Context: my gf mentioned getting a vpn for privacy, and I tried to explain that it "does" help, but it's more like type of windows on a house. It certainly can be part of the package, but it's no where near the foundation.

So i tried to explain the best that i could That if she was worried about online privacy the first step wasn't to mask traffic, but to not submit personal data to anything online like FB, not use Google services that package everything on you together to sell to advertisers, and to limit phone apps to essentials.

But I'm curious on what other steps you guys would consider the "foundation" of online privacy that should be prioritized before a vpn. Any thoughts? Or am I way off base?

Note: this is in context of vpn for privacy. Using vpn to avoid Geo blocking and censorship I see as incredibly valid for those that need it.

I'm taking a long biking trip soon and want to share my live location with my boyfriend in case something happens. Any recommendations for privacy-focused apps that can accomplish this? I'm on Android, he's on iOS.

Under the proposed order, filed by the Department of Justice upon notification and referral from the FTC, Cerebral will also be required to pay more than $7 million over charges that it disclosed consumers’ sensitive personal health information and other sensitive data to third parties for advertising purposes and failed to honor its easy cancellation promises.

• I make websites
• If someone is banned twice (two accounts) I want it to take them more than 5min and a VPN to make a 3rd account
• I'm okay with extreme solutions, like requiring everyone to have a Yubikey-or-similar physical key
• I really hate the trend of relying on a phone number or Google capcha as a not-a-bot detection. Both have tons of problems
• but spam (automated account creation) is a real problem

What kind of auth should I use for my websites?

Is it fairly easy? Seems useful for a public site like Lemmy and the fediverse

https://nightshade.cs.uchicago.edu/whatis.html

https://decrypt.co/203153/ai-prompt-data-poisoning-nightshared

Today I was contacted by someone at work. She graduated school with me and our 20 year reunion was coming up. Why did she contact me at work? It was the only way they were able to track me down. I was included in promotional material by name. She told me I "was the hardest to track down"and I had to smile.

This is just a small anecdote about privacy practices and their real life impact (and how your employer can undo all of it, I guess)

Hiya, so quickly wondering wether you have enabled this or not. Obviously it's not great for privacy, but it also seems very nice to have for image cloud solutions, so that images can be sorted based on location. Are there any good solutions for this? I'd like have it enabled, but also afraid of sharing images with sensitive metadata in them.

Summary: Simplex Chat uses a bit of battery and doesn't have a way to visibly see a contact has changed.

Has anyone ever done this by going to the website of a data broker and using their opt out form?

Obviously to do this they ask for information so they know what not to include, but it feels like I'm just giving my data to them or confirming what they already have.

Just wondering what other people think since I haven't heard anyone talk about this yet.

Now that we can create and delete usernames at will, do people have any concerns about giving people they meet their Signal ID? I have no fears of it. In fact, my Signal is oozic.35 if anyone wanta to message me.

Actually pretty good video.

• Search engine
• Google location service instead of their own (which they quit)
• FakeSpot & Pocket collecting crazy personalized data

Also info about difference between Mozilla Corporation and MZLA Nonprofit.

If you donate to Mozilla, nothing goes to Firefox. Instead they host petitions and beg big tech companies to be more transparent.

They dont focus on old users at all, and it seems they are unable to implement basic stuff.

I still recommend using Firefox, but with the Arkenfox userJS.

Or just use Librewolf.

Firefox is not usable. And dont donate to Mozilla I guess.

I'm thinking of the things listed on the Privacy Guides real-time communication section

https://www.privacyguides.org/en/real-time-communication/

I realise that this question is subject to local trends (and I'm in the US), but I encourage people in other countries to submit their methods!

How do you accept packages/deliveries anonymously? Of course, there are mail redirection services, but a third party which corroborates with different parts of the chain can likely figure out your identity and what you have purchased/have incoming.

I haven't been able to find a good solution to this yet, and I believe the new rule in the US is that the receivers identity must be reported to the government? This (or a variation of this, I don't remember) is a recent event.

Thanks!

I'm looking for a watch that is able to do basic "smart" things like show notifications and ping my phone if I misplace it. A timer/stopwatch would also be good, and a long lasting battery.

I have no interest in an Apple watch or Galaxy watch, so I'm looking for something comparatively cheap.

Most people still haven't heard of Manifest V3, so if you are one of those not using Firefox, this is for you.

If you’ve been on YouTube or Reddit August last year, you might’ve seen this screen yourself, or a screenshot of someone else getting it. This of course, I am talking about the infamous YouTube ad blocker blocker popup, discussion exploded on Reddit mostly consisting of people complaining about ads, as well as an angry mob storming r/memes, turning it into a Firefox propaganda centre.

About a month later, different adblockrs eventually found their way of bypassing detection, and they work on YouTube again. So natrually Redditors thought they’ve won another war against big tech, completely ignoring Google’s original plan to kill off adblockers by June this year.

So all extensions, including adblockers follows a specification called the Manifest V2. The Manifest allows extensions to do certain things, say accessing browser tabs or to change browser settings. All while putting some limitations, and prevent extensions from doing crazy stuff like installing a virus to your system. But too much limitation, is what pisses off many extension developers about the upcoming ManifestV3.

In this article written by the EFF, they interviewed developers responsible for popular extensions, where most described ManifestV3 as a downgrade, with some accused it for being purposefully bad. I particularly like this one from the creator of SingleFile, “I consider the migration to Manifest V3 to be a major regression from a functional and technical point of view.”

After an update in June this year, a feature called the WebRequest API will be removed, and the adblockers and tracker blockers that depend on this feature will stop working. Since the business model of Google is to track your online activity and then show you personalised ads, it is not difficult to see why this feature is removed.

Not only are they sacrifising user experience for monetary gain, they are forcing the same update on all Chromium browsers as well. I am hereby devastated to inform you that this is not the first time they have done it, and it will not be the last time they will do it.

But there are also good news, non-Chromium browsers will not be affected by the Manifest V3, and if you are already using one, you will be exempt from any future nonsense Google throws in your way. So if you are considering switching to one, unless Safari is your goto browser, which lacks competent extensions support, you can still get your adblockers, another adblockers, all the adblockers.

So are you going to make the switch before the update? Let me know in the comments down below, anyways I will be seeing you in two weeks, have a good one.

An article for more my ranting needs https://gmtex.siri.sh/fs/1/School/Y12/Cssoc/chromium.html

Alternative https://inv.tux.pizza/watch?v=pp-INfssWBo

Crossposted from https://beehaw.org/post/13135846

This weekend in the United States, taxes are due. For the more responsible readers – aka “everyone but me” – this was probably already done weeks – if not months – ago. But don’t worry. Taxes will roll around again the same time next year, as inevitable as death itself as the famous philosopher noted, and our financial lives are year-round. So in other words, this is merely a good excuse to discuss some ways that you can protect your financial life – both online and off – and keep your funds, identity, and credit safe.

I'm talking full phone and blocking. Not just browser.

Edit: So many options! Thanks guys I'll go through them all and see what one I think will work best for me. I appreciate it.

U2F keys can be purchased online for the price of a cup of coffee. They're being touted as the next best thing in online security authentication.

How do you know that the key that arrives at your doorstep is unique and doesn't produce predictable or known output?

There's plenty of opportunities for this to occur with online repositories with source code and build instructions.

Price of manufacturing is so low that anyone can make a key for a couple of dollars. Sending out the same key to everyone seems like a viable attack vector for anyone who wants to spend some effort into getting access to places protected by a U2F key.

Why, or how, do you trust such a key?

The recent XZ experience shows us that the long game is clearly not an issue for some of this activity.