use full disk encryption on everything, and I have a VeraCrypted pen drive for special cases

• I cover all of my webcams with Blu-Tac or electrical tape

• Many of my laptops are too old for this, but I am trying to make the switch from X11 to Wayland (as recommended by PrivacyGuides).

Mobile

• I currently use hardened iOS until my iPhone burns out or gets obsoleted. Once this happens, I'll be using DivestOS.

• Again, I constantly use ProtonVPN (free tier) using the WireGuard app (as this is the only VPN client that both supports Proton and allows customising the DNS).

• I use the private mode in Orion Browser (not to be confused with Onion Browser), as the EFF's Cover Your Tracks software reported that it was less fingerprintable than other options.

• I have Onion Browser installed, for when I need more protection or if I need to access a .onion

• I use an alphanumeric passphrase.

• I disable radios (i.e. WiFi, Bluetooth) when they are not in use.

• I don't use a privacy screen protector, but I will buy one for my next phone.

Messenger

• I am forced to use WhatsApp, sadly, as none of my friends or family will even humour me by trying Signal. It could be worse.

Online accounts

• I use KeePass to manage my passwords, which are synchronised between devices using Filen.

  • KeePassXC is the client I use on desktop.
  • On iOS, I use Keepassium; but I am apalled by the selection of clients available.
  • When I switch to Android, I will use KeePassDX.

• I use ente Auth and OTPClient to generate TOTPs. I also have a graphing calculator that can generate these.

• I am in the process of partially anonymising my online accounts.

Video streaming

• I use CloudTube to watch YouTube videos.

• I use PeerTube when possible (mainly to watch Techlore and The Linux Experiment).

• I use FreeTube on desktop.

AI

• I played around with ChatGPT and DALL-E last year, but those days are behind me now.
• I signed the NoML open letter, and I have used robots.txt to shut out LLM scrapers from my websites.

Social Media

• The only non-FOSS social media I use are Tumblr — which is ranked B by ToS;DR — and cohost.

• I only use my real name on Mastodon, and even then I will probably change to my usual username when and if I next decide to change servers.

Email

• I use Posteo.

• I have DuckDuckGo Email Protection as an alias service, which I use through Bitwarden.

Shopping/Finance

• I rarely make online purchases. I am certainly being tracked, but I'm simply not producing enough data in the first place for this to be a big problem.

• For physical purchases, I ~~am trying to~~ use cash ~~more often~~. However, my sixth form cafeteria only accepts two forms of payment: biometric (handled internally) and debit card.

• I use no subscription services at all, but I may use LiberaPay and OpenCollective in the future to support open-source projects.

Music streaming

• I occasionally stream music from Bandcamp, but virtually everything I listen to is either on CD or a local file.

• I occasionally listen to KERRANG! Radio using an MP3 stream, and BBC Radio 4 over FM.

TV shows

• I use DVDs for most of my viewing, but I have sailed the high seas in the past

• Some shows I enjoy (i.e. Helluva Boss) are released officially for free on YouTube (watched via CloudTube).

• I do not own a smart TV.

Gaming

• I generally don't game.

• When playing Minecraft, I use PrismLauncher and I'm always sure to install the Anti-Telemetry mod.

Programming

• I code in Python using Micro. I also sometimes use Kate, but only if I'm running Plasma.

• I use Codeberg to host my projects.

Productivity

• I normally use LibreOffice.

• I'm trialling a new workflow, using Markdown and Pandoc for text documents and presentations, and Gnumeric for spreadsheets.

Misc

• I use an RSS reader for news.

• My local timezone just happens to be the same as UTC.

• I use a privacy-respecting smartwatch: the PineTime (from PINE64).

• I don't have a car, as I'm 17.

• I use Bluetooth headphones out of necessity. I'm still salty about Apple removing the headphone jack and then every other phone company following suit. However, they are basic headphones which do not require an app, and so they should be more private than other similar models.

• I will never use Amazon Echo or Google Home.

To-Do

• ✅ ~~Look into further hardening of iOS~~
• ✅ ~~Start using multiple browsers~~
• ✅ ~~Use cash more often~~
• ✅ ~~Anonymise social media~~
• Try to get family to ditch Meta
• ✅ ~~Look into BIOS and UEFI hardening~~
• Buy a privacy screen protector and faraday equipment
• Audit all systems with Lynis

Thanks for reading!

EDIT 27/05/24: Updated search engine, iOS apps, email, social media, and checklist.

I apologize in advance of this is too basic a question for this community.

I just learned about lexisnexis and went to their website to request my report, opt out of everything I could, and request my information be deleted.

Are there any other companies like this I should be aware of so I can make the same requests there?

If it matters, I'm in California and it's my understanding that I have a few more rights concerning this sort of thing than some others do.

Hello, Lemmy!

It may be difficult to spend time actively improving some of the services you use to have a more privacy conscious presence, and so this thread is dedicated to help people learn and grow in their privacy journeys! Start by stating which services you currently use, and which ones you may be looking for/want to improve. This thread is entirely optional to participate in, because a lot of people understandably feel uncomfortable listing which services they use. Writing those out can be a lot of work, but the payoff is huge!

Remember these rules:

• Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn't align with yours, or uses some anti-privacy software, doesn't mean you can downvote them! Help them improve by giving suggestions on alternatives.

• Don't promote proprietary software! Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren't sure, you can always ask! This is a place to learn. Don't downvote people just because they don't know!

• Don't focus solely on me! Since this happened in another one of my posts, I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn't mean you can't still give suggestions for mine, but don't prioritize mine over another.

• Be polite! This falls under "Be respectful", but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

Here is my setup:

Web browsing

• I use Tor for using online accounts (such as Lemmy, etc.)

• I use Mullvad Browser for general browsing

• I use Librewolf for functionality that Mullvad Browser doesn't have (security keys, etc.)

• I use Firefox + uBlock Origin for streaming videos that break on Librewolf and Mullvad Browser.

• I always use a SearXNG instance for web searches. I always use ProtonVPN (free tier). I use a private DNS resolver.

Desktop

• I use Secureblue (yes, I'm that guy from a post a couple weeks ago)

• I sit behind a firewall.

• I only use FOSS Flatpaks with Flatseal.

• My BIOS is password locked but proprietary (due to compatibility issues).

• I occasionally use Tails because I think it's fun.

• I use full disk encryption, multiple disks, and a second layer of encryption for specific important files (NSA style)

Mobile

• I currently use hardened iOS until I can scrape together some money for a Pixel to use GrapheneOS

• Again, I constantly use ProtonVPN (free tier)

• I use a private DNS when ProtonVPN is turned off

• I use AdGuard, but I browse the internet with the DuckDuckGo app (I can't sideload)

• I use a very strong passcode

• Airplane mode is constantly enabled, I don't have a SIM

• I use a Faraday bag to store my device when I'm in public

• I use a privacy screen protector

Messenger

• I mainly use Signal with a borrowed phone number, because SimpleX is still buggy on iOS, and Signal is the easiest to switch friends to. I rarely use iMessage, but there are times when I have to.

Online accounts

• Passwords are stored in Bitwarden for mobile accounts, and KeePassXC for desktop accounts.

• Yubikey is placed on any account I can, otherwise 2FAS is used

• I keep public accounts (Lemmy, etc.) as locked down as I can.

Video streaming

• I use the native YouTube app on iOS, simply because any of the others I've tried either don't actually work or require a Mac to install. I don't have a Mac, obviously.

• I use FreeTube on desktop, but as I was writing this I was informed that FreeTube has a few issues I may want to look into (Electron).

AI

• I would love to know if there are any Flatpaks that run local LLMs well, but I currently use GPT4All (since that's what I used a year ago).

• On mobile, I use an app made by a friend that gives access to GPT-4 and Gemini. Because it's running off of his own money, I'm not going to share the project until he has a stable source of income.

Social Media

• I don't use any social media besides Lemmy.

Email

• I use ProtonMail

• I have addy.io as an alias service

Shopping/Finance

• I currently either proxy my online purchases through someone else (have them buy it for me and I pay them back), or use a gift card

• For physical purchases I use cash

• I only use my bank account for subscriptions (Spotify, etc.)

• I am working on using Monero and privacy.com

Music streaming

• I use Spotify on my phone

• I use Spotube or locally downloaded files on my computer

• I have multiple AM/FM receivers with some yard long antennas and direct metal connectors

TV shows

• I stream from ethical services for some movies

• I go to a theater or buy a DVD for other movies. I am the proud owner of a USB DVD player.

• I also have an antenna hooked up to my TV

• There are certain IPTV services I have used in the past

• I do not use a smart TV.

Gaming

• I download local games, plain and simple. Or I code my own game.

Programming

• I code in Python using PyCharm. I'm looking for alternatives.

• I will use GitLab when I decide to publish some of my work.

Productivity

• LibreOffice, although the UI is iffy

Misc

• I don't use any location services

• All my clocks are set to UTC

• I don't have a smart watch

• I don't have a smart car

• I use Bluetooth earbuds

• I cover my webcams with paper and tape. Reason: It's worth taking a couple seconds to peel tape off when you use the webcam than to risk a massive breach.

Thanks for reading!

Note here: I found out the other day that a Google Streetview car passed by my house, and my blinds being shut were the only thing keeping my room away from prying eyes. Is there an easy way to blur/censor my house without giving up my soul?

Special thanks

Lots of people kindly contributed their personal setups in the comments, and some even made their own posts! I'm really glad I could spark inspiration and start a way for people to learn and grow in their privacy journeys. To think, just this morning, I was stressing on if people would even enjoy the post at all! Thank you all again, and please go forward to inspire others. I am not the person who made this happen, all of you are!

What do you think of AdGuard adblocker for iOS and Mac? Is the adblocker safe? I'm currently using 1Blocker but I'm no longer satisfied.

There are many enemies of privacy. There are politicians claiming the (at best) misguided pretense of “protecting the children,” intellig...

Romeo Chicco’s auto insurance rate doubled because of information about his speeding, braking and acceleration, according to his complaint.

TL;DR: I got a response from Reddit that basically says they’re not violating anything.

There was a post here 3 weeks ago that talked about the GDPR violations Reddit is committing.

reddit is telling it's future investors with recent news and more info on their IPO, that they're currently selling and looking to sell their user's data to companies wanting to train their LLMs, including Google.

I’m not sure of anyone else has gotten a response from them yet so I thought I’d share the email.

The Email:

Hello,

Thank you for contacting Reddit.

As stated in Reddit's Privacy policy much of the information on the Services is public and accessible to everyone, even without an account. By using the Services, you are directing us to share this information publicly and freely.

Reddit prohibits use of its service to infringe people’s intellectual property rights or any other proprietary rights, and prohibits unauthorized scraping of Reddit content. Please note, however, that when you submit content (including a post, comment, or chat message) to a public part of the Services, any visitors to and users of our Services will be able to see that content, the username associated with the content, and the date and time you originally submitted the content.

Reddit allows moderators to access Reddit content using moderator bots and tools. Reddit also allows other third parties to access public Reddit content using Reddit's developer services, including Reddit Embeds, our APIs, Developer Platform, and similar technologies. We limit third-party access to this content. Reddit's Developer Terms are our standard terms governing how these services are used by third parties.

Please note that you can use the Services without choosing to share information publicly and freely on them, and you can also remove your content from Reddit at your discretion. For more information, please check out our help center articles for more information here

Thank you, Reddit Legal Support

I always remove this data from my screenshots before sharing, but is there any way to prevent this from happening in the first place? I've searched and searched, but all I can find is information about how to remove the data after the fact, which I already know how to do, but it would sure be nice if it never got added in the first place. Thanks.

I did a clean install of Windows 11, and have also used Chris Titus's tools to the best of my ability. Wondering the best extensions to add on Firefox. Also, should I get her onto the Proton train, or try to make her iPhone and Windows play nice?

I was looking for a multi-OS file encrypter, for a single solution, and found this one: https://paranoiaworks.mobi/sse/pro_version_features.html

The pro version says, "You get new algorithms: Threefish 1024bit, SHACAL-2 512bit and Paranoia C4 2048bit (which is a cascade of Threefish–Serpent–AES–SHACAL2)."

Any real benefit to a multiple encryption scheme of 4 different ciphers for that 3rd algo? Just seems like it could increase the likelihood of introducing more possible vulns and/or more susceptible to cryptanalysis

Onerep is a privacy monitoring service/ privacy provider that Mozilla partnered with for their Mozilla Monitor service.

Yesterday, Brian Krebs (a cybersecurity journalist) dug into Onerep and found that the CEO is a shady Belarussian. Dimitri Shelest, CEO, of Onerep owns multiple “people searching” websites. Shelest has also been linked to aggressive spam and affiliate marketing emails.

Onerep’s reputation is shady due to their CEO’s multiple conflicts of interest. At worst, Onerep is sucking your personal information. At best, you’re paying for a service that doesn’t do anything. Either way, I would not trust Mozilla Monitor service .

This is a copy and paste from a post I made to [email protected]. I do not no know how to crosspost and I apologise for my mistake a head of time.

https://www.youtube.com/watch?v=eR7D6Fx0fTQ

Not 100% in agreement with some of her videos, but I believe this one is spot on, and probably easier to understand by regular folk.