Cross-posted to: https://sh.itjust.works/post/15859195

From other conversations that I've read through, people usually say "Yes, because it's easy on Windows", or "Yes, because they simply don't trust the webcam". But neither of these arguments are enough for me. The former I feel is irrelevent when one is talking about Linux, and the latter is just doing something for the sake of doing it which is not exactly a rational argument.

Specifically for Linux (although, I suppose this partially also depends on the distro, and, of course, vulnerabilites in whatever software that you might be using), how vulnerable is the device to having its webcam exploited? If you trust the software that you have running on your computer, and you utilize firewalls (application layer, network layer, etc.), you should be resistant to such types of exploits, no? A parallel question would also be: How vulnerable is a Linux device if you don't take extra precautions like firewalls.

If this is the case, what makes Windows so much more vulnerable?

I work on a corporate laptop that has an infamous root CA certicate installed, which allows the company to intercept all my browser traffic and perform a MITM attack.

Ideally, I'd like to use the company laptop to read my own mail, access my NAS in my time off.

I fear that even if I configure containers on that laptop to run alpine + wireguard client + firefox, the traffic would still be decrypted. If so, could you explain how the wireguard handshake could be tampered with?

What about Tor in a container? Would that work or is that pointless as well?

Huge kudos if you also take the time to explain your answer.

EDIT: A lot of you suggested I use a personal device for checking mails. I will do that. Thanks for your answers!

I helped my 77 year old mother purchase a new laptop, and I want to be sure to get all the bloatware off of it, and set her up with with some better privacy options. I am aMac guy at home so I haven't done this kind of thing for many years. (I use Windows at work, so I'm quite familiar and capable, but obviously I have to rely on IT knowing what they are doing (they don't)). I did make sure to get the pro version of Windows 11. I'm going to set her up with Proton mail I think. This is the computer that is coming:

https://www.bestbuy.com/site/lenovo-thinkbook-16-g6-abp-amd-in-16-touch-screen-notebook-amd-ryzen-5-with-16gb-memory-512gb-ssd-gray/6565272.p?skuId=6565272

(Forgive me if this is not the correct place to post)

Is there something that can generate random Internet usage to make the real sites I go to a bit obfuscated?

I'm thinking something that runs on my server, and simply visits a random website. It probably shouldn't actually be random, and some sort of tweaking would be great. Like the ability to have it visit every news site there is. That way the ISP will have a harder time telling my political bias.

The threat model for this is below using a VPN for normal usage, although getting a dedicated VPN IP address is a project for one day.

I currently use a few browsers on various platforms:

• Mullvad on Linux and macOS
• Firefox (w. Arkenfox User.js) on FreeBSD
• Safari (w. extensions & privacy settings changed) on iOS

However, I am finding the absence of any sort of cookie persistence in Mullvad and Safari to be a little annoying, as just about everything I use has 2FA enabled.

So, I was wondering what you would say a good choice for a second browser would be. I would use this to access a small number of privacy-respecting sites (such as CloudTube and Lemmy), which would involve saving cookies and allowing third-party content (i.e. googlevideo in CloudTube). Ideally, this should be Firefox or WebKit-based, and I would like suggestions for Linux, macOS, FreeBSD, and iOS.

On macOS, I have not signed in with an Apple ID, so I can't use the App Store; but I do have Homebrew and pkgsrc(7) installed.

Any ideas?

EDIT: I am NOT moving away from Mullvad. I'm looking for a COMPLEMENTARY browser which I can use for stuff like CloudTube.

It was a many months transition, and it's finally done

Fun thing, you can actually make a backup of all* your messages, groups, contacts, etc. So before leaving you can have all of your data in case you need that one contact or something

The final red flag was as that allegedly Russian authorities were messing with people's deleted messages. Not for the first time there are news that they could read, modify, delete, see location, and etc. Screw it, this is unsafe, I'm out.

Also, these days telegram is really at the state of a pile of garbage, bloated, buggy, and shady messenger.

I'm guessing the answer is "no", but thought I'd ask for advice here regardless.

I don't have FB. Haven't for years. I ditched it long before I started giving a shit about Privacy, it's just so toxic and silly.

That said, I'm a retro gamer constantly on the hunt for holes in my NES/SNES collection and unfortunately the folks in my area seem to be quite a bit more active on FB Marketplace than Craiglist, Offerup, or Nextdoor For Sale pages. In the past I've asked my spouse to message the seller for me and then show up with cash and buy what they're selling. Increasingly, sellers are scared of scams and seem to be less responsive to this type of inquiry.

Is there anyway to minimize footprint in FB? Or perhaps a way to use Messenger without an account? You can browse the marketplace pages of your community without an account, but they'll pester you the whole time and you can't save your locale without signing in.

Or am I out of luck entirely? I thought about posting "In Search Of" type posts on Craiglists to bring the buyers to me, but my area has several of those already and I'm not after bulk lots or other platforms other than the old Nintendo stuff.

I do check Ebay as well and have found a few gems for decent prices and a local shop occasionally has some stuff that hasn't been completely picked over, or i show up right after someone sells their collection and that's rad, but that's rare.

Like even if they have nothing else they could just leak IP is there any law against it ? Or any technical aspect stopping them ?

I dont really use it much tbf just thought it was a cool project but I've just read about how lemmy instances can be fined for not complying with GDPR Read more

I’ve been trying to find an alternative to Life360 that doesn’t use Google/Apple map data.

If I could find a similar app that uses OpenStreetMap data, that would be fantastic.

I’ve been recommended a plugin for OsmAnd which allows location sharing through telegram. This wouldn’t be ideal as none of my family uses Telegram.

Edit: my original post on [email protected]

This article will describe how lemmy instance admins can purge images from pict-rs.

Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)

This is (also) a horror story about accidentally uploading very sensitive data to Lemmy, and the (surprisingly) difficult task of deleting it.

My girlfriend is be very interested in putting Blink (Amazon) cameras up around our property. I am not interested in paying Amazon to keep our security footage.

What I'd like to do is have motion activated internet connected cameras around the property that somehow send footage to a server (I don't know if that's the correct term, I'm kind of an idiot) that I keep on the property.

So I have three questions:

1. is this the right forum to be asking about self hosting security footage?
2. does anyone here have experience doing this and would they be willing to send some pointers my way?
3. is this a feasible DIY project or am I better served paying for a service?

I've done a little digging into self hosting and it's not cheap, but I think it will be cheaper than paying a subscription. And safer too, which is rad.

Thank you all!

Just enabled DDG's app track protection to test it out. Had Nekogram opened for a few mins, and Google already made 234 data collection attempts. I know the Big Guys are hungry for personal data, but this is absolutely ridiculous.

cross-posted from: https://lemmy.ml/post/12744832

As I updated the version to 1.4.0 , adding the 'import' feature I am sharing this here.

I made this extension because I couldn't find one that wouldn't ask for too much permissions (such as accessing all websites data).

Eventually I found it nice to have a TOTP that can really be audited, the code is 649 lines of JS, 214 CSS and 52 HTML. Feel free to fork, copy part of it, contribute or just request fix/features.

I have used it for more than a year every day and it works nicely.

"App developers can encrypt these messages when they're stored (in transit they're protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted."

Been using signal for years and love it and got the majority of my contacts on to it. My question is how are usernames useful now? You still need to register with a phone number with signal to limit spam and bots afaik and I'm assuming you should protect your username just like you do your phone number anyways because spam, malicious files/messages, etc... What scenario is this addressing where an average person gives up their username to a stranger? The only one I can think of is online dating or other online interactions like on forums. Just seems this is just more tailored to the people who need to be pseudo-anonymous for whatever reason than an actual privacy feature. Even then for the anonymous people does that mean usernames will be able to be changed?

Tldr: Questioning what scenario does signal's new usernames address for the average Joe?

Edit: Just realized can be very useful for work relationships

Was using my SO's laptop, I had been talking (not searching, or otherwise typing) about some VPN solutions for my homelab, and had the curiosity to use the new big copilot button and ask what it can do. The beginning of this context was actually me asking if it can turn off my computer for me (it cannot) and I ask this.

Very unnerved, I hate to be so paranoid to think that it actually picked up on the context of me talking, but again: SO's laptop, so none of my technical search history to pull off of.

Due to financial problems, throughout my privacy journey I have only used free tools to enhance my privacy. I was recently thinking about the question: If I had the money to give back to the services I've used, which ones would I donate to? Here is my personal list, which is still a WIP:

I will definitely donate to (15):

• Aegis Authenticator | Donation Link
• F-Droid | Donation Link
• GrapheneOS | Donation Link
• KeePassDX | Donation Link
• KeePassXC | Donation Link
• The Linux Foundation | Donation Link
• LUKS | Donation Link (Help me find!)
• Mullvad | Donation Link (Help me find!)
• The Qubes OS Project | Donation Link
• SimpleX | Donation Link
• SearXNG | Donation Link (Help me find!)
• Tails | Donation Link
• Tor Project | Donation Link
• uBlock Origin | See here
• Whonix | Donation Link

I am very likely to donate to (14):

• Briar | Donation Link
• coreboot | Donation Link
• Electronic Frontier Foundation | Donation Link
• FreeTube | Donation Link
• The Gnu Privacy Guard | See here
• Libreboot | Donation Link
• LibreOffice | Donation Link
• MySudo | Donation Link (Help me find!)
• NewPipe | Donation Link
• OpenStreetMap | Donation Link
• OpenPGP | Donation Link (Help me find!)
• OpenVPN | Donation Link (Help me find!)
• Orbot | Donation Link
• WireGuard | Donation Link

I will most likely donate to (7):

• AnonAddy/addy.io | Donation Link
• GtkHash | Donation Link (Help me find!)
• Joplin | Donation Link
• Lemmy | Donation Link
• LibreWolf | See here
• Monero | Donation Link (Help me find!)
• Nitrokey | Donation Link (Help me find!)

I may donate to (11):

• DuckDuckGo | See here
• Fedora | See here
• GitLab | [email protected]
• GNOME | Donation Link
• Molly | Donation Link
• AdGuard | Donation Link (Help me find!)
• Organic Maps | Donation Link
• privacy.sexy | Donation Link
• Proton | Donation Link (Help me find!)
• Signal | Donation Link
• Standard Notes | Donation Link (Help me find!)

I may add more as I think of them. Please leave your ideas!

Note: I'm trying my best to avoid turning this into just a list of privacy tools, but that may end up being what it becomes.

Honorable Mentions (9):

There are some services that I support but either don't use or have not matured enough to donate to.

• 2FAS | Donation Link
• Free Software Foundation | Donation Link
• Mozilla (Firefox) | Donation Link
• GNU Image Manipulation Program | Donation Link
• Invidious | Donation Link
• OsmAnd | Donation Link (Help me find!)
• Piped | Donation Link
• Spotube | Donation Link
• Wine | Donation Link

Some math

I realized I never actually specified any amounts that I would donate to each service, so here is most likely how I will spread my money:

For the services I will definitely donate to, I will donate $50 to each services.

For the services I am very likely to donate to, I will donate $40 to each service.

For the services I will most likely donate to, I will donate $30 to each service, for the ones I decide to donate to.

For the services I may donate to, I will donate $20 to each service, for the ones I decide to donate to.

For the honorable mentions, if they ever become part of my official donation list, I will start with a $10 donation and increase it from there.

For those thinking those are small donations, note that if I were to donate those amounts to every service it would be a total donation of over $1,800. That is at least a start, and once I am able to donate I will likely donate the same amount every year.

By no means am I doing this for publicity or congratulations, I am just making my thoughts public and hopefully sparking others to donate to some privacy services. Lots of these services run off of donations, so please try not to take them for granted!

A note from me

There seems to be a misunderstanding about the purpose of this post. I am not posting this to receive criticism for my choices, although I am happy to learn about potential misconceptions I had about certain services (Organic Maps, Mozilla, etc.) This list contains my choices, and your choices may be different. Nor am I posting this to gain attention, media traction, congratulations, or publicity. The purpose of this post is to encourage you to make your own list based on your own criteria, and to potentially share it here. Very few people have actually commented with services that they would/do donate to. I have decided to include my choices as well as links to better help others find what they would donate to. For example, many people may forget to donate to services like GNOME that they use every day without thinking twice about the developers who have worked hard to create it. I'm aware that some of these services are for-profit, have poor business practices, or are based in privacy disrespecting countries, but in my opinion (and again, you should make your own list based on your own opinion) those services deserve my support. I thank everyone who has helped me better formulate my list, but this post isn't meant to be about me. I encourage you to take your time to make your own list of services you really would consider donating to. The draft for this list has taken me over a month. Thank you all for taking the time to read through this, and it is unlikely I will be interacting with this post for a while.

Recent update

I recently went back and changed a few things, adding some I missed. There is drama surrounding Libreboot, and some murky information about which companies provide the best security keys, as well as other stuff. I've decided to abandon this list and remake it elsewhere, maybe to share here. Cheers!