Privacy
blog.mozilla.org
cross-posted from: https://lemmy.zip/post/23894598 > Despite its emphasis on protecting privacy, Mozilla is moving towards integrating ads, backed by new infrastructure from their acquisition of Anonym. They claim this will maintain a balance between user control and online ad economics, using privacy-preserving tech. However, this shift appears to contradict Mozilla's earlier stance of protecting users from invasive advertising practices, and it signals a change in their priorities.
If you haven’t heard <https://blog.mozilla.org/en/mozilla/improving-online-advertising/> So I’m looking for a new IOS browser A couple of preferences In-built Ad blocker Private No Ai anything Thanks for any suggestions!
I got hit with the "sign in to confirm you're not a bot today". I thought I could get around it by firing up a vpn in a GDPR country, but I got the same notice there as well. YT-DLP gives me the same error, but curiously FreeTube, GrayJay, and NewPipe all seem to get around it. I don't know for how long, but they seem to all be working for now. I know the proper solution might just be to go touch grass, but I watch YouTube on a nearly daily basis and would like to get it working again in the browser without needing an account and on YT-DLP if anybody knows any solutions. Also, I follow video/audio content through RSS and didn't know if anybody had a good way to find out which creators post where. Whenever any creator mentioned they post elsewhere I always replaced the YouTube subscription with a subscription to them on anther platform. When I got the sign in error I went through my favorite creators and searched for them on Odysee and Rumble, finding a small but not insignificant amount of people I follow on Odysee. Is there a good place to find out who posts where? Any sort of lists of which creators have their own PeerTube instances/channels, post audio content to substack/soundcloud, mirror to other video platforms like odysee/rumble, etc? Thanks
www.dw.com
>Social media platforms must restrict the use of personal data for targeted advertising, to comply with the bloc's regulatory law, the Court of Justice of the European Union ruled on Friday. The ruling comes as a blow to social media giant Meta. >Meta collects digital data of users of its social media platform Facebook when they visit other websites and use third-party apps, which allows Meta to personalize advertising. >But under theEU's General Data Protection Regulation (GDPR), companies are obliged to adhere to the principle of "data minimization," restricting the amount and duration of data used for advertising purposes...
I've been inspecting this topic quite a lot and I'm a little confused now. So, we have [reasons not to use Signal](https://dessalines.github.io/essays/why_not_signal.html), reasons [not to use Matrix](https://hackea.org/notas/matrix.html), there were also some claims about [Session being a fraught](https://caliban.org/wp/2024/08/session-instant-messenger-is-fraught-with-serious-problems/). Briar is mostly activists related (not very suitable for daily use), XMPP lacks good clients and suffers from fragmentation of protocol standards implementation, SimpleX is too feature-incomplete (no UnifiedPush support, big battery drain on Android, very decent desktop client without any message sync). I can't say a lot about Threema or Wire, as I'm not very familiar with them. So, my question is — is there any good private messenger at all? What do you think is the most acceptable option? **EDIT:** In addition to my post: > All messengers have their flaws, I'm well aware of that. I was interested in hearing users' opinions regarding these shortcomings, not in finding the perfect messenger. I may have worded my thoughts incorrectly, sorry for that.
::: spoiler alt-text Two horizontally stitched screenshots comparing a search for “Reavers GIF” on DuckDuckGo and Google in Safari iOS (private tabs). DDG presented zero Firefly/Serenity relevant results while Google found them exclusively. ::: Hopefully a privacy-focused yet fast instance for US West Coast cheapskates who probably should pony up for Kagi, buttttttttttt [SearXNG Instances list on SearX.space](https://searx.space)
t.me
Telegram CEO Pavel Durov recently [announced](https://lemmy.ml/post/20618148) that Telegram would be handing over user data (such as phone numbers and IP adresses) to the authorities. Now it turns out that it has been doing so since 2018. > My previous post may have seemed to announce a major shift in how Telegram works. But in reality, little has changed. > Since 2018, Telegram has been able to disclose IP addresses/phone numbers of criminals to authorities, according to our Privacy Policy in most countries. > For example, in Brazil, we disclosed data for 75 legal requests in Q1 (January-March) 2024, 63 in Q2, and 65 in Q3. In India, our largest market, we satisfied 2461 legal requests in Q1, 2151 in Q2, and 2380 in Q3. > To reduce confusion, last week, we streamlined and unified our privacy policy across different countries. > Telegram was built to protect activists and ordinary people from corrupt governments and corporations — we do not allow criminals to abuse our platform or evade justice. ::: spoiler Full text of the post. 📰 My previous post may have seemed to announce a major shift in how Telegram works. But in reality, little has changed. 🌐 Since 2018, Telegram has been able to disclose IP addresses/phone numbers of criminals to authorities, according to our Privacy Policy in most countries. ⚖️ Whenever we received a properly formed legal request via relevant communication lines, we would verify it and disclose the IP addresses/phone numbers of dangerous criminals. This process had been in place long before last week. 🤖 Our @transparency bot demonstrates exactly that. This bot shows the number of processed requests for user data. ✉️ For example, in Brazil, we disclosed data for 75 legal requests in Q1 (January-March) 2024, 63 in Q2, and 65 in Q3. In India, our largest market, we satisfied 2461 legal requests in Q1, 2151 in Q2, and 2380 in Q3. 📈 In Europe, there was an uptick in the number of valid legal requests we received in Q3. This increase was caused by the fact that more EU authorities started to use the correct communication line for their requests, the one mandated by the EU DSA law. Information about this contact point has been publicly available to anyone who viewed the Telegram website or googled “Telegram EU address for law enforcement” since early 2024. 🤝 To reduce confusion, last week, we streamlined and unified our privacy policy across different countries. But our core principles haven’t changed. We’ve always strived to comply with relevant local laws — as long as they didn’t go against our values of freedom and privacy. 🛡 Telegram was built to protect activists and ordinary people from corrupt governments and corporations — we do not allow criminals to abuse our platform or evade justice. :::
Verizon is stopping support for message+ and says to just use Google messenger. Fuck that I hate Google, can anyone suggest an app I can use to just text people and send pictures that works on and offline?
I don't know when this started but I noticed it for the first time a few months ago. Some podcasts will have preroll ads that are obviously tailored to me since they are not in the same language as the podcast, instead they are in my native language and if I connect to a VPN in another country the ad will change to one from that country. They also seem to appear regardless of podcast app. I have used both AntennaPod and Spotify. AntennaPod is free so I guess they source their podcasts from some third party website that could be adding in the ads. But since I am paying for Spotify I am expecting not to have to listen to any ads. So who is adding in these ads? Can I get rid of them or am I just stuck with them?
Ok so here is the situation: As many here (I guess), I dont like Meta, but since I want to promote my 3D-printed stuff more, I see my self in a position where there is no way around Instagram 🤢 So my question is, if maybe someone here already uses Instagram here "privately" or if someone has ideas on how to use it but still giving Meta as few info as possible? My idea at the moment would be to use Mullvad for every traffic going to insta. For signup I will of course use an email with a custom-domain that is never used somewhere else and if I like other posts, I will only use the account, related to my business. My personal account is just for getting in touch with real people I know and to promote my business-account. The personal account will not have my real name and uses also a different email from a custom domain. Thanks in advance for you comments and trust my, I really hate having to submit to Meta and their stupid social media crap.... Edit: Thanks for all your great feedback. I will def. look into all of these ideas 👍 I also forgot two things: 1. I am using Linux only for this on PC and no Windows(dont know if this changes anything) 2. I am using LibreWolf on Linux Mint and Waterfox on Graphene OS (of course with Ublock and Privacy Badger ;) )
23andMe is not doing well. Its stock is on the verge of being delisted. It shut down its in-house drug-development unit last month, only the latest in several rounds of layoffs. Last week, the entire board of directors quit, save for Anne Wojcicki, a co-founder and the company’s CEO. Amid this downward spiral, Wojcicki has said she’ll consider selling 23andMe—which means the DNA of 23andMe’s 15 million customers would be up for sale, too. 23andMe’s trove of genetic data might be its most valuable asset. For about two decades now, since human-genome analysis became quick and common, the A’s, C’s, G’s, and T’s of DNA have allowed long-lost relatives to connect, revealed family secrets, and helped police catch serial killers. Some people’s genomes contain clues to what’s making them sick, or even, occasionally, how their disease should be treated. For most of us, though, consumer tests don’t have much to offer beyond a snapshot of our ancestors’ roots and confirmation of the traits we already know about. (Yes, 23andMe, my eyes are blue.) 23andMe is floundering in part because it hasn’t managed to prove the value of collecting all that sensitive, personal information. And potential buyers may have very different ideas about how to use the company’s DNA data to raise the company’s bottom line. This should concern anyone who has used the service. DNA might contain health information, but unlike a doctor’s office, 23andMe is not bound by the health-privacy law HIPAA. And the company’s privacy policies make clear that in the event of a merger or an acquisition, customer information is a salable asset. 23andMe promises to ask its customers’ permission before using their data for research or targeted advertising, but that doesn’t mean the next boss will do the same. It says so right there in the fine print: The company reserves the right to update its policies at any time. A spokesperson acknowledged to me this week that the company can’t fully guarantee the sanctity of customer data, but said in a statement that “any scenario which impacts our customers’ data would need to be carefully considered. We take the privacy and trust of our customers very seriously, and would strive to maintain commitments outlined in our Privacy Statement.” Certain parties might take an obvious interest in the secrets of Americans’ genomes. Insurers, for example, would probably like to know about any genetic predispositions that might make you more expensive to them. In the United States, a 2008 law called the Genetic Information Nondiscrimination Act protects against discrimination by employers and health insurers on the basis of genetic data, but gaps in it exempt providers of life, disability, and long-term-care insurance from such restrictions. That means that if you have, say, a genetic marker that can be correlated with a heart condition, a life insurer could find that out and legally deny you a policy—even if you never actually develop that condition. Law-enforcement agencies rely on DNA data to solve many difficult cases, and although 23andMe says it requires a warrant to share data, some other companies have granted broad access to police. You don’t have to commit a crime to be affected: Because we share large chunks of our genome with relatives, your DNA could be used to implicate a close family member or even a third cousin whom you’ve never met. Information about your ethnicity can also be sensitive, and that’s encoded in your genome, too. That’s all part of why, in 2020, the U.S. military advised its personnel against using consumer tests. Spelling out all the potential consequences of an unknown party accessing your DNA is impossible, because scientists’ understanding of the genome is still evolving. Imagine drugmakers trolling your genome to find out what ailments you’re at risk for and then targeting you with ads for drugs to treat them. “There’s a lot of ways that this data might be misused or used in a way that the consumers couldn’t anticipate when they first bought 23andMe,” Suzanne Bernstein, counsel at the Electronic Privacy Information Center, told me. And unlike a password that can be changed after it leaks, once your DNA is out in the wild, it’s out there for good. Some states, such as California, give consumers additional genetic-privacy rights and might allow DNA data to be deleted ahead of a sale. The 23andMe spokesperson told me that “customers have the ability to download their data and delete their personal accounts.” Companies are also required to notify customers of any changes to terms of service and give them a chance to opt out, though typically such changes take effect automatically after a certain amount of time, whether or not you’ve read through the fine print. Consumers have assumed this risk without getting much in return. When the first draft of the human genome was unveiled, it was billed as a panacea, hiding within its code secrets that would help each and every one of us unlock a personalized health plan. But most diseases, it turns out, can’t be pinned on a single gene. And most people have a boring genome, free of red-flag mutations, which means DNA data just aren’t that useful to them—at least not in this form. And if a DNA test reveals elevated risk for a more common health condition, such as diabetes and heart disease, you probably already know the interventions: eating well, exercising often, getting a solid eight hours of sleep. (To an insurer, though, even a modicum of risk might make someone an unattractive candidate for coverage.) That’s likely a big part of why 23andMe’s sales have slipped. There are only so many people who want to know about their Swedish ancestry, and that, it turns out, is consumer DNA testing’s biggest sell. Wojcicki has pulled 23andMe back from the brink before, after the Food and Drug Administration ordered the company to stop selling its health tests in 2013 until they could be proved safe and effective. In recent months, Wojcicki has explored a variety of options to save the company, including splitting it to separate the cash-burning drug business from the consumer side. Wojcicki has still expressed interest in trying to take the company private herself, but the board rejected her initial offer. 23andMe has until November 4 to raise its shares to at least $1, or be delisted. As that date approaches, a sale looks more and more likely—whether to Wojcicki or someone else. The risk of DNA data being misused has existed since DNA tests first became available. When customers opt in to participate in drug-development research, third parties already get access to their de-identified DNA data, which can in some cases be linked back to people’s identities after all. Plus, 23andMe has failed to protect its customers’ information in the past—it just agreed to pay $30 million to settle a lawsuit resulting from an October 2023 data breach. But for nearly two decades, the company had an incentive to keep its customers’ data private: 23andMe is a consumer-facing business, and to sell kits, it also needed to win trust. Whoever buys the company’s data may not operate under the same constraints.
www.rfi.fr
For the Paris 2024 Olympics, the city got the "right" to use the AI surveillance technology in the street. As we thought, they are going to keep this as long as they can. We need to do something against this IRL mass surveillance, going every day more into our private life
I was trying to airplay a video to my tv, just like I did for hours last night, and YouTube kept demanding that I login to prove I’m not a bot. So I figured I would make a fake login on Proton. That worked fine, but then it wants to text me for verification and obviously I do not want to give them my number, but it’s rejecting every number I try from the temp number sites. I am in Safari for iPad in a private window, using vinegar.
Hi! Thinking about registering a new domain for homelab setup. Not quite sure which registrar to go with but have heard good things about Porkbun here on lemmy. But, do people fill in their actual real name, and details for these sorta things? Geuninly curious, don't want to end up on bad terms with a company. But on the other hand im just going to use this for my homelab and dont see the "need" to give away my details for this sorta thing. Let me know how you guys do it :)
I am an EU citizen and I was informed that my EURAXESS account was breached. They informed me that while the password wasn't stolen, all of my personal data including addresses, IDs from the CV was stolen and made available on some website. They say that they're working towards making the site secure, etc., but I know that my personal info is out there. They have even told me to watch out for scams and phishing attempts over the next few months to come. I am a bit shaken. Please tell me what steps I can take to gain back some control over this situation?
Hey privacy community! A few weeks back I've seen an article posted here or in some other tech community about TSA rolling out biometric ID process in some US airports, that involved taking a face scan. I had an international flight planned and I wouldn't want to go through biometric ID, but I was anxious of potential delay and having to explain myself to TSA agents. I also convinced my wife to opt out, which could potentially double the delay. So for the folks who may have the same concerns, I'd like to share my experience. I went on my flight a few days back from Newark International Airport (EWR). We went through security check in new Terminal A. At the beginning of the security line there were a few clearly visible posters about biometric ID with opt out information. To opt out you just need to tell TSA agent that you don't want your photo to be taken. The poster also says that you will not lose your place in line if you opt out. Same posters are on each agent desk. The scanning machine is on every agent's desk, next to the opt out posters. It has a screen, about 8", with something that looks like a set of stereo lenses on top of it. The screen shows the live feed of the person in front of it during scanning process, with a template of a face that helps to properly position it. The scanning process seems to be very quick. Now, for the opt out - it is indeed as easy and seamless as they claim. I asked the agent to not take my picture, he just said OK and asked me for my passport. The scanning machine didn't turn on. He scanned my passport and gave it back, and I was done, no questions asked. Actually, I noticed that people who had their faces scanned also had to hand passports over. So they had to spend more time with the agent than I. I assume because it was their first time through this biometric collection and next time they just scan their face again and that's it. And while I was pleased how easy it was for me and my family to opt out of this, in my opinion, completely unnecessary privacy invasion, I have not observed any other person (out of maybe 100 who passed before me) who did the same. Unfortunately, we know here how easily and thoughtless people give away yet another piece of their personal data. In this case, the data that can be used next time to ID people via video surveillance without any consent.
I made [this post](https://lemmy.ml/post/20087099) a few weeks ago, and I've finally been using GrapheneOS for one month. I'd like to point out things that changed, and my experiences with some of the GrapheneOS communities. # The changes I stressed far too much about which methods to use for installing apps. In the end, it's up to you and your preference. Sure some are considered less secure than others, but it's your phone. I'll explain more about why I'm saying that later. Anyways. I get as many apps as I can via Obtainium, and install a few apps via Aurora Store. I'd like to clarify the reason I have ProtonVPN installed via Aurora Store. App developers often develop different versions of the app depending on how you install it. Play Store versions of it might rely on Google services, whereas direct apk files may not. ProtonVPN allows you to use it as a guest, but only when you install the Play Store version. No other version of the app (e.g. installed via Obtainium) allows you to use it as a guest. Please stop commenting about this, I explained it to way too many people. My game selection has remained the same, however Antimine is a bit of a weird one. It is still actively maintained, but the GitHub releases page is versions behind the F-Droid version, and the F-Droid version is versions behind the Play Store version. I tried installing the Play Store version, but it required Google Play Services to work (even though the app could actually run without it, it just thinks it needs it). So, unfortunately, I'll just use the outdated F-Droid version. 2048 by SecUSo actually got dark mode! Good for them for keeping things nice on the user end. Audire has been abandoned, and so I tried out Audile and it works fine. As many users pointed out, AndBible is not abandoned. It also recently got updated. The UX is still sub par. Fossify projects are also, as many pointed out, not abandoned. Development is just slow. I'm eager to see what updates will come. HeliBoard still has some weird autocorrect suggestions, but I made a few bug reports about it. KeePassDX no longer has the weird biometrics bug. For eBooks, I tried out a lot of the top proprietary eBook readers: - Amazon Kindle was authwalled (required logging in) - FBReader was netwalled (required a network connection) - Google Play Books was playwalled (required Google Play Services) Then, I tried Moon+ Reader. I am so sorry, but this app is honestly fantastic. I will reiterate: it is proprietary, but it has support for Apple Book's page turning animation as well as other stuff. The open source eBook readers peril in comparison. The app is perfect, I just wish it was open source. My music player has changed to VLC Media Player, which is honestly so much better than the desktop version. It has incredible support for use as a music manager. The only annoying bug is that it will sometimes lag for a few seconds before resuming, and there's no clear "queue" section. I got too upset with Vanadium's lack of anti-fingerprinting and privacy features, that I switched to Brave. Honestly, I'm happy with it. It's not perfect, but I can get behind it. # The new stuff Alright, now let me mention the new things I got to try. I wanted to try out an RSS reader, so I got Feeder. It's honestly what you expect from an RSS reader. I will say: I wish there was more distinction between read and unread articles. Currently the only difference is whether or not the title is in bold. I also wish the "Show read articles" could be changed for each feed, and not globally, or have an "Unread articles" section. I have the I2P DEBUG app in case I ever want to access I2P pages. I'm learning about what I2P is. From what I gather, it's like Tor but... not Tor. I tried out Image Toolbox for editing images. It's very feature rich, but very unintuitive to use. This is the biggest change: I tried out Lawnchair and Lawnicons. It is honestly so great. I wish the default launcher had that level of customization. You can customize it in 100 different ways until your heart gives out, it's honestly fantastic. There are inconsistent minor bugs and annoyances, but the benefits far outweigh those. I'm a sucker for the iOS look, and I was very pleased I was able to achieve something in between Android and iOS. I just wish they would bring dock colors back! One of my favorite features is being able to customize any icon and name for any app on the home screen. I could make a dating app look like a graphing calculator, for example... I tried out the proprietary Pydroid 3 app as a Python IDE. I give the developers a solid pat on the back. It's a great app. It works super well, and just has the occasional "upgrade to premium" popup to remove the "ads" that it can't load because it can't touch the internet. Good job guys. I added Shadowsocks to my censorship circumvention toolkit. I can't find any free servers, but hey it's there in a pinch. # The community I got some time to experience the Matrix/Discord/Telegram (they're all bridged) community as well as the issue tracker for GitHub. The issue tracker closes a lot of issues that I personally think should remain open. One I made was changing one of the default pings for an (obscure) menu from Google to GrapheneOS, a very simple fix. They closed it, which I'm upset about. I get it though, they can't fix everything. The Matrix/Discord/Telegram community is... interesting. There's 3 people: The ones who understand almost nothing and need a lot of help, the general users who are super friendly and have wholesome interactions, and the ones who know (and/or think they know) everything. That third group is quite prevalent. They will constantly push their own threat model on you as if it's the only correct answer, and will (quite often) refuse to answer questions if it goes against their threat model (e.g. questions about Aurora Store when "Play Store is the only correct answer"). It's annoying to say the least. I try to mention as much as possible that everyone has their own threat model and it's your phone so you get to choose your own preferences at the end of the day, but that never goes over well. GrapheneOS isn't always known for taking kindly to some lesser threat models, which is a double edged sword. It's good that they have such high standards, but they need to know when to relax and let other people help. It's not bad by any means, you'll get the help you need, but it's not a good look at the end of the day. # Conclusion That's my experiences after one month. It's been nothing short of fantastic, even with some problems. I am a strong advocator for open source software, but for a couple things the proprietary alternatives are simply the best. That's the unfortunate truth for some things. This will be my last post about my experiences with GrapheneOS, but coming from iOS, it is a super fun transition. I'd also like to mention quickly for anyone wondering: Backups for me are currently under 5GB (not including music), and in a month with all the app downloads and music transfers over LocalSend, I used about 70GB of internet. Tubular used the most internet (about 22GB in a month). For all you curious, this can give you a nice baseline. Thanks for reading!
> > > The researchers have discovered that automatic content recognition (ACR) tracking is active most of the time, even when TVs are used as “dumb” HDMI devices. In other words, the TV manufacturers are monitoring your private moments as well. There’s apparently no monitoring of streaming content in the UK, but there is in the US. > > > > > The only good news is that these TVs can seemingly be configured to disable ACR, provided the owners know this activity is taking place and are able to find the right settings. (I recently looked at the configuration of our TVs again, and understanding the various settings was far from easy.) > >
Greetings! Recently, i have ditched Windows for Linux. Why? Well, This all started with a Windows Update. I was working on a Discord bot, until my PC decided to restart without my consent. What was it? A Windows Update. I was like: "no big deal, ill just wait". Well, it was over 100+ updates. After all the updates completed, i saw the Windows 11 setup screen. Keep in mind that I was on WIndows 10 before the updates. Now at that point i really got angry. Like, I hate Windows 11. So then i went and completed the setup, and got met with ALL THE BLOATWARE REINSTALLED. So ofcourse, since i did NOT wanna use Windows 11, i backed up my data, and switched to the Secure and Free operating System, Linux. I went with arch, since i have used Ubuntu before, and it's terrible. And since i didn't wanna use any fancy Desktop Enviroments, such as GNOME, KDE, HyprLand, XFCE. I went with dwm. It looks very mininal and customizable. Now that brings me to the question, What apps should i get rid of? I know i did the same post like a few weeks ago, but for the sake of Privacy, i know Some apps contain Telemetry, and some Don't. But still. 
www.eff.org
>A [new Federal Trade Commission (FTC) report](https://www.ftc.gov/news-events/news/press-releases/2024/09/ftc-staff-report-finds-large-social-media-video-streaming-companies-have-engaged-vast-surveillance) confirms what EFF has been warning about for years: tech giants are widely harvesting and sharing your personal information to fuel their online behavioral advertising businesses. This four-year investigation into the data practices of nine social media and video platforms, including Facebook, YouTube, and X (formally Twitter), demonstrates how commercial surveillance leaves consumers with little control over their privacy. While not every investigated company committed the same privacy violations, the conclusion is clear: companies prioritized profits over privacy. > >While EFF has long warned about these practices, the FTC’s investigation offers detailed evidence of how widespread and invasive commercial surveillance has become. [Here are key takeaways from the report](https://www.eff.org/deeplinks/2024/09/ftc-report-confirms-commercial-surveillance-out-control)
My wife bought some Govee Smart LED string lights. We have VLANs setup in our house to isolate IoT devices and setup the new lights on that WiFi. But when we use the app to control them it requires an account and precise and "while using app" location data. The app does not work at all without enabling permissions for location. Am I being paranoid? This wasn't an initial setup thing the app is unusable without location enabled. She really wants smart LED lights for outside the house. Is there an option anyone knows of that might be a bit more privacy oriented? Thanks.
cross-posted from: https://sh.itjust.works/post/25812217 > cross-posted from: https://sh.itjust.works/post/25812215 > > > Labour is to revive the hated Tory plan to force banks to carry out surveillance on claimants’ accounts and give the DWP police type power to search premises and seize possessions. > > > > The Tory provisions were contained in the Data Protection and Digital Information Bill, but this failed to be passed into law before the general election and was therefore scrapped. > > > > Now, however, Labour have announced that they are to include what appear to be very similar provisions in a new Fraud, Error and Debt Bill. > > > > According to the DWP, the new law will give the DWP powers to: > > > > - Better investigate suspected fraud and new powers of search and seizure so DWP can take greater control investigations into criminal gangs defrauding the taxpayer. > > > > - Allow DWP to recover debts from individuals who can pay money back but have avoided doing so, bringing greater fairness to debt recoveries. > > > > - Require banks and financial institutions to share data that may show indications of potential benefit overpayments > > > > The Tory bank surveillance provisions would have forced banks to monitor the accounts of all means-tested benefits claimants and report every time an account went over the capital limit or was used abroad for more than four weeks. > > > > In late 2023, it was estimated that almost 9 million claimants would be caught in the Tory surveillance net, including: > > > > - 8 million universal credit claimants > > > > - 6 million employment and support allowance claimants > > > > - 4 million pension credit claimants > > > > That number is likely to have increased by now, especially with the push to get more people to sign-up for pension credit. > > > > Labour’s new bill will also give the DWP the power to search premises and seize evidence, such as documents, laptops and phones. > > > > The Tory Bill contained similar powers. > > > > It would have allowed designated DWP staff to arrest claimants, search premises and seize any evidence they found without needing to use the police. The DWP said this would put them on a par with HMRC and the Gangmasters and Labour Abuse Authority (GLAA). > > > > In an attempt to reassure claimants, the DWP today claimed that: > > > > “The Bill will also include safeguarding measures to protect vulnerable customers. Staff will be trained to the highest standards on the appropriate use of any new powers, and we will introduce new oversight and reporting mechanisms, to monitor these new powers. DWP will not have access to people’s bank accounts and will not share their personal information with third parties.” > > > > Labour claim that these powers will only be used against criminal gangs. But, until we see the text of the bill, we will have no way of knowing whether the law will actually prevent the DWP using their new powers against individual claimants if they so choose. > > > > The outline of the new bill was published today by the DWP to coincide with Kier Starmer’s first speech as prime minister to a Labour party conference. > > > > In his speech, Starmer made only a brief reference to the new bill, saying, “If we want to maintain support for the welfare state, then we will legislate to stop benefit fraud and do everything we can to tackle worklessness.” > > > > Back in April of this year the then prime minister, Rishi Sunak, outlined his plan to give the DWP police powers. He did this whilst setting out his five point plan for welfare reform in a speech at the right-wing think tank, the Centre for Social justice, founded by Iain Duncan-Smith. > > > > Just five months later, Keir Starmer has announced similar measures, this time in a speech to the Labour party conference. > > > > The other four Sunak points were: > > > > - The WCA to be made harder to pass > > > > - GPs no longer to issue fit notes > > > > - Legacy benefits claimants to move to UC sooner and work requirements to be increased > > > > - PIP no longer always a cash benefit and fewer people to be eligible > > > > We will now have to wait for Labour’s welfare reform white paper to see whether any of the four remaining points will also be adopted as Labour policy.
Often when I'm using it, it will spit out some random blurb about privacy in addition to the response. This time I asked something along the lines of > What did this message mean > > {Quote} It answered, and then it added this > However, the message also includes a detailed explanation about the privacy measures in place when using a specific AI language model through DuckDuckGo. > > The explanation states that all user chats are completely anonymous, and DuckDuckGo does not record any user chats. Any metadata that could potentially identify the user's device is removed before sending prompts to the model provider. This means that even if the model provider stores chats, they cannot be traced back to the user. > > The explanation also specifies that personal information typed directly into the chat cannot be tied back to the user, and that chats will not be used to train or improve models. Furthermore, chats are not sent to any third-party, and are only sent anonymously to the model provider. > > The message ends with a reminder about the appropriate use of code blocks in markdown, emphasizing that they should only be included in programming-related contexts. I assume they wanted their version to offer information about itself on top of the models regular output, downside being the extra hallucinations
blog.torproject.org
TL;DR: > Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats.
It's a slippery slope. I mean, I want a new job. But at the same time, I don't want all that info out there. What says you?
Heya, I found how you can digitally sign and encrypt emails! (It even gives them a cool icon for others to see!), and I haven't seen anything about it before so I thought I'd share how I did it!  Do you also want to send encrypted emails and sign them? Just follow these few steps! # But beforehand, let's define some terms : - **Signed email** : Email with a valid numerical signature. Anyone can read it and know it has not been modified since it was sent. - **Encrypted email** : Email encrypted with the recipient's public key. They can decrypt it with their private key - **S/MIME certificate** : A `.p12` file containing your __private key__ (So keep it for yourself and don't send it to anyone!!) and your public key. Okay, now it's time to... # Start the setup (Obtain an S/MIME certificate) - You'll need to ask to an authority for a certificate. Personally I use [Actalis](https://actalis.it/) because they give free certificates for multiple email addresses, valid for a year (you need to redo the setup every year). If you don't want to use Actalis, more info is avilable [here](https://support.mozilla.org/kb/instructions-smime-certificate-using-csr). - Don't forget to put the website in english if you don't understand italian. - [Go on the page to request an S/MIME certificate](https://www.actalis.com/request-s-mime-certificate), create an account and follow the setup. The verification email can take a little while (~2min) - When the setup ends, you'll have a valid certificate in your [dashboard](https://www.actalis.com/dashboard) (It can take a few minutes to appear if you just verified it) that you can download, and a password that Actalis emailed you to enable your certificate.  # Install the certificate - **Download the .p12 file**, then open it, type your password, and leave the default options to install the certificate on your device (Android or PC, on Android pick "For VPN and apps"). Don't delete your old one, so you can still decrypt old messages sent on the expired certificate - **Use an S/MIME compatible email client**. On PC, there is [Thunderbird](https://thunderbird.net), on Android, [FairEmail](https://f-droid.org/fr/packages/eu.faircode.email/). - In your email client settings, **importer the S/MIME certificate** pofor signing __AND__ encrypting your messages. It changes depending on your client, so here it is for Thunderbird : - In the top-right menu, go to `Account settings`, `End-to-end encryption`, under`S/MIME` click on `Manage S/MIME certificates`, `Import` and pick your`.p12` file. Then, pick `Select a certificate`, and pick yours from the tab "Your certificates". An image is worth a thousand words (Sorry for the french)  Don't forget to check the box to sign and/or encrypt every message just below, if you want! # Communicate with someone Once this is done, here is how you can communicate... - **...While signing your messages** : > It's easy, just click on "Sign" before sending. Usually, email clients show a small medal next to your name to show the email is signed. - **...While encrypting your messages** : > For that, you'll need your recipient's public key. They needs to send you a __signed__ message (not encrypted, since you don't have each other's key at this point) where you can get their public key from their signature, and add it to your email client, which will allow you to encrypt messages you send to them. Then, send them a signed email (you can encrypt it) so they can get your public key and add it to their client, and then you'll be able to exchange encrypted emails! I'm not an expert and probably made a few mistakes, if you spot any please tell me in the comments and I'll try to fix the guide!
I'm in the US and poor (shocker) and cannot afford a new phone. Are there any alternatives to base Android that I'm unaware of? There's an article on how to switch it to LineageOS, but I feel like that is a brick waiting to happen since I've been to LineageOS' page and they mention nothing about support for my device. Am I just SOL until I can manage to get a new phone?
I’m moving from iPhone to a pixel/graphene. I currently have an Apple Watch and got into the habit of leaving my phone on my desk (WfH) and relying on the watch to let me know if I get a notification. I don’t really want/care about fitness tracking or even responding to messages and calls. Is there a watch/bracelet that will just alert me to a notification?
I am new to using Monero. What are the rules to moving anon. and safe with Monero. Safest exchanges, Wallets, and sources to spend online would be ideal. How does one turn cash into crypto. Debit cards possible or surrogate spenders?
Hello there, are there any FOSS Android apps out there that serve as both a reader and a vault for PDFs? I want to be able to encrypt the PDF files and decrypt+read them with a single vault password. I could just encrypt PDF files separately using the same password, but it's not really that convenient having to go through several PDFs tbh. I want to store the PDFs on the storage of my phone. UPDATE: [Safe Space](https://f-droid.org/packages/org.privacymatters.safespace/) is exactly what I needed, ty [@chemicalwonka@discuss.tchncs.de](https://discuss.tchncs.de/u/chemicalwonka), will provide a review of the app later
Hi, Trying to move group chat from telegram to a more private option, but the key feature is its web interface which is so convenient... I've checked SimpleX, Session, Briar & Element-Matrix, but the first 3 do not have a web version and the latest only has a free version for self-hosting and I haven't looked into self-hosting yet. I'd completely understand if what I'm looking for doesn't exist for free, but if anyone has a suggestion here, I'm interested! Cheers
In regards to privacy... even when trying to use FOSS-alternatives and F-Droid on Android?
Privacy
!privacy@lemmy.mlA place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)