That's a use case for aliases, catching if any company or service gives out your email to be abused by advertisers and whatnot. I tried looking for stories but didn't find any, I wonder if you have any to share.

I have not any prior experience with installing custom ROMs, but after trying it out (and getting stuck, and googling and finding answers) I successfully did it. Below is my home screen if anybody is curious:

I use OpenBoard for my keyboard. Unfortunately I am still dependent on Play Store since some of the apps I need can only be found there. Sometimes it feels meaningless committing to this whole thing because I'm not perfectly private; then I think this is better than using a regular iPhone or Android phone.

So far I'm liking it. I am naturally inclined to feel hesitant about using this as my main phone and plugging in a SIM since it's custom, but I'm slowly making the transition.

Feel free to share any beginners advice or your own experience using GOS for the first time. Cheers!

I'm looking for ones that ideally don't log IP. Is there a guide somewhere that looks into each of these instances and whether or not they fulfill the privacy promise?

I'm most interested in Invidious.

I prefer Librewolf as it is easier and simpler to use

TL;DR I am looking for confidential genetic testing, as I am concerned about potential misuse of my genetic information could lead to a conservatorship or loss of autonomy. I am willing to travel, and I would like all records destroyed after testing. I am also open to international options to ensure my privacy.

I'm seeking a confidential method for genetic testing, as I have concerns about my privacy. I reside in the USA and suspect I might have a mosaic genetic condition based on certain phenotype traits I observe. I'm not comfortable with my genetic information being stored in databases or shared, and I'd prefer the lab records, testing data, and results all be destroyed after completion. I'm open to traveling for this testing if necessary, especially since I do not trust US laws to provide adequate privacy protection or the right to delete medical records.

I've had experiences that have shaken my trust in institutions and governments handling sensitive information ethically, including having medical information shared without my consent by a hospital and it later being legally determined they did not violate my HIPPA rights in the process. I'm worried that my genetic information could be used against me, potentially leading to conservatorship or loss of financial autonomy. I'd like to avoid providing any legal documentation for the testing, if possible.

I'm also concerned about the security of genetic databases and the potential for breaches. Ideally, I'd like all records of the testing and medical records to be destroyed after completion to prevent unauthorized access.

Is there a way to ensure my privacy while getting the genetic testing I need? I'm open to exploring options in other countries, as long as I can ensure my privacy is protected. Please address only my privacy concerns related to genetic testing. I'm not interested in suggestions about mental health support or therapy at this time.

I do not authorize or approve of any unauthorized data scraping or AI training using this post; such actions would be unethical and without my permission.

How are you storing passwords and 2FA keys that proliferate across every conceivable online service these days?

What made you choose that solution and have you considered what would happen in life altering situations like, hardware failure, theft, fire, divorce, death?

If you're using an online solution, has it been hacked and how did that impact you?

I want to be logged in so I can do most things on Reddit like post and comment. I want it to be a web frontend rather than an app because I keep many tabs on Reddit open in my browser while doing research on things (like digital privacy for instance!). I did some searching and didn't find any currently working frontends with login support.

It seems like the main benefit of such frontends is the lack of trackers and fingerprinting, but what if the browser, like Firefox, already did that with UBlock Origin and fingerprinting protection?

I am wondering if an ISP or network admin on my network would be able to change where a DNS server is located at (ex: if a DNS server is located at 132.192.175.210, the ISP/netadmin can redirect it to their own server at 11.29.102.201 to change where the DNS records point to). Does DNSSEC and DoH/DoT combat this, and how? Why is it safe to use a domain for DoH/DoT if it requires going through insecure DNS to get to a secure DNS?

Solution: I came up with this uBlock Origin filter rule: startpage.com$removeparam=/abp|lui/, I started by removing all the paramters and then took them out one by one while testing if searches made on startpage.com worked with them: startpage.com$removeparam=/abp|t|lui|sc|cat/. I also got a response from u/SPSupport that the paramters don't show when I search from the URL bar with my search engine set to https://www.startpage.com/sp/search?query=%s, which I did.

I want to be able to see the search query in the URL, and have a URL that I can always go back to if I restart my browser. I set the HTTP request method in settings to GET instead of POST since that shows the query, but it adds a bunch of extra paramters:

• The URL I want: https://www.startpage.com/sp/search?query=wizard+of+oz
• The URL I get: https://www.startpage.com/sp/search?query=wizard+of+oz&abp=1&t=device&lui=english&sc=evp2qxFIy8iZ00&cat=web

It’s been a while since I last downloaded anaconda. But I remember when clicking on the download page, it would show the usual “choose your OS > download binary” (eg this archived version in 2019).

Recently I helped someone else set it up and it showed a form to put on email, with smaller gray text near the bottom of the form about skipping it.

Does this count as a dark pattern?

Hi, my post is focusing specifically on YouTube since I observed the following categories have less intrusive solutions or privacy focused solutions, even if they are paid:

• Operating Systems (Linux, for example)
• Instant Messaging (Element, for example)
• Community Messaging (Revolt, for example)
• E-Mail (Proton, for example)
• Office (libreoffice, for example)
• Password Managers (Bitwarden, for example)

However, how do we distribute videos and watch them without data collection? I am NOT asking how do I use a privacy-focused front-end for YouTube, by the way, I am aware they exist.

I am wondering how we obtain a FOSS solution to something super critical such as YouTube. It is critical since it contains a lot of educational content (I'd wager more than any other platform), and arguably the most informative platform, despite having to filter through a lot of trash. During COVID, we even saw lecturers from universities upload their content on YouTube and telling students to watch those lectures. (I have first-hand experience with this at a respectable university).

I refuse to accept that there is nothing we can do about it.

Take action

I'm eligible for the US Lifeline program to get a phone number for free. I would use it on websites that require a phone number, like Discord, which doesn't accept numbers on services like Google Voice, and replace my personal phone number with it wherever necessary. And I would start using my personal phone number only with friends and family. I would NOT be using a provided lifeline phone, but rather a sim on my iPhone.

I don't know if there are other ways to use Reddit without using its own client, but I wanted to inform you.

cross-posted from: https://beehaw.org/post/14909762

It seems YT started another attempt at blocking alternative clients. They changed something in their API and both SmartTube and Tubular (NewPipe fork) are completely broken. Apparently it started happening this past week, but we personally just felt it today.

Edit: SmartTube already has an update but still not working for 4K videos it seems. Tubular still not working but it might be due to the upstream (NewPipe) is still working on a fix.

I've gotten prepaid sims for things but obviously that's not really a feasible method for your main life phone.

cross-posted from: https://programming.dev/post/16595505

• Home routing and encryption technologies are making lawful interception harder for Europol
• PET-enabled home routing allows for secure communication, hindering law enforcement's ability to intercept and monitor communications
• Europol suggests solutions such as disabling PET technologies and implementing cross-border interception standards to address the issue.

A while ago I reached a point in my privacy journey where I simply felt bored. It's not a result of going too far in privacy, but simply my threat model has caused me to let go of a lot of things that used to entertain me (games, movie streaming, short form video, etc.) The entertainment landscape in privacy seems pretty bleak, since you no longer own the movies you watch, the games you play, and lots of proprietary software along the way. I entertain myself through FreeTube, physical copies of movies, and offline installations of games like Minecraft, but it's still a step down from how it used to be.

What do you do to keep yourselves entertained in a privacy conscious way?

On P2P payments from their FAQ: "While the payment appears to be directly between wallets, technically the operation is intermediated by the payment service provider which will typically be legally required to identify the recipient of the funds before allowing the transaction to complete."

How about, no? How about me paying €50 to my friend for fixing my bike doesn’t need to be intermediated, KYCed, and blocked if they don't approve of it or know who the recipient is? How about it’s none of the government’s business how I split the bill at dinner with friends? This level of surveillance is madness, especially coming from an app that touts "privacy" as a feature.

GNU Taler is a trojan horse to enable CBDC adoption. They are the friendly face to an absolutely terrifying level of government control in our lives funded by the same government that tries every year to implement chat control. Imagine your least favourite political party gaining power. Now imagine they can see and control every transaction you make. No thanks.

Cross-posted from: https://lemmy.zip/post/18686329 (the first OPSEC community on Lemmy, feel free to join us)

Guide to Determining Your Threat Model

Creating a solid threat model is an essential step in improving your operations security (OPSEC). It helps you identify potential threats, assess their impact, and prioritize your defenses. Here’s a step-by-step guide to help you develop your own threat model.

1. Define Your Assets

First, list the things you want to protect. These might include:

• Personal Information: Name, address, phone number, Social Security number, etc.
• Financial Information: Bank account details, credit card numbers, financial records.
• Digital Assets: Emails, social media accounts, documents, photos.
• Physical Assets: Home, devices (computers, smartphones, etc.).

2. Identify Potential Threats

Next, think about who or what could pose a threat to your assets. Possible threats include:

• Hackers: Individuals or groups looking to steal data or money.
• Government Agencies: Law enforcement or intelligence agencies conducting surveillance.
• Corporations: Companies collecting data for marketing or other purposes.
• Insiders: Employees or contractors who might misuse their access.
• Physical Threats: Burglars or thieves aiming to physically access your assets.

3. Assess Your Vulnerabilities

Identify weaknesses that these threats could exploit. Consider:

• Technical Vulnerabilities: Unpatched software, weak passwords, outdated systems.
• Behavioral Vulnerabilities: Poor security habits, lack of awareness.
• Physical Vulnerabilities: Insecure physical locations, lack of physical security measures.

4. Determine the Potential Impact

Think about the consequences if your assets were compromised. Ask yourself:

• How critical is the asset?
• What would happen if it were accessed, stolen, or damaged?
• Could compromising this asset lead to further vulnerabilities?

5. Prioritize Your Risks

Based on your assessment, rank your risks by considering:

• Likelihood: How probable is it that a specific threat will exploit a particular vulnerability?
• Impact: How severe would the consequences be if the threat succeeded?

6. Develop Mitigation Strategies

Create a plan to address the most critical risks. Strategies might include:

• Technical Measures:

  • Use strong, unique passwords and enable two-factor authentication.
  • Keep your software and systems up to date with the latest security patches.
  • Use encryption to protect sensitive data.

• Behavioral Measures:

  • Be cautious with sharing personal information online.
  • Stay informed about common scams and phishing tactics.
  • Regularly review your privacy settings on social media and other platforms.

• Physical Measures:

  • Secure your devices with locks and use physical security measures for your home or office.
  • Store sensitive documents in a safe place.
  • Be mindful of your surroundings and use privacy screens in public places.

7. Continuously Review and Update

Your threat model isn’t a one-time project. Review and update it regularly as your situation changes or new threats emerge.

Example Threat Model

1. Assets:

   • Personal Information (e.g., SSN, address)
   • Financial Information (e.g., bank accounts)
   • Digital Assets (e.g., emails, social media)
   • Physical Assets (e.g., laptop, phone)

2. Threats:

   • Hackers (e.g., phishing attacks)
   • Government Agencies (e.g., surveillance)
   • Corporations (e.g., data collection)
   • Insiders (e.g., disgruntled employees)
   • Physical Threats (e.g., theft)

3. Vulnerabilities:

   • Weak passwords
   • Outdated software
   • Sharing too much information online
   • Insecure physical locations

4. Potential Impact:

   • Identity theft
   • Financial loss
   • Loss of privacy
   • Compromise of additional accounts

5. Prioritize Risks:

   • High Likelihood/High Impact: Weak passwords leading to account compromise.
   • Low Likelihood/High Impact: Government surveillance leading to loss of privacy.

6. Mitigation Strategies:

   • Use a password manager and enable two-factor authentication.
   • Regularly update all software and devices.
   • Limit the amount of personal information shared online.
   • Use a home security system and lock devices.

In the browser, i didn't login in the google account, and I didn't accept the cookies on that site. Using privacybadger that supposedly should block the 3rd party spyware like that