There are three big reasons why we’re removing SMS support for the Android app now: prioritizing security and privacy, ensuring people aren’t hit with unexpected messaging bills, and creating a clear and intelligible user experience for anyone sending messages on Signal.
To me, all of those reasons are BS and easily gotten around. “Unexpected messaging bills?” Have a popup that warns you that this user doesn’t have an account and is about to send a SMS, potentially incurring a cost, as an example.
I’ve been grappling with a concern that I believe many of us share: the lack of privacy controls on Lemmy. As it stands, our profiles are public, and all our posts and comments are visible to anyone who cares to look. I don’t even care about privacy all that much, but this level of transparency feels to me akin to sharing my...
All your data will pass over other hardware owned by other people. The only real online privacy is not connecting to the internet to begin with.
And now we’re entering into the realm of encryption, especially end-to-end. Generally speaking, just because you’re sending information that touches other people’s hardware, doesn’t mean it’s public and readable.
If that were true, threat modeling wouldn’t exist.
I feel like we’re talking about different things. I’m talking about static concepts, if X is more secure than Y, not individual setups where something is tweaked. Threat modeling is tailoring the security to your needs. It doesn’t bend security of a static object or make the application of something less than what it is. It requires one’s actions to do that by not utilizing it.
Take bullet proof glass, for example. Bullet proof glass is more secure than regular glass. Now, do you need (does your threat model require) bullet proof glass? No? Ok, that doesn’t mean bullet proof is now less secure than regular glass, it’s just unneeded.
Depends on the particulars, and on the needs of the individual.
That’s not really how things like security works. It’s either more secure or it’s not. The security of a thing does not depend on needs. Now, does the application of it or does someone need it to be more secure? That’s where risk acceptance and the needs of the individual come into play.
I’m not going around presuming to tell other people what’s better for them, as one or two others in this thread are doing.
Same. I’m not saying “stop doing this.” I’m just trying to educate people and make sure they’re not operating with a misunderstanding. Needs of the individual and all that. I think some people just go crazy for something that’s not big tech, and then quit looking at the particulars.
the ground should absolutely be on the bottom because gravity.
Not necessarily. You typically want the ground longer so it’s the first in and last out. Type G has the ground on top. I vaguely remember hearing that’s because if it comes slightly out and something sharp or metal falls on the plug, you want it to hit the ground and not the live part…but I don’t know how reliable that story is.
Seriously. I don’t want to install something on my phone when the dev is just using a WebView, if that’s what it’s called. When the app is basically just a website with the browser hidden....
I just checked Lineage OS and it looks like Google Play Services doesn’t let you disable sensors permission. Can you do it on Graphene OS?
Yep, there’s a toggle to disable by default globally. I also individually checked Google Play Services, Google Play Store and Google Services Framework, and all three can be denied the Sensors permission.
This is due to Sandboxed Google Play: “GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives absolutely no special access or privileges on GrapheneOS as opposed to bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox.”
Today, I made switch to fedora silverblue and then rebased to ublue image because it has flatpak included in the image. I am also thinking about making my own image based on silverblue. there is a video made by bigpod a youtuber about how to make your own custom ublue image and I learned a lot from that video. I am using toolbox...
Yeah, I’m not saying it’s hard, just illogical. To me, it came across similar as: “I’m moving to this other distro because they have Firefox.” Your current distro also has Firefox, so why are you moving again?
I’m looking for a privacy friendly device to use as TV box which can play 4K HDR ~90GB movies without problem, do you guys think the orange pi 5 could handle this type of files?
A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a...
Except the device is already in your home, and most people leave their account logged in. That’s basically like you inviting someone into your house, they hang out in your spare bedroom…and they’re still there. So no need to re-grant consent to a situation that hasn’t changed. Unless you mean it auto-logs out (or you log out) and have to re-grant consent then? Most do require consent on logging in, and the average consumer would hate having to log in every time and would probably use weak passwords because of this.
But, you can at least kick them out (revoke consent).
I just don’t see how a proper law/regulation would fix/restrict this, except to make certain personalization attempts (targeted ads) illegal.
I want to get back into reading, so I’m thinking of getting a Paperwhite. But I have no idea if it’s possible to transfer files to it from a computer, and I have no experience with pirating books....
Amazon’s logic is you paid a subsidized/cheaper price that is offset by included ads. You can buy it without ads (more expensive, obviously) from the start.
Blocking older known malware still blocks them, so that’s good (and saves bandwidth because the connection never happens, so this is really good).
If the site is hijacked, it needs blocked till it’s unhijacked. So this is good as well.
This is not really a point?
Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying “they don’t block this or block that.” They are (nothing is) a one stop shop. Simply because they don’t block what you’re cherry picking does not make them bad. Use multiple layers. You say “don’t use a blocklist, use MS Defender instead.” Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.
tl;dr: Cut out Cloudfare’s recursive resolver (or anyone else’s) and run your own via PiHole and Unbound.
You don’t cut the middle man, you create the middle man with Unbound.
Umm, Unbound is on your machine. So you’re saying you are your own middle man lol…which is the same as cutting out the middle man as you (rather, your server) are you.
And Unbound needs to ask other DNS servers on the internet to resolve DNS queries.
It asks the authoritative nameservers, which is who external DNS servers ask. By using Unbound, you are cutting out those external DNS servers, because you/Unbound is the DNS server. You are asking the authoritative name server directly instead of inserting someone else to ask on your behalf.
Here’s an explanation by Cloudflare: A recursive resolver (also known as a DNS recursor) is the first stop in a DNS query. The recursive resolver acts as a middleman between a client and a DNS nameserver…Most Internet users use a recursive resolver provided by their ISP, but there are other options available; for example Cloudflare’s 1.1.1.1.
I copy/pasted the above quote from the article you linked. Again, Unbound (your machine) is asking the DNS nameserver. You’re saying you are your own middleman lol. I’m saying cut out Cloudfare’s recursive resolver and run your own via PiHole and Unbound. Did you read the article I linked?
Assuming they’re talking about what most businesses, especially large ones with huge legal resources, do: exploit loopholes to not pay, or pay reduced, taxes.
It’s been my experience that for most people, Google services are not a requirement, but a luxury… especially for daily life. Now, most Google-esque services are a requirement for daily life, but as they said, there are alternatives that you can use that work.
Google Update Reveals AI Will Start Reading All Your Private Messages (www.forbes.com)
Privacy Concerns on Lemmy: A Call for More User Control (github.com)
I’ve been grappling with a concern that I believe many of us share: the lack of privacy controls on Lemmy. As it stands, our profiles are public, and all our posts and comments are visible to anyone who cares to look. I don’t even care about privacy all that much, but this level of transparency feels to me akin to sharing my...
Haier hits Home Assistant plugin dev with takedown notice (www.bleepingcomputer.com)
cross-posted from: poptalk.scrubbles.tech/post/567593...
The Boost android client for Lemmy is displaying these dark pattern ads pretending to be system notifications. What security/privacy conscious Lemmy clients do you recommend? (lemmy.ml)
Age range (lemmy.zip)
I deleted all my post from my reddit account, can they still monetize them?
Deleting a post is simply marking a piece of text so nobody sees it, but I think the text is still stored in their servers....
this plug doesn't have the little holes (lemmy.world)
Why are there so many apps that could be websites?
Seriously. I don’t want to install something on my phone when the dev is just using a WebView, if that’s what it’s called. When the app is basically just a website with the browser hidden....
Anyone tried this 4x 10gbe + 5x 2.5gbe router? (forums.servethehome.com)
Very solid price, the cheapest I’ve seen for something like this. Has anyone tried it with OPNsense or other software?...
I have started using fedora silverblue
Today, I made switch to fedora silverblue and then rebased to ublue image because it has flatpak included in the image. I am also thinking about making my own image based on silverblue. there is a video made by bigpod a youtuber about how to make your own custom ublue image and I learned a lot from that video. I am using toolbox...
Any good alternative to Niagara Launcher?
Hello fellow pirates, did anyone know any good alternative to Niagara Launcher?...
"TV box" reccomandation
I’m looking for a privacy friendly device to use as TV box which can play 4K HDR ~90GB movies without problem, do you guys think the orange pi 5 could handle this type of files?
Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads (www.404media.co)
A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a...
Fuck Subscriptions. Here is how to setup Streamio like a pro
Credit: u/No-Refrigerator9154...
E-Books, best places to get them?
I want to get back into reading, so I’m thinking of getting a Paperwhite. But I have no idea if it’s possible to transfer files to it from a computer, and I have no experience with pirating books....
What site should I trust?
Even the site that considered safe in the megathread, there’s report of malware and trojan and I don’t know what site to use
deleted_by_author
How to stay safe on Strava (cyclingmagazine.ca)
Some good tips to preserve a bit of privacy for those who use the Strava platform....
I'm ditching htop for btop, look how cool it is (lemmy.ml)
Gen Z is turned off by onscreen sex, wants no-mance over romance, a new study finds (www.latimes.com)
Google forced to reveal users' search histories in Colorado court ruling (www.techspot.com)