Using Rethink DNS app btw, I want to use a firewall and VPN at the same time on Android. Wtf?!?

So my IP has somehow just been leaking all this time...

Edit: Typo

scarily... They don't need to to be this creepy, but even I'm a tad baffled by this.

Yesterday me and a few friends were at a pub quiz, of course no phones allowed, so none were used.

It came down to a tie break question of my team and another. "What is the run time of the Lord of the Rings: Fellowship of the ring" according to IMDb.

We answered and went about our day. Today my friend from my team messaged me - top post on his "today feed" is an article published 23 hours ago.....

Forgive the pointless red circle.... I didnt take the screenshot.

My friend isn't a privacy conscience person by any means, but he didnt open IMDb or google anything to do with the franchise and hasn't for many months prior. I'm aware its most likely an incredible coincidence, but when stuff like this happens I can easily understand why many people are convinced everyone's doom brick is listening to them....

I currently use KeepassXC that is synced through NextCloud. The sync isn't very elegant, especially on my phone. So I'm looking for a new password manager, which has a native server sync support that I can self host. What do y'all recommend? I need at least a phone app and a browser integration that can autofill.

I want to block ads and trackers on the whole home network. I’ve been using adblockers and trackers for years now; I currently have a Raspberry Pi. I was thinking of setting up Pi-Hole with AdGuard. Any other suggestions are welcome. (I can’t use a custom router, because my ISP doesn’t allow it)

I have been messing around with creating a homoglyph keyboard for Android, but I'm wondering if it's even worthwhile. Is there any benefit to masking your messages with homoglyphs? Primarily I think it could defend against an LLMs ability to easily scrape messages. In my experiments ChatGPT and DeepSeek both get confused by homoglyph messages unless you instruct it to determine the likely alphabet characters and numbers for each individual character.

For the uninitiated, Ꮋ0ᛖοԌⅼуᏢʜѕ áᚱе ᏟｈäʀɑсᎢᎬᚱႽ ｔｈàτ Ｌоοᛕ ⅼіᛕË ᏞëｔＴêᚱᏚ

What service would you recommend for receiving SMS confirmation codes etc. that is not blocked by most services (which probably only leaves the paid ones)?

Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post.

The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies. Its application would mark a significant defeat for tech companies in their decades-long battle to avoid being wielded as government tools against their users, the people said, speaking under the condition of anonymity to discuss legally and politically sensitive issues.

Rather than break the security promises it made to its users everywhere, Apple is likely to stop offering encrypted storage in the U.K., the people said. Yet that concession would not fulfill the U.K. demand for backdoor access to the service in other countries, including the United States.

The office of the Home Secretary has served Apple with a document called a technical capability notice, ordering it to provide access under the sweeping U.K. Investigatory Powers Act of 2016, which authorizes law enforcement to compel assistance from companies when needed to collect evidence, the people said.

The law, known by critics as the Snoopers’ Charter, makes it a criminal offense to reveal that the government has even made such a demand. An Apple spokesman declined to comment.

Apple can appeal the U.K. capability notice to a secret technical panel, which would consider arguments about the expense of the requirement, and to a judge who would weigh whether the request was in proportion to the government’s needs. But the law does not permit Apple to delay complying during an appeal.

In March, when the company was on notice that such a requirement might be coming, it told Parliament: “There is no reason why the U.K. [government] should have the authority to decide for citizens of the world whether they can avail themselves of the proven security benefits that flow from end-to-end encryption.”

The Home Office said Thursday that its policy was not to discuss any technical demands. “We do not comment on operational matters, including for example confirming or denying the existence of any such notices,” a spokesman said.

Senior national security officials in the Biden administration had been tracking the matter since the United Kingdom first told the company it might demand access and Apple said it would refuse. It could not be determined whether they raised objections to Britain. Trump White House and intelligence officials declined to comment.

One of the people briefed on the situation, a consultant advising the United States on encryption matters, said Apple would be barred from warning its users that its most advanced encryption no longer provided full security. The person deemed it shocking that the U.K. government was demanding Apple’s help to spy on non-British users without their governments’ knowledge. A former White House security adviser confirmed the existence of the British order.

At issue is cloud storage that only the user, not Apple, can unlock. Apple started rolling out the option, which it calls Advanced Data Protection, in 2022. It had sought to offer it several years earlier but backed off after objections from the FBI during the first term of President Donald Trump, who pilloried the company for not aiding in the arrest of “killers, drug dealers and other violent criminal elements.” The service is an available security option for Apple users in the United States and elsewhere.

While most iPhone and Mac computer users do not go through the steps to enable it, the service offers enhanced protection from hacking and shuts down a routine method law enforcement uses to access photos, messages and other material. iCloud storage and backups are favored targets for U.S. search warrants, which can be served on Apple without the user knowing.

Law enforcement authorities around the world have complained about increased use of encryption in communication modes beyond simple phone traffic, which in the United States can be monitored with a court’s permission.

The U.K. and FBI in particular have said that encryption lets terrorists and child abusers hide more easily. Tech companies have pushed back, stressing a right to privacy in personal communication and arguing that back doors for law enforcement are often exploited by criminals and can be abused by authoritarian regimes.

Most electronic communication is encrypted to some degree as it passes through privately owned systems before reaching its destination. Usually such intermediaries as email providers and internet access companies can obtain the plain text if police ask.

But an increasing number of tech offerings are encrypted end to end, meaning that no intermediary has access to the digital keys that would unlock the content. That includes Signal messages, Meta’s WhatsApp and Messenger texts, and Apple’s iMessages and FaceTime calls. Often such content loses its end-to-end protection when it is backed up for storage in the cloud. That does not happen with Apple’s Advanced Data Protection option.

Apple has made privacy a selling point for its phones for years, a stance that was enhanced in 2016 when it successfully fought a U.S. order to unlock the iPhone of a dead terrorist in San Bernardino, California. It has since sought to compromise, such as by developing a plan to scan user devices for illegal material. That initiative was shelved after heated criticism by privacy advocates and security experts, who said it would turn the technology against customers in unpredictable ways.

Google would be a bigger target for U.K. officials, because it has made the backups for Android phones encrypted by default since 2018. Google spokesman Ed Fernandez declined to say whether any government had sought a back door, but implied none have been implemented. “Google can’t access Android end-to-end encrypted backup data, even with a legal order,” he said.

Meta also offers encrypted backups for WhatsApp. A spokesperson declined to comment on government requests but pointed to a transparency statement on its website saying that no back doors or weakened architecture would be implemented.

If the U.K. secures access to the encrypted data, other countries that have allowed the encrypted storage, such as China, might be prompted to demand equal backdoor access, potentially prompting Apple to withdraw the service rather than comply.

The battle over storage privacy escalating in Britain is not entirely unexpected. In 2022 U.K. officials condemned Apple’s plans to introduce strong encryption for storage. “End-to-end encryption cannot be allowed to hamper efforts to catch perpetrators of the most serious crimes,” a government spokesperson told the Guardian newspaper, referring specifically to child safety laws.

After the Home Office gave Apple a draft of what would become the backdoor order, the company hinted to lawmakers and the public what might lie ahead.

During a debate in Parliament over amendments to the Investigatory Powers Act, Apple warned in March that the law allowed the government to demand back doors that could apply around the world. “These provisions could be used to force a company like Apple, that would never build a back door into its products, to publicly withdraw critical security features from the UK market, depriving UK users of these protections,” it said in a written submission.

Apple argued then that wielding the act against strong encryption would conflict with a ruling by the European Court of Human Rights that any law requiring companies to produce end-to-end encrypted communications “risks amounting to a requirement that providers of such services weaken the encryption mechanism for all users” and violates the European right to privacy.

In the United States, decades of complaints from law enforcement about encryption have recently been sidelined by massive hacks by suspected Chinese government agents, who breached the biggest communications companies and listened in on calls at will. In a joint December press briefing on the case with FBI leaders, a Department of Homeland Security official urged Americans not to rely on standard phone service for privacy and to use encrypted services when possible.

Also that month, the FBI, National Security Agency and the Cybersecurity and Infrastructure Security Agency joined in recommending dozens of steps to counter the Chinese hacking spree, including “Ensure that traffic is end-to-end encrypted to the maximum extent possible.”

Officials in Canada, New Zealand and Australia endorsed the recommendations. Those in the United Kingdom did not.

UK government is trying to get into iCloud end-to-end encryption. (Again?)

Makes me think about email servers too. Most of my private information is in emails, and not only I use a service where the host machines access the email, so do almost everyone I email to/from.

Hi all,

I use ublock origin in medium blocking mode which blocks a lot of urls by default, google / youtube included. For the longest time I have to unblock, google.com, googlestatic.com, youtube.com (and usually some more) every time I want to watch an embedded video.

I don't use the youtube website in general, I use freetube for all my youtube watching. Libredirect even opens direct youtube links in freetube but it can't handle embedded videos (at least not in a way without unblocking the urls before).

The best solution would be a userscript or extension that replaces all embedded youtube videos with links I can click to open them in freetube. I was surprised I couldn't find something like this. Does anybody know about a solution?

*EDIT: I found a a way to make embedded youtube videos clickable: https://xcancel.com/gorhill/status/1377613397710229506#m

This is straight from the ublock origin developers. Sadly even in this case you have to globally unblock youtube.com and google.com which is a no go for me.

Cheers

Hello! I recently tried NextDNS and noticed that is detects my current DNS resolved on the go. I just opened its website and it immediately showed my current resolver: When I tried changing private DNS to Cloudflatein settings it instantly showed my new resolver. But how exactly it works? Does the browser send used DNS server to website? Or it is done somehow via JavaScript? And also: So every website can know what I am using now? Can it be used for fingerprinting?

If you are living in a country that is not save and free from politically motivated prosecution or other dangerous pursuits, all activities, messages and so on, that are critical of that country could be seen as dangerous to said system and therefore illegal. So making them public puts you in great danger. By “public” I don’t mean publicly available, but readable for state actors.

If you are living in a currently safe system, the internet does not forget things. So when it flips to an unsafe country, all your previously save thoughts, messages and so on are now illegal and are already out in the net. That puts you in great danger if you ever in your past had interactions which are now seen as illegal. And you can never know which topics could be illegal or dangerous by then. 

Another example would be traveling to unsafe states that you were ever critical of. 

All of those (and possibly more) scenarios are dangerous for you as the actor, but for any family member of yours in the future (or past) as well. 

So would it not always be in your interest to hide as much as possible, not just depending on your current situation or the assumed threat level? I have a hard time wrapping my head around statements like securing oneself depending on one’s threat level.

I recently put together a detailed opsec guide that covers practical steps for reducing your digital footprint, securing communications, and avoiding common pitfalls people make when trying to stay private online.

The goal was to create something that's actually useful and not just the usual "use a vpn and tor" advice. I tried to break down realistic methods that can help both beginners and people already familiar with opsec.

Id love to get some feedback from the community - what's missing, what could be improved, and if there's anything you disagree with.

I entirely understand that the more secure and private a means of communication gets, the less convenient it is. That being said it seems like there should be some way to be reasonably secure while still being able to promote these types of things.

To be completely transparent I am not planning on being said organizer of protests, but recent events have simply piqued my interest in the topic. I've read certain frequently referenced materials like "What is Security Culture", "Confidence Courage Connection Trust", and "Mobile Phone Security for Activists and Agitators". I feel like the more resources I read the more it seems like there is no general consensus on the best solutions even for similar threat models.

So far the only thing I've truly gathered is that if you want the best security and privacy you should just not use online communications, which obviously is sub-optimal for gaining traction.

Some people say using Signal is the best means of communication, but that the use of phone numbers and centralization could be a concern. Some people say SimpleX, but cite concerns about notifications or how it hasn't been around long enough to be fully vetted. There's Briar which actually seems great but goodbye to every iPhone user.

Is there any completely solid answer to such a scenario where privacy and security must be upheld while maintaining outreach? I get all things will have their tradeoffs, but is the best solution really just using network communications as little as possible and being careful about your presence?

Can someone help me understand this? If hundreds of thousands of people use a popular browser extension, how does that make it easier for you to be singled out among them? I'm having a hard time wrapping my head around this, can anyone help?

cross-posted from: https://lemmy.blahaj.zone/post/21595688

I just finished setting up a custom router with dns ad blocking. Next comes a media player so I can purge this smart TV filth from my household.

Huge shout out to Louis Rossmann and the FUTO communuty contributors, check out the wiki on self-hosted software if you haven't already.

Wiki link

I've been looking to improve the home network in my home lab. It seems that Ubiquiti has everything I could want in their various products.

However, it seems too good to be true. How much snooping does the router/firewall/APs do on my traffic? If you have a similar case, what has been your experience with Ubiquiti?

My ISP is AT&T (located in the U.S.) and I have issues loading random websites. Currently have Google DNS set in my router, which works great. But I'm guessing there's a better, more private, option?