cross-posted from: https://lemmy.sdf.org/post/7548971

The Senate may have a simple voice vote in the next week to move the Kids Online Safety Act (KOSA) quickly through the legislature, without debate, but any one senator can stop it with a hold. We need you to call your senator's office today to tell them to stop KOSA. KOSA would censor the internet and would make government officials the arbiters of what young people can see online, and would likely lead to age verification.

Just last week more than 70 LGBTQ+ organizations came out against this dangerous and misguided bill, which would make kids less safe rather than more safe and especially harm LGBTQ+ youth. So it's crucial to stop it from moving forward!

EFF's page makes it easy to call your Senators; or, https://www.stopkosa.com/ makes it easy to send a letter (and find out more about the bill).

🙃

As far back as 2010, in a piece titled “Little Brother is Watching,” author Walter Kirn wrote for the New York Times: “As the internet proves every day, it isn’t some stern and monolithic Big Brother that we have to reckon with as we go about our daily lives, it’s a vast cohort of prankish Little Brothers equipped with devices that Orwell, writing 60 years ago, never dreamed of and who are loyal to no organized authority. The invasion of privacy — of others’ privacy but also our own, as we turn our lenses on ourselves in the quest for attention by any means — has been democratized.”

The article is paywalled: https://www.nytimes.com/2010/10/17/magazine/17FOB-WWLN-t.html

Another one from 2004: https://www.wired.com/2004/07/little-brother-is-watching/

--

I had never heard the concept before, but it certainly serves to stop me from considering the state we are now as non horrifying. Bookmarked the podcast for later, but I’m sharing it right now anyway.

Hi lemmy,

Iwant to use specific apps as privately as possible.

I'm aware of shelter and the work profile, and I was thinking of using Duolingo or Instagram with fake accounts through a VPN with a killswitch so that it can't associate my data and usage with me.

Is that in any way possible? Or am I missing something?

I'm running Graphene OS on a Pixel 8 Pro

EDIT: Solved, you can do that with user profiles in Graphene

More often than not, the best way to hide is to simply blend in with the crowds -- this also encompasses one's choice for a username. It is relatively simple to make a single throwaway account -- just come up with a username, and off you go -- however, if one makes throwaway accounts often, the task of thinking of a unique, and non-identifiable username can become a challenge. I would argue that poeple would often resort to using a pattern employing small changes for all subsequent usernames. Such patterns can be identified to a specific user if all users have their own unique patterns.

How can one reliably generate many unique-but-normal, and non-pattern-identifiable usernames?

Hi, I was wondering, is it useful to use multiple adblockers in a row?

I don't mean 4 or five 5 browser extensions more like a chain of adblockers, one on every passing network point.

Adblock DNS -> Pi-Hole -> Linux System with hBlock -> Browser with uBlock Origin

I have only a 10 Mbit Internet connection, so I fear that this would slowdown pageloads to much. On the other hand there are filterlists that uBlock can use where as Pi-Hole can't.

So what combination does make sense (is efficient in every aspect) and what do you use?

So, recently got freetube downloaded, and love every bit of it. But I still forget myself, and put youtube into the url bar... So, is it possible to redirect Yt to Freetube instead?

Thanks

I guess there is no need to introduce what a Degoogled phone is (or a custom ROM without google services, like GrapheneOS is) and the Aurora Store is basically said in a crude way the Google Playstore but without the need to log in to your Google account, quite useful in my opinion.

At first, what really concerns me is to run the risk of violating Google's TOS by logging in with my Google account on the Aurora Store to access my purchased apps, but at the same time I think, since Android is Google's operating system, can't they also retaliate against people using a modified version of their OS? And I know that sounds especially stupid when your phone is your phone and not Google's, but we all know how companies like Google work.

I don't use Google services on my device, but I do use it as a secondary email that I don't want to lose, hence the question, I know I can create another email but I don't want to have so many email accounts.

Microsoft is singing the praises of the new Outlook and wants to persuade users to switch. But beware: if you try out the new Outlook, you risk transferring your IMAP and SMTP credentials of mail accounts and all your emails to Microsoft servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company. This allows Microsoft to read the emails. Start menu shows new Outlook as recommended app

The new Outlook now appears as a recommended app in the Windows Start menu of Windows 11 devices with the 2023 update. The Outlook client itself also offers to test the new Outlook version with a "The new Outlook" switch. This is still under development, but is set to replace the mail program and the calendar included in Windows in 2024. In a recent tech community article, Microsoft employee Caitlin Hart also explains that it will also replace the classic Outlook. However, unlike the Windows Mail and Calendar apps, the timetable for this has not yet been set.

When adding a mail account in the new Outlook that is not hosted by Microsoft but is located on company mail servers, for example, the program displays a message. It links to a support article that simply states that non-Microsoft accounts are synchronized with the Microsoft cloud, whereby Gmail, Yahoo, iCloud and IMAP accounts are currently supported. The new Outlook also does this in the versions for Android, iOS and Mac. This means that copies "of your email, calendar, and contacts will be synchronized between your email provider and Microsoft data center". This gives the company full access to all emails and allows it to read and analyze them. Microsoft wants to provide functions that way that Gmail and IMAP do not offer. Warning message of the new Outlook version when adding a non-Microsoft account

The note makes you wonder: What does Microsoft transfer where? When creating an IMAP account, c't was able to sniff the traffic between new Outlook and the Microsoft servers. It contained the target server, log-in name and password which were sent to those Servers of Microsoft. Although TLS-protected, the data is sent to Microsoft in plain text within the tunnel. Without informing or inquiring about this, Microsoft grants itself access to the IMAP and SMTP login data of users of the new Outlook.

When switching from the old Outlook to the new one, it is installed the new software in parallel. Previously set up IMAP accounts are not automatically transferred, but the account stored in Windows is. During the test with Google accounts, authentication with OAuth2 was used. Users receive an authentication request and Microsoft does not receive any specific access data, but only an access token that users can revoke again.

An answer to our request for a statement from Microsoft is still pending. At this point in time, however, we must warn against trying out the new Outlook without thinking. In addition to all the emails, some credentials may even end up with Microsoft.

Microsoft already attracted attention with such data redirections at the beginning of the year. After Office updates were applied on Mac computers, Outlook redirected the data to Microsoft's cloud servers without any user notification. At that time, the remedy was to delete IMAP accounts and set them up again. However, this is obviously no longer helpful with the new Outlook.

The Federal Commissioner for Data Protection and Freedom of Information of Germany, Professor Ulrich Kelber, is alarmed by the data detour in Microsoft's new Outlook. He posted on Mastodon that he wants to ask for a report from the Irish Data Protection Commissioner, who is responsible for companies like Microsoft, during a meeting of the European data protection supervisory authorities on Tuesday of the coming week.

Not sure if this has been posted yet.
https://9to5google.com/2023/11/02/google-chrome-web-integrity-api/

I'm so fed up of these cookie popups requiring a few extra clicks to reject, are there any extensions that will automatically opt out or reject additional cookies?

crossposted from !socialism@beehaw.org

San Franciscans, get the word out for this ballot measure to be held March 5, 2024, to prevent police from playing around with surveillance technology for a year before they need to report it.

"We recently announced the completion of our migration to remove all traces of disks in use on our VPN infrastructure."

"Today we can announce more steps forward - our Encrypted DNS service has also been converted to run from RAM!"

I use ProtonVPN for everything, and I've started noticing more and more sites simply blocking me if I try to connect to them through ProtonVPN. As much as it sucks, I've more or less become acclimated to having to deal with an increased number of captchas while using a VPN; but I'm pretty angry about being blocked outright. There are at least two broad blocking tactics. First, some sites will say that my network traffic looks suspicious and/or that they simply block traffic from certain IP addresses. But second, and far more maddeningly, some sites tell me that my username and password combo are incorrect when I'm using a VPN. But I know this to be a blatant lie because (1) I use a password manager that auto-fills login forms with credentials that match the domain name, and (2) such sites accept my credentials when I visit them without the VPN connection.

What the hell can we do about this shit? Do I have to run my own VPN to avoid sharing an IP address with other people and thus getting blocked? I really don't want to do that because I have neither the time nor expertise, and I like that connecting through a VPN provider makes my IP address much less significant. I'm aware that this is connected to the broader conversation about WEI and other methods for determining whether requests are legitimate or not, and I'm sure that businesses of all sizes are reeling from massive increases in bot and AI activity. But solutions that end up punishing legitimate users are not good or valid solutions.

Title says it all. Do you use custom filter lists in uBO? If yes: Which ones?

Here are the ones I use:

• Block-EU-Cookie-Shit-List
• Fanboy's Annoyance List
• EFF Cookie Blocklist
• I don't care about cookies
• I'm OK with cookies
• OISD (big)
• PUP Domains Blocklist

Also great website to find many more filter lists: filterlists.com

So I got the message from instagram about either paying or using it free (at the cost personalised ads) just now.

Doesn't this go against the GDPR? Either way, is there a FOSS alternative for instagram like piped is to youtube? It seems like a good opportunity to stop using the official app, even though it would be better to not use instagram at all (sadly not an option for me right now).

Any suggestions, and if so, are there any that provide functionality for: stories, posts, dms? Those are the 3 things I use instagram for.

Many thanks!

Edit: For messaging I do use beeper, though some media like carousels and posts sent to my dms cant be shown in there, so for those cases I open the official app.

Edit 2: many people have suggested pixelfed. Ive heard of it, and want to use it, but unfortunately the only reason Im still sticking with instagram is because I have very dear friends who would never change to anything non-mainstream. Theyre important enough that im willing to not delete it just yet, but I dont want to agree to either pay or pay with my data.

What im looking for is more like a piped for youtube, thing. So a frintend that has instagram content/features, but isnt the main app and avoids the problems I listed above

Edit 3: I ended up installing the site as a PWA on my phone as thats the only device I use it on, and uninstalled the official app. Thanks to everyone for all your input!

Greetings fellow privacy enjoyers,

Short of blackout curtains or storm shutters what’s a good way to make sure the window is secured?

Thank me in advance

I've been using veracrypt for the past 4 years to create container files in everything from thumb drives to external hard drives. After upgrading one of my backup drives, I decided that I will switch to a different filesystem altogether going on, from ntfs to ext4, since I havent really used windows in those 4 years. With the reasoning behind using veracrypt and ntfs in the first place being for compatibility, should I switch to LUKS? Veracrypt is dramatically more feature rich but I dont really take advantage of those. I just encrypt my drives in case of burglars and other unwanted eyes. I do already have a disaster plan in place so I would have to do a total overhaul of things, but I'm not sure if this is a wise decision. My gut says no but what do you think? What would I gain?

Edit: shouldve added that these drives are for warm storage for my weekly manual backups of files.

Edit 2: the general opinion is to use a tool that supports encryption but I dont really feel comfortable with that but do appreciate it. It's just I've been manually updating my backup drives for a while now and like how simple my routine is. Think my decision is to just stick with veracrypt but format every future drive (including a new one I ordered) as ext4. My current drives wont be reformatted in order to reduce unnecessary wear on them. Thank you all for your help