Privacy

32753 readers
593 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
1
2
 
 

So, I had an idea for an Invidious alternative that would be pretty difficult for YouTube to block. Basically, YouTube can block instances because it is really easy to detect which IP is making a lot of requests. But what if everyone using Invidious were an instance? Like, if one person wants to watch a video, they would get it from a random person using this software. I don't really know how it would be done—if it would be something like torrents, which have a direct connection, or if it would go through some server in the middle. This is just a suggestion; I don't really know how I would implement it. But if it can be done and someone wants to do it, it would be great.

3
4
 
 

Edit: switching to https://sky.rethinkdns.com worked, thanks for all the suggestions!

Hope this is the correct forum to ask this question.

I've recently switched to RethinkDNS and quite like it. I've run a PiHole on my home network for a while, and Rethink finally gives me the same functionality and customizability while away from my house.

When I'm at work at [REDACTED BIG CORPORATION] my Internet won't connect at all while on company wifi with Rethink active ("No Answer" response to all queries). I just turn DuckDuckGo app tracking protection on instead (also technically a VPN according to my phone), and the Internet works. CyberGhost VPN behaves the same as Rethink, so I'm unsure why DDG doesn't run into issues.

Does anyone know of a way to automatically swap between VPNs while on certain networks? I'm sure it is possible to do so with a GPS fence and SmartThings, but I don't want to give that app (or any for that matter) location permissions.

If anyone has any suggestions on how to do this (I'm fine using apps outside of Google Play, as you can infer from my use of RethinkDNS and DDG in the first place), I'd love to hear them!

Cheers, Hank

5
 
 

I use the built-in sync service in various Firefox forks to sync bookmarks/history/tabs, using the default Mozilla servers.

When I went to "Manage Account" to review and prune the devices ("services?") linked with Mozilla Sync down to what I'm actively using currently, and noticed "Mozilla Monitor" in there.

I can't find any info on why Mozilla Monitor required sync credentials, and I don't remember Mozilla Monitor telling me it would be gaining access to my sync data, nor can I find any way to review what data "Mozilla Monitor" has access to.

Any ideas?

For now I'm signing out that entry, while I consider other sync options.

Edit: changed title from 'Mozilla/Firefox sync - why is "Mozilla Monitor" a signed in device?'

6
7
 
 

I don't need anyone to tell me that Facebook sucks because I already know that, and I would never use it unless in my country, for reasons unknown to me, public and private institutions use Facebook as a primary method of sharing news, such as schedules or promotions.

I don't have the slightest intention of creating a Facebook account, but as I said, I need to see posts from certain Facebook accounts and every time I go to a Facebook page and scroll for 2 seconds I get a pop-up forcing me to create an account. And as far as I know, there is no sort of Piped front-end for Facebook, I would appreciate any help.

8
 
 

I'm thinking of paying for Mullvad, but I don't want to waste my money if I won't be able to use it. My ISP blocks Tor (at least that is the conclusion I have come to - I can only connect via a bridge). Is there anything I can do to make sure I will be able to use Mullvad before I end up paying for it?

9
10
 
 

And I just assumed they called Rainbolt

11
12
 
 

I found that Mozilla VPN uses Mullvad servers and I thought it may be a good way to use Mullvad while supporting Mozilla. Then after further research I found that Mozilla bought an ad firm for 'privacy-centric-advertising' and that sounded sus to me. Is it reasonable to suspect that Mozilla VPN may not be as private as Mullvad VPN?

13
 
 

Not sure if anyone else noticed but reddit is now testing a beta of an answers feature that generates answers based on reddit posts. Maybe this explains the phenomena people noticed of deleting posts only to have their posts reappear? Just saying if reddit was already bad for privacy it just got worse in my opinion.

14
68
submitted 2 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]
 
 

I've been trying to find a good privacy respecting browser, but I can't really decide on what to use. I don't like the search results with Brave Search. DuckDuckGo shares my information with Microsoft and SearchXNG shows me NSFW images even with strict search on. I really like Presearch, but I'm not really sure what they're about.

EDIT: After tinkering with the settings of my SearXNG instance, it seems to have reduced the amount of NSFW images. I think I will stick with SearXNG for now.

15
 
 

I'm only on a free Proton plan but I'm still considering switching because of recent news. I've seen disroot's website before and they seem more politically left-leaning which I appreciate. How have people's experiences been?

16
 
 

If I pair my Android phone and my laptop, I can share files over Bluetooth from the phone to the laptop. I've started finding this a really convenient method for me to send files to a Linux laptop without needing to install a separate app on either the phone or my laptop. Especially when I'm away from my home network (I use SFTP at home).

How secure is this? Is there encryption by default and could someone else nearby with a receiver potentially decode the file you're sending?

17
 
 

I don't know if it's the right place to ask.
I don't want a Google account. I don't use yt that much but I still need it.
I even tried yt revanced. None of them works

18
 
 

Currently ripping my DVDs and building a Jellyfin server. Now on desktop and mobile streaming works fine but the Raspberry Pi 4 + Libreelec + Jellyfin/Jellycon Setup i tried has been somewhat janky - both in terms of navigation and also the framerate drops at times though it isn't really an issue.

Pretty sure the folks in the Jellyfin Subreddit/Forums would tell me to just get a Firetv stick, so I was more curious what experiences and recommendations you guys have.

Firetv + firewall whitelist?

Fix my Raspi install?

19
20
21
 
 

I'd like to make an informed decision on extensions I install. Usually I read about people caring about browser extensions. I install extensions in vscode, in zed, gnome, kde and probably in a lot of other tools like bash as well.

Usually, I do not think much about security/ privacy. I only install what I want/ need and delete what I do not need.

How can I judge which extension to install and which not? There are extensions releasing builds regularly but the last release of public code on github was years ago. Downloads and stars give a hint on popularity. With popularity the people who will look into the code increases but if there's no code, there's nothing to look into. And just because it's not popular, it doesn't necessarily mean it's bad software.

How do you judge which extension to install?

22
23
 
 

Am I just overthinking this?

I like Keepass2Android because of it's "QuickUnlock" feature, but it looks very old, is mainly distributed via Google Play and not on the official Fdroid repo. (Also, doesn't google now have the signing keys of all apps now? Kinda sus if Google could just sign updates and bypass the developers)

KeepassDX seems more secure, since the Fdroid and Google Play versions are separate, using (I assume) separate signing keys, so Google cant sign an update for the Fdroid version. Looks more "Modern" but it lacks the "Quick Unlock" feature, so biometrics is the only convient way to quickly unlock it, I prefer something like "Quick Unlock" feels more secure (since theres no shenanigans like replicating a fingerprint to fool the biometrics scanner).

TLDR: I really want the "QuickUnlock" feature of Keepass2Android, but with the Google policy of having the signing keys, I'm kinda sus.

Am I overthinking this?

24
 
 

Edit: I may have given too much weight the the Arkenfox dev's assessment. Upon more research and consideration, I think Librewolf could still be a better option compared to straight Firefox, though hopefully the Librewolf team receive more help/contributors in the future to ensure its success long term.


I've been a user of Librewolf for a about a year now, and it's always served me pretty well as a nice easy way to get a hardened Arkenfox Firefox.

However, recently I was curious why Librewolf wasn't recommended on PrivacyGuides, and took a look through their reasoning on their forum. That thread spans multiple years, and for the most part I thought their reasons for not including it were a bit unfair, especially after Librewolf started offering automatic updates.

But towards the end of that thread in October, a Privacy guide team member posted a link to the Arkenfox github issue tracker, where a Librewolf team member reveals how the project appeared to have lost steam after a critical member left, and they are struggling to keep it up to date with the latest Arkenfox updates, despite putting out new releases.

I'm not sure if those problems have been resolved since that time. One of the maintainers did mention they're still short staffed in this topic on taking over maintaining Mull.

After considering the arguments for and against in the PrivacyGuides thread, I think their conclusion for not recommending does have some merit. Using Librewolf adds an additional layer of trust, not only to not be malicious (which I don't suspect they are) but to also be able to adequately fulfill what they set out to do reliably.

Another big part of them not recommending it was the existence of the Mullvad Browser, which I didn't realize was in fact a very well hardened version of Firefox (essentially the Tor browser without the Tor part), and is far more effective for private browsing compared to Librewolf or an Arkenfox'd firefox.

Ultimately you'll have to come to your own conclusion, ~~but personally I'll be switching back to Firefox as my convenient daily browser full of addons, alongside the mullvad browser for (more) private browsing.~~

25
260
submitted 6 days ago* (last edited 6 days ago) by [email protected] to c/[email protected]
 
 

Copied from the reddit post:

Hi all, last night, a post from last year from my personal X account suddenly became a topic of discussion here on Reddit. I want to share a few thoughts on this to provide clarity to the community on what is Proton's policy on politics going forward.

First, while the X post was not intended to be a political statement, I can understand how it can be interpreted as such, and it therefore should not have been made. While we will not prohibit all employees from expressing personal political opinions publicly, it is something I will personally avoid in the future. I lean left on some issues, and right on other issues, but it doesn't serve our mission to publicly debate this. It should be obvious, but I will say that it is a false equivalence to say that agreeing with Republicans on one specific issue (antitrust enforcement to protect small companies) is equal to endorsing the entire Republican party platform.

Second, officially Proton must always be politically neutral, and while we may share facts and analysis, our policy going forward will be to share no opinions of a political nature. The line between facts, analysis, and opinions can be blurry at times, but we will seek to better clarify this over time through your feedback and input.

The exception to these rules is on the topics of privacy, security, and freedom. These are necessarily political topics, where influencing public policy to defend these values, often requires engaging politically.

The operations of Proton have always reflected our neutrality. For example, recently we refused pressure to deplatform both Palestinian student groups and Zionist student groups, not because we necessarily agreed with their views, but because we believe more strongly in their right to have their own views.

It is also a legal guarantee under Swiss law, which explicitly prohibits us from assisting foreign governments or agencies, and allows us no discretion to show favoritism as Swiss law and Swiss courts have the final say.

The promise we make is that no matter your politics, you will always be welcome at Proton (subject of course to adherence to our terms and conditions). When it comes to defending your right to privacy, Proton will show no favoritism or bias, and will unconditionally defend it irrespective of the opinions you may hold.

This is because both Proton as a company, and Proton as a community, is highly diverse, with people that hold a wide range of opinions and perspectives. It's important that we not lose sight of nuance. Agreeing/disagreeing with somebody on one point, rarely means you agree/disagree with them on every other point.

I would like to believe that as a community there is more that unites us than divides us, and that privacy and freedom are universal values that we can all agree upon. This continues to be the mission of the non-profit Proton Foundation, and we will strive to carry it out as neutrally as possible.

Going forward, I will be posting via u/andy1011000. Thank you for your feedback and inputs so far, and we look forward to continuing the conversation.

view more: next ›