this post was submitted on 13 Nov 2024
251 points (97.0% liked)

Technology

59581 readers
2790 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 26 comments
sorted by: hot top controversial new old
[–] [email protected] 82 points 1 week ago* (last edited 1 week ago) (1 children)

You know, I think it's interesting how this used to be considered the nutjob's territory just a bit over 10 years ago. And now, at least for the USA, this might be the thing that keeps you out of jail.

It's kinda frightening

[–] [email protected] 29 points 1 week ago* (last edited 1 week ago)

Civil liberty and privacy advocates have been saying that surveillance capitalism and dragnet mass surveillance aren't just a direct attack on our civil liberties, but were a trojan horse that would be used to attack and dismantle democracy if they weren't heavily restricted.

Neoliberals and conservatives have spent the last 80 years building big brother FOR fascism, and the fascists used all the tools built by surveillance capitalism to stage their coup. Rather ironically, if the tens of trillions spent to build it went to social services instead, fascism 2.0 may have never materialized.

[–] [email protected] 49 points 1 week ago* (last edited 1 week ago) (3 children)

The thing which pop security types miss here is the need to blend in. Being a hole in the noise is like the worst thing you can do. Establish a pattern of life and you can use it to obfuscate your alternative activities. Understating how tracking works and using it to your advantage is 100x more useful than pretending like using a different app store or some random ROM is keeping you safe.

[–] [email protected] 10 points 1 week ago

It's how the anti-fingerprint features in browsers like LibreWolf and Mullvad are supposed to work: make all copies of the browser appear the same, which means forcing some options in the browser settings, so that nobody sticks out. Brave chooses to do so by randomizing some of your browser fingerprint data, which really doesn't prevent you from standing out, it just means that your fingerprint info the trackers collect isn't going to be accurate.

[–] [email protected] 9 points 1 week ago* (last edited 1 week ago)

I've heard this called "social chaff"

AIs generating false data for you to hide behind may be one of the few good things to come out of the LLM craze.

[–] [email protected] 4 points 1 week ago
[–] [email protected] 34 points 1 week ago* (last edited 1 week ago) (3 children)
  1. So how ai generated is wired these days?
  2. NEVER trust any guide that is about "protecting yourself from government surveillance". Anyone who has an idea of what risk mitigation is viable will NEVER phrase it that way for obvious reasons

From a quick skimming, it looks like their genius guides boil down to

  • SIgnal: Signal is only as secure as every user in the chat. Yes, it is MUCH better than using something like imessage. But if they are beating your buddy with a baseball bat it doesn't really matter if your message expired or not
  • FDE: Yes, that is a good idea. But understand that "oh, I forgot my password" doesn't work when you have been declared to have no civil rights because you look foreign.
  • Get a NAS: A good idea, in general. But maybe understand that means you have a big ol' box of incriminating info in your house that is available to whoever has a crowbar.
  • Use Tor: HA! First, it is only a matter of time until Tor is attacked and likely large numbers of users are brought up on CSAM charges. But also? Understand what a compromised endpoint is and maybe look up what governments tend to be associated with those.
  • Get a VPN and turn off your GPS: Yeah. it is a real good thing that our devices don't all connect to cell towers where they can easily be tracked from.
  • Get certain crypto but carry a lot of cash: Yeah... how AI generated was this article?

If you actually care about your vulnerability, look what ACTUAL journalists on the run from a government or megacorporation do (dedicated hardware that can't even power up within a few city blocks of your other devices, for one). And understand that most of those boil down to "They know it is me and they are hunting me but I can live off the grid long enough to get this story out and then maybe they won't kill me afterward".

[–] [email protected] 26 points 1 week ago (2 children)

If you arent an actual journalist who is being personally, specifically hunted then you probably don't need to take the same precautions as one.

And yea, the guide boils down to "none of these things are 100% safe but they are realistic things you can do that can offer more protection than not doing them."

Your skimming of the article missed how they do indeed talk about the shortcomings of every suggestion they have. For example, the article also does indeed talk about how you can turn off gps but your phone will still ping towers revealing your location, and goes on to say that you can put your phone in a faraday bag but that isnt practical for most people but is indeed an option if you want to do it.

[–] [email protected] 10 points 1 week ago* (last edited 1 week ago)

Lol you think the feds won't notice that a person of interest's phone went dark for the first time in 5 years?

Everyone gets this wrong. If you want to hide, hide inside your established patterns of life. You want to do shit across state line for a weekend? Don't turn off your phone, have your friend carry it around while you are gone.

[–] [email protected] 6 points 1 week ago (1 children)

The fundamental issue is still giving people a false sense of security. It is why it is INCREDIBLY important to be very very specific about what you do and don't get from various actions. Otherwise you have the same problem as all those people in countries where being LGBTQ was criminalized who realized elon musk owned their DMs.

Also: Putting your phone in a farraday bag half a mile from a protest doesn't take much effort to detect.

[–] [email protected] 11 points 1 week ago

Just to expand on the phone thing because it amuses me:

In a past life myself and a few others had access to cell tower records for a specific company. As a research project, we applied what we would now call AI/ML concepts to sanitized data (basically all customer IDs were mapped to a different ID set and then the mapping was thrown away).

For poops and giggles I checked the tower nearest the local happy ending massage place. And, lo and behold, we were able to immediately get a list of everyone who turned their phone off for 30-60 minutes.

[–] [email protected] 2 points 1 week ago (1 children)

What exactly does Signal have to offer if one already uses iMessage with contact key verification?

[–] [email protected] 2 points 1 week ago

Not all people are rich enough to have iPhones. And if you really want privacy, you wouldn't go for one anyway, instead choosing Graphene/Divest/Lineage. Not to mention iMessage is fully closed-source so you cannot even trust it to do what it does. I have issues wirh Signal, but at least I would take it over iMessage any day.

[–] ayyy 2 points 1 week ago

Anyone who has an idea of what risk mitigation is viable will NEVER phrase it that way for obvious reasons

Those reasons aren’t obvious to me at all. Can you expand on this?

[–] [email protected] 20 points 1 week ago* (last edited 1 week ago)

I see quite a few comments trashing this article, why?

It gives solid advice while reminding the reader that this is not perfect.

If I was Snowden this is not enough at all, but If I was an illegal immigrant in a country full of others like me? I think this article plus the final note about past data, does actually give a very solid advice.

I would argue that those who follow this guide, and take to heart the final notes and does something about past information (e.g move to a new address, change some habits, etc) would not be discovered in a mass deportation. Again, if you are an individual who is uniquely targeted by a government, this is not enough.

And yeah, they missed some points and this isn't perfect, but anyone who is serious would do more research anyway, so I actually think this a good article.

[–] [email protected] 16 points 1 week ago* (last edited 1 week ago)

I would stay away from Zcash as privacy is not required on the protocol level. They are the electric coin company which is registered in the United States and they have shown that they are willing to add functionality to help law enforcement and exchanges trace users.

Monero has never compromised its security in order to help a law enforcement agency or exchange trace their users and have been taken off of many exchanges for that exact reason. The Monero people do not care if it's taken off of every centralized exchange because decentralized exchanges exist and atomic swaps exist and the Monero circular economy exists.

[–] [email protected] 15 points 1 week ago (1 children)
[–] [email protected] 6 points 1 week ago (1 children)

President-elect Donald Trump has promised to deport millions of undocumented immigrants. He’s vowed to jail his political foes and journalists. A Republican-controlled government could further restrict abortion and transgender rights.

FUCK U$A!!!

[–] [email protected] 1 points 1 week ago

Whoever voted for that guy now gets to enjoy his (hopefully short) mandate and whatever "unforeseen" backlash they get from it.

All the rest get to cry and fight for the reestablishment of a democratic regime.

[–] [email protected] 4 points 1 week ago (3 children)

the Freedom of the Press Foundation’s Holmes suggests users try the private browsing feature in the Brave browser, which uses a stripped-down version of Tor’s anonymous routing by default.

Better alternatives than this? I use a VPN but not Tor at the moment

[–] [email protected] 17 points 1 week ago (2 children)

mullvad or librewolf browsers > brave

[–] [email protected] 3 points 1 week ago

Yeah those are what I am currently using as well, was mostly curious about what their were talking about re tor routing or w/e

[–] [email protected] 3 points 1 week ago

Yeah, Brave has even worse track record than stock Firefox.

[–] ayyy 3 points 1 week ago

If you’re gonna get another browser, why not cut out the middleman and just use TOR Browser directly?

[–] Cheradenine 2 points 1 week ago

I don't think there is a middle ground between a VPN and Tor.

As much as I don't like Brave this seems like a good feature. There do seem to be some problems with it leaking in some circumstances though.

For the curious, Brave page about private windows with Tor Here

Issues on their GitHub Here