this post was submitted on 14 Mar 2024
395 points (98.5% liked)

Privacy

32120 readers
28 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I went in to delete mine. Was forced to put in my real name and current employer without any way to opt out. So for a short brilliant moment I was Bobo Bobolicious of Bob's Boat Oars

top 50 comments
sorted by: hot top controversial new old
[–] homesweethomeMrL 102 points 8 months ago (1 children)

So the platform that allows anonymous signup but requires submission of information about your employer or salary to access anything but the very basics is determined to dox you.

Fuckin' genius.

[–] [email protected] 34 points 8 months ago* (last edited 8 months ago)

Just submit fake shit.

I kid, don't use the website.

[–] [email protected] 63 points 8 months ago (4 children)

I don't know if I have an account, but this is a good reminder to go through and review all of my accounts (everything's in my password manager). I have way too many, so I could probably trim them.

Thanks for the reminder!

[–] [email protected] 12 points 8 months ago (1 children)

1 device: Keepass

2 or more devices Keepass + Syncthing

2 or more devices & extremely easy for new users: Bitwarden.

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

That works too. I have 4 devices (laptop, desktop, work computer, phone), and sometimes need to login on a device that's not mine. I use Syncthing for other things, but Bitwarden has some nice features (e.g. organization to share passwords with my wife), so I stick with it.

[–] [email protected] 8 points 8 months ago (1 children)

Its a long journey, but totally worth it. When I chose to go fully self-hosted, I had around 1,200 accounts and passwords. First I used a temporary fake emailnsite to change my email and all the personal data I could from all the sites I wanted out of my life, then closed each account. Did a checkout wherever I could too. Then went into each account I wanted to keep where I was using a gmail address, changed my email to an alias (proton mail) and created a new random password for each (Bitwarden self-hosted). I'm down to about 100 accounts, including everything in my 2 jobs. The level of freedom I feel is unspeakable.

[–] [email protected] 6 points 8 months ago (1 children)

I thought I was bad with ~300 logins... I'm going to follow in your footsteps, teach me your ways sensei. :)

[–] [email protected] 7 points 8 months ago* (last edited 8 months ago)

https://temp-mail.org/en/ That site, bitwarden (self-hosted preferably, but an account with them works too), and you've got all the tools you'll ever want. If you also want to "change" your phone number on the sites you're leaving (that's always a good idea as well), you can try https://quackr.io/ but I'm not sure how good it is. I just found that site, and honestly can't remember what I used for that. All I remember is that it was a free trial of an app for 7 days, and I made sure to finish that before the trial was over. And I'm no sensei, call me Master "4th run of Horizon Zero Dawn" 🤣🤣. Just kidding, I'm just a guy that, like most of is, got tired of all the BS out there these days. I am, though, on my 4th run of that game. Good luck man, you won't regret doing this.

[–] thantik 6 points 8 months ago (1 children)

This is something that pisses me off about "Identity Monitoring Programs"; I have one because Experian fucked up and I got it for free for a year -- but all I ever get is "Your account was found on the dark web!"

But then they won't tell me WTF ACCOUNT it was!!

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago) (1 children)

That's one benefit of password managers, many offer a scan to figure out which usernames/passwords were exposed. I just checked, and I have 22 passwords exposed in a breach, but unfortunately I can't do anything about most of them (i.e. they're assigned from work).

I honestly don't see any value in monitoring services from the big bureaus, you're probably better off using:

  • free services like Credit Karma (or Experian) to get pinged when credit is accessed; check this periodically
  • password manager to randomize passwords
  • official credit reports a few times/year (can now do weekly, in the past it was yearly per bureau) to check if anything is messed up
  • credit cards for all online purchases - they tend to be faster at responding to fraud than debit cards
  • 2FA when available - I use an app on my phone (Aegis, but there are plenty of others)

If you can do those, you'll probably catch anything before it becomes a serious issue.

load more comments (1 replies)
[–] [email protected] 3 points 8 months ago (11 children)

What's a good multiplatform password manager these days? I've been meaning to move away from LastPass for forever (and update my passwords in the process), I just haven't found the time to sort through all of that.

[–] [email protected] 37 points 8 months ago (2 children)

I really like BitWarden. Benefits:

  • open source - can even host your own storage server if you want (e.g. vaultwarden)
  • security audited
  • free - has paid tiers, but you probably don't need them
  • apps - Desktop (Linux, Windows, macOS), browser extension (basically all of them?), mobile, command-line, web app

It has some neat features and hasn't annoyed me too much yet.

[–] [email protected] 4 points 8 months ago

Also nearly complete rolling out Keypass/Webauthn compatibility!

[–] [email protected] 3 points 8 months ago (1 children)
[–] [email protected] 2 points 8 months ago

I just moved from Dashlane it was painless

[–] [email protected] 16 points 8 months ago (1 children)
[–] [email protected] 2 points 8 months ago

I'll have a look, thanks

[–] [email protected] 8 points 8 months ago (4 children)

Say what you want about old timers but [ Notebook and Pencil ] has a 100% success rate if the attacker doesn't have physical access.

[–] [email protected] 4 points 8 months ago (1 children)

Sure, but that's where the cross platform comes in, because I'd rather not have to lug said notebook around with me.

[–] [email protected] 2 points 8 months ago (1 children)

Convenience and Security are different goals. You can either put security before or after convenience.

load more comments (1 replies)
[–] [email protected] 4 points 8 months ago (1 children)

Actually, that would make it easier to fall for a phishing page. My browser extension will only offer to fill example.com. If I'm on exarnple.com, it won't. This makes me say "hmm, why no match for this page? ah! the domain is different". With a notebook, I'd happily type the password in just the same.

load more comments (1 replies)
[–] [email protected] 2 points 8 months ago

I’m not typing a 64-character random string from a notepad everytime I log in somewhere tho

load more comments (1 replies)
[–] [email protected] 5 points 8 months ago
load more comments (7 replies)
[–] Zachariah 37 points 8 months ago (1 children)

I really liked Glassdoor when I first used them to find out salaries. Since “pivoting” and adding the fishbowls or whatever, the site has been unpleasant to use. Reason this users experience makes me sick. I just deleted my account even though I doubt it’ll make a difference. Maybe something decentralized or open source will come along to take its place. Or maybe more laws can be passed to require listing salaries on job listings.

[–] [email protected] 7 points 8 months ago

I've been using comprehensive.io for salaries. Its not as good as Glassdoor for data but, its free and gets the job done for me. Also, layoffs.fyi when I feel like getting depressed

[–] [email protected] 31 points 8 months ago (3 children)

Glassdoor is in my top 10 least favorite companies of all time, right behind Nestle and Big Oil, scoring an overwhelmingly negative opinion by me, meaning that I wish they would crash and burn and I'd be willing to sabotage this sh*thole company wherever possible.

This business is everything wrong with 21st century tech companies. They do nothing good and everything bad. They hide information from the public by forcing an account. You cannot bypass by using uBlock origin's features. When you make the account, they force you to give them literally all of your personal information with zero way to stop them from selling it to hundreds of shady data brokers despite them telling you that you can opt out.

Unfortunately, they got me. I really really wanted to find the salary of a job, and I was forced to make an account. I got irrationally angry, and gave them EVERYTHING, including all cookies. Now they got the loot, I got nothing other than a thousand eyes prying on me.

The door is certainly glass on the bathroom stalls but made of hard steel to reach what should be a library.

load more comments (2 replies)
[–] [email protected] 25 points 8 months ago* (last edited 8 months ago) (4 children)

I created my Glassdoor account about ten years ago. The only information they required at the time was an email address

An email address is usually also directly linked to your identity.... I wish more companies would not require it to signup... I do have throwaways and email accounts created using Tor though.

[–] Tangent5280 11 points 8 months ago (1 children)

anonaddy, firefox relay, or something similar might be your solution. Many email providers provide temporary mails and permanent aliases as part of their subscription.

load more comments (1 replies)
[–] DeadNinja 6 points 8 months ago (1 children)

And if you wsnt a FOSS option for unlimited email aliases - Duckduckgo is a good option.

[–] [email protected] 4 points 8 months ago (1 children)

DDG has an email service? :o

load more comments (1 replies)
[–] [email protected] 4 points 8 months ago (3 children)
load more comments (3 replies)
[–] [email protected] 3 points 8 months ago (1 children)

That's the way, at least here in Wakanda.

[–] [email protected] 2 points 8 months ago

Wakanda

first time I hear about that, obviously it needs to be a real thing.

[–] [email protected] 15 points 8 months ago (1 children)

Just created an accound to see a company recruting me, lied I was a studeng to not have to enter anything

[–] [email protected] 3 points 8 months ago

We're all lifelong students, so you didn't lie. ;)

[–] [email protected] 12 points 8 months ago (1 children)

Substitute with "-" or "xyz" if forced. They should know you don't want to provide that data.

[–] [email protected] 12 points 8 months ago (1 children)

My company blames me when people fill out forms with junk data just to get to what was already a public link, then I have to go in the CRM every morning and delete a dozen "your moms" and "nunyas".

[–] [email protected] 4 points 8 months ago

I filled the form Reddit sent me for their IPO with junk data. I hope many other people will do the same.

[–] [email protected] 10 points 8 months ago

Dirty fuckers.

[–] [email protected] 7 points 8 months ago

Do you have any FOSS oars?

[–] harry_balzac 5 points 8 months ago

So, is Bob's Boat Oars hiring?

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago) (2 children)

Lots of accounts ask for name and other proof. Credit cards, id, etc.

Sadly it's the norm now.

[–] [email protected] 3 points 8 months ago

laws need to be created for making this illegal, unless it is absolutely required for providing you the service.

[–] [email protected] 2 points 8 months ago

Well, they don't get my business. If they require something they don't need, I look elsewhere.

[–] [email protected] 3 points 8 months ago

Hey, can you help me out with some oars?

load more comments
view more: next ›