How can i debloat android reddit and youtube app ? The vanilla apps are constantly making bloat connections. (Atleast 8k-10k on adguard app per day).

It seems to me they just use smartphones like the average working class person does, how do they even protect their privacy? Do they have a special variant of smartphone that's doesn't have tracking?

Dark Web Interdiction Act of 2025

Here is the text of a bill introduced to Congress (US), ostensibly to combat the trafficking of opioids over "The Dark Web". There's a nice definition of "The Dark Web" at section 4.

I like the part where it says people are using "The Dark Web" both within the United States and "at the international border".

There is no forum for this service and it's privacy related so I think it's best sub when I can ask. When I try to loggin there is yellow error which says "there seems to be an error logging you in. please try again shortly"

This is for pedagogical purposes. Please do not cypher actually important messages with this.

Anyway I think it can bring with little ones, and adults alike, interesting conversations around :

• secrecy
• privacy
• cryptography as counter-power
• mathematics, starting with modulo
• the duration a message can stay undecipherable and thus the kind of message to share
• computational complexity, how many permutations are available

... and a lot more!

I recently have been playing around with GPG (its pretty fun!) And decided to make a hat with my public key on it!

Its a fun conversation starter at walmart, when somebody asks what it is? It activates my tism, and i get to talk about computer science! Its also important to teach others the importants of encryption especially as of one day ago the EFF made a post talking about yet another bill trying to go after encryption.

The keen eyed among you see i have blocked out certain parts of my key, this is because i have a key for this hat exclusively and would like to see if anybody i talk to about encryption in real life bothers to email me. I know its not much but i enjoy it!

I laser etched the leather, and hand stitched it to the hat.

I know this is more kinda clothing stuff, but it just didnt feel right posting a hat with a gpg key on a fasion/clothing community.

Hope you enjoy My little project >:) hehe

I'm aware that carrying a phone means that I can be tracked with cell towers and that's fine.

But is there some sort of tracking that can be done on modern dumb-phones that make relevant ads show up(on spotify/youtube) that are based on where the phone has been?

Thanks I'm a newb

Like what the title says. There's always a catch unless it's FOSS. So, what is the catch with them giving games for free that you can keep forever? What will the developers of the games get as a thank you?

Majority of exposures located in the US, including datacenters, healthcare facilities, factories, and more

Everyone talks about how evil browser fingerprinting is, and it is, but I don't get why people are only blaming the companies doing it and not putting equal blame on browsers for letting it happen.

Go to Am I Unique and look at the kind of data browsers let JavaScript access unconditionally with no user prompting. Here's a selection of ridiculous ones that pretty much no website needs:

• Your operating system (Isn't the whole damn point of the internet that it's platform independent?)
• Your CPU architecture (JS runs on the most virtual of virtual environments why the hell does it need to know what processor you have?)
• Your JS interpreter's version and build ID
• List of plugins you have installed
• List of extensions you have installed
• Your accelerometer and gyroscope (so any website can figure out what you're doing by analyzing how you move your phone, i.e. running vs walking vs driving vs standing still)
• Your magnetic field sensor AKA the phone's compass (so websites can figure out which direction you're facing)
• Your proximity sensor
• Your keyboard layout
• How your mouse moves every moment it's in the webpage window, including how far you scroll, what bit of text you hovered on or selected, both left and right clicks, etc.
• Everything you type on your keyboard when the window is active. You don't need to be typing into a text box or anything, you can set a general event listener for keystrokes like you can for the mouse.

If you're wondering how sensors are used to fingerprint you, I think it has to do with manufacturing imperfections that skew their readings in unique ways for each device, but websites could just as easily straight up record those sensors without you knowing. It's not a lot of data all things considered so you likely wouldn't notice.

Also, canvas and webGL rendering differences are each more than enough to 100% identify your browser instance. Not a bit of effort put into making their results more consistent I guess.

All of these are accessible to any website by default. Actually, there's not even a way to turn most of these off. WHY?! All of these are niche features that only a tiny fraction of websites need. Browser companies know that fingerprinting is a problem and have done nothing about it. Not even Firefox.

Why is the web, where you're by far the most likely to execute malicious code, not built on zero trust policies? Let me allow the functionality I need on a per site basis.

Fuck everything about modern websites.

"Meta devised an ingenious system (“localhost tracking”) that bypassed Android’s sandbox protections to identify you while browsing on your mobile phone — even if you used a VPN, the browser’s incognito mode, and refused or deleted cookies in every session."

Full text to bypass paywall:

A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where the data came from, according to internal CBP documents obtained by 404 Media. The data includes passenger names, their full flight itineraries, and financial details.

CBP, a part of the Department of Homeland Security (DHS), says it needs this data to support state and local police to track people of interest’s air travel across the country, in a purchase that has alarmed civil liberties experts.

The documents reveal for the first time in detail why at least one part of DHS purchased such information, and comes after Immigration and Customs Enforcement (ICE) detailed its own purchase of the data. The documents also show for the first time that the data broker, called the Airlines Reporting Corporation (ARC), tells government agencies not to mention where it sourced the flight data from.

“The big airlines—through a shady data broker that they own called ARC—are selling the government bulk access to Americans' sensitive information, revealing where they fly and the credit card they used,” Senator Ron Wyden said in a statement.

ARC is owned and operated by at least eight major U.S. airlines, other publicly released documents show. The company’s board of directors include representatives from Delta, Southwest, United, American Airlines, Alaska Airlines, JetBlue, and European airlines Lufthansa and Air France, and Canada’s Air Canada. More than 240 airlines depend on ARC for ticket settlement services.

Do you work at ARC or an agency that uses ARC data? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

ARC’s other lines of business include being the conduit between airlines and travel agencies, finding travel trends in data with other firms like Expedia, and fraud prevention, according to material on ARC’s YouTube channel and website. The sale of U.S. flyers’ travel information to the government is part of ARC’s Travel Intelligence Program (TIP).

A Statement of Work included in the newly obtained documents, which describes why an agency is buying a particular tool or capability, says CBP needs access to ARC’s TIP product “to support federal, state, and local law enforcement agencies to identify persons of interest’s U.S. domestic air travel ticketing information.” 404 Media obtained the documents through a Freedom of Information Act (FOIA) request.

A screenshot of the Statement of Work. Image: 404 Media.

The new documents obtained by 404 Media also show ARC asking CBP to “not publicly identify vendor, or its employees, individually or collectively, as the source of the Reports unless the Customer is compelled to do so by a valid court order or subpoena and gives ARC immediate notice of same.”

The Statement of Work says that TIP can show a person’s paid intent to travel and tickets purchased through travel agencies in the U.S. and its territories. The data from the Travel Intelligence Program (TIP) will provide “visibility on a subject’s or person of interest’s domestic air travel ticketing information as well as tickets acquired through travel agencies in the U.S. and its territories,” the documents say. They add this data will be “crucial” in both administrative and criminal cases.

A DHS Privacy Impact Assessment (PIA) available online says that TIP data is updated daily with the previous day’s ticket sales, and contains more than one billion records spanning 39 months of past and future travel. The document says TIP can be searched by name, credit card, or airline, but ARC contains data from ARC-accredited travel agencies, such as Expedia, and not flights booked directly with an airline. “[I]f the passenger buys a ticket directly from the airline, then the search done by ICE will not show up in an ARC report,” that PIA says. The PIA notes the data impacts both U.S. and non-U.S. persons, meaning it does include information on U.S. citizens.

“While obtaining domestic airline data—like many other transaction and purchase records—generally doesn't require a warrant, there's still supposed to go through a legal process that ensures independent oversight and limits data collection to records that will support an investigation,” Jake Laperruque, deputy director of the Center for Democracy & Technology's Security and Surveillance Project, told 404 Media in an email. “As with many other types of sensitive and revealing data, the government seems intent on using data brokers to buy their way around important guardrails and limits.”

CBP’s contract with ARC started in June 2024 and may extend to 2029, according to the documents. The CBP contract 404 Media obtained documents for was an $11,025 transaction. Last Tuesday, a public procurement database added a $6,847.50 update to that contract, which said it was exercising “Option Year 1,” meaning it was extending the contract. The documents are redacted but briefly mention CBP’s OPR, or Office of Professional Responsibility, which in part investigates corruption by CBP employees.

“CBP is committed to protecting individuals’ privacy during the execution of its mission to protect the American people, safeguard our borders, and enhance the nation’s economic prosperity. CBP follows a robust privacy policy as we protect the homeland through the air, land and maritime environments against illegal entry, illicit activity or other threats to national sovereignty and economic security,” a CBP spokesperson said in a statement. CBP added that the data is only used when an OPR investigation is open and the agency needs to locate someone related to that investigation. The agency said the data can act as a good starting point to identify a relevant flight record before then getting more information through legal processes.

On May 1, ICE published details about its own ARC data purchase. In response, on May 2, 404 Media filed FOIA requests with ICE and a range of other agencies that 404 Media found had bought ARC’s services, including CBP, the Secret Service, SEC, DEA, the Air Force, U.S. Marshals Service, TSA, and ATF. 404 Media found these by searching U.S. procurement databases. Around a week later, The Lever covered the ICE contract.

A screenshot of the Statement of Work. Image: 404 Media.

Airlines contacted by 404 Media declined to comment, didn’t respond, or deferred to either ARC or DHS instead. ARC declined to comment. The company previously told The Lever that TIP “was established after the Sept. 11 terrorist attacks to provide certain data to law enforcement… for the purpose of national security matters” and criminal investigations.

“ARC has refused to answer oversight questions from Congress, so I have already contacted the major airlines that own ARC—like Delta, American Airlines and United—to find out why they gave the green light to sell their customers' data to the government,” Wyden’s statement added.

U.S. law enforcement agencies have repeatedly turned to private companies to buy data rather than obtain it through legal processes such as search warrants or subpoenas. That includes location data harvested from smartphones, utility data, and internet backbone data.

“Overall it strikes me as yet another alarming example of how the ‘Big Data Surveillance Complex’ is becoming the digital age version of the Military-Industrial Complex,” Laperruque says, referring to the purchase of airline data.

“It's clear the Data Broker Loophole is pushing the government back towards a pernicious ‘collect it all’ mentality, gobbling up as much sensitive data as it can about all Americans by default. A decade ago the public rejected that approach, and Congress passed surveillance reform legislation that banned domestic bulk collection. Clearly it's time for Congress to step in again, and stop the Data Broker Loophole from being used to circumvent that ban,” he added.

According to ARC’s website, the company only introduced multifactor authentication on May 15.

Please help promote the hashtags #Deadline2025, #BigTechWalkout2025 and #Reclaim2025 to reach those still using big tech platforms.

And share this great video that a friend of mine made showing how lame the big techbros really are.

If we starve big tech of data, their power diminishes.

What encrypted messenger do you use most that isn't Zucking Meta's Whatsapp and Signal?

Edit Also, besides iMessage and RCS. Sorry thanks

turns out durov's bullshit is bullshit. huh.

So i downloaded Brave on windows 10 a few months ago and i remember that it was pretty easy without any hiccups but last week when i tried to download librewolf a message poped up saying that it may be harmful for your computer even tho i downloaded it from the official source

Is it just me or is microsoft getting more and more desperate to collect our data?

*Edit: Sorry it wasn't bitdefender it was something like Antimalware service executable or something like that which i think is a microsoft product

this happens on a samsung galaxy android device. i have a foss keyboard set up and never use the samsung keyboard app.

whenever i copy text, the toast message flashes that samsung keyboard has pasted from my clipboard.

i cant find any option to control clipboard access. how does one turn this off altogether?

/* */

I am currently using Obsidian. I like it; it is great. The graph is a bit of a gimmick but very rewarding. The formatting is easy. The search can be great and powerful, but Markdown can also be a letdown sometimes; it is just so limiting sometimes.

I think Obsidian is almost boring. It works, and my main gripe is syncing it to my phone. I have tried using Syncthing, but I often get clashes with versions of notes or even lose notes, even when using Syncthing versioning.

But then there is Notion. Let me first say, I have not used Notion at all. I made an account, saw all the great stuff, especially the database feature and all the APIs, but something felt off.

Of course, I researched the privacy of Notion and realised it is a complete dumpster fire.

My work is confidential; I really can't use something like Notion. But then, for my personal stuff, I also don't want AI to be trained on it or used for marketing to me or on me.

Are there alternatives to Notion that someone can recommend to me?

cross-posted from: https://lemmy.ml/post/31440973

The tool Lynis is an auditing tool used to audit Unix systems. Is it still relevant? Worth using?

It used to be fairly widely used years ago. Is it still worth its salt or are there other better options? Do you guys think it's needed at all with common sense now days.

Mullvad gives you a discount if you pay with crypto, and monero is supposed to be the private crypto. What is the best way to get Monero? I'm in Canada

https://mullvad.net/en/pricing

I've been interested in switching over to a phone that isn't a gold mine of my data for random companies etc. I've seen stuff for calyx, fair phone, graphene, and Linux phones. I'm curious as to how I would go about switching over. As of right now I use Android and mostly message through signal unless it's for work and I'm unfortunately on Verizon. Which privacy first smartphones would people recommend for US users and how does it work putting it on a network? Do they go on the regular networks like at&t, sprint, Verizon etc? Or do they have their own or privacy first networks? Sorry if these are dumb questions I'm just interested in switching and figured this would be a good place to find info.

Hey.

My phone is a Pixel 8A Graphene OS Phone. I Want to make this phone a Hardended phone. A safe phone. Privacy friendly phone. Not a Watched or tapped into phone. Basically limit the spying and intercepting and get control of the spying mechanisms that may be at play.

The phone has Sandboxed google.play services.

(grapheneos) and 1 profile (owner)

The phone has a kyc sim card. ( currently no way out)

Thanks.