1
13
submitted 14 hours ago by [email protected] to c/[email protected]
2
59
submitted 23 hours ago by [email protected] to c/[email protected]
3
26
submitted 1 day ago by [email protected] to c/[email protected]
4
5
submitted 1 day ago by [email protected] to c/[email protected]

I only just thought of this. I have the same cartoon-y profile pic from a foreign TV show on a bunch of my accounts, I wonder if its unique enough and worth tracking.

5
16
FUTO Keyboard (keyboard.futo.org)
submitted 2 days ago by JohnWorks to c/[email protected]

Got recommended a video going over this keyboard. Looks pretty good so far despite being in an alpha!

6
5
submitted 2 days ago by [email protected] to c/[email protected]

By data I mean anything / everything: telemetry, contents in emails and files, and other user data. My school uses Google Workspace and I don't like the idea of having to depend on it but I can't change that. Give me tips and advice.

7
45
submitted 3 days ago by [email protected] to c/[email protected]
8
32
submitted 5 days ago by [email protected] to c/[email protected]
9
114
submitted 6 days ago by [email protected] to c/[email protected]
10
30
submitted 5 days ago by [email protected] to c/[email protected]
11
20
submitted 5 days ago by [email protected] to c/[email protected]

Isn't the value of two factor auth that it requires a physical device (your phone or computer) with the auth key to authenticate you? Then why don't many two factor auth apps seem to support syncing? If it's fine to do so, are there any open source cross platform apps that sync keys?

12
11
submitted 4 days ago* (last edited 4 days ago) by [email protected] to c/[email protected]

cross-posted from: https://links.hackliberty.org/post/2005038

I know this is an outrageously bad idea, I don't need convincing. I am just looking for some more information and discussion on what exactly the exposure and surveillance risk is.

I'm asking both for my own education (I am still very green to networking), and to better explain to people in my life if and why they should care.

  1. Is it true that traffic can be tracked and logged by ISP through DNS lookups, as these routers are preconfigured to use their internal dns service?

  2. If this is changed (like base.dns.mullvad.net), how much does this actually mitigate the risk here?

  3. What about when a VPN (mullvad) is also being used at all times? Would it then be "overly paranoid" to fear this untrusted box all the traffic goes through?

I personally take a conservative approach to things like this and assume it's an unacceptable risk, but I don't really understand what the truth is.

Thank you in advance for your time and thoughts.

EDIT: I'm asking about US and US adjacent areas

13
13
submitted 6 days ago* (last edited 6 days ago) by [email protected] to c/[email protected]

Death Note Anonymity analysis by Gwern.

I think it would be valuable to read for people here, especially newbies and "privacy bros" to understand how ~~privacy~~ (anonymity) actually works.

Given a perfect weapon, can you commit a perfect crime?

The answer is surprisingly close to no.

Everything you do bleeds information.

A perfect crime is one that wasn't even noticed. If a perfect crime gets noticed it immediately reveals the following: you are smart and you have the knowledge and weapons to commit a perfect crime, and in a murder you must have had a motive, instantly ruling out 99% of the human population.

On the web you can be tracked using almost anything: browser window size, word choice, times you are online, internet connection delay, negative qualities like not giving your language will exclude the majority of people who do.

In fact, just this post alone is sufficient to narrow me down to less than a million (maybe even a few thousand) people.

Edit: This is actually about anonymity, privacy is slightly different, but I think this is still relevant to privacy.

14
-3
submitted 1 week ago by [email protected] to c/[email protected]

All I found was this comment about the difference.

Premium domain is only available when you have premium, because fewer people pay and fewer people use it, so there is less abuse and the domain name has better reputation, so when you public domain is not working, using the premium domain may be able to register.

15
14
submitted 1 week ago by [email protected] to c/[email protected]

https://reddit.com/r/privacy/comments/v624di/apple_tracks_you_even_if_you_dont_have_apple/

We investigate what data iOS on an iPhone shares with Apple and what data Google Android on a Pixel phone shares with Google. We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins. The phone IMEI, hardware serial number, SIM serial number and IMSI, handset phone number etc are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this. When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing.

https://www.scss.tcd.ie/doug.leith/apple_google.pdf

16
99
submitted 1 week ago by [email protected] to c/[email protected]
17
15
submitted 1 week ago by [email protected] to c/[email protected]

Fingerprinting works by collecting bits of information about the browser and device to identify users. Couldn't browsers see when a website gets such info with JS and either prevent or ask permission from the user for the website to make HTTP requests to upload such information to the website. Idk if they do something like this already.

18
147
submitted 1 week ago by [email protected] to c/[email protected]
19
10
submitted 1 week ago by [email protected] to c/[email protected]

iOS is very good about sandboxing and only letting apps run things while the app is open and focused on. It shows green and orange dots when the camera or mic is being used, and none of my use them without saying so and they only do so when they actually need them. If that is the case, are there any potential privacy issues with it?

20
90
submitted 1 week ago by [email protected] to c/[email protected]
21
12
submitted 1 week ago by [email protected] to c/[email protected]

I've been looking at using email aliases services, and right now I'm thinking of using Simplelogin for all my online accounts and accounts where I can change my email easily, and getting my own domain to share with people and where I can't easily update my email. It seems like I shouldn't use my own domain for online services because it would be unique and can be tracked.

I did lots of reading about this and am still wondering why someone would want to opt for catch-all domains over aliases. Catch-alls seem highly susceptible to spam and while I haven't actually done any email aliasing yet, it doesn't seem to take much effort to make a new alias if you have a plan with unlimited aliases.

22
122
submitted 1 week ago by [email protected] to c/[email protected]
23
86
submitted 1 week ago by [email protected] to c/[email protected]
24
60
submitted 1 week ago by [email protected] to c/[email protected]
25
17
submitted 1 week ago by [email protected] to c/[email protected]

I did the tests on fingerprint.com/demo/ and https://coveryourtracks.eff.org/ and they both said I have a unique fingerprint, even when I enabled privacy.resistFingerprinting to True.

view more: next ›

Privacy

3674 readers
155 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS