Those are security guards, not privacy guards..
Asklemmy
A loosely moderated place to ask open-ended questions
Search asklemmy π
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- [email protected]: a community for finding communities
~Icon~ ~by~ ~@Double_[email protected]~
No privacy without security.
Passwords and 2FA won't stop you from being tracked when web browsing or using apps on your phone
Privacy is NOT a subset of security. Both are radically different functions.
Different randomized username on everything I sign up for. I do it so you can't google my username on one platform and find me on another. Each account also gets its own unique email address.
Same here, except on Lemmy because I have many alts on many instances
Makes sense. I've been considering making an identical alt on beehaw, but I'm still holding out hope they'll refederate.
Is that a unique address at the same domain, or even the domains are unique?
Same domain. Every email is just the username it's associated with @ the domain (Not gmail). The passwords are different between account and email (And no two accounts anywhere share passwords).
As of right now I have 19 already-created email accounts just waiting to eventually be associated with some account I'll make for some service in the future. Any time I get low I'll make a bunch more at once. I have almost 60 accounts across the internet using this system already. It does get a bit annoying when certain sites want to email me a login code every time I log in.
I personally pay the extra $1.50 for iCloud+ (due to the extra storage) and that comes with βhide my emailβ - which lets you generate an alias specific to the site youβre signing up on.
Then if I get sick of the site or I feel itβs getting spammy I just delete the alias
I don't reveal my privacy secrets on Lemmy.
I recognise that security through obscurity isn't something you can rely on, so don't consider my own practices to be secrets and am willing to share them to help others.
I use strong unique passwords stored in a KeePass database, and MFA whenever it's available. I also have a VPN specifically so that I can use public Wifi when I have to (or wish to do something more private on the internet, such as downloading Linux ISOs).
I also have a vanity domain that redirects all mail to a central mailbox, so whenever I sign up for something I can easily use a unique address. This allows me to block specific addresses that produce spam and see where the spammers got that address.
Fair enough! I was mostly joking. Those are some great tips.
I get that now, I thought you were just being snarky the first time I read it!
No worries, man! Should have clarified with /s. Cheers!
Taking the time to refuse all the cookies, every time I visit a website.
Going through all of Google, Facebook and other services settings to disable every tracking possible, especially towards ads.
I can tell that ads are less and less relevant.
Taking the time to refuse all the cookies, every time I visit a website.
Might I suggest this then?
https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/
That's actually a big one for me too. I have an extension running called "minimal consent" but it's deprecated and never managed the more complicated dialogues. I also disable personalised ads on every platform (often defaults to enabled)
It's sometimes annoying but all in all, I get the most random ads and i'm happy about it.
As a rule of thumb, if the cookie dialogue does that spinny "saving prefernces" loading screen for more than 10 seconds, the page probably wasn't worth my click anyway and I close it.
Use Linux, uBlock, other Free Software. Change the operating system on my phone to LineageOS or GrapheneOS, get my Apps from F-Droid. Don't sign up everywhere with my real phone number and birthday.
(Regarding the original question: I'd say secure passwords and 2fa is more security than privacy?!)
LineageOS or GrapheneOS
Which one do you prefer and why? Has installing any of them caused banking or pay apps to stop working?
I don't use any "pay" apps. I got a card from my bank, I just use that to pay. So i don't know. But the banking app that generates tan codes, shows the balance and so on works fine.
I prefer GrapheneOS for my main phone. It just works and has sane default settings. On other devices I prefer LineageOS for microG. And i can root Lineage which is handy for development.
I remove all address stickers from packages before recycling them and i shred all papers that contain my name or sensitive infos.
I'm ashamed to admit I do the same thing!! Both of those. Lol. If I'm putting out a bunch of boxes in the recycling I always worry people will think I've got valuables or something nice and target me. Also identity theft is no joke. It's annoying that credit card companies send so much semi-sensitive stuff via mail.
Why remove the address stickers? A person that has access to your garbage cans probably knows your address anyway
i live in huge building with like 15 other parties(?). i just want my papertrail (pizzacartons, invoices, insurance-stuff, sextoy-packaging, ...) to drown in the "noise" ^^
- I never type the password of my computer in front of anyone or under any security cameras
- I have a password manager
- I spent lots of time reading about aliens so they know not to mess with me
- I acknowledge my surveillance officers and have chats with them via my computerβs camera, so if Iβm ever in a pickle theyβre friendly with me
Any good alien information you can share?
If I share it the aliens wonβt respect me.
It's always a good advice to be on good terms with the surveillance officers. I do it too and sometimes they even look in the other direction when I did wrong ;-)
I use a Password manager and only have free software on main laptop computer. Fake emails, phone numbers, names wherever possible. Noscript in firefox based browsers. Self hosting services at home. For services I do not want my identity attached to shuf -n1 /usr/share/dict/words
for usernames. I avoid all non-fediverse social media platforms with no free front end whenever possible. I use rss feeds and mpv for playing youtube videos. I use libredirect with free software frontends. I do not run proprietary software on my main laptop, I use a second laptop, a virtual machine or don't run the software (for example when I need to use zoom I might run it on a second laptop and use a capture card.). I seperate different online activities with different browsers with different firefox colorways to prevent confusion (for example Firefox ESR for normal personal browsing, Normal firefox for vpn browsing, Firefox Dev Edition for school and college).
How many layers do you use in your tin foil hat?
Edit: /s
RRS feeds for youtube?
My kid watches some specific things we've deemed okay on youtube but there's constant "you may also like" creep that he ends up finding, and it's always garbage, this might be the way to finally limit the content to the specific stuff we've agreed to.
I configured the newsboat
rss reader for my youtube subscriptions, but you may want to configure another reader that allows you to download/watch videos. An alternative to @[email protected]'s javascript code, you can go onto the homepage of a youtube channel, open up the page source and search for "rssurl". That will give you the rss feed for the channel.
A lot of readers can do this automatically. It really is nice to watch videos without any of the suggestions or ads. Also, if you use mpv
to watch the videos, you can install a sponsorblock script that does away with the paid promotions in the video.
Yes, this bookmarklet javascript:(function () { var newLocation = function () { var url; Array.prototype.slice.call(document.getElementsByTagName('link')).forEach(function (element) { if (element.getAttribute('type') === 'application/rss+xml') { console.log('Found direct feed link'); url = element.getAttribute('href'); } }); if (!url) { Array.prototype.slice.call(document.getElementsByTagName('meta')).forEach(function (element) { if (element.getAttribute('itemprop') === 'channelId') { console.log('Found channel ID'); url = 'https://www.youtube.com/feeds/videos.xml?channel_id=' + element.getAttribute('content'); } }); } return url; }(); if (newLocation === undefined) { console.log('Could not find a channel RSS feed from ' + location.href); } else { location.href = newLocation; } })();
Will convert a youtube channel page to a rss feed. I watch the videos using photon and mpv but that is probably too advanced for your kid but a simpler app might work.
Here is an alternative Piped link(s): https://piped.video/feeds/videos
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source, check me out at GitHub.
Saying it out loud would be a security risk
-
Private Synology NAS
-
GrapheneOS on my phone
- Protonmail for email
- Simplelogin aliases for different services to mask my email address
Check out PrivacyGuides
At the end of the day, the winner for privacy is ... Decentralization Cuz no central server means:
- Data only save in your own device
- Anonymous, never link to your personal info
- E2EE
Can you be more specific? Any software or tool recommendation?
iCloud private relay, to prevent anyone from scraping your browsing history. Plus stop the madness and AdGuard pro.
I use Bitwarden for pw manager and 2FA. I use that to create a random password for anything I sign up to.
I am fortunate enough to run my own mail server, so for every signup I don't trust, I make a new email address and only use it for that one thing.
You can do [email protected]
if you cannot run your own. This at least lets you know who is leaking your info.
I generally try to run as much FOSS as possible, I do dual boot Win/Linux because unfortunately we still have companies not providing for both OS.
And if I go out in the public, I wear a cricket box.
if I go out in the public, I wear a cricket box.
They said protect your privacy, not your privates.
Yes, those two.
I host pretty much all my data on my private Synology box at home.
Things I do what give me a percieved sense of privacy/ security:
- use Firefox with Add-ons (Ublock origin, Idontcareaboutcookies, Istilldontcareaobutcookies, Consent Blocker)
- browser set up to block third party cookies and to delete any cookies after closing
- not allowing to store any credentials in the browser
- using different passwords for different services (not one password for all)
- using Two-Factor-Authentification on services which are connected with banking account
- not using freemail providers for email
- using a temporary email where possible if registration is required
- encrypted hard drive and encrypted backups
- do not use cloud storage (I rely on old school portable hard drives and thumb drives)
- using an additional firewall to stop certain not-quite-legally-obtained programs from phoning home (these programs can't be replaced through FOSS at the moment, or are too ridiculously overpriced to buy them right now)
- restrict/ forbid operating system to collect anonymous data and to phone home (as if that helps...)
- don't do online banking with an android 8 device
The password storage thing sometimes seems to be a hassle. I have stored my passwords in a physical moleskin, written with a pen, like an old person would do. When I have that book not availiable (when travellling), I have to guess my credentials.
At work I have the browser stored all the credentials. It's so much faster and easier. But since it's at my job I don't have to worry about my own private stuff.
Randomised user names
Password manager
Randomised words for any website that asks for memorable info (mother's maiden name, first pet's name, etc) for security. Always gets a laugh from customer services.
False birth date.