Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible.

It has containers for official Firefox, its Debian version, and some other FF derivatives that market a focus on privacy or security. Might add a few more of those or do the chromium family later - if you read the thing and want more then please let us know what you want to see under the lens in a future update!

Tests were run against a basic protocol for each of them and results are aggregated at the end of the post.

Posting with ambition that this can trigger some follow-ups sharing derived or similar things. Maybe someone could make a viral blog post by doing some deeper tests and making their results digestible ;)

I know it's unlikely to exist, but I'd be really grateful if it's out there. My partners use Life360 for the location tracking, just so they know the other is okay. I'd like to join in on this too, but no way am I installing a closed source GPS if I can help it. They're pretty knowledgeable about the risks of doing so, and are open to using an alternative service. Heck, I was the guy who got one of them in on Linux after ditching his Chromebook. lmao

For the record, they have all the data collection settings disabled, but how much is that worth, really? You'd have to trust the company's word and even still, closed source GPS shit. Ew.

Any suggestions are appreciated!

Can Android apps use WebRTC, or is WebRTC only available in browsers?

If Android apps can use WebRTC, how can it be blocked per app or system-wide to prevent IP address leaks?

This could be a huge privacy risk, if you use android, VPN cannot help you to hide yourself from any app that use webrtc.

Heard good things about it, but I decided to ask here to have a second check.

Bro, just one more camera bro, one more camera and we will solve crime forever bro. Bro, please bro, trust me bro. No I wont sell your face bro, trust me bro. Why don't you want a camera bro? Do you have something to hide bro? Bro, think of the children, bro. There will be no more crime or terrorism bro. Trust me bro.

• Every government in the world (My city now has facial recognition cameras all around, the UK is implementing age verification, the EU with chat control and so on...)

cross-posted from: https://lemmy.bestiver.se/post/879557

Comments

I’ve been struggling with how to word my stance on AI with regard to my email service, Port87. Today I sat down and compiled some research to quantify my stance on it, and why I won’t be using it.

What made me want to do this now more than ever is the recent announcement that Gmail will now use AI to read your email and give you a summary instead of just showing you your email. You know, because human beings can’t be bothered to decide whether an email is important without an AI risking their security to tell them they need to pick up their dog from the vet.

Cross posted from: https://sh.itjust.works/post/53553563

With a lot of talk from governments around the world trying to either ban or restrict VPNs, I'm curious to know what are our options if they follow through? I know we can use the Tor network, but is there other options? I assume we could self-host our VPN since I don't think it would be affected by a possible ban. Is there a less tech-savvy option I'm not aware of? I'm just trying to understand all of my options just in case a ban does happen.

Looks like Signal did tracking attempts on me

I’m an European student heading to Shanghai for an internship where debit and credit cards are rarely accepted. Locals recommend using Alipay for payments, but I have heard mixed results about compatibility with European credit cards. Some claim credit cards don’t work at all with Alipay, while others say they have zero issues. It was suggested to get a Wise or Revolut card to use with Alipay. What are your thoughts on which option is more privacy friendly or if there are better alternatives.

I have also been advised to get a VPN for China. While I self-host a VPN, I planned to add Mullvad because of its obfuscation techniques. Except it was recommended to get LetsVPN or Astrill, they said because they work the best in China and that is what everyone uses. What are your thoughts on which VPN I should get? Also any other suggestion or advise for my internship in Shanghai are appreciated.

cross-posted from: https://lemmy.world/post/41445408

cross-posted from: https://lemmy.world/post/41447443

cross-posted from: https://lemmy.world/post/41447441

It's a tool to maximize privacy and security settings on Windows, macOS, and Linux. Learned about it from Naomi Brockwell.

cross-posted from: https://lemmy.ml/post/41421285

via this 404 media article: https://www.404media.co/inside-ices-tool-to-monitor-phones-in-entire-neighborhoods/

paywall bypass: https://web.archive.org/web/20260108141914/https://www.404media.co/inside-ices-tool-to-monitor-phones-in-entire-neighborhoods/

TL;DR: Mozilla has a new CEO and a new mission: transform Firefox into an AI browser. That has run into some snags, as Firefox users don’t seem that interested in AI. Mozilla is forging ahead, utilizing deceptive patterns (previously known as dark patterns) to nag and annoy people into enabling AI features. You can see this in the introduction of Link Previews, an extremely invasive anti-feature that exists solely to push AI into your experience.

I've been thinking of starting a Mastodon instance and have found a hosting service I fancy, but am struggling to find a decent place to purchase a domain. My criteria is that it isn't operated in the USA or a similarly fascistic country, doesn't support crypto/AI garbage, and is trustworthy. I thought hosting the actual site would be the hard part, not buying the domain. Additionally, many posts I've come across asking this question are from people in the market for email servers, so I'm not sure if those suggestions apply for me.

Any recommendations are appreciated, thanks!

The Pennsylvania Supreme Court has a new definition of “reasonable expectation.” According to the justices, it’s no longer reasonable to assume that what you type into Google is yours to keep.

In a decision that reads like a love letter to the surveillance economy, the court ruled that police were within their rights to access a convicted rapist’s search history without a warrant. The reasoning is that everyone knows they’re being watched anyway.

The opinion, issued Tuesday, leaned on the idea that the public has already surrendered its privacy to Silicon Valley.

We obtained a copy of the ruling for you here.