Privacy

it is a concern to me because there is no plan to do security audit despite people asked about ti in the past.

https://github.com/rustdesk/rustdesk/discussions/8392

https://github.com/rustdesk/rustdesk/discussions/4968

Not in their roadmap

https://github.com/rustdesk/rustdesk/discussions/918

people had concerns about the company:

https://www.reddit.com/r/rustdesk/comments/11nu94y/is_rustdesk_a_scam/

As HN: RustDesk Installs Chinese Root Certificates

https://news.ycombinator.com/item?id=39256493

As if anybody here needs a reason to be wary of what you do online, this essay shares how a foreign adversary used back doors that were intentionally put in place to spy on Americans and how the rest of the world probably has the same back doors.

I especially appreciate the phrase "nerd harder" and the quote, "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia".

How can IT folk help politicans to understand?

cross-posted from: https://lemmy.world/post/20620106

48-page report urges FTC, FCC to investigate connected TV industry data harvesting.

The companies behind the streaming industry, including smart TV and streaming stick manufacturers and streaming service providers, have developed a "surveillance system" that has "long undermined privacy and consumer protection," according to a report from the Center for Digital Democracy (CDD) published today and sent to the Federal Trade Commission (FTC). Unprecedented tracking techniques aimed at pleasing advertisers have resulted in connected TVs (CTVs) being a "privacy nightmare," according to Jeffrey Chester, report co-author and CDD executive director, resulting in calls for stronger regulation.

Make sure that you tell your registrar that you want to be anonymous.

Edit: wow I missed the phone number censor. I guess that proves my point even farther.

cross-posted from: https://lemmy.world/post/20402370 or https://lemm.ee/post/43793474

Technically, I have some online activity I could try to refer to for work purposes, but it would mean sharing content tied to usernames/profiles I think of more as casual and personal. I could delete those profiles and move the relevant work to usernames/profiles I'm willing to share, but then I'm less likely to use those as much for portfolio building as I wouldn't want to contribute/do things online under a more public-facing profile, or link my personal ones to said profile.

Any which way I think about it involves crossing private/public streams I'd prefer to keep uncrossed, but I'm thinking I may be overlooking some compromises that could work, so what might those be?

On Monday a new version of the globally unprecedented EU bill aimed at searching all private messages and chats for suspicious content (so-called chat control or child sexual abuse regulation) was circulated and leaked by POLITICO soon after. According to the latest proposal providers would be free whether or not to use ‘artificial intelligence’ to classify unknown images and text chats as ‘suspicious’. However they would be obliged to search all chats for known illegal content and report them, even at the cost of breaking secure end-to-end messenger encryption. The EU governments are to position themselves on the proposal by 23 September, and the EU interior ministers are to endorse it on 10 October. Messenger providers Signal and Threema have already announced that they will never agree to incorporate such surveillance routines into their apps and would rather shut down operations in the EU.

Law enforcement agencies in Germany have monitored Tor servers for months to identify individual users. The agencies managed to identify a server of the ransomware group Vanir Locker that the group operated from within the Tor network.

The group announced that it would release copied data from one of its latest coups on the server. Law enforcement agents managed to identify the location of the server by using a technique that is called Timing Analysis.

Reporters from ARD, a publicly financed broadcasters, were able to view documents that confirmed four successful identifications in a single investigation, according to reports. Agencies used the technique to identify members of a child abuse platform.

cross-posted from: https://lemm.ee/post/42694373

Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++

Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.

On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.

So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?

Found a great site with info about privacy focused OSes written for non-technical readers. It lists basic things to know about several different mobile os options, and there are also pages that list what open source and privacy focused apps from F droid (the alternative to play store) are good to use.

There is also, wonderfully, a page that specifically lists user friendly and nice looking ones. This site is a goldmine. Had to post as I was looking for this exact thing yesterday and I know I am not the only person on lemmy looking for alternatives.

I've had a Galaxy S22+ for 2 years and still want to use it. When I look up how to maximize privacy on Android, many results say to install custom ROMs which I can't since its a US model and the bootloader is locked. I just want to minimize tracking and sharing of personal information. I could use a firewall app like RethinkDNS to block trackers, but could I completely block tracking from Google and Samsung? Are there any lists of packages to uninstall to improve privacy? (I've used ADB to remove a bunch of bloatware. Ex: pm uninstall -k --user 0 com.samsung.android.arzone)

Google is under investigation by Europe’s privacy watchdog over its processing of personal data in the development of one of its artificial intelligence models, as regulators ramp up their scrutiny of Big Tech’s AI ambitions.

Ireland’s Data Protection Commission, which is responsible for enforcing the EU’s General Data Protection Regulation, said it had launched a statutory inquiry into the tech giant’s Pathways Language Model 2, or PaLM 2.

PaLM 2 was launched in May 2023 and predates Google’s latest Gemini models, which power its AI products. Gemini, which was launched in December of the same year, is now the core model behind its text and image-generation offering.

The inquiry will assess whether the company has breached its obligations under GDPR on the processing of the personal data of citizens of the EU and European Economic Area.

Under the framework, companies must conduct a data protection impact assessment before embarking on handling such information when the nature of the way it is used is likely to pose a high risk to the rights and freedoms of individuals.

New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/

Help pressure your government now to defend privacy and secure encryption: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

Opening statements before District Judge Leonie Brinkema of the US District Court for the Eastern District of Virginia start later today. The BBC notes that the Justice Department plans to argue that Google's parent company, Alphabet, illegally operates a monopoly in the online advertising market. However, Alphabet denies the allegations, claiming that its success is due to the "effectiveness" of its services.

The Justice Department claims Google established its monopoly through the anti-competitive acquisitions of smaller ad-tech rivals and even bullying website publishers into using its ad products. Google is also said to have unethically controlled key businesses in each part of the advertising supply chain, thereby driving up ad rates for advertisers while reducing the payouts to website owners.

Pointing out Google's systematic abuse of the online ad business, the DoJ will ask the court to break up the company's ad-tech monopoly. The agency believes a breakup would create new opportunities for Google's smaller competitors and incentivize new players to enter the market. It will also be better for both advertisers and publishers.

The commission's punished the Silicon Valley giant in 2017 for unfairly directing visitors to its own Google Shopping service to the detriment of competitors. It was one of three multibillion-euro fines that the commission imposed on Google in the previous decade as Brussels started ramping up its crackdown on the tech industry.

“We are disappointed with the decision of the Court, which relates to a very specific set of facts,” Google said in a brief statement.

The company said it made changes in 2017 to comply with the commission’s decision requiring it to treat competitors equally. It started holding auctions for shopping search listings that it would bid for alongside other comparison shopping services.

“Our approach has worked successfully for more than seven years, generating billions of clicks for more than 800 comparison shopping services,” Google said.

European consumer group BEUC hailed the court's decision, saying it shows how the bloc's competition law “remains highly relevant" in digital markets.

"Google harmed millions of European consumers by ensuring that rival comparison shopping services were virtually invisible," director general Agustín Reyna said. “Google’s illegal practices prevented consumers from accessing potentially cheaper prices and useful product information from rival comparison shopping services on all sorts of products, from clothes to washing machines.”

Google is still appealing the other two EU antitrust penalties, which involved its Android mobile operating system and AdSense advertising platform. The company was dealt a setback in the Android case when the EU General Court upheld the commission's 4.125 billion euro fine in a 2022 decision. Its initial appeal against a 1.49 billion euro fine in the AdSense case has yet to be decided.

cross-posted from: https://reddthat.com/post/25352295

🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24

This is what you can do now to help: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

Git records the local timezone when a commit is made [1]. Knowledge of the timezone in which a commit was made could be used as a bit of identifying information to de-anonymize the committer.

Setting one's timezone to UTC can help mitigate this issue [2][3] (though, ofc, one must still be wary of time-of-day commit patterns being used to deduce a timezone).

Cross-posts:

• https://sh.itjust.works/post/24495692
• https://sh.itjust.works/post/24495795

cross-posted from: https://fedia.io/m/Thunderbird/t/1140808

Plan Less, Do More: Introducing Appointment By Thunderbird - The Thunderbird Blog

Thunderbird has a new project under its wing: Appointment. Learn all about our approach to appointment scheduling, and try it yourself.

cross-posted from: https://slrpnk.net/post/12736887

Just stumbled upon this project, seems rather new as my DNS blocked its domain by default for being too new hehe.. Anyone had a chance to try it yet? Its got some hefty promises, like having equally strong privacy features as Librewolf. I'll be giving it ago at least, almost sounds a bit too good to be true...