Mostly out of curiosity, but also somewhat related to Proton's recent political involvement, I'm curious about alternatives to using their services, open to suggestions for:

• Proton Mail: anything that can support custom domain, email aliases, and email scheduling?
• Proton Drive: not the most important, but interested in privacy first, encrypted hosting services
• Proton Pass: anything I should take a look at besides Bitwarden and Keepass?
• Proton VPN: that one's the hardest, it was really good, I think Mullvlad is the one most often recommended?
• Proton Calendar: didn't really care about that one, but it was nice that it connected to Mail

My Unlimited plan renewed in December so I'll probably keep it for a year, it was nice having only one subsctiption to keep in mind, but I'm thinking of exploring other options

cross-posted from: https://scribe.disroot.org/post/1834745

cross-posted from: https://scribe.disroot.org/post/1834743

The Italian regulator, known as the Garante, said on Tuesday it wanted to know what personal data is collected, from which sources, for what purposes, on what legal basis and whether it is stored in China. It gave DeepSeek and its affiliated companies 20 days to respond.

[email protected] as announced in a previous post

The mod is okay with me opening this post: https://sopuli.xyz/comment/14240553

[email protected]

Hello everyone,

After a discussion on [email protected] ( https://feddit.org/post/6950586 ), a few people interested in privacy decided to reopen [email protected] as an alternative to [email protected] .

Feel free to join us there!

This post contains a canary message that's cryptographically signed by the official BusKill PGP release key

The BusKill project just published their Warrant Canary #009

For more information about BusKill canaries, see:

• https://buskill.in/canary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Status: All good
Release: 2025-01-14
Period: 2025-01-01 to 2025-06-01
Expiry: 2025-06-30

Statements
==========

The BusKill Team who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is January 14, 2025.

2. The current BusKill Signing Key (2020.07) is

   E0AF FF57 DC00 FBE0 5635  8761 4AE2 1E19 36CE 786A

3. We positively confirm, to the best of our knowledge, that the 
   integrity of our systems are sound: all our infrastructure is in our 
   control, we have not been compromised or suffered a data breach, we 
   have not disclosed any private keys, we have not introduced any 
   backdoors, and we have not been forced to modify our system to allow 
   access or information leakage to a third party in any way.

4. We plan to publish the next of these canary statements before the
   Expiry date listed above. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.

Special announcements
=====================

None.

Disclaimers and notes
=====================

This canary scheme is not infallible. Although signing the 
declaration makes it very difficult for a third party to produce 
arbitrary declarations, it does not prevent them from using force or 
other means, like blackmail or compromising the signers' laptops, to 
coerce us to produce false declarations.

The news feeds quoted below (Proof of freshness) serves to 
demonstrate that this canary could not have been created prior to the 
date stated. It shows that a series of canaries was not created in 
advance.

This declaration is merely a best effort and is provided without any 
guarantee or warranty. It is not legally binding in any way to 
anybody. None of the signers should be ever held legally responsible 
for any of the statements made here.

Proof of freshness
==================

14 Jan 25 01:01:33 UTC

Source: DER SPIEGEL - International (https://www.spiegel.de/international/index.rss)
A Miracle? Pope Francis Helps Transsexual Prostitutes in Rome
Boost for the Right Wing: Why Did a German Newspaper Help Elon Musk Interfere in German Politics?

Source: NYT > World News (https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
What an Upended Mideast Means for Trump and U.S. Gulf Allies
Russia and Ukraine Battle Inside Kursk, With Waves of Tanks, Drones and North Koreans

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Gaza ceasefire deal being finalised, Palestinian official tells BBC
Watch: Moment man is saved from burning LA home

Source: Bitcoin Blockchain (https://blockchain.info/q/latesthash)
0000000000000000000042db9e17f012dcd01f3425aa403e29c28c0dc1d16470

Footnotes
=========

[1] https://docs.buskill.in/buskill-app/en/stable/security/pgpkeys.html

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeY3BEB897EKK3hJNaLi8sMUCOQUFAmeFuPcACgkQaLi8sMUC
OQXctQ//Zv7RZXPKMMyjMjfE2LjrL6RVESIZMT2tUO/y0wx8XTXKBpgOA7fTh2eC
BHkLajpU/S3LOb+wBniuo29tpGJHG5MBWDwyNUAWXqZfJ/A9YNikNYq9lOn6nKSH
oHyLB8h2nP9rfQ2wXUtN6lFJVKWU5Ef5pjMQb8flJO2kbou7QpgcOzxvRqrXOUcN
UumjSlDTtwIOYOX+Ee8SamI4LyApOlwxIGMbFcbRMcJNhtioS4qCGNGw1pqhvqmF
pi1kIaqd79I8y1U9ufncvC+pbCEvRdo+wb7ZsXA9ZYpYfJSQJzSkdCGgkbe0b1Tx
6CNlcgoXIVaEH6/W+C2DFlyG1u4JuH22eXIrloYnjOxlqSJCd0Dw1EeO33tg3xg3
tfeO9pGOcZPOwlBL509VlE9z6W3czyKJk7Z4RwYXCFYWWi8vlHvRQg0LNu0C4Jyw
fRV2LlMSeUgBz9xyE62jh/BUNZzXsD0ntprR1eRTkeW4kOGEc6Wql4lBKE08sajT
YdgTi4ojrcfTdS7Sgzh1Onh5h/nF7hoyCX0lINgyTrJFMynC6qadTZtiJ2yO8GT+
Ovk9ZJMggBMNr4Vbw6CyrU/4yYMyrEd5dzXYZLZ41lMMpjwM8OBJ/yp1pcGo9vk4
NTAjUQUvOj6nrA/r3j2ywFMDZtFR/jBjXULWE77ca3iJmc/FUdg=
=xahN
-----END PGP SIGNATURE-----

To view all past canaries, see:

• https://www.buskill.in/category/Canary/

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

Basically create an alias for every combination to prevent privacy cross contamination.

For instance, not only should you make an email alias for an Eventbrite account, but for every organization you sign up for events with. You are required to enter an email (any email) for the event, which can be seen by both Eventbrite and the organization. If you enter in the email of your Eventbrite account then the org could give that away, resulting in email spam and you can't be sure if it was either Eventbrite itself or the org that sold you out. If that happens then you would probably want to delete email address but then you have to change it in other places you need to send/receive emails from.

Another example is Discourse forum sites. While Discourse is open source and self-hostable, you may not always be sure if a Discourse site is self-hosted or using paid hosting. A lot online places have both their own website and a separate discourse site. Bitwarden's forum site doesn't have a sign-in option using your Bitwarden.com account, and Raindrop.io uses canny.io to track app feedback which has also uses its own login. (I'm actually glad I made an alias for every single Discourse forum site before realizing all of this).

I just did this on a website that said my Simplelogin alias isn't allowed for signup, but changed it successfully after the fact from a disposable email.

cross-posted from: https://lemmy.ca/post/34778760

I'm not familiar with them personally, and don't plan to switch away from Signal anytime soon, but this might help anyone that was looking into Threema :)

Some discussion about it:

• https://www.securemessagingapps.com/
• https://discuss.privacyguides.net/t/threema-instant-messenger/1679

TLDR, it looks good from a technical aspect but being a paid app makes it harder to recommend, and it doesn't do well with the network effect as a result

(I'm aware that many Lemmy users hate Reddit. this discussion would be useful for anyone that Lemmy users that also use Reddit)

This came as a big surprise to many users on places like r/help and r/bugs, including me. Reddit made this post last week on it: Say goodbye to new.reddit on Dec 11, 2024 : r/modnews.

Seeing this r/privacy post: sh.reddit (shreddit) is a Google spyware machine designed to de-anonymize you : r/privacy, New New reddit (2023 Reddit redesign) pings Google repatcha on every single page load. I saw the comments but its not clear how to counter this other than using old.reddit.com (which I like even less than 2023 reddit) or using 3rd party apps.

cross-posted from: https://slrpnk.net/post/15995285

cross-posted from: https://slrpnk.net/post/15995282

Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of 'non-google' approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.

Edit: had to change the title, originally it said Uber too but I cannot find back to the source of ether that's true or not..

One of the most pervasive ways of being tracked online is also the most invisible. VPNs, browsers, extensions, and more all promise to protect you, but can they really?

Invidious link: https://invidious.nerdvpn.de/watch?v=tMCcpV2c4K4

For instance, People I know that are using Eventbrite for private event registration. To sign up for the event with or without an account, you have to write and confirm your email in the boxes, I did some looking up to see if hosts can see the email. I didn't find any answers so I made a Reddit post asking, and got a reply saying "No, they can't. Eventbrite deletes them as soon as you submit the form." I wanted to be sure so I created a private test event and registered for it in a private window. I then went to my event dashboard and clicked on the ticket # where I can in fact view it (the email shown is made up).

I only asked Perplexity after trying to find out myself. It did in fact find the answer (link #8: View your Attendee Summary report): "Review attendee purchase details like email address ..." I've found LLMs and search tools like Perplexity to be unreliable for answering questions like this for websites, as well as software. Which means I may not turn to them in cases where they actually would help. It's too bad they hallucinate a lot too.

cross-posted from: https://lemmy.world/post/22790935

cross-posted from: https://lemm.ee/post/48995777

cross-posted from: https://lemmy.world/post/22758570

Archived, if you prefer that: https://ghostarchive.org/archive/Bif16

I’ve been using DuckDuckGo for years now but am becoming increasingly interested in Ecosia and Ekoru for their environmentalist efforts. I’ve read the privacy policies for both, and it seems they both share user data with Bing. However, if I use a VPN, set my user data to something generic like Chrome on Windows, and whitelist the search engine on my adblocker, I should be able to support them by viewing ads without being tracked by Microsoft. Is that worth it, or do you have another recommendation?