I need a Google account to sign up for a service I'm interested in, so I want to create a bogus account for that. Problem is I need a phone number to verify it. I obviously don't want to use my actual number, so I tried some of those online temporary number services, but none of them worked. I get different error messages when trying to use them: "Number has been used too many times", "Number can't be used for verification", stuff like that. Do you guys know of a way to get a working number?

I'm curious what everyone thinks about DuckDuckGo's current settings. I have my browser settings set to delete history, cache and cookies on closing. This creates an issue when using duckduckgo as my primary search engine. Their 'default' settings (available right below the searchbar) seem far from privacy focused. AI Chat is on by default and used 'sometimes', as well as 'advertisting' and 'location' settings that are on by default. This requires me to have to change the settings every time I load my browser due to any settings I save being deleted by my browser setup. I don't want to install a duckduckgo extension. How do others deal with this? I know you can 'save anonymously' your settings in the cloud, but I'm not eager to do that.

To fill these gaps in our knowledge, we have created an open source project called Rayhunter.1 It is developed to run on an Orbic mobile hotspot (Amazon, Ebay) which is available for $20 or less at the time of this writing. We have tried to make Rayhunter as easy as possible to install and use, regardless of your level of technical knowledge. We hope that activists, journalists, and others will run these devices all over the world and help us collect data about the usage and capabilities of cell-site simulators (please see our legal disclaimer.)

Rayhunter works by intercepting, storing, and analyzing the control traffic (but not user traffic, such as web requests) between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected. Rayhunter analyzes the traffic in real-time and looks for suspicious events, which could include unusual requests like the base station (cell tower) trying to downgrade your connection to 2G which is vulnerable to further attacks, or the base station requesting your IMSI under suspicious circumstances.

I think those websites are over using trackers in their websites for extra profit with no care for the privacy of their users, I highly recommend avoiding them.

• The Guardian.
• The Verge.
• Wired.

For comparsion:

• Associated Press(AP).
• Al Jazeera.
• ABC.
• BBC.
• CBC.
• DW.
• France24.
• Sky News.
• The Register.
• Tech Policy Press.

Update: added Wired and more websites for comparison.

The answer to "what is Firefox?" on Mozilla's FAQ page about its browser used to read:

The Firefox Browser is the only major browser backed by a not-for-profit that doesn’t sell your personal data to advertisers while helping you protect your personal information.

Now it just says:

The Firefox Browser, the only major browser backed by a not-for-profit, helps you protect your personal information.

In other words, Mozilla is no longer willing to commit to not selling your personal data to advertisers.

A related change was also highlighted by mozilla.org commenter jkaelin, who linked direct to the source code for that FAQ page. To answer the question, "is Firefox free?" Moz used to say:

Yep! The Firefox Browser is free. Super free, actually. No hidden costs or anything. You don’t pay anything to use it, and we don’t sell your personal data.

Now it simply reads:

Yep! The Firefox Browser is free. Super free, actually. No hidden costs or anything. You don’t pay anything to use it.

Again, a pledge to not sell people's data has disappeared. Varma insisted this is the result of the fluid definition of “sell” in the context of data sharing and privacy.

"Android System SafetyCore’ claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application."

If you don't want to navigate android settings you can also simply uninstall it from the Play Store https://play.google.com/store/apps/details?id=com.google.android.safetycore

Additionaly you can install this placeholder app to prevent Google from reinstalling it every time it updates: https://github.com/daboynb/SafetyCore-placeholder

@privacy Privacy Roundup: Week 9 of Year 2025

https://avoidthehack.com/privacy-week9-2025

Sharing from Mastodon; figured Lemmy users would appreciate a direct post as well... hoping this goes through without messing up any kind of formatting.

Disclaimer: I author these.

cross-posted from: https://feddit.nl/post/29675306

I am not the author.

I found this blog to have both a short summary of the reasons as well as a pretty complete overview of the options for protecting against this specific threat model. I can just send this to people and they'll understand the why and the how.

We're very happy to share Techlore's video review of the BusKill Kill Cord.

Can't see video above? Watch it on PeerTube at neat.tube or on YouTube at youtu.be/Zns0xObbOPM

Disclaimer: We gave Techlore a free BusKill Kit for review; we did not pay them nor restrict their impartiality and freedom to publish an independent review. For more information, please see Techlore's Review Unit Protocols policy. We did require them to make the video open-source as a condition of receiving this free review unit. The above video is licensed CC BY-SA; you are free to redistribute it. If you are a video producer and would like a free BusKill Kit for review, please contact us

To see the full discussion about this video on the Techolore forums, see:

• discuss.techlore.tech/t/buskill-secure-your-laptop-in-seconds

Support BusKill

We're looking forward to continuing to improve the BusKill software and looking for other avenues to distribute our hardware BusKill cable to make it more accessible this year.

If you want to help, please consider purchasing a BusKill cable for yourself or a loved one. It helps us fund further development, and you get your own BusKill cable to keep you or your loved ones safe.

Buy a BusKill Cable
https://buskill.in/buy

You can also buy a BusKill cable with bitcoin, monero, and other altcoins from our BusKill Store's .onion site.

Stay safe,
The BusKill Team
https://www.buskill.in/
http://www.buskillvampfih2iucxhit3qp36i2zzql3u6pmkeafvlxs3tlmot5yad.onion/

I noticed the other day that the majority of the content on [email protected] are made by accounts that are deleted after making some posts. Most often no comments are made by these burner accounts, but sometimes they will create a new separate account to respond to comments.

Is there any real privacy benefits for this over something like having a single separate account you post only images and no text posts?

Is there a tool that facilities creating short-term accounts like this?

In TOS they can have our data entered in browser as royalty free data. Now, what? I know we can use Librewolf but if Mozzila goes full evil. Then what choice we have. Can we make Mozzila reverse this changes? Remind them to be not evil? Both Proton and Firefox are core part of my privacy focus life. I swear to God I hate capitalism they all are just doing this for money.

Stolen from @vmstan

More analysis from @wiredfire:

It’s nothing to do with [difficulties in using multiple platforms]. It’s to do with the massive backlash they got on Fedi for their CEO being all Trumpy and somewhat horrible right wing. So they’ve run away because they were made to feel unwelcome on account of us not letting their BS fly.

Original screenshot is of the bio of https://mastodon.social/@protonprivacy and wasn’t a post (that confused me for a sec).

I've been trying different search engines and was pleasently surprised by startpage so i started looking into startmail too and then when i searched for startmail i saw they have a link directly to their dan bongino section https://www.startmail.com/bongino so thats a huge pass from me

for those who dont know he’s a very conservative podcast host whos now the FBI deputy director who pushed the conspiracy theory that trump actually won the 2020 election and rallied against face masks and “In 2018, Bongino said, “My entire life right now is about owning the libs. That’s it.”” https://en.wikipedia.org/wiki/Dan_Bongino

EDIT: looks like they saw this thread or something and decided to have the link redirect to the homepage with the discount applied and removed his picture etc from their website. Here's an archive link: https://web.archive.org/web/20250120094905/https://www.startmail.com/bongino/

VPN providers see blocking orders as a threat to security and some consider exiting France, if blocking measures are granted.

This really hit home for me:

What now? Companies need to do a better job of only collecting the information they need to operate, and properly securing what they store. Also, the U.S. needs to pass comprehensive privacy protections. At the very least, we need to be able to sue companies when these sorts of breaches happen (and while we’re at it, it’d be nice if we got more than $5.21 checks in the mail). EFF has long advocated for a strong federal privacy law that includes a private right of action.

Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.

TL;DR: keep your apps updated & don't scan QR codes that you don't trust.

cross-posted from: https://lemmy.ml/post/26343625

Recently I had to go through a almost one year process of Degoogling and canceling a lot of my data from the Internet. Unfortunately, I noticed that a lot of specific information are not available in only one source and I had to do separate researches for each problem that I had. So, I decided to write this guide to share my experience hoping that it will make this process easier for who will read it. You are absolutely free to share this guide here, on other sites, with your friends and family. Feel free to comment and add a feedback.

I want to start with a very immediate list of FOSS applications that I’m using on my Degoogled Android phone. The most important thing here is to never login with Google on your phone and also never use it to login to internet services such as forums or news websites.

System administration *MicroG suite : This provides minimal libraries for applications that uses Google Play Services. *F-droid : Is an alternative store that can be used in place of Google Play. *Aurora Store : A Open Source front-end for Google Play. However, downloading applications from it does not guarantee that you will not be tracked. *App Manager – Android package manager : This gives you a lot of control on applications that are installed in your phone. It shows also the trackers and eventual vulnerabilities. *Shelter : This is one of the most useful apps on F-droid, it permits you to clone preparatory apps such as Instagram in a sandboxed environment on the work profile. *Logcat Reader *PCAPdroid : A network monitor *Irregular Expressions : A Keyboard to write with different styles *Simple Keyboard : This is very important, a keyboard on your phone should be as lightest as possible. *Termux : This is more than a terminal emulator. It comes with a almost complete GNU/Linux environment and lets you to install many CLI applications used on these machines.

Generic *Organic Maps : An alternative to Google Maps. It uses OpenStreetMaps and works quite well. It is also true that it relies a lot on user’s contributions. So if you will visit a place which is not on the map, remember to add it. *Fossify Calendar, gallery, voice recorder, contacts, messages, phone, ecc : This suite is a FOSS fork of the old “simple mobile tools” suite that was acquired by a Israeli company. *OpenCalc : A calculator app *VLC : A well known audio/video player which supports a lot of different formats. *Librera Reader : A pdf and document reader *Open Camera *ObscuraCam : Use it to blur faces *Scrambled Exif : Remove metadata from pictures. (use it before publishing a photo on social medias) *PixelKnot : Embed a secret message in a picture *QR Scanner (PFA) *Collabora Office : (Not directly present on F-Droid but they have their own repository, check on their website) *Nextcloud : A very good alternative to Google Drive. *Call Recorder *Firefox and Thunderbird : Be careful, even if Firefox browser is generally more privacy friendly than others, it cannot avoid fingerprinting. The only way to avoid it is to use the Tor Browser. *Tor Browser for Android : This is a modified version of Firefox that uses Tor to connect to the Internet in order to protect your anonymity. *Print *Signal

Security *Aegis : A 2FA app (two-factors authentication) *Bitarden: A password manager (Not directly present on F-Droid but they have their own repository, check on their website) *AFWall+ : A firewall for Android *Hypatia : An Antivirus *DroidFS : It permits you to crypt files in vaults that are not readable by other apps. *Orbot : A proxy to route app activities through Tor- *LocationPrivacy *Ripple : A panic button that will trigger apps with a panic responder. *I2P : An alternative to Tor *InviZible Pro : An app that permits you to enhance your privacy on the Internet by using DNSCrypt, Tor or I2P. Be careful, this is an all-in one application and should not be used if you are already connected to tor. *Léon – The URL Cleaner : Remove trackers from URLs *PersonalDNSfilter : Use it to block unwanted ads *PilferShush Jammer : Block the microphone usage by other apps.

Not on F-Droid *Prey : An Anti-thief app. The free version is GPL licensed

But this list is not enough in my opinion. It is important also to know how to protect our privacy with actions that are not directly involved in setting up applications and filters. If we are going to think that our privacy will be protected just by pushing a button, we are doing a mistake. Using DuckDuckGo and Searx as search engines its a good thing but not enough.

Important mistake to avoid : If you have your Google account as a login for some websites wait before closing it, you may lose access to them. Your Google account should be the last thing that you are going to delete. Make sure that you have deleted all relevant information from the Internet before closing it.

Today corporations and repressive governments are using a variety of methods to profile users and some of them are very subtile.

Fingerprinting This is a way to identify a user by looking at unique characteristics of his browser. When we connect to a website, our browser must exchange some basic information in order to load a page. Some of these information can be the type of device, screen size, browser settings, language settings, operating system, ecc. With all these information together it is possible to recognize a specific user in the middle of many others. This is unfortunately very difficult to avoid but Tor Browser can be a solution while a VPN cannot really help here.

Firefox also permits to activate a resist fingerprint setting but this solution will break some websites and probably is not effective as Tor Browser. Instructions to activate it can be found here: https://support.mozilla.org/en-US/kb/resist-fingerprinting

Open Source Intelligence (OSINT) It has little to do with free software. This is a method of data collection that looks for information about something or someone through public available sources. The problem is that today these sources are much more difficult to control for an average user than 20 years ago.

A classic example: You are a very careful person about your social medias, you don’t post anything controversial and maybe you don’t even have a real name on Instagram. But You may have some relatives that likes to share a of lot pictures and for your birthday you have been tagged by them and they wrote your name in a post. If they have a very loose privacy settings (which is likely), this information will be publicly available on the Internet.

Another example : You are a exchange student in a foreign university and of course you want to meet new people. You may take a group photo during a party with some people that you don’t really know. This photo gets shared many times and maybe becomes also a post. After a lot of years one of the persons in the photo gets convicted for a serious crime. This photo will continue to be available on the internet and a insurance company that you asked for a service may increase the price or not provide it since you “are a person with criminal contacts”

Last example (and this is what really happened to me) : You are a 18-19 old teen writing dumb comments and posts on Facebook or Instagram. This gets cached by search engines and external websites. Many years after, you are just searching your name and surname on the internet and you find out that a search engine has cached a very dumb comment from many years ago that you have even deleted.

All these examples shows how its easy to lose control over our data. Many companies uses automated software to see websites on which you are registered just by putting the email on your CV in a box.

You must also be aware of data breaches. You can be registered on a website with your email set as private. If a data breach happens, your address is going to be disclosed and become publicly available. You can check this on: https://haveibeenpwned.com/ If you don’t use a site for years, delete your account.

Another tool that is frequently used to see where a user is registered is: https://epieos.com/ This website searches where your email address is set as public. It can also search for a phone number.

So the problem here is not only to DeGoogle but also to remove our personal information for all other places. Removing a content from Google is a little thing today.

Fortunately, there are some ways to remove our contents from the Internet but they must be planned well. The first thing to do is always to remove the content from the original site, in this way the content on search engines becomes outdated and easier to delete even if you don’t live in the EU.

Social medias First thing: Never publish photos of your children on the Internet, in the future they may hate you for that. We are going to live in times where nontransparent AI will scrap for all possible content.

Now, even if you have a private profile on Instagram, your likes and comments are going to be visible on public pages and reels. Delete them all. Why someone should be able to find what you liked 6-7 years ago? Does the discussion that you had on a Facebook page of your local newspaper still matter? You may need months to delete all these stuff but it is worth. Remember to do a regular follow up on the deletion page to see if some buggy content still reappears after some weeks.

Use different usernames for every social media and never put your real name.

Power move : If you have your real name on Instagram and you want to delete it from search engines : first modify your real name, then change your username. By doing this, you will modify the link of your profile and it will be cached by search engines without your name. Change also a photo in order to avoid the possibility of reverse photo lookup.

Other sites In some cases you will have to contact the webmaster of a specific site in order to cancel your data. It happened to me with a local news page.

Search engines Here we are, this is the magic moment. Remember that if you are going to just remove something from a search engine without actually deleting the original content, this will continue to be available and someone may find it even without Google.

So, I can speak for what I know : These solutions refers for content removal in the EU. If its not relevant to you, skip to “How to use email addresses”

Google This is the page for content removal in the European Union: https://support.google.com/websearch/answer/9673730?hl=en#zippy=%2Cwhich-removal-option-do-i-choose Note that if you are living in the EU and ask to remove results about you, it will usually remove these results only for all EU versions of Google. This means that if someone has a VPN he can actually see them by connecting to a United States server. The best strategy is to remove the original contents from sites also by contacting the owners. Then the results on Google will become outdated and most of them will disappear. In some cases like Facebook comments, they can remain in the search results even if they are already removed because they were cached by the search engine. In this case, this tool should be used once the content is removed: https://support.google.com/webmasters/answer/7041154?hl=en If you are from a EU country and you already removed it so it continues to exist in external Google versions, make this request with a VPN connected to a foreign server.

Bing

Bing (EU citizens):https://www.bing.com/webmaster/tools/eu-privacy-request Bing (Non-EU citizens):https://www.microsoft.com/en-us/concern/bing

For cached pages : https://www.bing.com/webmasters/help/bing-content-removal-tool-cb6c294d

Many search engines (also DuckDuckGo) are partnered with Bing and removing content from it will also remove content from them most of the time.

DuckDuckGo For who lives in the EU, this is this page: https://duckduckgo.com/duckduckgo-help-pages/r-legal/privacy-rights/

Internet archive Be careful: some of your content was maybe cached by the Wayback Machine. Always check if this is the case. This is a very useful internet museum but sometimes it may be problematic since a lot of people does not even know about its existence while it takes data from a lot of sites. This is the removal page: https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/

How to use email addresses My advice is to have as many addresses as possible and split the websites login between them. You can write a .txt file with lists of services attached to every address. Like this :

Logins: Mail xxxxx1 Instagram, Facebook, Tinder

Mail xxxxxx2 Bank 1, bank 2

Mail xxxxxx3 Local news1, other site2, ecc

I would suggest you to have at least: One email with a fake name and surname One email with a completely invented username in a foreign language (Tutanota is great for this)

Personally, I would recommend Protonmail and Tutanota for communications with real people. Then, one email should be left only for banking and government accounts.

Use fake emails to register to websites that you will not use often but they are pushing you to create an account. Of course, this applies only to sites that are not related with shopping. An online transaction will reveal your identity.

A normal email provider such as Yahoo is ok for professional life, so no one will make too much questions. Eventually, your Linkedin account should be linked only to this address. Use it with Thunderbird so you can avoid proprietary JavaScript. I would also recommend to use a separate phone number for work.

Bonus: Other Alternatives to Google and AI If you are pushed to use Google Maps because the place that you are looking for is still not on OpenStreetMaps, remember to add it so other people will not have to use Google to find it. Remember that public transport information that you find on Google Maps is always available on local transports websites. Its just 2-3 minutes of research.

Remember that it is possible to use fair and open source AI models on your computer with: https://gpt4all.io/index.html?ref=top-ai-list Download a model that will not send your data to corporations, there are plenty of them.

This is more or less everything that I learned during this year, remember that human factor makes always the difference. Think about your personal situation. What do you want to show? To who ? And what do you what to hide? From who? And how? Think in a way to protect your privacy according to your personal situation.

I hope that this guide will be useful for average users that wants to regain control of their private life and that at the same time, it will be a impoverishment factor for evil corporations and their supporters.

• what is data harvesting? It's a process of storing personal data from the users who uses online softwares, android apps and other online services.
• why data harvesting terabytes of data? what is the incentive here? why fill up terabytes of storage with personal data of users? Big companies do this data collection to target you with personalized ads and also to sell your data to data brokers
• Most people says “well i don’t have anything to hide so i don’t care” - but a person could have a embarrassing mental sickness like schizophrenia or OCD etc, and private stuff that shouldn't be disclosed. Just because someone has things that they prefer to keep secret that doesn't mean we are doing something criminal.

feel free to tell me what I should change or add to this? Thanks in advance!

I did it. Finally. My meta account is in process for deletion! (Whatever that process actually involves we'll probably never know). But I did what I could and deleted all posts, pictures, aswell as changing name and email. Hoping that at least helps a bit. Feels good to finally get rid of what has felt like a burden for a long time.

Was able to move more people than I had imagined over to Signal, some easier to move than others ofc. But it truly helps that Signal is a breeze to use and setup for folks.

Anyway I just wanted to share what feels like a good achievement with you all. Hopefully you're also able to do the same during 2025, there are many good alternatives these days!

Have a good rest of your week!