I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

I have a normal Googled Android phone and tinkered with a bunch of settings so that only what I can't uninstall or disable remains on it.

If I run a vpn on it then the Googled OS may still know my location(from wifi and bluethooth scanning that it may be doing nonstop) and browser searches.

In that case, would the vpn only mask my activity from my internet service provider?

Thanks in advance

PS: This is a locked phone and I understand that it's spyware but I can't afford an unlocked one yet thanks

So the UK is going to start requiring IDs to view adult content. I'm in the US, but I've got a friend in the UK who obviously doesn't want to deal with this.

I suggested he use a VPN, but he's apparently heard they sell your personal data. Can anyone recommend a reliable VPN that collects as little data as possible?

ETA: thanks for the suggestions, everyone! I'm gonna research em and pass the info along. :)

I know that stock Android itself is spyware.

What tips about setting up my stock Android phone would you give me? It's not factory unlocked so I'm sticking with Google Android.

Things I've done:

• Stopped and disabled all apps that I don't use or need.
• Replaced all apps that I can with FOSS alternatives from github using Obtainium.
• Not installed things that I can just check on my laptop like email.

Is there anything else that I can do? Thanks in advance

Edit I've also:

• Changed my DNS to Mullvad DNS
• Restricted app permissions to only what they need
• Not signed into the phone. I don't even have Gmail account.

What do y'all recommend?

cross-posted from: https://beehaw.org/post/20989376

Where Soatok goes over why checklists are meaningless when trying to figure out if something is private or just for comparisons in general.

Hi all !

I just released the first version of Gosuki, a multi-browser real time bookmark manager I have been writing on and off for the past few years. It aggregates your bookmarks in real time across all browsers and even external APIs such as Reddit and Github.

• Github: https://github.com/blob42/gosuki
• Documentation: https://gosuki.net/
• Video Demo

I was always annoyed by the existing bookmark management solutions and wanted a tool that just works without relying on browser extensions, self-hosted servers or cloud services. As a developer and Linux user I also find myself using multiple browsers simultaneously depending on the needs so I needed something that works with any browser and can handle multiple profiles per browser.

The few solutions that exist require manual management of bookmarks. Gosuki automatically catches any new bookmark in real time so no need to manually export and synchronize your bookmarks. It allows a tag based bookmarking experience even if the native browser does not support tags. You just hit ctrl+d and write your tags in the title.

Feature Highlights:

• A single binary with no dependencies or browser extensions necessary. It just work right out of the box.
• Use the universal ctrl+d shortcut to add bookmarks and call custom commands.
• Tag with #hashtags even if your browser does not support it. You can even add tags in the Title. If you are used to organize your bookmarks in folders, they become tags
• Real time tracking of bookmark changes
• Builtin, local Web UI which also works without Javascript (w3m friendly)
• suki cli command for a dmenu/rofi compatible output
• Modular and extensible: Run custom scripts and actions per tags and folders when particular bookmarks are detected
• Browser Agnostic: Detects which browsers you have installed and watch changes across all of them
• Also handles multiple profiles per browser
• Stores bookmarks in a portable sqlite database compatible with the Buku. You can use any program that was made for buku.
• Can fetch your bookmarks from external APIs (Reddit and Github for now).
• Easily extensible to handle any browser or API

It's open source with an AGPLv3 license, Checkout the README and website docs for more details.

About

Duck.ai is one of the few online places to chat with AI privately. Self-hosting your own AI model is a better option, but not everybody has the hardware for it. DuckDuckGo has made deals with the model providers to keep your chats private, so it's an easy option to recommend.

If you're like me, you probably clear your cookies a lot (or always browse in incognito). This means that any time you visit Duck.ai, you have to set all your settings again. One solution is to set Duck.ai as an exception to your browser data deletion, but that makes me uneasy. After getting fed up setting my preferred settings each time, I wanted to see if I could automate the process.

The Bookmarklet

Bookmarklets are essentially bookmarks in your bookmarks bar that, when clicked, run your own JavaScript code on whichever page you're visiting. This was a neat trick that some of my classmates used to edit pages when the Inspect Element was disabled on school computers.

I wrote a short bookmarklet that will automatically set my preferred settings in Duck.ai:

javascript:{
	const settings = {
		'aiChatPromptSuggestions': '{"hideSuggestions":true}',
		'aichatPromoDismissal': '{"promosDismissed":"9999-99-99"}',
		'duckaiCanUseApproxLocation': 'false',
		'duckaiSidebarCollapsed': 'true',
		'duckduckgo_settings': '{"description":"Each key is a setting documented in https://duckduckgo.com/duckduckgo-help-pages/settings/params/","kdcm":"6","kdcs":"0"}',
		'isRecentChatsOn': '"0"',
		'preferredDuckaiModel': '"6"',
	};
	
	let keys = Object.keys(settings);
	keys.forEach(key => {
		const value = settings[key];
		localStorage.setItem(key, value);
	});
	
	location.reload();
}

How To Use

(Steps may vary between browsers)

1. Copy-paste the bookmarklet code above (including the part that says javascript:)
2. Right click on the bookmarks bar in your browser
3. Select "Add page..."
4. In the field that says "URL", paste the code you copied
5. Name the bookmarklet whatever you want, for example: Debloat Duck.ai
6. Click "Save"
7. Visit Duck.ai (which redirects to https://duckduckgo.com/?q=DuckDuckGo+AI+Chat&ia=chat&duckai=1) You must visit this page before running the bookmarklet, because bookmarklets can only run code on the page you're currently visiting.
8. Click on the bookmarklet you just created. This will run the code.

You should now have a distraction free, private chat.

Explanation

Duck.ai stores its settings in the browser's "local storage". If you open the Inspect Element (either by right clicking on the page and clicking "Inspect" or by pressing F12) and navigate to Application > Local Storage > https://duckduckgo.com/ you will see a list of settings and their corresponding values.

By default, these settings are a tad too distracting for my taste. The bookmarklet I made does the following:

1. Hides prompt suggestions
2. Dismisses the promo by setting the shown date to something impossible in the future
3. Disables using approximate location for responses
4. Collapses the sidebar
5. duckduckgo_settings doesn't actually do much, and the values there are, in fact, not documented on this page
6. Disables chat history
7. Sets the preferred model to Mistral Small 3, which is open source and has low moderation.

You can set your preferred settings before running the bookmarklet and edit the bookmarklet code according to your own settings.

The code then iterates through these settings, and sets each one. Then, finally, reloads the page to apply the settings.

Updates

This project is far too small to make an entire repository for it, so I will try to just update this post with any new code. For example, duckaiCanUseApproxLocation is a new setting that was added in the last few days.

I hope everyone enjoys this as much as I did!

Here is a before and after:

cross-posted from: https://sh.itjust.works/post/41641719

Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.

I started a 5-week degoogle challenge Signal group.

The group is free...and already has 45 members ready to go next week when we officially start! We'll follow the checklist here. It will be a casual group for accountability and support.

I can help based on my experiences, we can all support each other, and we have at least 1-2 advanced techie people who can answer more complicated questions.

Please join, and tell your friends! Next week I'll post an official welcome and resources..and we'll get started.

If it goes well, I can either start another one and/move to de-Amazon, Meta, Apple, whatever.

(Also, if anyone wants to repost this in r/privacy on Reddit, please do! I apparently don't have enough karma to post there.)

I have to use Zoom for a online class and I was wondering how I can make my Zoom experience more private? Is there a Zoom client that I can use like how there are privacy-focused Discord clients? What privacy tips would you recommend?

cross-posted from: https://lemmy.world/post/32523093

Anyone have the experience registering a domain name with false personal information?

I'm trying to register one but all provider asks for name and address. Anyone have the experience providing false information? Do they really care enough to check your info manually if you don't use your domain name for malicious purposes?

particularly interested in experiences with cloudflare

thanks a lot

EDIT: https://www.reddit.com/r/Domains/comments/1cxl7y2/when_registering_domain_name_should_i_use_my_real/

The issue with using fake details is that you risk getting your account suspended. Also, if your domain gets stolen you've made it impossible to retrieve because you will have to verify your information.

How can a domain get stolen?

Considering the current intrusive cyber climate, what are the best ways to preserve privacy?

For example, I have been exclusively using a VPN connection network-wide at home setup on OpenWrt, which in turn has a PiHole as its DNS, with the PiHole using Unbound and NextDNS (redundant I know, but I use it to encrypt my requests more than anything else).

I also have Wireguard setup so I can VPN all my devices to my network while I am on the road (also have a NextDNS profile installed. Yes I know, it’s redundant).

I also basically have all my “smart” devices (TV, lightbulbs, air purifier, etc…) at home cutoff from the internet using OpenWrt’s firewall to prevent them from calling home.

I rotate web browsers frequently to try and attempt avoiding getting fingerprinted, not sure how useful that is.

I switched email providers to mailbox.org because f*** Google and Microsoft.

I also am hosting my own cloud drive on Nextcloud to avoid using services like GDrive, OneDrive, Dropbox, etc…

I own Apple devices which aren’t the best for privacy but migrating from a whole ecosystem that I have been embedded in for MANY years is easier said than done. Hopefully in the future that’s my next move.

I feel like there is a lot more I can do but I am not sure what else. I would appreciate any and all suggestions ya’ll might have.

EDIT: I’m not being too extreme with my caution as some comments are making it sound to be. I am a very average person who is privacy conscious yet realize being cut off from the internet and society is not realistic. I guess my threat model is your basic “day-to-day it’s non of your business who am I online or what I do, please don’t profile/fingerprint me, I am just a passerby” kinda threat model.

cross-posted from: https://lemmy.world/post/32631305

Analyzed by exodus, island the work profile app have 3 trackers detected

https://reports.exodus-privacy.eu.org/reports/com.oasisfeng.island/latest

Should I be worried?

If I install the extension on VSCodium (Open Source Version), is this a privacy concern other than that it reads all my HTML files in the folder I have open?

Interesting counterpoint to the stuff we sometimes talk about here. It's more for public chat rooms though. MLS (RFC 9240) still interests me and I've been wanting to try coding it.

I did a search for posts on Google Takeout before posting this and the only one I saw was from a year ago so I guess its ok to post this.

I just learned about it this morning.

The TLDR; is that you can request all the info Google has on you, in my case I want to do something with that data as I move away from Google, but just seeing what they have is nuts.

You might want to consider doing so.

(i would link the url, but its long and ugly, just search for Google Takeout, you will find it)

cross-posted from: https://lemmy.world/post/28567151

A few cards that I read about.

RBC virtual card, seems to do what I need. But it's available for business use only.

Robinhood Gold Card, only in the states.

Wise, not sure if exact limits are available.

Context: I recently purchased a hotel stay where a merchant charged my card for the advertised price on their website, the amount was then refunded. Then another merchant charged my card a higher amount (a few hundred) all in a few seconds of the original transaction.

Edit: I found Wise provides limits on their virtual cards. I have yet to test how this works and if the transaction is declined for Insufficient funds, does anyone have experience with this?

Exciting News! We're thrilled to announce the release of CoMaps to Google Play Store, Apple App Store, and F-Droid!

CoMaps Highlights

· Offline Search and Route: Plan and navigate your trips without internet

· Saves battery: Efficient design that does not drain your battery

· Privacy-respecting: no identify people, no tracking, no data collection

· Free and No Ads: completely free, your journey is smooth

What makes CoMaps special?

CoMaps is a community-driven open-source navigation app · Open & Transparent: All decisions are made in public, with full transparency.

· Community Empowerment: You have a voice in how the app evolves.

· Free & Not-for-Profit: Our focus is on creating value for the community, not generating profit.

Download CoMaps Today

• Google Play Store: https://play.google.com/store/apps/details?id=app.comaps.google
• Apple App Store: https://apps.apple.com/app/comaps/id6747180809
• F-Droid: https://f-droid.org/packages/app.comaps.fdroid/

Powered by the community

I have always used Mullvad Leta as my search engine, but after changing smartphone and download Fennec, I ended up leaving DuckDuckgo that comes standard for now. However, after the last Fennec update (140.0.0), I was surprised to have Google as a standard search engine. What do you think of this? Someone with this same experience?

So, I still receive telemetry information from my old lease car, a Kia e-Niro, to my app. A huge, HUGE privacy issue.

I made sure to remove my profile from the car before turning it in, and doing a factory reset of the car's software.

I can see everything, AC, whether there are doors open, odometer, and above all, location.

Also tried to see if I can turn off the AC, but any commands throw an error, so disabling my account on the car at least did something 😅

I had it in the Netherlands, it's in Poland, and it looks like it's on its way to Ukraine.

Kia, you need to check your security.

Edit:

Holy shit it gets real bad. I can lock and unlock the car.