Privacy Guides

The pond is shrinking. Who's left with port forward?

I have been thinking about switching to brave for better fingerprinting protection

Yesterday a new version of cwtch was released with some improvements

What would be a good alternative to Imgur?

I use it in Stealth mode which "configures CanvasBlocker to be hard to detect." Does it still make my fingerprint more unique? Does it do anything beneficial?

I am curious as to what are the best practices regarding blurring and / or pixelating a portion of a photo. I understand the reasons why the website suggests to put a black box over text one wishes to redact, but for other content that is not text what is the best choice. Should a combination of the two be used or just one? E.g. for blurring a face or something else within an image.

Thanks!

Starting in version 1.54, [the browser] Brave will automatically block website port scanning, a practice that a surprisingly large number of sites were found engaging in a few years ago. According to this list compiled in 2021 by a researcher who goes by the handle G666g1e, 744 websites scanned visitors’ ports, most or all without providing notice or seeking permission in advance. eBay, Chick-fil-A, Best Buy, Kroger, and Macy's were among the offending websites.

this raises my antennae way up but i have to admit, although being probed makes my skin crawl, i don't actually understand what bad actors can do. it seems bad but that could be fud.

more distressing is the wall of shame; if even slightly true, this is hideous. typing just obvious things i know from just one screenful of a 700+-line document: state farm, lending tree, citibank, glassdoor, iberia. for some reason financial firms are heavily represented here.

anyone have any knowledge in this domain? and if it's an actual problem, what's the best way to put a ring around it? the actor is inside your browser, so the usual firewall tricks don't apply.

I got my mom a new iphone. On her old phone I set up the privacy settings according to a couple of guides I found on the old privacy guides subreddit. Will the settings survive being transferred to her new phone? Thanks.

Which one do you guys prefer and why?

By default most people run Wireguard on port 51822. This of course shows that you are running a VPN. Is it better to run on another port, for example 443? But I heard that some ISPs frown on that.

What do the folks here think?

Are there any good VPS providers you would recommend that don't require to much data and where you can pay with privacy friendly payment methods like monero?

I found some on google but I never heard if them before and just because they offer crypto payments doesn't mean they're privacy friendly.

I'm trying to run my work profile over VPN. The best thing I've found so far is external GL.iNet router and put my phone on airplane mode.

Are there any better solutions?

I've been using mat2, which is the first recommended option on PrivacyGuides.com, to remove metadata. Is there any drawback to this compared to ExifTool, which is at the bottom of the page? mat2 relies on ExifTool, but only for removing metadata that isn't a PDF, audio file, image, svg, or video. I usually use mat2 for videos, which utilizes FFmpeg to remove metadata. I don't think ExifTool uses FFppeg, but I could be wrong.

One weird thing, I probably shouldn't, but I still use ExifCleaner, which is an outdated Electron-based drag-and-drop metadata removal tool. After I run a video through mat2 and then through ExifCleaner, ExifCleaner says there were 60 metadata entries on the video file, but it reduces it to 59. This means mat2 seems to not remove all possible metadata.

I've been trying to take gym stuff more seriously lately and sometimes something like a fitbit seems like a great idea, are there any that don't just harvest you for minimal utility on your end?

Sorry if this has be answered before but I think searching is still weird

Decided to join Lemmy after the Reddit stupid decisions recently (as is the same with most people around I suppose) one thing I like to always do when testing a site or a service is seeing how well it works with Tor, and so far it seems to work good!

Although a question I have is, is there any Lemmy instances as of right now that have a .onion mirror? Would this even be a good idea?

There are some websites that I feel deserve to have me disable uBlock so that they get a little support from me even if it is not much or maybe nothing, is it worth doing that risking my privacy or is what the site creators can get from me doing that so little that it is just not worth it? Or are there any other alternatives, other than of course donating?

I use Firefox with uBlock, I know well that with Brave I can donate BAT to supported sites but honestly I don't like Brave and I don't want to switch to Brave being perfectly fine in Firefox.

I am just curious if anyone here changes it from the default (disabled) state. Would you say the telemetry data is particularly useful to the developers & respectful to the user? I generally disable all telemetry even on open source software but I am happy to hear people's arguments for enabling some of it if it helps the developers in a privacy respecting way.

Enjoy your day!

I just saw that Google will be shutting down Google Domains / selling all domains to Squarespace, which makes me wanna see if I can pick a better registrar.

I only used Google Domains for the reliability and convenience, but would rather not go with Squarespace. I don't see any section on hosting/registrars on the main site so was wondering what anyone else recommends.

I've heard talk before that Njalla is bad because you don't actually own the domain and there have been instances of them shutting down / revoking access?

Also along the same lines I wouldn't mind recommendations for good website hosting services too.

Would this be a good way to browse YouTube privately and avoid data profiling? I wouldn't be signed in of course.

Go to Njalla and create your dynamic DNS record. Once you do that It should show you something like this:

https://njal.la/update/?h=&k=&auto

On your records page it will fill in your subdomain and key automatically. on their documentation page it does not do this. You don't need the one from the documentation page. the one next to your dynamic DNS entry is what we want anyways.

Now on the pfSense box:

Make a new Dynamic DNS client. Service Type: Custom Interface to monitor: WAN (but might be something else depending on what you are doing) Interface to send update from: WAN (but might be something else depending on what you are doing)

In the update URL box paste in the URL Njalla gave you.

In the result Match paste in this:

{"status": 200, "message": "record updated", "value": {"A": "%IP%"}}

Now your pfsense box should know if it did a successful update or not. In your pfsense Status > System logs you should see this:

/services_dyndns_edit.php: phpDynDNS (): (Success) IP Address Updated Successfully!

Then I ran into an issue where it seemed like njalla wanted an update sooner than every 25 days and pfsense would say oh it hasn't been 25 days so I'm not telling njalla my IP is the same. well ok then. I pulled some inspiration from this thread:

https://www.reddit.com/r/PFSENSE/comments/hhvxdl/force_dynamic_dns_update_every_7_days/

So thanks u/WetwareLabs

I installed the cron package on the pfsense box and then I edited the /usr/bin/nice -n20 /etc/rc.dyndns.update command to run on the 1 minute of every hour (I think you see where this is going).

I then created a new cron to run every hour on the 0 minute that just runs this command: rm /cf/conf/dyndns_wancustom\'\'0.cache

So now every hour the firewall doesn't have the current WAN IP cached and he goes "Holy barnacles, I gotta tell Njalla my new IP!"

Now Njalla knows every 1 hour that something is still saying "hey I'm alive and here is my IP"

I know this solution is kind of ugly, but it works. I am sure almost nobody will read this or do anything with it but if you are living the real privacy lifestyle running local nextcloud and want to get at that sucker from the internet AND you don't want to pay for a static IP or use another dynamic DNS provider then maybe this is for you.