I like the sentiment. The challenge is that those who violate privacy benefit financially, while those who defend against it are just trying to protect themselves. To go on the offensive requires effort and know-how without any corresponding financial or personal benefit. A spite based effort sounds appealing but wouldn’t be sustainable.
This is my experience with all BT headphones I’ve had. Maybe they do a quick short stint of searching for an existing device but then auto switch to pairing until a device connects.
This would help them to improve the algorithms and make it worse. An active defense could be to keep the ads visible and boycott the announcers, so that they lose more money when they pay for advertising.
You can find a password checking utility on haveibeenpwned.com (the tool doesn’t send your password to the server, but only the first 5 characters of the hashed password, which is very safe). There are CLI tools on GitHub you can use to bulk test passwords. They also provide a downloadable list of hashes.
Alternatively, check if your password manager has a built-in tool for checking for passwords in known databases.
Alternatively, just start changing passwords, regardless if they’re in the breach or not. Prioritize the ones with financial information, then the ones with personal info, the ones you visit frequently versus some shitty site you visited once that made you make an account back in 2011, etc.
I know that’s a lot of accounts for some people but you don’t have to do them all at once. Go reset a password or two on a site today at lunch. Then do another one tomorrow. And a few the next day.
I actually remember reading about an app or feature on a password manager that would do something like this. Rather than bark at you to reset 100 different accounts at once, it would just give you 1 or 2 random accounts a day to go reset the password on.
What’s more insane is that some of those passwords in the lists are I still live intrusions that companies haven’t acted on, like for example my Dropbox password is there and that’s a new password that I just gave them a few months ago before I deleted my account
Years ago, Facebook kept nagging about privacy settings and almost pushed users to turn off all tracking etc.
Now, my Facebook always says there is no recent activity, downloading all data from FB shows they seem to have nothing on me. So are they just lying about what they share with who?
I’m not the writer of the article, but here’s an answer you can find on running a quick search.
According to this article from the Electronic Frontier Foundation (EFF):
What is 2G and why is it vulnerable?
2G is the second generation of mobile communications, created in 1991. It’s an old technology that at the time did not consider certain risk scenarios to protect its users. As years have gone, many vulnerabilities have been discovered in 2G and it’s companion SS7.
The primary problem with 2G stems from two facts. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and your phone will never be the wiser.
Cell-site simulators sometimes work this way. They can exploit security flaws in 2G in order to intercept your communications. Even though many of the security flaws in 2G have been fixed in 4G, more advanced cell-site simulators can take advantage of remaining flaws to downgrade your connection to 2G, making your phone susceptible to the above attacks. This makes every user vulnerable—from journalists and activists to medical professionals, government officials, and law enforcement.
Security & Privacy: Device Unlock: Screen lock settings: Lock after screen timeout: Shortest duration you are comfortable with
These don’t affect “the amount of tracking and data collection these devices perform”. Might be good ideas in themselves, but bundling these with options that really diminish the amount of data broadcasted, washes the picture out IMO
The settings you’ve highlighted do improve device security against common threats, such as those posed by nosy people who find the device unattended, as I’ve mentioned in the post.
And I was commenting on the article. Which only has two lists and at the bottom
By enabling all of these settings, you are significantly reducing the amount of tracking and data collection these devices perform, but keep in mind that you are not completely eliminating it.
So if an iPhone gets stolen, would having Find My completely disabled actually be a bad thing if we’re trying to improve device security? I see that’s listed in the article.
Would this affect the ability to use the remote lock & wipe functionality?
The setting you’re mentioning i.e., Apple ID > Find My: Disable everything^1^ has superscript i.e., ^1^ attached to it. The superscript leads to the following note:
^1^: Some people prefer to leave “Find My iPhone” enabled as it allows them to remotely wipe the device if it gets lost. However, due to enabling the “Erase Data” setting, I don’t believe this is necessary. If it makes you feel better or if you have a specific use case for it, you can leave this feature on, but “Share My Location” should still be disabled (unless you use need to use it often) as this feature will report your location back to Apple regularly.
I’m not the writer of the article, but I think that this note makes it clear that you can configure this setting according to your threat model.
privacy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.