Privacy Guides

Hi, I wanted to know if any of you have info regarding some specifics of Air VPN.

On Reddit some time ago I found this google spreadsheet with a list of basically all the VPN services and a rating by color: https://docs.google.com/spreadsheets/d/1L72gHJ5bTq0Djljz0P-NCAaURrXwsR1MsLpVmAt3bwg/edit

I started then to filter-out all the red one but I was wondering for AirVPN (which looks good on almost everything on paper) what's wrong with their "ethics". If you go into the specification of the "Ethic" tab ther's nothing much explained and I can't find anything online regarding this.

On some website it has quite low ratings as well but they do not explain very much why.

Thanks

Mull hasn't been working in the last update so I'm trying to downgrade without losing my settings, but that requires me to delete the app first then reinstall. Is there a way to backup/export my settings?

Edit: I bit the bullet and reinstalled Mull after deleting it 🤕

As I continue to look for new tools to increase my data/identity protection, I came across jmp.chat as an interesting phone service. It seems like a potentially nice way to privatize phone and SMS more, but I'm a novice at all of this and wonder if anyone else has done more research on this matter. Does anyone have opinions on this service?

Hi there,

I've started using Mullvad Browser recently(switched from Brave) and really like it.

I turn on browser history when using it and was wondering if this would be kind of defeating the point? Obviously I'd get the other security benefits from the hardening done, but should I just use vanilla Firefox?

Interested to hear people's opinions!

backup, just in case the original link goes down

About 25% of my apps are from F-Droid. The rest are from Play Store. I want to use Aurora Store to install apps rather than Play Store.

I have installed Aurora Store. Do I simply remove Play Store from GrapheneOS and it will remove all the Play Store apps at once or do I need to first remove them one by one, then remove Play Store, then install each one via Aurora Store?

It feels like we have a new privacy threat that's emerged in the past few years, and this year especially. I kind of think of the privacy threats over the past few decades as happening in waves of:

1. First we were concerned about governments spying on us. The way we fought back (and continue to fight back) was through encrypted and secure protocols.
2. Then we were concerned about corporations (Big Tech) taking our data and selling it to advertisers to target us with ads, or otherwise manipulate us. This is still a hard battle being fought, but we're fighting it mostly by avoiding Big Tech ("De-Googling", switching from social media to communities, etc.).
3. Now we're in a new wave. Big Tech is now building massive GPTs (ChatGPT, Google Bard, etc.) and it's all trained on our data. Our reddit posts and Stack Overflow posts and maybe even our Mastodon or Lemmy posts! Unlike with #2, avoiding Big Tech doesn't help, since they can access our posts no matter where we post them.

So for that third one...what do we do? Anything that's online is fair game to be used to train the new crop of GPTs. Is this a battle that you personally care a lot about, or are you okay with GPTs being trained on stuff you've provided? If you do care, do you think there's any reasonable way we can fight back? Can we poison their training data somehow?

TL;DR: Reddit is making their tracker-filled mobile app the only way to access Reddit on mobile devices, they are falsely accusing third-party developers of blackmail, and they are on a path to severely lower the quality of content posted on Reddit and increase the amount of spam you see. To stand against these changes, alongside numerous large subreddits, Privacy Guides is not currently available on Reddit. Join us on Lemmy at [[email protected]](/c/[email protected]) :)

As we discussed and announced a week ago on Reddit, the Privacy Guides subreddit is being made private from June 12 to June 14th to call attention to Reddit's most recent anti-consumer behavior.

What is Reddit doing?

A few weeks ago, Reddit unveiled plans to change the pricing for their API from $0 to $12,000 for 50 million requests. For third-party clients like Apollo on iOS or Sync on Android, this suddenly put the cost to create such an app in the realm of $20,000,000 per year, a figure clearly unsustainable for third-party Reddit client developers. For comparison, Imgur—a website with a similar userbase and size to Reddit—charges developers approximately $166 for every 50 million requests. This change in Reddit's pricing to far beyond any reasonable market value was driven solely to eliminate third-party clients from the market, in order to force Reddit users to use the official app instead, a plan which was successful given that most major third-party Reddit clients have now announced they are shutting down by the end of this month.

Reddit's API changes also affect a number of bots which are critical for moderation. Reddit cutting off access to clients and bots which moderators require to effectively care for their communities will only result in Reddit being overtaken by spam and low-quality content.

Why does Privacy Guides care?

The internet is supposed to be an open standard, and information on the internet cannot be funneled solely through proprietary first-party clients. The difficulty I had in merely archiving the r/PrivacyGuides announcement post on the New Reddit design (note everything missing here on internet archive) clearly demonstrates the danger of locking information into closed ecosystems like Reddit, where merely accessing this information is subject to their whims.

Open APIs and third-party clients are paramount to enabling privacy-friendly access to otherwise proprietary silos on the web. Through the use of those APIs and clients, it was possible to interact with Reddit in an entirely user-controlled, privacy-friendly way. Reddit's restrictions take that choice away, making their official app virtually the only portal to the information on their platform available to mobile users.

While Reddit is certainly within their rights to make these changes, Reddit users are certainly within their rights to reject these changes and choose an alternative.

We—obviously—think that the r/PrivacyGuides community is hugely beneficial to the internet at large, and a lot of great discussions take place informing people about privacy and protecting their data online. All of this taking place on Reddit was a necessary price to pay in order to reach a ton of new people and get them interested in private, open-source technologies, but if Reddit is going to abuse that power and try to control those people into using privacy-invasive clients, the cost of that might outweigh any benefit to us remaining on the platform.

Reddit's Current Response (Unmitigated Disaster)

In the past week, Reddit has largely made two real announcements about this change:

Firstly, they announced that they would keep the API free to certain clients which provide accessibility features. It should go without saying that this is just another way of Reddit saying: Because we are unwilling to make our website and apps accessibility-friendly ourselves, we will very generously let third-party developers do it for us for free.

Their second response has been to falsely accuse a prominent developer of blackmail, and then double down on their false accusations when confronted with irrefutable proof of their behavior. Threatening and accusing people in private messages, and then acting like the victim when those people publish those messages to refute your claims is incredibly toxic and inappropriate behavior from anybody working on any project, much less the CEO of Reddit.com.

In my view, this childish behavior from Reddit moves this situation far past the typical money-grabbing moves you should expect from Big Tech corporations and into legitimate concerns about integrity and stability at Reddit. If their leadership is going to devolve into Twitter-esque, dictatorship-fueled decision making, the entire platform can no longer be trusted as a source of knowledge at all.

What happens on June 15th?

I don't know what Reddit's response to this widespread protest will be. In any event, the Subreddit will re-open, but if Reddit's response is to do nothing, then r/PrivacyGuides will re-open in restricted, mod-only posting mode. Then we will have a community discussion about our next steps.

Reddit choosing to do nothing is—in my opinion—an untenable solution. While we will re-open r/PrivacyGuides in order to allow people to access the vast community knowledge that is already there (while you still can), it is entirely possible that the subreddit will remain restricted indefinitely. It is hard to imagine a reason why we should encourage our incredibly helpful and generous community to continue to provide valuable content to Reddit for free, only for Reddit to go down this privacy-invasive, ad-first path.

What's Next?

In any case, I would strongly encourage you to stop using Reddit going forward. The fiascos at Twitter and now Reddit clearly demonstrate that centralized big tech companies can no longer be trusted with being the gatekeepers to user-generated information (as if they ever could, hah!).

I think that smaller, federated communities like Lemmy/Kbin/Mastodon are the future of knowledge-sharing on the internet, and the new Privacy Guides community on the fediverse can be joined from any ActivityPub enabled instance, such as:

• On Kbin.social: https://kbin.social/m/[email protected]
• On Lemmy.world: https://lemmy.world/c/[email protected]
• On Beehaw.org: https://beehaw.org/c/[email protected]
• On Lemmy.one: https://lemmy.one/c/privacyguides
• On Lemmy.ml: https://lemmy.ml/c/[email protected]
• On any other Lemmy instance, search for [[email protected]](/c/[email protected])

All of these are links to the same community, just pick whichever site you already have an account on.

Privacy Guides additionally hosts a Discourse forum at discuss.privacyguides.net where we have discussions about and analyze various privacy tools.

I found it complicated at first (didn't know which instance "will last", where to register to not lose anything when instance admin decide to turn it down), but now it's going good. We are missing mobile apps though.

What's are your thoughts about Lemmy/kbin?

I have to manage multiple bank cards, and if I lost them, I would have a major problem. I've been using Google Pay to pay via NFC.

Are there any alternatives to Google Pay? I dislike the privacy aspect of it.

Michael Bazzell’s podcast has been a fantastic resource to me over the years, and I was hoping to re-listen to some of the old episodes. I understand his reasoning for not wanting old episodes to be available through his main channel, but it would be a really nice resource to have old archived episodes available for listening.

I’ve read that there is a torrent of them somewhere, but I’ve unfortunately been unable to find them. Any help in pointing me in the right direction would be very appreciated.

...but I apparently had opted to receive payment through Venmo. Now Venmo wants me to set up a business account. Any idea what's up with that?

I first saw the announcment in r/save3rdpartyapps (my only sub). The AMA is taking place at r/reddit, no time was given, just says "today"

Warning: Lemmy (federated reddit clone) doesn't care about your privacy, everything is tracked and stored forever, even if you delete it

I've been using Openboard as my keyboard since 2020, and I'm pleased with it. However, I've noticed that the latest update was back in August 2022. Does this mean it's deprecated?

Are there any other simple FOSS Android keyboards that you have experience with and can recommend? I'd love to hear it!

Edit: my current keyboard https://github.com/openboard-team/openboard

Hi all, I understand that everything will be archived forever - but what is the best way to clear our my current account and all of its history?

You want Chrome 114.0.5735.106 or later on Mac and Linux, and 114.0.5735.110 or later on Windows.

(Also relevant to Chromium browsers, e.g. Brave, which you can check at brave://settings/help)

Hello everyone,

I apologize if this is a debate that has already taken place. Please delete the post, and kindly indicate where I can send my message.

We all know that in technology, there are always things where one has to accept trust in the developer(s), whether it's hardware or software. Some things are currently unavoidable to change in the short term, so that's not where I'm focusing my point.

But something bothers me about "Open-Source" applications. I don't know how to compile, and I'm not willing to dedicate so many hours of my life to learning it. So, in addition to trusting reputable companies, I now choose to trust a reputable person or group, who likely receives code audits for their open-source code. However, these audits are based on the open-source code, not on what ends up being compiled for my final consumer execution. In the end, each project is a bucket of trust unless I know how to compile. And even then, there may be ways that something slips past us, but I understand that it would at least reduce the risk. I read that F-Droid did this: they didn't trust the app creator, but rather compiled their own version from the open-source code. It seemed fantastic to me, but the problem was always the delay.

The question is: Couldn't a program with AI be created to compile any GitHub repository directly? It would eliminate the need to trust even the developer themselves; we would only have to trust their code, as we already do today, and the audits would finally have real value. We would know that what we receive is that code.

I would also love for the concept of Flatpak to be like this: that the developer doesn't sign the binary, but only signs the code, and Flathub (or some backend) creates everything automatically. And if there are doubts about Flathub or any other backend, users could do it locally. It would be a bit more tedious, but its value in privacy would be enormous.

By the way, if any of this already works this way and I am confused, please enlighten me.

Thank you very much, everyone!

Has anyone here tried the Berty Messenger app? It's a cross-platform encrypted messenger with the ability to communicate over Bluetooth. I'm really impressed with how capable it is already, but wouldn't rely on it for anything too sensitive in it's early state. To me, it looks like a great way to send offline messages in the event of a service disruption.

Basically, it works like Briar, but it's available on iOS and Android so it has the potential for greater adoption. Until now, I've relied on Bridgeify for offline communications with iOS devices, but I'm glad to have an Open Source alternative

I still think Briar is a better option for Android based systems, but it's nice to have another tool, and especially a cross-platform one.

Since we launched our first paid plans in 2015, our Premium price has never changed. Now the time has come to update our plans. While prices for existing subscribers will not change, we have an awesome one-time offer if you decide to switch to the new plans right now: Get the new plans at half price and benefit from more email addresses, lots of storage, and more features!