privacy

2937 readers
1 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 2 years ago
MODERATORS
1
 
 

cross-posted from: https://lemmy.zip/post/25327109

Le Monde reports that confidential movements of powerful leaders like Joe Biden, Donald Trump and Kamala Harris could be tracked through a fitness app used by their bodyguards.

Archived version: https://archive.ph/Xopbm

SpinScore: https://spinscore.io/?url=https%3A%2F%2Fapnews.com%2Farticle%2Fbiden-trump-macron-bodyguards-security-strava-0a48afca09c7aa74d703e72833dcaf72

2
3
 
 

Samsung has gone hard promoting AI in their phones, and now OnePlus has also announced some heavy AI-based features in their new Android OS. Pretty much every other brand is now doing the same, so you can't escape it.

I've been in the market to upgrade my nearly 6-year-old phone, but seeing all these AI features, especially when they rely on Google's Gemini (or other cloud AI), and it feels deflating.

Will privacy ultimately have to be sacrificed "from now on"?

By not using these AI features, you pay a lot for features you won't be using. And the usefulness of the device becomes limited as nearly all functions now have AI-based components to them.

I'm totally fine with on-device AI, but many features I'm seeing don't seem to be on-device, and I've spent years trying to stop sending my data to companies like Google. I don't want to go backwards for the sake of market trends.

What are your future plans when it comes to smartphones?

4
5
 
 

Earlier today I came across a Reddit comment with a link to an Instagram post. The link had ?igsh= at the end.

When I clicked on the link, I got this popup. It had a name and profile photo that was different from that of the post being shared.

Join Firstname Lastname on Instagram

See photos, videos, and more from Firstname Lastname.

[ Open Instagram ]

not now

I avoid link trackers. However, I did not realize it was this bad.

To my knowledge, TikTok does the same thing and lists the name of the person that shared the link. Assuming this increases engagement, any website could enable such a feature, even on old links that you shared in the past.

You should manually remove any trackers before sharing, or use an app for it.

6
 
 

Technically, I have some online activity I could try to refer to for work purposes, but it would mean sharing content tied to usernames/profiles I think of more as casual and personal. I could delete those profiles and move the relevant work to usernames/profiles I'm willing to share, but then I'm less likely to use those as much for portfolio building as I wouldn't want to contribute/do things online under a more public-facing profile, or link my personal ones to said profile.

Any which way I think about it involves crossing private/public streams I'd prefer to keep uncrossed, but I'm thinking I may be overlooking some compromises that could work, so what might those be?

7
 
 

There was another thread with a paywalled article, but here's the actual study that found that smart TVs use "automatic content recognition" to build an ad profile for you based on what's on your screen... including HDMI content streamed from a laptop, game console, etc. Yikes.

At a high level, ACR works by periodically capturing the content displayed on a TV’s screen and matching it against a content library to detect the content being viewed on the TV. It is essentially a Shazam-like technology for audio/video content on the smart TV [38]. ACR is implemented by all major smart TV manufacturers, including Samsung [9] and LG [55 ].

Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI; (2) opt-out mecha- nisms stop ACR traffic; (3) ACR works differently in the UK as com- pared to the US.

So it seems like you're opted-in by default, but you can stop ACR traffic by simply configuring six different options on Samsung, or eleven different options on LG.

Oh, and this doesn't seem to happen when you're using native streaming apps like Netflix or Disney+, because hey, they wouldn't want to infringe on those companies' rights by spying on them, right?

8
 
 

So here is the thing. Given the Eqifax breach I kinda feel like giving yet another agency to much information for them to monitor your credit is just another source of a possible future data breach.

9
10
 
 

cross-posted from: https://lemm.ee/post/42694373

Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++

Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

11
12
 
 

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.

On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.

So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?

13
 
 

New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/

Help pressure your government now to defend privacy and secure encryption: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

14
 
 

🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24

This is what you can do now to help: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

15
 
 

#ALTtext: A screenshot capture shows the cookies settings popup window of a current website. The first sentence of the popup starts: "We and our 843 partners store and access personal data..." The screenshot is annotated. "843 partners" is highlighted with "Is that all?" written beside it

16
 
 

The original article is in Russian, so here is the translation from Firefox's built-in translator:

In Kazakhstan, users will be required to provide biometric data, such as images of individuals to connect to cellular services and access to the Internet. This data must be provided by every subscriber who wishes to conclude a contract for the provision of cellular services. The changes governing the provision of communication services are posted on the "Open NPA" portal.

How it will work

  • Connecting to services: to conclude a contract with the operator, users will have to provide their biometric data (for example, a photo of the person).
  • Termination of the contract: If you decide to stop using the services, you will need to send the operator a statement with biometric data. The termination of the services will occur from the date specified in the application, but not before its submission.
  • Transfer number: when transferring the number to the new operator will also need to provide biometric data. The services of the old operator will stop when the new operator begins to provide its own.

Access to the Internet in public areas

To access the Internet through public points (for example, at a cafe or airport), users will enter disposable passwords that they will receive by SMS or call. It will also be possible to log in to the network using identity documents scanned by the operator's application.

The amendments to the order "On approval of the rules for the provision of communication services" as additional authorization methods are indicated:

  • communication with the eGov;
  • the biometrics;
  • confirmation through the bank card number;
  • scanning the document through the operator's application;
  • accounts of social networks;
  • e-mail with its confirmation.

These measures are aimed at enhancing security and simplifying the user identification process. However, it should be borne in mind that with the expansion of the collection of biometric data, the need to protect personal information is also increasing.

Why do you need it?

The explanatory note to the changes indicates that confirmation of the identity by biometrics is necessary to combat fraudsters. The project was agreed by the Ministry of National Economy, the National Economy, the National Security Service and the Ministry of Internal Affairs of the Republic of Kazakhstan. The public discussion will last until 10 September 2024.

17
 
 

Some significant news for Telegram users!

See this article for some interesting backstory context on Pavel Durov and Telegram: https://www.spiegel.de/international/world/the-telegram-billionaire-and-his-dark-empire-a-f27cb79f-86ae-48de-bdbd-8df604d07cc8

Since the post article is in French, here's an auto-translation:

Pavel Durov, the founder and CEO of the encrypted messaging service Telegram, was arrested around 8 p.m. on Saturday evening as he got off his private jet on the tarmac of Le Bourget airport. The 39-year-old Franco-Russian was accompanied by his bodyguard and a woman.

The arrest was carried out by the gendarmes of the GTA (Air Transport Gendarmerie). Registered in the RPF (wanted persons file), Pavel Durov came straight from Azerbaijan. He had over his head a French search warrant issued by the OFMIN of the National Directorate of the French Judicial Police, issued on the basis of a preliminary investigation.

Why was he under threat of a search warrant?

The Justice considers that the lack of moderation, cooperation with the police and the tools offered by Telegram (disposable number, cryptocurrencies, etc.) makes it complicit in drug trafficking, paedophile offences and fraud.

This search warrant ran if, and only if, Pavel Durov was on national territory. "He made a mistake tonight. We don't know why... Was this flight just a step? In any case, he's locked up!" a source close to the investigation told TF1/LCI. Since he knew he was persona non grata in France, Pavel Durov used to travel to the Emirates, the countries of the former USSR, South America... He travelled very little in Europe and avoided countries where Telegram is under surveillance.

And now?

Investigators from the ONAF (National Anti-Fraud Office attached to the Customs Directorate) notified him and placed him in police custody. He is expected to be presented to an investigating judge this Saturday evening before a possible indictment on Sunday for a multitude of offences: terrorism, drugs, complicity, fraud, money laundering, concealment, paedophile content...

"Pavel Durov will end up in pre-trial detention, that's for sure," comments an investigator to TF1/LCI. "On his platform, he allowed an incalculable number of misdemeanours and crimes to be committed for which he does nothing to moderate or cooperate," said a source close to the case.

His pre-trial detention at the end of his indictment is indeed in no doubt. Pavel Durov, a billionaire, has substantial means to flee and his guarantees of representation will hardly convince the judges.

A net with international resonance

For the investigators, this international sweep has various objectives. First, it makes it possible to kick the anthill, impress and deter the perpetrators of crimes and offences who exchange, until now, freely on Telegram. Secondly, they aim to put pressure on European countries to step up joint work to make secure messaging on terrorist cases bend.

Indeed, Telegram is a hive of criminal content. At the moment, the platform is in the news with the illegal broadcasting of Ligue 1 matches. But on this encrypted messaging service, many accounts are used by organized crime. Beyond terrorism, the most dangerous pedophiles communicate on Telegram to exchange content. "It has become for years THE number 1 platform for organized crime," comments an investigator.

18
 
 

Google representatives gave ad buyers tips on how they could reach teens, even though the company bars targeted advertisements to users under the age of 18 based on their demographics, according to a report from Adweek.

Three unnamed ad buyers told Adweek that Google sales reps suggested they might be able to reach teens by targeting a group of “unknown” users, whose “age, gender, parental status, or household income” Google doesn’t know. Adweek said it also reviewed written documents backing up the sources’ claims. A Google spokesperson told Adweek that the unknown category can include users who aren’t signed in to their accounts or who’ve turned off personalized ad targeting.

Google’s stated policy is to “block ad targeting based on the age, gender, or interests of people under 18.” The Adweek story is yet another example of Google reportedly helping ad buyers target teens through the use of its unknown user category, after the Financial Times recently reported on a similar situation.

19
20
 
 

Recently links shared to me from IOS users using the google app have been obfuscated with search.app/SOMEUNIQUECODE where the app redirects to the originally intended website, but, of course, the person clicking the link is revealed to the owners of search.app.

Does anyone have IOS + google and can confirm this behavior? search.app has no home page and no documentation or reporting about it that I could find (other than that it's a firebase app). The domain was registered to MarkMonitor Inc. in September of last year. But It's not clear to me what MarkMonitor's business actually is–it seems like they could just have registered it on behalf of someone.

21
20
Snowden explains rigged consent game (img-9gag-fun.9cache.com)
submitted 2 months ago* (last edited 2 months ago) by [email protected] to c/[email protected]
22
23
 
 

The post is in the link, the article with more background info is here (it cites the mastodon post): https://www.androidauthority.com/custom-roms-vs-google-3469378/

I originally saw the article on this post on [email protected] and went looking for links.

24
 
 

Like when I read 3 Billion National Public Data Records with SSNs, Addresses Dumped Online, am I supposed to access that data dump or something to see if I got pwned? Are there equivalents to haveibeenpwned.com for this type of stuff? Any guides on what to do when these happen? I feel like I'm doomscrolling or watching the news, and feeling depressed about the world as a result because I should be doing something but I can't or it seems like I can't.

Even though I know better than to put such personal info online, but that doesn't eliminate the odds of them getting into breaches like these, and having started to be careful about digital privacy has opened my eyes to the sad state of privacy.

25
view more: next ›