From privacyguides.net
Don’t Use Session (Signal Fork) [Article]
0 1
Disclaimer: this is my summary based on what I discussed with my friend. I’m not a cryptographer. This is a theoretical attack, not a practical one. The researcher is effectively saying that if: An attacker has possession of a substantial number of Session keys. If Session is like Signal in...
on Tue, 3AM
From privacyguides.net
0 0
Came across this today and thought it might be of interest to some folk here. IronFox is a fork of DivestOS’s Mull Browser based on Firefox. Our goal is to continue the legacy of Mull to provide a secure, hardened and privacy-oriented browser for daily use. From: IronFox
on Jan 6
From privacyguides.net
0 0
Thought i would bring this up since i saw no related results when searching. Since using GPS navigation is really common and rife with privacy issues, I think it would be nice to add a section about more private options. There are some applications that serve as alternatives to Google Maps for...
on Jan 4
From privacyguides.net
0 0
I’ve worked on this project a decade. That is a long time and I need to move on in life.
on Dec 24
From privacyguides.net
0 0
Hi everyone! I’m Jordan, and I’m thrilled to share that I’ll be creating video content here at Privacy Guides! This is my first video, and I’ve always felt that VPN videos often missed important details and didn’t fully explain the privacy benefits. I hope this video helps clarify the concepts...
on Dec 13
From privacyguides.net
Apple Pay competitor arrives in Norway | The Verge
0 0
Not that it is any privacy friendly, it at least comes with quite some things your really do not want or at least should be aware of. it is good that this field is opening up but not sure we should cheer for this player. Vipps / MobilePay allow merchants to track their customers far more than...
on Dec 10
From privacyguides.net
Google's iOS app now injects advertisements for Google Search on third-party websites
0 0
Fresh off the news that Google search is a monopoly, they are now using their iOS browser to add links to Google Search on any website visited.
on Nov 26
From privacyguides.net
What does Privacy Guides see as OpenSource?
0 0
While I can see where you are coming from and agree with your sentiment, one issue that comes with this approach is complexity. A lot of people are not even in the know about what open source software even means. Also it leaves a lot of room for potential flamewars about what kind of open...
on Nov 23
From privacyguides.net
UP Phone - A new Android-based privacy phone?
0 0
Big no for a litany of reasons. Their Anti-Virus is a GPL violating fork of my Hypatia and they even still download databases from my server: VirusTotal See also the questionable apps they have: list of apps on the unplugged "app store" returned from /api/store/app?size=10000 · GitHub
on Nov 20
From privacyguides.net
Manjaro is experimenting with **opt-out telemetry**
0 0
This is a bit problematic, as they include a lot of info in those reports : all your machine hardware, timezeone, country, etc.
on Nov 13
From privacyguides.net
0 0
From changelog: Introducing Call Links: The missing link for calendar invites and impromptu gatherings. ★ Now you can quickly create an easy link that anyone on Signal can use to join a group call without having to join a Signal group chat first. ★ Call links are reusable and ideal for...
on Oct 17
From privacyguides.net
PSA: Optery now sends your data to OpenAI [Service Delisting]
0 0
Optery has changed their approach. AI Processing Policy Update We’ve been carefully considering feedback following Thursday’s update regarding the use of AI processing technology for creating Removals Reports. We remain committed to extending our product leadership through industry-leading...
on Sep 22
From privacyguides.net
PSA: Optery now sends your data to OpenAI [Service Delisting]
0 0
We are removing Optery as a recommended data removal service, because of their addition today of AI functionality powered by OpenAI. This AI feature is not used for the purposes of removing your data from the internet, it is only used to generate the reports of their service that are delivered...
on Sep 20
From privacyguides.net
EU Proposal for Chat Control for fighting CSAM
0 0
From the perspective of existing mechanisms in the world, it is possible to draw a parallel between KYC, the use of private communication services and a precious metals exchange, where transactions are conducted only with the necessary identification. Perhaps the key point here is that we, as...
on Sep 16
From privacyguides.net
Seeking volunteers in US for review
0 0
Hello everyone, I am looking for a number of people who would be willing to test out an automatic data-broker/people-search removal tool for the purposes of a review being written for Privacy Guides. Requirements: Must be based in the United States Must never have used an automatic data...
on Sep 14
From privacyguides.net
I’m quitting this privacy journey
0 0
Rant Warning Thanks everyone from privacy guides for helping me become more privacy focused over years but recently I have really reflected on myself and my choices, my threat model and for years I have been silently struggling. I deleted social medias, left isolated cuz Facebook and no one...
on Sep 9
From privacyguides.net
Recommend Always UV setting for Yubikey
0 1
What important and relevant information. You are very good!
on Sep 4
From privacyguides.net
EUCLEAK - YubiKey 5 can be cloned in a matter of minutes
0 2
Yubikey prior to 5.7 firmware can be cloned with physical access within a “few minutes” - neat! The attack requires physical access to the secure element (few local electromagnetic side-channel acquisitions, i.e. few minutes, are enough) in order to extract the ECDSA secret key. In the case of...
on Sep 3
From privacyguides.net
Is Java Minecraft more secure than C++ Minecraft?
0 0
There are two versions of Minecraft: Minecraft Java, which is written in Java. Minecraft Bedrock, which is written in C++. Knowing that the codebase of these games is massive, wouldn’t it make the Java version safer than the C++ version?
on Aug 26
From privacyguides.net
0 0
According to a post in its official forum, Mailbox.org does not properly implement anti-spoofing measures (SPF/DKIM/DMARC) for custom domains, meaning anyone with a Mailbox.org account can send mail from another users email address. This issue was confirmed by Mailbox.org four years ago, with...
on Aug 24
From privacyguides.net
The new Mega VPN: it logs your IP-Address and the IP Address assigned to you
0 0
Mega, “The privacy company”, launched a new VPN service. While they claim on the home page for their VPN that “Your privacy is our priority”, their Terms of services ( MEGA VPN Terms of Service ) states that they log your IP-Address and the IP Address assigned to you MEGA will collect and...
on Aug 24
From privacyguides.net
Does Flatpak weaken Chromium/Firefox's sandbox?
0 1
The Chromium sandbox has three main components: seccomp-filters, namespaces and chroots. Seccomp-filters are stackable and the syscall is not blocked by Flatpak’s seccomp-filter, thus the Seccomp-part of the Chromium sandboxes should stay intact. The creation of namespaces and chroots gets...
on Aug 13
From privacyguides.net
People should avoid Wayland environments which use wlroots as the compositor
0 0
People should avoid Wayland environments which use wlroots as the compositor such as Sway, since wlroots adds many of X11 weaknesses back including the ability for apps to record each other without prompting for permission.
on Aug 6
From privacyguides.net
What will Mullvad do if it experiences a data breach?
0 0
If all of Mullvad’s account numbers (which act as both username and password for the service, and are stored in plain text) are publicized somehow, there won’t be too much fallout in terms of personal data compromise, but it would put Mullvad in an untenable situation: They can’t just change...
on Aug 5
From privacyguides.net
Proton reveals recovery emails of North Korean hackers
0 0
Continuing the discussion from Proton Mail Discloses User Data Leading to Arrest in Spain: Proton did it again but with the North Korean hackers. Included with the ransom note on the locked Kansas systems was the email address ReneeAFletcher@protonmail.com, the document says. The U.S. sent...
on Jul 31
From privacyguides.net
Updated Cellebrite iPhone Support Matrix Leak
0 0
Just as expected. It’s common for Cellebrite to fall a few months behind with the latest iOS releases.
on Jul 21
From privacyguides.net
Introducing Docs in Proton Drive – collaborative document editing
0 0
Just launched:
on Jul 3
From privacyguides.net
U.S. Bans Kaspersky Software, Citing National Security Risks
0 0
Kaspersky users in US please start looking for alternatives. I kindda have a mixed feeling about this, as Kaspersky often provide useful information via their blogs and report system vulnerabilities, etc. And unlike Huawei / Dahua etc, I dont see a real report about Kaspersky acting as Russia’s...
on Jun 26
From privacyguides.net
Looking for privacy feeds, podcasts, etc recommendations!
0 0
As I try to wane myself off of the more mainstream social media websites (reddit, twitter, etc) I find that I have a bit of a hole in terms of reading / watching material. This forum has had a big impact on my interest in all things privacy so I am hoping to get some recommendations, for some...
on Jun 26
From privacyguides.net
EU Council has withdrawn the vote on Chat Control
0 0
Lack of majority thanks to severe pushback puts the proposal on hold. According to Netzpolitik (German), “The EU Council did not make a decision on chat control today, as the agenda item was removed due to the lack of a majority, confirmed by Council and member state spokespersons”.
on Jun 26
From privacyguides.net
EU Proposal for Chat Control for fighting CSAM
0 0
Tuta sat down with Patrick Breyer MEP to discuss the details of this dangerous piece of legislation being pushed by the EU Council. 👉 https://youtu.be/wSEI-dg3Hpo The vote has been moved from tomorrow to Thursday June 20th. If we stay active we can stop Chat Control. Get loud and let the...
on Jun 26
From privacyguides.net
Mozilla Acquires Anonym: "Raising the Bar for Privacy-Preserving Digital Advertising"
0 0
Tl;Dr Mozilla has acquired Anonym, a company specializing in privacy-preserving digital advertising technology. Anonym’s technology securely combines encrypted data sets from platforms and advertisers for scalable, privacy-safe measurement and optimization. The acquisition aims to reshape the...
on Jun 25
From privacyguides.net
Claims made by forensics companies, their capabilities, and how GrapheneOS fares
0 0
It always concerns me when privacy/security projects like GrapheneOS pivot their marketing to explicitly say law enforcement can’t touch you. I feel like it usually doesn’t end well for them, but it’s neat information to have nonetheless. I’m kind of surprised at how well the iPhone 12 and...
on Jun 2
From privacyguides.net
PSA: Export your keys before updating Raivo OTP to the latest 1.6 version
0 0
Be careful as you might lose all your keys if you update Raivo to the latest 1.6 version without backing up your keys before when not using an online sync. The latest version shadow dropped a subscription model that requires the user to setup the entire account again, and the restore...
on May 31
From privacyguides.net
StartPage has apparently started to fingerprint users
0 0
According to this Reddit post, it appears that StartPage has started to fingerprint users. Edit: I can also confirm the canvas fingerprinting because it was blocked by Mullvad Browser. UPDATE: The URL parameters of the vf.startpage.com/ct network request (F12 > Network) from startpage.com...
on May 23
From privacyguides.net
0 0
Some very basic mistakes here: https://eprint.iacr.org/2024/546.pdf
on Apr 19
From privacyguides.net
What is Your Private Phone setup?
0 0
As the title says, I am curious what kinds of setup our community uses in general, I will start with my own setup: I am currently using a Pixel 6 pro with Graphene OS. I forward all my traffic through ProtonVPN to hide my IP address, and use Vanadium for my browsing needs. Furthermore I use...
on Apr 1
From privacyguides.net
0 0
I see almost everywhere XMPP is good, secure, etc. And I personally love how it works. But it’s not recommended on PrivacyGuides. Is it because it’s not easy for beginners or is there a security flaw I missed ?
on Mar 25
From privacyguides.net
V8 JIT JavaScript/Wasm engine can be disabled & configured on a per-site basis in Chromium 122
0 0
Nobody seems to have noticed this here yet, but Chromium now has native support for configuring the V8 optimizer at chrome://settings/content/v8 This effectively brings Microsoft Edge’s Super Duper Secure Mode to all Chromium browsers, including the latest release of Brave: For some reason...
on Mar 2
From privacyguides.net
Proton Calendar is not Open Source (Mobile)
0 0
Thank you ! So the web source is available, isn’t it a problem if the source code isn’t available for other devices (Android, iOS…) ? Instead of removing it, we could maybe add a note next to Proton Calendar’s section to say that the source code is not available yet for other devices (not...
on Mar 1
From privacyguides.net
Signal usernames are available today
0 0
If anyone wants to help test something, someone who isn’t on 7.0.0 should try messaging me with this link: I’m curious whether username links work with 6.47.1 clients. Edit: It does 🙂 So between this and that on older clients, people who are on 7.0.0 today should have phone number privacy...
on Feb 29
From privacyguides.net
If you could only choose between SMS and Whatsapp, what would you choose and why?
0 0
Portugal isnt part of any “eyes” alliance that Im aware of and unencrypted whatsapp backups provided by apple and google are used as decisive proof in defamation cases and other similar infractions and most high profile corruption and tax evasion scandals of the last few years were built thanks...
on Dec 2, 2023
From privacyguides.net
0 0
What's Changed Add device integrity/verification recommendations by @jonaharagon in #2315 Clarify and modernize VPN and Tor advice by @jonaharagon in #2322 Add Photo Management Recommendations by @dngray and @jonaharagon in #2102 Other Changes Bump crowdin/github-action from 1.14.0 to 1.14.1...
on Nov 21, 2023
From privacyguides.net
0 0
https://www.privacyguides.org/en/notebooks/?h=notes#criteria Standard notes seems to break the 3rd criteria (Must support exporting documents into a standard format.) and (at least partially with pro version) the 1st criteria (Clients must be open-source.) ...
on Oct 18, 2023
From privacyguides.net
Jitsi Meet no longer works without an account/authentication
0 1
Jitsi requires you to authenticate Facebook, Google, or GitHub anymore. It’s only needed for moderator. Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some...
on Oct 4, 2023