I am looking for new jobs as a Cloud Engineer. Being privacy conscious makes the job hunt relatively hard. I don't use LinkedIn. But most companies publish their openings on websites like this and almost all of them are a privacy nightmare.

As soon as you make an account on them, you are bombarded with thousands of emails and targeted ads. But if I made a temporary email for this purpose, I feel I might get blacklisted.

Honestly I feel kind of sad about today's corporate field.

So, you know commercial spyware? No I'm not referring to ads or things like pegasus. Talking about those weird providers that market to schools, employers and shitty partners

What measures could be taken to mitigate these threats? When physical can be assumes but the attacker isn't skilled, just using one of said tools? How would this vary between phones and laptops for example?

Thoughts?

No I'm not in danger, just get curious about this subject once in a while

The following is a cross-post from my mastodon thread

In the wake of metas enshitiffication I have seen people recommend Signal and Matrix as private open source alternatives to meta products. In the following thread I will outline how if your goal is software freedom anti surveillance and anti censorship the best option for direct and group messaging is neither Signal nor Matrix but instead the up and coming https://simplex.chat/

Signal is centralised meaning its vulnerable to censorship it almost got backdoored by uks online safety bill and that bill still has a damocles sword clause hanging over signal. Signal is also not anonymous, your account is linked to you through your phone number, if your contacts are compromised then your conversations can easily be linked back to you and your contacts all be correlated. In contrast simplex is like having "a burner phone for every contact" meaning even if one contact is correlated you have no consistent identity that can be compromised by default. Also simplex has a custom onion routing protocol to hide your ip from relay servers by default and it makes it very easy to connect over tor if simplex is blocked in your country im pretty sure signal doesnt do that. Matrix has been floated as potentially being a decentralised and e2ee open source alternative to Signal, but Signal shares one massive pro with SimpleX which is that both have post quantum encryption meaning that quantum computers that many researchers say are a few short years away from being able to decrypt all historical data that is encrypted using classical techniques ie not post-quantum encryption - such as the private messages you are sending across matrix today Afaik Matrix currently has no plans to add post quantum (PQ) encryption today and previously they were relying on it being implemented in MLS a standard that Matrix has been trying to adapt to their decentralised framework for years with stagnant process. Whats more afaict the motion to add PQ to MLS quietly expired and wasn't renewed so it's likely not coming any time soon. SimpleX has PQ on top of their classical encryption implemented and working today and you can download the app and have PQ rn (the additional classical encryption is insurance in case it turns out PQ has some classical attack vector, hybrid encryption is recommended by sec researchers at this stage) In conclusion both Signal and SimpleX are PQ unlike matrix but SimpleX and Matrix are decentralised and less vulnerable to censorship than Signal, while only SimpleX supports Tor connections and protects ur IP with or without Tor, and has no persistent unique identifier creating a "burner phone for every contact" scenario where compromised contacts cant necessarily be used to correlate ur other contacts/groups simply by looking at ur phone number/username in those groups

Heres some evidence and argumentation to support building post quantum encryption now, state and capital are hoovering up encrypted data rn to decrypt for profit as soon as it becomes cheap enough to do so with quantum computers https://www.youtube.com/watch?v=-UrdExQW0cs

And here's the best explainer of SimpleX on youtube, sorry about the racist thumbnail the guys a right winger but his knowledge on OPSEC is valuable. If you don't know why the thumbnail is racist search "Terry Davis glow in dark" (the search results for which I have to give a racist slur cw for but theres no slurs in this video) https://www.youtube.com/watch?v=0cRu98XSap0

edit: see whitepaper for technical privacy details https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md

I have a visa gift card or debit card. How do I use it to buy Crypto? Ideally XMR but BTC works too.

What are your thoughts on #privacy and #itsecurity regarding the #LocalLLMs you use? They seem to be an alternative to ChatGPT, MS Copilot etc. which basically are creepy privacy black boxes. How can you be sure that local LLMs do not A) "phone home" or B) create a profile on you, C) that their analysis is restricted to the scope of your terminal? As far as I can see #ollama and #lmstudio do not provide privacy statements.

Disclaimer: I'm not affiliated to the project.

Aside from the fact that it's relatively new and unknown, does this hold a candle to other Firefox-based projects? They seem to be competent by their own comparison tables.

Has anyone got any first-hand experience?

cross-posted from: https://lemm.ee/post/51967762

Hackers have reportedly breached Gravy Analytics, a parent company of Venntel that sells smartphone location data to the U.S. government. The hackers claim to have stolen considerable data, including customer lists, industry information and individuals' location data. They are threatening to make the data public.

After getting randomly banned on a subreddit (without breaking any of the rules) and accidentally posting on there with a different account, Reddit permanently banned me from their site. Appealing the ban didn't work.

Now, as soon as I create a new Reddit account it gets automatically suspended either immediately or after a few minutes to sometimes hours.

I assume many on Lemmy face similar situations and also switched to Lemmy because of a similar reason and they might also wonder how to bypass such a ban.

It seems like Reddit is using advanced fingerprinting since normal methods such as switching VPN, deleting and re-installing the browser/Reddit mobile app (including all associated data) and changing email doesn't work.

I'm not skilled enough and don't really have any "hacker knowledge" to bypass the ban. After extensive research I couldn't find a better solution than getting a new device or formatting the whole device.

I assume there must be a better way of changing ones fingerprint without just fully formatting the devices. Maybe it could work by changing the MAC address or something?

My goal is to not have a complicated way of accessing Reddit and resolving the issue in a way that one can access it completely normally again like in my case with the Chrome/Edge browser on Windows, Safari on Mac, and the Reddit app on Android.

Maybe someone has the knowledge here to help with this.

I saw that Guardian Project does not yet have a room on simple X, so I went ahead and created one and will hand it over to the Matrix administrators upon request and verification. I have also already taken the necessary steps required to get it added to the directory service.

Link to join the group Guardian Project (Unofficial): https://simplex.chat/contact#%2F%3Fv=2-7&smp=smp%3A%2F%2Fhpq7_4gGJiilmz5Rf-CswuU5kZGkm_zOIooSw6yALRg%3D%40smp5.simplex.im%2FNHb3Fd4WmBKKH1lC6KR06CK9oyM4g3eD%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAXcqg0DEOc0t0tOrVaueJAwjtrvY3dio5HB_b_E9tzXg%253D%26srv%3Djjbyvoemxysm7qxap7m5d5m35jzv5qq6gnlv7s4rsn7tdwwmuqciwpid.onion&data=%7B%22groupLinkId%22%3A%22GGBgMk4kmxje48B2VUwBgg%3D%3D%22%7D

I have never liked Apple and lately even less. F.... US monopolies

I spent the weekend researching data removal methods and decided to start with my credit report. I’m not even going to get into all of the alarming privacy invasions that popped up during this process. But when I got to the experian report, I was met with T&C box that says I have to hand over my phone carrier info and it wouldn’t let me proceed without doing so. The bureaus are legally required to give you one free report a year. It’s bad enough that these companies are even given rights to my data and now they’re using it to request further information.

I’m just so angry, frustrated, and violated.

Hi guys basically as the title says. I have a pixel phone running GrapheneOS and I really don't want to install Play Services. Is there an alternative for me? I need reliable notifications for Telegram and signal. Edit: Thank you all amazing people for helping I learned alot and found best setup for me

Good example why it is important to avoid private Photos on internet, a lot of crap like this app out there.

Optery advertises themselves as a privacy oriented service that helps you remove data from data brokers.

In the policy they mention they send your profile data to Advertising Partners with the purpose of

• Providing, Customizing and Improving the Services • Marketing the Services

Isn't this almost opposite of the whole purpose of their service? Or am I reading this wrong and this is just because they have to send your data to the brokers to process deletions?

Are there recommended alternatives?

P.S. I reached out to them about this but they haven't gotten back to me yet

Closed my account and left feedback. They replied: Thank you for sharing your feedback regarding your account cancellation. We acknowledge your decision to delete your account and want to address any concerns you have raised.

We understand your questions about privacy, and we want to reassure you that Optery is committed to protecting your personal information. Our core mission is to remove your data from data broker sites, not to exploit or misuse it. Here’s how we prioritize your privacy:

1. We do not sell your personal data. Optery has no involvement with companies that post or sell personal information online. Our sole purpose is to help remove your personal information from people search sites and data brokers. If you see your information online, it is unrelated to Optery's operations.

2. Google Analytics and Advertising. While our privacy policy mentions advertising partnerships, this typically involves anonymized or aggregated data, not personal details. We use tools like Google Analytics to analyze website traffic and improve user experience. Rest assured, personal information is not stored in these tools. Google uses collected data for web analytics, and while this may influence ad targeting, it is not tied to any personal data.

For more on how Google handles data: Google Privacy Terms and Google’s Data Protection.

We also encourage you to explore Google’s privacy practices: Google Analytics Privacy Safeguards.

We aim to follow a privacy-first model, taking inspiration from companies like Proton. Your feedback is invaluable, as it helps us ensure we align with the trust our customers place in us.

You can learn more here - How Optery Secures Your Data

Transparency and user trust are at the heart of everything we do. If you have more questions or need further clarification about our privacy practices, feel free to reach out.

With Mull no longer being developed I've decided to just use vanadium since im on grapheneos. I use librewolf on desktop and would like input on how people manage bookmarks. Floccus seemed good until i saw it doesnt actually import bookmarks into browser on android.

I want a security camera system that I can trust to be only my own. My requirements are not hugely unreasonable, but I can't find them the way search engines suck shit these days. I want a camera system with:

Local storage

No internet connection

No phone connection

No cables

No cloud storage option

No router necessary

And the option that seems impossible with the others: No option of remote connections

I don't want to see whats going on in real time on my phone, I want a completely private recording saved if I ever need to see if I got robbed. I don't want offline ability, I want cameras that can not connect to the internet at all, even through another device. I'm not worried about local network hacking, I want saved video that can only be viewed directly from the local storage. Longish life batteries so I don't have to route power, and no cables that can be unplugged. Solar powered would be nice, but isn't necessary.

Why is that so hard to find?

While I once hoped 2017 would be the year of privacy, 2024 closes on a troubling note, a likely decrease in privacy standards across the web. I was surprised by the recent Information Commissioner’s Office post, which criticized Google’s decision to introduce device fingerprinting for advertising purposes from February 2025. According to ICO, this change risks undermining user control and transparency in how personal data is collected and used.

from the this-is-why-we-can't-have-nice-things dept

firstly happy new year for all.

I need to start use Matrix to talk with my biggest friends and colleagues of my university, but i read is good not create an account on matrix.org and create an account in others public servers , to not centralize the matrix protocol. My question is if anyone has a good experience with others public servers, besides matrix.org. Any tip or advice?

I found this servers on joinmatrix with longstanding: https://tchncs.de/en/matrix | https://syscom.utwente.io/info/matrix/homeserver/ | https://matrix-help.envs.net/ | https://tedomum.net/service/matrix/ | https://rollenspiel.chat/ ...

Which one should i choose, any tip?

TYIA