Post got deleted, posts removed…

  • The_sleepy_woke_dialectic [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 hour ago

    The “little steps” idea, though helpful in other places, doesn’t really apply under surveillance capitalism. If one company gets some small bit of info about you they will sell that data to everyone else, and the government has access to those data as well. Being a little safer sometimes doesn’t do much. You really have to go all the way or don’t bother

  • OlPatchy2Eyes@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    5 hours ago

    Unsurprising behavior from a community where the coolest person is the one who can put on the biggest tin foil hat. I appreciate the privacy community here but I think the concept itself leads to users decrying anything as insecure just because it makes them feel more knowledgeable.

    • BigDanishGuy@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      10 hours ago

      proton is literally cia. they are modern cryptoAG

      [citation needed]

      I’m not saying that it’s BS. I’m asking as someone who’s on the brink of dropping 300€ on a year of “proton family”. I’d like more than an unsubstantiated “they’re crap” claim before making my decision.

      • helpmyusernamewontfi@lemmy.today
        link
        fedilink
        arrow-up
        0
        ·
        7 hours ago

        I literally only started hearing people say its a honeypot after that one cat pfp youtuber was reviewing its onion services when proton released it, which used https for the onion domain, which he said “is the same thing honeypots do” or whatever

  • marcie (she/her)@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    19 hours ago

    Only reason I’d recommend signal to anyone is that its one of the few encrypted apps that doesnt have awful onboarding. A boomer can figure it out.

    • xtrapoletariat@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      10 hours ago

      What do you recommend?

      If Signal was not simple, my family and friends would likely use Telegram or WhatsApp. Even switching to Signal required a number of (general) newspaper articles criticising the status quo. It’s likely not optimal, but okayish and sharing opinions and holiday impressions feels a bit better.

      Switching a service is a slow, difficult process and many contacts will not follow, given they would abandon other contacts among friends, family, parents at school, sports teams, … (now, I’m here, using 4+ solutions).

      If training or even curiosity for the technical process is required, very few people will follow. If it takes me (with strong IT background) more than 30 minutes to understand/implement, I may have a decent private solution, but I will feel quite lonely soon.

  • DollarColonial@lemmy.mlOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    24 hours ago

    I also got DMs asking why it’s removed or if I got banned, + someone asking and saying in topic it’s the 3rd in short time.

  • kekmacska@lemmy.zip
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 day ago

    i can agree on a few stuff, and can’t on some others. I just choose the most private options aviable that still serve the purpose i use them for. Like if you can find something on Google Play, Aurora, F-droid, obviously, it is better to download from f-droid, but if you have a bit more time, it is even better to download from source or even compile it yourself. But it always upsets me when people ask for privacy tips when using ios or windows, like are you joking or what? ditch those lol. And obviously, as a gamer, i wouldn’t use purist linux oses, like PureOS, because it can have serious issues with games. But i won’t buy nvidia if i want to game on linux, when i can get amd with open-source drivers on distros like Garuda. So i think a reasonable privacy can’t hurt anyone, but moving on just the next little step or going into the extremes are both not good ideas

    • DollarColonial@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 day ago

      I can’t recommend downloading from sources to normal people, and the problem is no, one step after step is better, as you can’t have a perfect solution for privacy btw, but moving from one service to one service lets say in one day, week or maybe even month is not realistic. Its like recommending a password manager, great, but then saying theres immediat need to change all password… Like, technically true, but realisticly, bank and mail firsts, then step by step some passwords, without forgeting new accounts should have now strong passwords.

      As I said, ie my girlfriend knowing Im interested into privacy tell me that she just installed and created a protonmail account and she used Drive a bit, if I just say thats useless because there need compartimentalization and Proton gave IP to police, thats fckd up

      The most private, the most secure option isn’t for everyone, first to threat model, second to personnal daily life

      A person interested can still have Gafam apps, for some needs, required, but can limit the settings.

      If you are a gamer, you mostly still need Windows computer (Linux got better and better, depends on games tho), then you can choose to say fck, or you can use it with limiting the stuff you can (turning off maximum settings you can, OsU10, etc.). Thats the same with iOS… Most people wont buy right now a new phone because of privacy, but maybe the next in few months or in 2 years ; doesnt mean during this period you can’t choose apps to use, turning off iOS features, etc…

      For some projects I needed TikTok, I wrote myself a guide, to use it as anonymous as possible, to TikTok and to people, instead of using it raw, defaults

  • Claudia@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    0
    ·
    1 day ago

    The real privacy nerds: paying for a service? Leaving a paper trail? Learn how to pwn grandma computers and push all your internet through that. /s

    • redfellow@sopuli.xyz
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      6 hours ago

      I’ve gotten downvote bombed for suggesting Brave as a Chrome replacement since they have Ublock filters built in. Sure you need to disable a few settings after a fresh install, but at least they let you. Idgaf about what their ceo did 15 yeard ago etc. – I’m not giving them money, I’m using a product which is familiar with what I used before, and has good ad blocking built in.

        • Jack Riddle@sh.itjust.works
          link
          fedilink
          arrow-up
          0
          ·
          11 hours ago

          … so what doesn’t? Just saying <thing> sucks without saying why or providing a valid alternative is not helping anyone. Rather say something like

          “Brave has done some shady things in the past and is based on chromium which is currently doing its best to kneecap adblockers and other privacy tools. If you want a good private browser, you might want to use librewolf instead”.

        • chloroken@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          21 hours ago

          Okay, I’ll have a go, since you’re a noob with people and how they actually learn and behave: Your advice sucks.

    • BearOfaTime@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      1 day ago

      It does, but it’s a step in the right direction.

      I’m as guilty as anyone for allowing pursuit of perfection be the enemy of good.

      • krolden@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        1 day ago

        How is allowing crypto mining in your browser or hijacking affiliate links good for privacy?

        • yonder@sh.itjust.works
          link
          fedilink
          arrow-up
          0
          ·
          1 day ago

          Brave has a built-in adblocker and is not Chrome. If a user is able to make the switch to Brave, they might find it easier when they try to switch to something better like Librewolf or Firefox.

            • yonder@sh.itjust.works
              link
              fedilink
              arrow-up
              0
              ·
              23 hours ago

              Because once you learn how to switch browsers once, you already know what the process of changing browsers looks like and what to expect, removing the barriers if you switch again.

              It’s like switching from Windows to Ubuntu. Sure, Ubuntu is not perfect, but by installing Ubuntu, you have already learned the process of installing a linux distro and what to expect if you decide to install a different one.

              • krolden@lemmy.ml
                link
                fedilink
                arrow-up
                0
                ·
                23 hours ago

                Except brave doesn’t teach them how to block ads or mine crypto so I still fail to see how if they were to switch to brave it would make their switch to a sane browser less painful. They just have to switch twice instead of once.

    • drkt@scribe.disroot.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 day ago

      Privacy wise? Probably nothing. The company engages in shitty behavior, though, and will try to upsell you even if you’re a paying costumer. I switched to Tuta because of that, and then Tuta started doing all the same bs…

    • _cryptagion@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 day ago

      They gave meta information like IP to the government in Switzerland, where they are based, after the government forced them to with a court order. Not the encrypted mail, mind you, because they can’t do that, just the additional information they have on a user like email and IP.

      Because of that, a lot of redditers on r/privacy think they spy on their users for the US government. It’s a stretch, yes, but you have to remember they take turns using the one brain they collectively have.

      • EngineerGaming@feddit.nl
        link
        fedilink
        arrow-up
        0
        ·
        1 day ago

        I guess the issue here is overselling the safety of the service. Wouldn’t rely on them encrypting the mail for you, for example. It’s probably fine if you treat it just like you would any other email service - assuming you’re fine with being unable to use a mail client at all on the free plan and using it in a weird roundabout way on the paid plans.

        • ReversalHatchery@beehaw.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 day ago

          the issue is that they can’t defy the law without shutting down and going into jail. proton has given the tool the activist would have needed to protect themselves: the service has an official onion site, which would have made IP collection impossible, and they could have just said they can’t know it

          • EngineerGaming@feddit.nl
            link
            fedilink
            arrow-up
            0
            ·
            edit-2
            1 day ago

            Yes, that was exactly my point. You would not treat any mail service like they would cover you during your unprotected use, and Proton is not an exception. So I don’t understand why people are taking issue with them cooperating with LE - but I take issue with some other qualities.

            • ReversalHatchery@beehaw.org
              link
              fedilink
              English
              arrow-up
              0
              ·
              20 hours ago

              So I don’t understand why people are taking issue with them cooperating with LE

              some believe they (proton) are invincible and can do whatever they want. maybe because they think that’s what swiss privacy and swiss laws mean

      • AnAmericanPotato@programming.dev
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 day ago

        Not the encrypted mail, mind you, because they can’t do that

        Just want to point out for anyone new that ProtonMail does not use E2EE for email headers. That means they CAN access your subject lines, to/from fields, and other email headers. That means they CAN be forced to hand it over to the government.

        Source: https://proton.me/support/proton-mail-encryption-explained

        Subject lines and recipient/sender email addresses are encrypted but not end-to-end encrypted.

        Personally I am disappointed in a lot of Proton’s wording about this. They frequently promise they can’t access “your data” and “your messages” when they do, in fact, store potentially sensitive data in a format they CAN access.

        • _cryptagion@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          2 hours ago

          A bit more context is important here. They aren’t E2EE, but they are stored encrypted. In the case of the person whose meta information was turned over, ProtonMail wasn’t forced to hand over the information right away, they were forced to collect it the next time that person accessed and used their email. That tells us that they didn’t store the information beforehand and could not access it without preparing to intercept it the next time their service was used.

          Ultimately, though, if something like that’s a dealbreaker, it’s likely you’re doing something that would benefit from a more secure way of communicating than email.

        • jherazob@beehaw.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          8 hours ago

          It’s email, that’s the best you can get with email, if you want to have more privacy, DON’T USE EMAIL

          • AnAmericanPotato@programming.dev
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 hours ago

            This is good advice, because email is very difficult to make reliably private. However, it’s not the best you can get. Tutanota, for example, stores headers with E2EE, and still has a search function.

            The goal should be to make it as private as it can realistically be. Ideally, any cloud service you use should only store end-to-end encrypted data.

            I’m not trying to shit on Proton — it’s a huge step up from the popular mainstream email services, and the inclusion of cloud storage makes it a much easier transition than going piecemeal with 2-5 different services.

      • SeekPie@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        1 day ago

        If all they have on you is your optional backup email and your IP, I think they’re doing pretty well in the no data-collecting part?

        • _cryptagion@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 day ago

          Well, you don’t even need to provide an email or phone number when you sign up, so if you access the site via their onion address every time, they would have no information on you at all.

      • Sundial@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        1 day ago

        Yeah I agree, sounds a bit excessive. If that’s correct, it doesn’t sound like they’re reading your data and at the end of the day they have to comply with things like warrants. Thanks for the clarification.

        • underwire212@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          1 day ago

          It is all also very clearly stated in the information they must collect in order to provide their service. There should’ve been no surprises here, as you must assume that scenarios like these will happen eventually.

    • Batadon@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      1 day ago

      I don’t think OP was trying to say Proton Mail is bad or insecure. Rather the opposite.

  • dwindling7373@feddit.it
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 day ago

    I like how the original OP mention in passing that Reddit is bad for privacy.

    Like, no shit? How can a privacy community be even remotedly healthy in such an environment?

    It’s like having a club for how to avoid the police within a prison, regulated by the guards.

    • boonhet@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      10 hours ago

      OP is the original OP. Probably. Reddit poster’s name is the same as the Lemmy poster’s name.

    • notprogrammer@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      15 hours ago

      If you only talk about privacy on already private platforms, it will become a circlejerk in no time. You need to tell people who have no interest/experience in online privacy about it so you can further the cause. This is similar to why the FSF is on Twitter/X.

      • dwindling7373@feddit.it
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 hours ago

        I guess having something in there is good but it’s inherently an issue when the topic at hand is acting outside survelliance.

        Let’s say, for example, things escalate and reddit get fully weaponized for the benefit of one side, and they start pushing for known compromised VPNs. How can you fight that if pepole got into the habit of trusting such platform?

        • notprogrammer@programming.dev
          link
          fedilink
          English
          arrow-up
          0
          ·
          9 hours ago

          You tell them Reddit is not trustworthy and they should move out, of course. I am not denying that. I am saying the r/privacy community should not be dead because Reddit is a popular platform whether you like it or not, and people need to be informed about their right to privacy even on a known hostile platform.

    • steal_your_face@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      24 hours ago

      While I hate Reddit isn’t the fediverse basically horrible for privacy? It’s super easy to see everyone’s posts and IP addresses no? I thought anyone could basically download everything with very little effort and do whatever they want with it.

      • Petter1@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        10 hours ago

        Yea, that is a good thing, nobody owns the info like this, it is public domain, as a place like this should be, in my opinion.

        If you want private communities, I think matrix spaces are a great independent solution.

      • dwindling7373@feddit.it
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        1 day ago

        I guess we all know it, since we are interested in Privacy and not clueless enough to be on Reddit (anymore?).

        The degeneration from a “safe” place to what it is now is what makes it particoularly egregious a place to avoid for anybody serious about privacy…

        • infeeeee@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          1 day ago

          2017 was 7 year ago, Aaron died 11 years ago. There are a lot younger users who can’t remember these things.

          Let’s see a 20 years old university student was 13 when the source was closed down, I think it’s not easy to find a 13 years old who is familiar with such legal things.

          • forgotmylastusername@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            18 hours ago

            Reddit basically has a completely new userbase. It’s not only by age of user. I don’t think people have really appreciated the rate of attrition has been near total. The old userbase of tech savvy STEM college degree holders have effectively abandoned the platform.

            They’ve managed to sell the platform on a whole new set of users. So it looks like the site has kept on plugging along. But really reddit has successfully relaunched itself. Based on the idiosyncratic lingo I see most often. The bulk of users came from Facebook. They don’t know the traditional redditisms so they use vernacular from the platforms they’ve migrated from.

          • kekmacska@lemmy.zip
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 day ago

            in 2017 my biggest concerns were that whether i can play PS3 with broken hand or not (i could)

          • dwindling7373@feddit.it
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 day ago

            No but it’s much easier to find the 20 years old student interested in privacy that realyze right now that reddit is not open source…

    • DrDystopia@lemy.lol
      link
      fedilink
      arrow-up
      0
      ·
      1 day ago

      Browsing reddit while using a VPN is verboten.

      Good grief I despise that smug, winking snoo with a effing fedora that goes along with the error page.

      • undefined@lemmy.hogru.ch
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 hours ago

        I could’ve written a Tailscale App Connector to route it through the home connection, but I ended up blocking their domains outright and writing some CSS rules to hide Reddit from SearXNG results. It’s better than that annoying page.

      • Laser@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        1 day ago

        Better than me getting shadow banned from reddit for using one, I appealed back then

        • DrDystopia@lemy.lol
          link
          fedilink
          arrow-up
          0
          ·
          1 day ago

          Untraceable visitors are worth nothing. From a cynical point of view, better off without them.

          • Infynis@midwest.social
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 day ago

            A lot of reddit’s most popular content is stuff like TrueOffMyChest from throwaway accounts. Robust privacy protection would result in more of those posts, and more traffic overall, but reddit doesn’t care about making the site work, they’ve dedicated themselves to milking the individual users for all they’re worth. It’s a bit like killing the goose that lays the golden eggs. Because look, now we’re all here, generating content on a competing platform