privatelife - privacy, security, freedom advocacy

1558 readers
1 users here now

This community is meant to advocate privacy, security and freedom in an concise manner, free of prejudice bias, free of politics, free of cultist thoughts.

Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. - Edward Snowden

Reddit: https://old.reddit.com/r/privatelife

Matrix: https://matrix.to/#/#privatelife:matrix.org

Telegram: https://t.me/r_privatelife

READ THE RULES

  1. Opinions are welcome, facts more so. Attack arguments, not people. Hating, baiting, trolling, flaming will be dealt with strictly.

  2. Discuss closed source software with caution. Advocating for it strongly (cult brigading) can be treated as violation of this rule.

  3. Editing titles of article links is strictly prohibited, unless and until the summarisation remains accurate to the context of the article or paper. Such link post will be removed without questioning.

  4. Targeting of any country, person or nation is strictly prohibited without valid reasoning. Evidence if not presented against the specific company/corporation/individual will be treated as personal attack and/or hate speech. This will result in a warning, then ban system.

  5. NO PERMA BANS! Ban system will work as follows:

1 day --> 3 day --> 1 week --> 2 weeks --> 3 weeks --> 1 month --> 3 months --> 6 months

Severity of the ban system will be dealt with based on degree of violation and circumstances.

  1. NO FACT-LESS EVIDENCES, NO FALSE RHETORIC Evidence has to be credible. The onus of this lies on the claimant. The same applies on the user who questions proven evidence. Violation of this rule will be dealt with strictly.

  2. Copycat posts serve to litter the community, increasing quantity and decreasing quality of posts. As such, posts will be removed. Repeated attempts will receive warning.


Related communities:

founded 4 years ago
1
 
 

r/privatelife on Reddit is once again the primary and sole host for this community. Any further communication will be on Reddit or Telegram. Thanks for the attention!

2
3
4
-24
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
 
 

People here's take about why free software ("open source") should be preferred, in my opinion (basically the OpenBSD's opinion) is flawed.

You said "open source" is "good" because it permits having eyes on ("auditing") and make sure there isn't malware.

This is NOT the most important benefit. But it is flawed because, you guys don't even have the knowledge to do coding. You guys are activist/"journalists" working for CIA. So you cannot audit the software yourselves.

Or "open source" but with a bad code style, how can you make sure the code doesn't have backdoors? But I think hilarious journalists that is only smart enough to post fake news about how down is the Russia and China economy can't even write bad code.

"open source" is good, firstly, because it permits auditing the source code and find the bugs, replace flawed/bad code with safer alternative (for example, the advantage of an open-source C software when porting to OpenBSD is they can replace every occurrence of strcat/strcpy with safer strlcat/strlcpy), sandbox it (on OpenBSD, with pledge and unveil), do privileges separation and revocation, etc.

And I think "you can make sure there isn't malware/backdoors" is the second benefit, NEVER THE FIRST.

Conclusion: Do not blindly trust what is "open source" when you can't even do code auditing.

5
-7
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
 
 

So I want to make this post because I don't know why instances, mine specifically, choose to block others. Now, don't get me wrong that blocking instances that are CP related and anything illegal is something that should and needs to be blocked and/or removed. but if its something like Threads, let me choose to block a user myself, give me the freedom to do so. I've seen Brodie Robertson's video talking about this, and I whole heartily agree with his stance on this where letting the user have the freedom to block a user or instance themselves.


I just feel that some lemmy instances are turning into big tech companies where they are controlling everything, and don't get me wrong, its their server space, do what you want to do, but at least since you are using foss to run your lemmy server, at least be different then Reddit or YouTube etc. I created a lemmy account just to have a more private experience from Reddit without being tracked all the time. guess I was wrong.


not trying to get on the wrong foot here, I am just a fan of internet freedom, and I think you should have the right to do anything you want online, that's within legal waters.

Thoughts...

6
7
8
 
 

Whenever I encounter the label "made in EU", "Germany", "Estonia", "France" ...... in the footer of a web project, which implies enhanced data-protection, apparently, I wonder:

How can it be so? There're some data-protection laws, yes. But one can't control a hosting provider 24h/day. One can't know whether an employer there copies all data on his memory-drivers.

Can't the police, if need be, seize a server as easily as it would in any other country on Earth?

Don't the majority of all of countries in Europe share information with the intelligence of US by the agreements of the 5 eyes, 9 eyes, 14 eyes? Whereas the 2nd and 3rd world countries don't.

How is it better than a label "made in South Africa", "Thailand", "Costa Rica", "Egypt", "Kuwait"?

I can see how "made in Germany" or EU makes a project worse in terms of privacy and data-protection. How could it make it better, though?

9
10
 
 

From https://www.freedownloadmanager.org/blog/?p=664:

It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It’s estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022.

11
12
 
 

Hello everyone.

Currently me and my GF have our finances organized in a Google sheet file (hosted on Google drive), being that file integrated with a Google form.

What we do is having on our cellphones a shortcut to the form, where we input all our expenses, they are directly and automatically registered in the sheet, and on another tab we've built some sort of dashboard based on all the values the form registers.

So given this context, is there any option or group of options that are open source, and that achieve this same purpose / scenario?

If possible everything acessible on a cloud or at least onlinez so we don't lose this flexibility and accessibility on our cellphones.

Thanks in advance

13
 
 

I'm undertaking the process of disentangling Google and Microsoft from my life. Does anyone have any tips for removing my last 20 years of files from Onedrive and Google Drive? Where do you host your long-term storage? What's a good way to handle the migration?

14
 
 

We're happy to announce that we were successfully able to initiate a BusKill lockscreen trigger using a 3D-printed BusKill prototype!

3D Printable BusKill (Proof-of-Concept Demo)
Watch the 3D Printable BusKill Proof-of-Concept Demo for more info youtube.com/v/Q-QjHelRvvk

via @[email protected]

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

Why?

While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.

We don't consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, disassembleable, and easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.

Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, printing your own circuit boards, microcontroller, or silicon has a steeper learning curve than a BusKill cable -- which is essentially just a USB extension cable with a magnetic breakaway in the middle.

Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In our latest update, we hope to showcase her progress and provide you some OpenSCAD and .stl files so you can experiment with building your own and help test and improve our designs.

Print BusKill

Photo of the 3D-Printed BusKill Prototype

If you'd like to reproduce our experiment and print your own BusKill cable prototype, you can download the stl files and read our instructions here:

Iterate with us!

If you have access to a 3D Printer, you have basic EE experience, or you'd like to help us test our 3D printable BusKill prototype, please let us know. The whole is greater than the sum of its parts, and we're eager to finish-off this 3D printable BusKill prototype to help make this security-critical tool accessible to more people world-wide!

15
 
 

A while ago I made an app for tracking baby activities because I became a parent and was horrified at how many permissions the existing apps required and how much tracking they contained. Both the app and the server are open source.

This is a web-app which also has an Android version in the Play Store (F-Droid didn't accept it because they don't feel like web-apps should be welcome in their store). On iPhones it can be installed as a PWA to the home screen.

Features:

  • No tracking whatsoever
  • End-to-end encrypted, no personal information is stored on the server unencrypted
  • Track baby's feeding, diaper changes, breast pumping and sleeping (more to come)

Links:

16
 
 

I stan Firefox but I am scared about this to the point not much discussion exists on this.

17
18
19
 
 

I am looking for an existing preferably open source project built for home survailance systems using four IP PoE cams. Nothing too fancy; just want to record to my own hard drive and be able to view live by connecting directly to my linux system securely.

BUT under no circumstances do I want any of MY data going to anyone elses computer or server.

I was originally plannig on making a program myself, just want to see if there is something out there someone has already made. I have looked at bluecherry and ispy. not a fan.

20
21
22
23
24
 
 

The HOSTS ruleset has been not maintained for a while, and that is not very helpful. This is a copy of Energized Ultimate from April 2022 that I am still using just fine. https://www21.zippyshare.com/v/qRxZ0lp9/file.html

The various lists that Energized project used in combination can still be referenced. https://i.imgur.com/yZRDVAl.jpg

I think 1Hosts PRO is a good replacement, but try Lite or Pro whichever you prefer. https://github.com/badmojr/1Hosts You may try combining other HOSTS lists with this if you want to, and are technically adept enough.

Another good option is AdAway, but you might need to combine other lists with it to have competent blocking compared to Energized.

You also need to reference, download and merge spam and phishing lists manually if you want extra protection, unless you want to rely solely on DNS providers. I prefer having both HOSTS ruleset systemwide and a DNS provider, then whatever network firewalling/tunnelling is needed.

25
 
 

Hello! Just a quick update, since all of us use these services, and everyone is suddenly thrown off.

YouTube has introduced a change in layout of videos. Until now, we could see videos sorted in chronological (ascending or descending) orders, or popular.

Now, we can only see "popular" and "recently uploaded" sorted videos due to YouTube's latest change. Invidious proxies (method which Newpipe uses to fetch video information) only show "oldest", "newest" and "popular" sorted videos. The former 2 sorting methods no longer work, which Invidious proxies show by default.

It is unclear why YouTube removed the chronological sorting, which has always been useful. A conspiratorial guess being made is that YouTube can remove older videos or videos with no ads or demonetised channel videos.

You can do few things, like:

METHOD 1

For this method, having https://www.f-droid.org/packages/com.trianguloy.urlchecker/ on your Android phone is very handy, because of quick URL string manipulation accessibility.

YouTube provides system playlists with user uploads: you can access them by taking the channel ID (not the user ID or the handle) (for instance, UCTwECeGqMZee77BjdoYtI2Q is the channel ID for the channel URL https://www.youtube.com/channel/UCTwECeGqMZee77BjdoYtI2Q), replacing the first two characters, UC, by UU, and appending the result to https://www.youtube.com/playlist?list= (for my example above, the resulting URL is https://www.youtube.com/playlist?list=UUTwECeGqMZee77BjdoYtI2Q).

Then open the link you get in NewPipe/Invidious

This has some limitations (again, yes): you can't see the view count and the upload date (these informations are not returned on playlists), but the first video of the playlist is the most recent one. However, age-restricted videos are included in these playlists.

METHOD 2

You can use Invidious proxies in web browser, and search your favourite YouTube channel or content. The first 10-20 search results should have recent videos listed for relevance.

METHOD 3

Using YouTube.com and use boolean operators for chronological search:

exact match [“search term”]

search terms in the name of the video [intitle:”search term”]

Date: AFTER:YYYY Only videos after YYYY year

BEFORE: Only videos before YYYY year

CONCLUSION

We could be entering an era of censorship, not by direct deletion of old or controversial content, but by obscurity and omission of argument tactics. Looking through older content, or dislikes on videos, is made difficult for reasons without a doubt. It is not a random change, so make the best of what you have right now. Times are changing very rapidly.

view more: next ›