Do someone use lemmy+tor? And what benefits it gives to me?

Hi privacy fans :) I've been a lurker in this lemmy-community for a while now and a "fan" of privacy for about 4 years now. Since 4 years, I've been on and of with VPNs. Sometimes I think I dont need one, sometimes I change my mind and start searching for one. The only one I tested (and used) so far, was Mullvad. But now reading about Surfshark, I was wondering, if there might be a better solution or if Mullvad is already the best solution for VPN. What I dont like about Surfshark is, that it is part of North Security and that it is not open-source (or at least I can find any info about that).

I hope you guy and gals have some suggestions or recommendation :)

Edit: wow... thanks for all of your fast replies. Coming from Reddit, I am used to only shitposting. Thanks for all your input. I will look into all the mentioned VPN hosters, thx 👍

I'm planning to buy a router and modem and put OpenWrt on it for maximum control and privacy. While I could get a router with an integrated DSL modem, the previous tenants had cable internet so I'm not sure if the DSL connection even works and DSL internet is also more expensive (at least where I live). Fiber optic is not available. The problem is, there is apparently no open firmware for cable modems so I would have to buy a standalone router and a standalone cable modem. I would put OpenWrt on the router and use whatever proprietary firmware came with the modem.

So my question is:
Can a standalone modem that doesn't do routing, spy on you?
If yes a rough explanation how would be appreciated.

It seems that modem and router are used interchangeably on the internet (probably because they are mostly combined) so it is really hard to find any information on modems. Here are both Wikipedia articles for reference:
https://en.wikipedia.org/wiki/Modem
https://en.wikipedia.org/wiki/Router_(computing)

I am using a Samsung phone and even with all privileges deactivated it creates "stories". This seems illegal. What is your opinion?

I know I should use a different OS than stock or even another phone brand but this is what I currently have.

https://github.com/umutcamliyurt/TextCloak

(Please when answering, assume I’m not a beginner at privacy/programming :) I know where the good stuff at)

First off, shameful confession: I’m writing this on a dying yellow iPhone XR I bought second-hand three years ago (189€). I absolutely love the look of it: the screen, build quality, are all amazing. The only problem was the locked ecosystem (sideloading Spotify/Torrent client was sooo hard).

I saw the android phone of my mother dying really fast. She currently has a Xiaomi phone that’s ridiculously big for my hands, there’s advertisements in the stocks apps (?!!), the UX is janky and everything. It looks like a bloat, privacy nightmare.

So… because it’s impossible to find a jailbreakable phone nowadays I need to buy an android and ideally I would want:

• Good screen (vivid colors)
• Good build quality (not shitty plastic)
• Don’t care about the camera (I don’t want those ridiculously big cameras they make nowadays)
• Would want to install either GrapheneOS/LineageOS

The things that scare me off:

• I really need my bank app and I need it updated so I have to use Google Play Services but I don’t want it to plague my phone with privacy bullshit (I want to be degoogled)

The things that excite me:

• Customization possibilities
• Learning experience
• Even more privacy than a de-googled IOS phone :)
• F-Droid!! (Maybe I’ll find a beautiful IRC client)
• More choices for Mastodon & Lemmy clients
• Freedom of free software.
• client for open-source git providers :)

But to get all of that, I don’t want Google, I need shitty apps (non-free software) I have to install:

• Instagram (for non-technical friends)
• GitHub (job & open-source)
• No-Ad Modded Spotify from Balatan
• Discord (gamer friends)
• Telegram (cryptobros friends)
• Steam (because I still love gaming)

Any advices? Phone ideas? I’m so lost in this ocean of choice (freedom ✨)

My current phone:

I'm following several privacy focused communities. Mostly as lurker but in few I'm more active. Every time I see a posts like "how to be more private", I wonder about the reasons behind those questions. What's the reason you want to remain private (don't confuse it with being anonymous)? Could you elaborate on your reasons?

Let me start.

I worked (and still working) in a highly regulated industry as a software/devops engineer. I've been working with banks, insurance companies, global online payment companies, major credit card vendors, few global corporations. I have seen how data is gathered and (mis)used. Every time someone tells me "I'm sorry but the system..." I know it's the data gathered by the "system" and my profile created based on that data was the reason for "but". This is why I care about the privacy, to prevent companies from taking advantage of my current situation and charge me more.

Lemmy start by saying I don't trust telegram in termes of privacy (pun intended). But I still use it for specific purposes and I was wondering if there is a point in using a fork privacy-wise? I's assume not since it still uses telegram servers but still curious about an explanation as to why not! Cheers

I need to ask a small favor from the good people of Lemmy.ml Community.

In short, I accidentally wiped the metadata partition on my Poco F3 and now I can't boot into the OS and access my data. I have a lot of pictures, videos and other stuff that I would hate to lose, because of a mistake. But all that is still on the phone, I just can't boot the phone to access it.

Thankfully, there is a way to fix this by creating a full backup of the phone with adb, then using a HEX Editor to manually look through that gigantic file and try to find the files that were in that metadata partition.

A huge thanks to bluet33th, a user from XDA Forums, without whom I would be helpless and couldn't do any of this. It might be a bit complicated and manual process, but it is possible. He explained everything in great detail here, so check it out, especially if you are facing the same problem, this will help you tremendously: https://xdaforums.com/t/how-to-recover-data-if-metadata-partition-was-deleted.4686789/

In order to find these files and put them back where they belong, I need your help, because I have to know their names, exact sizes and at least part of their content, so that I can search for it. Because I'm searching for a specific text in a text file that is 128 GB in size.

I have already tried this on another Xiaomi phone, to make sure this procedure works on Xiaomi phones and it does, but that phone had HyperOS with Android 14 and since every phone and android version is probably different, in order to be sure, I need this information specifically for Poco F3 with Android 13.

It doesn't take long, but if you don't have the time to look inside your metadata partition and tell me which files are inside of that partition and their sizes in bytes, you can just make a backup of the metadata partition and sent it to me, and I'll do the rest of the work.

Here are the steps on how to create a backup:

1. Turn on your phone and boot into TWRP, then connect your phone to a PC, type cmd inside Windows search and run cmd, then position cmd into your platform-tools folder (if you flashed your ROM, you should already have the necessary drivers installed for the next steps to work). For example, if your platform-tools folder on Windows is inside C:\platform-tools, all you need to type into cmd is: cd C:\platform-tools

You can also just go inside your platform-tools folder and type cmd in the address bar and the cmd will start already positioned inside that folder.

2. Then type adb devices and you should see your device, if you do, that means that all the drivers are successfully installed and your phone is detected.

3. Type adb pull /dev/block/by-name/metadata

4. After that, you should see a file named metadata inside C:\platform-tools. That is the file that I'm looking for and as you can see, it takes just a few minutes to get it.

You can skip the next steps (5 and 6), but I'll explain them, just in case someone wants to extract these files for themselves, so that you have them in case something like this happens to you. Of course, you can also proceed to extract the files and tell me their names and sizes.

Here is what you need to do:

5. Extract the content of the metadata file, you can use a software like 7-Zip. Go inside that extracted folder, then into vold > metadata_encryption > key

6. Inside of that key folder, you should see a few files. These are the important files and save them somewhere safe in case you ever need them. Since I don't have them anymore, in order to recreate them, I need to know their exact names and sizes in bytes. You can check the size of every individual file by right clicking on the file and choosing Properties. Then look under Size, not Size on disk, and in parenthesis, you should see the size in bytes.

Please, if you could check the size of every file and write down which file has what size. I would really appreciate it.

I'm specifically looking for someone who has a Poco F3 with Android 13 and MIUI, because I'm not sure if HyperOS changed something, so maybe the number of files or their size is different. But feel free to post the information even if you have HyperOS, but please mention that, so that I am aware of it.

Thanks a lot for your help, it really means a great deal.

I'm looking for a way to dump raw data from an entire phone or at least the sda block to a PC, using a method other than adb pull.

When I run adb pull /dev/block/sda sdaDump.img, it creates a dump file. To find what I need, I have to search through this raw data using a Hex Editor. If the dump comes from a fully functioning phone, I can usually find what I’m looking for because all the data is still intact.

However, I accidentally wiped the metadata partition on my phone, so the decryption keys/files are gone. Now, because of that, some folders appear empty when checked with TWRP's File Manager, even though the actual files are still there.

If I create a dump now, the raw data in the file won't be the same as when the metadata was present, and those folders weren't showing as empty.

Running adb pull /dev/block/sda sdaDump.img now results in a dump where the Hex Editor shows zeroes (no data) where these files should be.

Is there any alternative method to create a raw data dump of the sda block or entire phone storage, that will capture that data as it is (not empty folders, but the data in them), even if it's encrypted?

I don't want to create the raw data dump onto the phone storage and then transfer it to a PC, but something that works like adb pull, in the sense that it pulls the data from the phone directly onto a PC.

Thanks a lot in advance to everyone!

I'm looking for a service, that replicates the functionality of email aliases, but with phone numbers.

I'd imagine having one number (99999) which I then could use with suffixes like 99999-1, 99999-2, ... etc for services like WhatsApp, telegram, 2FA, etc... if such thing even exists.

I cleared up a space on the C drive and installed Linux on that partition. Can Windows see files in my Linux partition?

When i installed Linux, i didn't encrypt it but it is password protected. Thanks

Some of the LinkedIn Responses are direct and on-point, and also hilariously/depressingly based depending on how you look at it:

EDIT: In hindsight, I think I should've looked into posting this in a different community.. It's closer to a silly "innovation".. soo.. is this considered FUD? I also don't support smoking or vaping, especially among kids. Original title had "privacy-violating" before the "solution".

Every time I buy something online, or make an account for an example month bus ticket, they "need" my phone number. I always use alias emails, but I don't have an alias phone number. I know, there are some online phone nr service, but they mostly dosnt work, outside of the US. So I was thinking about getting me a second nr, just for thoese cases were I have to log in. I would by the nr, in cash, and there is nothing data they have to make the nr. But what are your thoughts? What do you see as pros and cons for getting a second nr.? Does it even make sense, when the simcard is in the same phone?

I don’t want to see PGP rejection based on usability. So, to level the field at user level we take Delta Chat, which uses PGP. If I understand that correctly.

I have no knowledge of telegram security at all.

Hello !

I'm wondering if there's some blogging mechanism which would allow some sort of unique digital signature (PGP perhaps) to prevent personification, but which allows non traceable and fully anonymous author. Not looking for blockchain like stuff (apart from the layer Monero adds, blockchains are totally transparent, traceable and non anonymous). Not looking for bigotry, attacking people or anything like that.

The idea is to be able to share ideas, even corporate related, without being afraid of retaliations whether at work, corporations or governments. Expressing something at pubic might bring unexpected consequences, particularly if not aligned by the corporation one works on if that's the case, or might provoke AI, bots, or paid/unpaid people looking around, to include anyone in a particular list, without even warning the writer about it.

So I was looking if such thing is possible, and if it exists. Social networks of course wouldn't be an option, they're not anonymous, and at contrary can be used to cross-reference and trace people.

If such solution doesn't exist, I'm wondering if something based on gnuNet might get close, although gnuNet is not meant to make users anonymous. Or perhaps something based on i2p.

Of course the digital signature should be used exclusively for the blog posting, and can't be associated to any real email, host, or whatever...

Feedback on the blog posts should also be allowed to anonymous people with their own unique digital signatures. But this is harder, since depending on the technology, not sure if moderation would be allowed, or even if it would make sense, in which case, no blog feedback should be allowed, though no feedback is really a down side for blog posts. Maybe allowing just the original post to remove feedback. Some other down side, but that's unavoidable, is the lack of non on thread feedback, meaning giving feedback through email or any other medium, since if that was available would make the writer non anonymous...

If such thing is not available, and eventually based on something like gnuNet or i2p, most probably clients would be needed to write blogs but another one that would offer some sort of RSS/atom functionality for the blog to be accessible from current RSS/atom readers.

The cops object when their tools on turned on them

I already know that private DNS is important for privacy. I'm using Quad9 btw.

But recently I hear a lot about NextDNS and similar providers that give more advanced features such as custom filters and domain blocking. I'm getting interested in that topic now as I have to use some proprietary apps with a lot of trackers in them.

However I'm really struggling to find useful information about what domains to block, what settings to use in one or another use case etc. I don't have much experience with firewalls and server stuff either which makes it even harder.

So, could anyone share some good resources on this so I can get started? Or should I just not worry about it and use a whole other system such as firewall?

Git records the local timezone when a commit is made [1]. Knowledge of the timezone in which a commit was made could be used as a bit of identifying information to de-anonymize the committer.

Setting one's timezone to UTC can help mitigate this issue [2][3] (though, ofc, one must still be wary of time-of-day commit patterns being used to deduce a timezone).

Cross-posts:

• https://sh.itjust.works/post/24495744
• https://sh.itjust.works/post/24495795