Privacy
- EU voting on chat control today: Will messenger services be blocked in Europe?www.patrick-breyer.de New EU push for chat control: Will messenger services be blocked in Europe?
On Monday a new version of the globally unprecedented EU bill aimed at searching all private messages and chats for suspicious content (so-called chat control or child sexual abuse regulation) was circulated and leaked by POLITICO soon after. According to the latest proposal providers would be free
On Monday a new version of the globally unprecedented EU bill aimed at searching all private messages and chats for suspicious content (so-called chat control or child sexual abuse regulation) was circulated and leaked by POLITICO soon after. According to the latest proposal providers would be free whether or not to use ‘artificial intelligence’ to classify unknown images and text chats as ‘suspicious’. However they would be obliged to search all chats for known illegal content and report them, even at the cost of breaking secure end-to-end messenger encryption. The EU governments are to position themselves on the proposal by 23 September, and the EU interior ministers are to endorse it on 10 October. Messenger providers Signal and Threema have already announced that they will never agree to incorporate such surveillance routines into their apps and would rather shut down operations in the EU.
- How did they get my data? I uncovered the hidden web of networks behind telemarketers.theconversation.com How did they get my data? I uncovered the hidden web of networks behind telemarketers
After receiving dozens of unwanted calls from telemarketers, I started to investigate.
- Tor anonymity infiltrated: Law enforcement monitors servers successfullywww.ghacks.net Tor anonymity infiltrated: Law enforcement monitors servers successfully - gHacks Tech News
Law enforcement allegedly managed to identify servers and users who used the anonymization service Tor.
Law enforcement agencies in Germany have monitored Tor servers for months to identify individual users. The agencies managed to identify a server of the ransomware group Vanir Locker that the group operated from within the Tor network.
The group announced that it would release copied data from one of its latest coups on the server. Law enforcement agents managed to identify the location of the server by using a technique that is called Timing Analysis.
Reporters from ARD, a publicly financed broadcasters, were able to view documents that confirmed four successful identifications in a single investigation, according to reports. Agencies used the technique to identify members of a child abuse platform.
- Patrick Breyer: Leak on latest #ChatControl attempt - no blocking minority! Only 5 days to next discussiondigitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
Angehängt: 1 Bild 🇬🇧Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal...
cross-posted from: https://lemm.ee/post/42694373 >Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++ > > Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- How do you filter ads and trackers outside of a browser while still using a VPN service?
This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn’t find clear answers. I could use a DNS service that provides blocklists but isn’t it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn’t find relevant results.
On Android, I didn’t find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink’s DNS.
So what’s the best way to filter ads and trackers on both 3rd party apps and on OS’s like Android (specific Samsung phones) while still using a VPN?
- Website About Privacy Focused OS For Everyone
Found a great site with info about privacy focused OSes written for non-technical readers. It lists basic things to know about several different mobile os options, and there are also pages that list what open source and privacy focused apps from F droid (the alternative to play store) are good to use.
There is also, wonderfully, a page that specifically lists user friendly and nice looking ones. This site is a goldmine. Had to post as I was looking for this exact thing yesterday and I know I am not the only person on lemmy looking for alternatives.
- Maximizing privacy on Android without custom ROMs?
I've had a Galaxy S22+ for 2 years and still want to use it. When I look up how to maximize privacy on Android, many results say to install custom ROMs which I can't since its a US model and the bootloader is locked. I just want to minimize tracking and sharing of personal information. I could use a firewall app like RethinkDNS to block trackers, but could I completely block tracking from Google and Samsung? Are there any lists of packages to uninstall to improve privacy? (I've used ADB to remove a bunch of bloatware. Ex:
pm uninstall -k --user 0 com.samsung.android.arzone
) - Project 2025 targets California’s abortion data privacy protections.themarkup.org Project 2025 targets California’s abortion data privacy protections – The Markup
A Republican presidency could require California to monitor abortions and send sensitive data to the CDC
- Europe’s privacy watchdog probes Google over data used for AI trainingarstechnica.com Europe’s privacy watchdog probes Google over data used for AI training
Meta and X have already paused some AI training over same set of concerns.
Google is under investigation by Europe’s privacy watchdog over its processing of personal data in the development of one of its artificial intelligence models, as regulators ramp up their scrutiny of Big Tech’s AI ambitions.
Ireland’s Data Protection Commission, which is responsible for enforcing the EU’s General Data Protection Regulation, said it had launched a statutory inquiry into the tech giant’s Pathways Language Model 2, or PaLM 2.
PaLM 2 was launched in May 2023 and predates Google’s latest Gemini models, which power its AI products. Gemini, which was launched in December of the same year, is now the core model behind its text and image-generation offering.
The inquiry will assess whether the company has breached its obligations under GDPR on the processing of the personal data of citizens of the EU and European Economic Area.
Under the framework, companies must conduct a data protection impact assessment before embarking on handling such information when the nature of the way it is used is likely to pose a high risk to the rights and freedoms of individuals.
- Patrick Breyer: New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++digitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
🇬🇧New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/ Help pressure your gove...
New EU #ChatControl proposal leaked +++ Governments to position themselves by 23 September, will be very tight... +++ Will messenger services be blocked in Europe? https://www.patrick-breyer.de/en/new-eu-push-for-chat-control-will-messenger-services-be-blocked-in-europe/
Help pressure your government now to defend privacy and secure encryption: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- US government takes Google to court over $31 billion digital ad monopoly, trial starts todaywww.techspot.com US government takes Google to court over $31 billion digital ad monopoly, trial starts today
Opening statements before District Judge Leonie Brinkema of the US District Court for the Eastern District of Virginia start later today. The BBC notes that the Justice...
Opening statements before District Judge Leonie Brinkema of the US District Court for the Eastern District of Virginia start later today. The BBC notes that the Justice Department plans to argue that Google's parent company, Alphabet, illegally operates a monopoly in the online advertising market. However, Alphabet denies the allegations, claiming that its success is due to the "effectiveness" of its services.
The Justice Department claims Google established its monopoly through the anti-competitive acquisitions of smaller ad-tech rivals and even bullying website publishers into using its ad products. Google is also said to have unethically controlled key businesses in each part of the advertising supply chain, thereby driving up ad rates for advertisers while reducing the payouts to website owners.
Pointing out Google's systematic abuse of the online ad business, the DoJ will ask the court to break up the company's ad-tech monopoly. The agency believes a breakup would create new opportunities for Google's smaller competitors and incentivize new players to enter the market. It will also be better for both advertisers and publishers.
- Google loses final EU court appeal against 2.4 billion euro fine in antitrust shopping caseabcnews.go.com Google loses final EU court appeal against 2.4 billion euro fine in antitrust shopping case
Google lost its final legal challenge against a European Union penalty for giving its own shopping recommendations an illegal advantage over rivals in search results, ending a long-running antitrust case that came with a whopping fine
The commission's punished the Silicon Valley giant in 2017 for unfairly directing visitors to its own Google Shopping service to the detriment of competitors. It was one of three multibillion-euro fines that the commission imposed on Google in the previous decade as Brussels started ramping up its crackdown on the tech industry.
“We are disappointed with the decision of the Court, which relates to a very specific set of facts,” Google said in a brief statement.
The company said it made changes in 2017 to comply with the commission’s decision requiring it to treat competitors equally. It started holding auctions for shopping search listings that it would bid for alongside other comparison shopping services.
“Our approach has worked successfully for more than seven years, generating billions of clicks for more than 800 comparison shopping services,” Google said.
European consumer group BEUC hailed the court's decision, saying it shows how the bloc's competition law “remains highly relevant" in digital markets.
"Google harmed millions of European consumers by ensuring that rival comparison shopping services were virtually invisible," director general Agustín Reyna said. “Google’s illegal practices prevented consumers from accessing potentially cheaper prices and useful product information from rival comparison shopping services on all sorts of products, from clothes to washing machines.”
Google is still appealing the other two EU antitrust penalties, which involved its Android mobile operating system and AdSense advertising platform. The company was dealt a setback in the Android case when the EU General Court upheld the commission's 4.125 billion euro fine in a 2022 decision. Its initial appeal against a 1.49 billion euro fine in the AdSense case has yet to be decided.
- School Monitoring Software Sacrifices Student Privacy for Unproven Promises of Safety.www.eff.org School Monitoring Software Sacrifices Student Privacy for Unproven Promises of Safety
Imagine your search terms, key-strokes, private chats and photographs are being monitored every time they are sent. Millions of students across the country don’t have to imagine this deep surveillance of their most private communications: it’s a reality that comes with their school districts’...
cross-posted from: https://reddthat.com/post/25352295
- Patrick Breyer: #ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret documentdigitalcourage.social Patrick Breyer (@echo_pbreyer@digitalcourage.social)
🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24 This is what you can do now ...
🇬🇧🚨#ChatControl is back on the agenda: As soon as next Wednesday representatives of EU governments will resume work based on a secret document. https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24
This is what you can do now to help: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
- PSA: Git exposes timezone metadata
Git records the local timezone when a commit is made [1]. Knowledge of the timezone in which a commit was made could be used as a bit of identifying information to de-anonymize the committer.
Setting one's timezone to UTC can help mitigate this issue [2][3] (though, ofc, one must still be wary of time-of-day commit patterns being used to deduce a timezone).
References
- Git documentation. git-commit. "Date Formats: Git internal format". Accessed: 2024-08-31T07:52Z. https://git-scm.com/docs/git-commit#Documentation/git-commit.txt-Gitinternalformat.
> It is
<unix-timestamp> <time-zone-offset>
, where<unix-timestamp>
is the number of seconds since the UNIX epoch.<time-zone-offset>
is a positive or negative offset from UTC. For example CET (which is 1 hour ahead of UTC) is+0100
. - jthill. "How can I ignore committing timezone information in my commit?". Stack Overflow. Published: 2014-05-26T16:57:37Z. (Accessed: 2024-08-31T08:27Z). https://stackoverflow.com/questions/23874208/how-can-i-ignore-committing-timezone-information-in-my-commit#comment36750060_23874208.
> to set the timezone for a specific command, say e.g.
TZ=UTC git commit
- Oliver. "How can I ignore committing timezone information in my commit?". Stack Overflow. Published: 2022-05-22T08:56:38Z (Accessed: 2024-08-31T08:30Z). https://stackoverflow.com/a/72336094/7934600 > each commit Git stores a author date and a commit date. So you have to omit the timezone for both dates. > > I solved this for my self with the help of the following Git alias: > > ``` > [alias] > co = "!f() { \ > export GIT_AUTHOR_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ > export GIT_COMMITTER_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ > git commit $@; \ > git log -n 1 --pretty=\"Autor: %an <%ae> (%ai)\"; \ > git log -n 1 --pretty=\"Committer: %cn <%ce> (%ci)\"; \ > }; f"
---
Cross-posts:
- https://sh.itjust.works/post/24495692
- https://sh.itjust.works/post/24495795
- Git documentation. git-commit. "Date Formats: Git internal format". Accessed: 2024-08-31T07:52Z. https://git-scm.com/docs/git-commit#Documentation/git-commit.txt-Gitinternalformat.
> It is
- Plan Less, Do More: Introducing Appointment By Thunderbirdblog.thunderbird.net Plan Less, Do More: Introducing Appointment By Thunderbird - The Thunderbird Blog
Thunderbird has a new project under its wing: Appointment. Learn all about our approach to appointment scheduling, and try it yourself.
cross-posted from: https://fedia.io/m/Thunderbird/t/1140808
> Plan Less, Do More: Introducing Appointment By Thunderbird - The Thunderbird Blog > > Thunderbird has a new project under its wing: Appointment. Learn all about our approach to appointment scheduling, and try it yourself.
- Hackers infect ISPs with malware that steals customers’ credentialsarstechnica.com Hackers infect ISPs with malware that steals customers’ credentials
Zero-day that was exploited since June to infect ISPs finally gets fixed.
- Zen Browser | Privacy focused, open-source, Firefox Fork
cross-posted from: https://slrpnk.net/post/12736887 >Just stumbled upon this project, seems rather new as my DNS blocked its domain by default for being too new hehe.. Anyone had a chance to try it yet? Its got some hefty promises, like having equally strong privacy features as Librewolf. I'll be giving it ago at least, almost sounds a bit too good to be true... > > ! > >
- Here’s the Pitch Deck for ‘Active Listening’ Ad Targeting
I'm starting to like this news outlet.
- Advice on Using WhatsApp Safely with Dual SIM for Privacy
Hi all, I'm looking into ways to protect my privacy while using WhatsApp, particularly in a professional setting where separating personal and work-related communications is crucial. I'm thinking of buying a dual SIM phone and am considering strategies to sandbox my personal contacts, pictures, and media from those associated with my work profile on WhatsApp.
Has anyone successfully done this using two SIM cards on the same device? I'm staunchly anti-Facebook and its obtrusive privacy-related practices, so ideally I want to prevent cross-contamination of personal and work-related data, including contacts, photos, and media shared through the app. Will this be a good strategy? Are there any known risks or precautions I should take to minimize the risk of my data being shared or accessed by third parties? - Thanks all, I'd appreciate any comments.
- Zen Browser
Just found out about Zen Browser, has someone used it already? Its Github repository looks to be under very active development and growing fast in popularity.
Zen Browser's website claims to have features that Floorp and LibreWolf do not. I'm not that tech savy so I would know how to evaluate the browser fairly, does anyone here knows something about it?
- noyb files two complaints against EU Parliament over massive data breach
noyb files two complaints against EU Parliament over massive data breach
In early May 2024, the European Parliament informed its staff of a massive data breach in the institution’s recruiting platform (called “PEOPLE”). The breach affected the personal data of more than 8,000 staff.
https://noyb.eu/en/noyb-complaints-against-eu-parliament-over-data-breach
- Proton is transitioning towards a non-profit structure | Protonproton.me Proton is transitioning towards a non-profit structure | Proton
To ensure our mission always comes first, Proton is transitioning to a non-profit structure and formalizing our promise of people before profits.
cross-posted from: https://lemmy.world/post/18741586
- Law Enforcement Experts: Action against End-to-End Encryption Needed (EU)eucrim.eu Law Enforcement Experts: Action against End-to-End Encryption Needed
European police chiefs called on industry and governments to take urgent action to ensure public safety on social media platforms. The privacy measures currently in place, such as end-to-end encryption, prevent technology companies from identifying and reporting all offences on…
- Does microG leak location? - Commonly used in CalyxOS, LineageOS, IodeOS, e/OS/ etc
Recently looking into the multiple android alternative offerings like CalyxOS, e/OS/, etc and came across these few issues which point towards privacy/security concerns.
-
microG Push notifications still go through Google's servers just like with Play Services
-
microG uses proprietary Google Binaries for some of its components such as DroidGuard
-
Choosing a network location like Mozilla to use with microG provides little to no privacy benefit over Google because you are still submitting the same data and trusting them to not profile you.
Are they true and how can I circumvent them?
-
- Federal Appeals Court Finds Geofence Warrants Are “Categorically” Unconstitutionalwww.eff.org Federal Appeals Court Finds Geofence Warrants Are “Categorically” Unconstitutional
In a major decision on Friday, the federal Fifth Circuit Court of Appeals held that geofence warrants are “categorically prohibited by the Fourth Amendment.” Closely following arguments EFF has made in a number of cases, the court found that geofence warrants constitute the sort of “general,...
- Whatever I speak or msg about within Signal App appears on my youtube Recommended
Using cheap samsung android phone, ive noticed for the last few years and so have my friends, that whatever we discuss during out signall phonecall, appears very blatantly obvious on my youtube recommended feeds.
I thought Signal was supposed to be private and automatically sandboxed?
If it is, then google clearly bend their own rules and peer into the app.
Does this happen to you? what is the explanation?
PS The Official Signal Reddit sub removed my post thread when I asked this question there.
- I want to deGoogle my phone - Alternatives to GrapeneOs and Pixel(google phones)
Im not keen on trying to deGoogle only by purchasing a Google pixel... -_-
Please provide other options with nothing to do with google or microsoft., Such as Fairphone, etc.
As you know(or may not), new CPU's from intel have remote access hardwired, regardless of the OS you are using. I suspect Google outsmarted the GrapheneOS userbase and went one step ahead.
- FTC Wants Answers on Companies Using Your Data for 'Surveillance Pricing'www.pcmag.com FTC Wants Answers on Companies Using Your Data for 'Surveillance Pricing'
The US regulator is concerned that major firms, including Mastercard and JPMorgan Chase, exploit people's personal information to help vendors charge higher prices.
- Utility company's proposal to rat out hidden marijuana operations to police raises privacy concernsapnews.com Utility company's proposal to rat out hidden marijuana operations to police raises privacy concerns
A Maine utility wants to be an ally with law enforcement in the crackdown on illegal marijuana grow operations — if it can overcome privacy concerns.
- What should I do when I see headlines about personal data getting breached? How do I keep such info off the internet?
Like when I read 3 Billion National Public Data Records with SSNs, Addresses Dumped Online, am I supposed to access that data dump or something to see if I got pwned? Are there equivalents to haveibeenpwned.com for this type of stuff? Any guides on what to do when these happen? I feel like I'm doomscrolling or watching the news, and feeling depressed about the world as a result because I should be doing something but I can't or it seems like I can't.
Even though I know better than to put such personal info online, but that doesn't eliminate the odds of them getting into breaches like these, and having started to be careful about digital privacy has opened my eyes to the sad state of privacy.
- Cops Used Facial Recognition on Lost iPhone Lock Screen to Find Post Office Robberswww.404media.co Cops Used Facial Recognition on Lost iPhone Lock Screen to Find Post Office Robbers
Two men face felony charges after allegedly losing an iPhone in the snow after a break-in at a post office.
- I just learned about The Work Number, what are other methods of employee, medical, or financial data collection can I opt out of?
I tried looking for lists but didn't find any.
The Work Number is US-specific and where your employers input your salary data for future employers to see. You can opt out here: https://employees.theworknumber.com/employee-data-freeze/.
- Privacy Guides Adds New "Hardware Recommendations" Section
After almost 2 years, Privacy Guides has added a new Hardware Recommendations section to their website.
Thanks to Daniel Nathan Gray and others for implementing this new hardware guide
- Matt Brown Digs Deep Into an IP Camera's Firmware — and Finds a Hard-Coded Root Passwordwww.hackster.io Matt Brown Digs Deep Into an IP Camera's Firmware — and Finds a Hard-Coded Root Password
The VStarcam CB73 is an attractive-looking compact IP camera, but it comes with some security drawbacks.
- Anything wrong with using my real name in email aliases with organizations I have to communicate using my real identity anyway?
One example would be state disability programs, they already need my real name and identity to work with me. Are there any downsides to sharing a simplelogin alias containing my real name vs no containing my real name? I just think it would be easier record keeping for them.