Privacy Guides

I know that there is a WIP for a future article about router platforms, but from the little I've read on the Github issue page and a few videos I've watched I decided to make this plan right here:

Put my ISP router in AP only mode, connect it to a Protectli Vault as my firewall, get a managed switch that supports vland (still haven't found a good one, if anyone can recommend one I'd appreciate it) and have a Turris Omnia as my wireless access point.

Is this a good secure network setup? (also once again, recs for a switch would be appreciated)

I could use discord in a mobile browser but it's a bit weird since I mostly use discord for calls than messaging.

Perhaps are there any open source clients that still work ?

Did you know..?

DuckDuckGo has two non-javascript versions of their search engine and both of them are very lightweight, especially the lite version.

You can access them via:

Html: https://html.duckduckgo.com/html

Lite: https://lite.duckduckgo.com/lite

#privacy #duckduckgo #dgg #searchengine @privacyguides

I live in the EU and the company I work at has been bought out by an american company. They now want me to sign a document that lets them transfer my personal data from my employer to the USA. They want my Name, full address and birthday. It says that they need this for some "compliance regulation" which includes the prevention of terrorism (the ol' classic). I feel uncomfortable giving them "explicit permission" to share this data even if it is done under "highest possible security measures" which, if they are not possible, might as well be none. I just started my apprenticeship, so they could fire me without providing a reason if I do not sign. Any help is well appreciated.

Like the title states looking for E2EE apps (Android and iOS) without going into much details or needs to be robust enough and easy to use for anyone and stable for operations that are susceptible to constant electronic warfare. I did some research and thought about replacing Signal with Molly and wondering if it will still work if Signal leaves the EU, but am also worried about its updates to patch vulnerabilities in a timely manner. I appreciate the help I am a “Jack of all trades and master of none” when it comes to these types of programs, but am also the go to currently in my unit since I am somewhat knowledgeable about exploits and attacks that can compromise systems would be great if there was an desktop as well (like Signal) and would also be nice if it was FOSS and auditable ( I know that’s kind of redundant ) I know it’s a tall order to ask but figured I would try. I really appreciate the help so much and hope I did things by the rules here and don’t get flamed if this has already been covered ( I searched but my skills with searching the fediverse is low. ( Going to ask in the other privacy community as well but am not spamming)

It's really great for someone who doesn't know how to use debain itself and their community are super friendly so do you think it's worth it's legacy

I didn't see this on any privacy guide, but with minimal work, you can have a cloud drive that's accessible from your phone and laptop.

Basically setup Rclone mounted => Rclone crypt => Rclone + Backblaze. Dump all your files and it works like a normal cloud drive. Android Rclone client is here https://github.com/newhinton/Round-Sync/releases

Round Sync let's you setup Cronjobs so you can backup all your photos or whatever automatically. I have a job that syncs all my photos to my drive every couple days.

I store a lot in Backblaze and it's <1USD/mo. I can provide details if there is interest.

Thought I'd share a little side project I've been working on.

Omitme is a open-source, free CLI tool (& work-in-progress GUI) for managing your data on platforms like Discord & Reddit. It's built to be expandable & generic making it easy for Omitme to work on any platform.

Learn more on our Github

I just acquired a new PC, and it hasn't been turned on yet. I would love some advice and tips on what to do before I get started with it to protect my privacy.

I'm a privacy-conscious person, but not dogmatic about it. And honestly, this is the first desktop PC I've had since Windows XP was a thing. So it goes without saying, I'm very out-of-the-loop when it comes to Windows. I'm not opposed to putting a Linux distro on it, as long as it's very easy for a beginner to learn on.

Really tho, I'd like to know if there's anything I should or shouldn't do as I'm booting the comp up for it's first time. Im grateful for any and all advice here. Thanks!!

Edit: thanks for all the responses so far! I figured it'd probably help to list my use cases for the PC. It'll mostly be used for gaming, music production & sound design, collecting music and movies (which will likely involve me regaining my old sea legs, hoisting the black flag, and sailing the high seas). At some point in the future, I wouldn't mind learning how to host a media server for friends and family to access, but I got lots to learn before I dip my toes into that. My privacy concerns are pretty general - I'd like to prevent corporate data mining mostly, but since I may be screaming "yo ho ho" soon too, I'd like to be protected in those regards as well

I vaguely remember either on PTIO or Privacy Guides that there were some recommendations on debloat tools. I'm wondering what people are using these days to achieve this?

I looked up a solution for this with no luck..I want to use The PF app with grapheneos but with all the configurations with both the app and gp services it still asks me to update the gp services and it force closes..any of u guys figured how to get the app working?

Hey,

In the past I used Duolingo to study languages, but now I'm more privacy-conscious and looking for better options. And their recent data breach only solidified that intention.

I recently saw someone posted a comparison table for privacy policies of Duolingo and a number of competing products. Unfortunately I cannot find it now.

Can you give any suggestions? I'm not opposed to paid services, btw

I want to self host in order to run Nextcloud, Firefly III, Home Assistant, maybe Photoprism, and maybe a couple other things down the line. And I want it to be fast and with low maintenance.

What would be the best thing for me? PikaPods? Can synology servers run those apps?

Github: https://github.com/WardPearce/Purplix.io

View our canary: https://purplix.io/c/purplix.io/3ZjhTlZRWv8iqa6sn9yJ3TRiIkVbwITOOlwLjJD36jQ

What is Purplix Canary?

Purplix Canary is a free & open source warrant canary tool what helps you to build trust with your users.

It allows you to inform users cryptographically if your site has been compromised, seized or raided by anyone.

How does it work?

Site verification

Purplix uses DNS records to verify the domain the canary is for, giving your users confidence they are trusting the right people.

Canary signatures

Each domain is associated with a unique key pair. The private key is generated locally and securely stored within the owner's keychain. When a user visits a canary from a specific domain for the first time, their private key is used to sign the public key. This signed version of the public key is then automatically employed for subsequent visits, effectively mitigating man-in-the-middle attacks and ensuring the trustworthiness of canary statements from the respective domain.

Files

Canaries can include signed documents to help users further understand a situation.

Notifications

Users are automatically notified on the event of a new statement being published.

I know they've been around since the GDPR came into effect, but I've suddenly noticed a sharp increase in the cookie prompts on web pages which have a second "legitimate interest" page. Some of these have an "object all" button, but plenty require you to manually opt-out of sometimes hundreds of ad-trackers.

The cynic in me assumes this is a legal loophole, whereby they can claim legitimate interest in your data in order to do exactly what they were going to do anyway (which is not what the legitimate interest feature of the GDPR is for) without being required to give you a "reject all" button.

1. Am I being overly paranoid or is this exactly what's happening?
2. Does blocking all third-party cookies (something your browser should be able to do by default) negate all this need to reject anyway?
3. If not then what's the solution?

If you do have an answer then please state if it applies to EU/UK or other, non-GDPR-respecting countries!