Is this not just a configuration issue stemming from Dynamic IPs? Similarly; remote public DNS resolvers do commonly rotate their IPs from time to time for privacy reasons and operational reasons. Please check with the DNS providers regarding their practices.

It is never a requirement to perform 100% of all “Privacy best practices” 24 hours a day and 7 days a week with perfect execution. Simply put, nobody has that level of threat on average unless they are someone like Snowden, a Journalist covering a story, or are working as an intelligence agent.

It is best to assess your threat level and choose Privacy preserving techniques and tools according to what best suits your life and situation first. Don’t overdo it, don’t try to achieve perfect privacy, don’t try to keep up with the metaphorical Joneses. There will always be new threats to your privacy to assess; and you shouldn’t be ignorant of them; but you also should not ever let that growing list of threats overwhelm you.

If you need to take time to stop reading privacy news…do so. Just like regular world and national news; it can put you in a state of constant panic. Manage your mental health and state first before you ever allow yourself to address your privacy issues at hand.

Once your mental state is clear and your focus is sharp; focus specifically on little things you can easily do to protect your privacy. Maybe make sure you have a VPN set up or ensure you go over critical privacy settings on your devices to ensure none have changed or shifted since you last visited them. Then consider other small things you can do; if you can say, for example, choose a new email provider, then do so. If not, pick a new thing to address and move on. Do not make managing your privacy a chore if you can possibly help it. Take improving it one step at a time, take breaks for your sanity and make sure you don’t overdo it all at once.

No.

It sold out on it’s privacy promise years ago. Brave Browser CANNOT be trusted if you are someone who must ensure Privacy Preserving featurs must remain on at all times.

I recommend the Tor Browser. DO NOT USE THE TOR BROWSING CAPABILITIES OF BRAVE! YOU WILL BE DEANONYMIZED! Likely anything you’d be using Tor for, you don’t want your browser slipping up and leaking anything.

Personally I use a blend of hand-hardened Firefox (Via plugins), Librewolf and Ungoogled Chromium (for very rare cases where the site is actually trusted and requires Chrome to function predictably)

Ironically this does not prevent technologies like Monero from becoming the next big platform; nor will it really prevent people from evacuating their coins to a more private and self-custodial wallet.

In general it really only puts a few more onerous steps into the equation where there will be fences and people who are expected to digitally mule bitcoin around.

In the same manner that organized criminals work around modern financial regulations aimed at capturing them; they can also work around regulations surrounding Bitcoin itself; and once the Bitcoin itself is fenced off into a Monero or other privacy preserving coin; it will remain there ‘burned’ or get ‘laundered’ by a group of gang members a few hundred times to re-mint coins clean enough to be re-deposited and re-used in the same manner.

It won’t matter in the long run that they are tracking the provenance of every satoshi. Especially not if it’s far too common that anyone making a suspicious move turns out to be a privacy conscious, law-abiding, yet innocent citizen.

Agreed with the dislike of Brave; but my reasons of not using it are because the person(s) running that project have proven that they do not have user privacy as a priority over their own ability to stay profitable enough to operate. This lack of principal I feel makes Brave privacy hostile at random times when their company runs low on money and is vulnerable to making deals with the devils they’re trying to keep at bay. Usually these deals are horrific blows to user privacy, or introduce unwanted and unneeded bloat to the software.

I’ve seen this when bopping around in the F-Droid catalogue. Never took it seriously because it didn’t seem to communicate well what it was doing.

In general; I usually dislike using Chrome anyways…so much so that I hard disable Chrome on my device, oftentimes via ADB, and download a wide range of alternatives; Kiwi (Plugin enabled), Hermit ([Closed source] Forced Isolation of all domains/sites along a side of ad-blocking and web-app caching baked into the app wrapping it’s renderer; which is, of course System Webview. Unfortunately this one is not open source, so I do not often recommend it here and while I trust it; your decisions may be different.) and Firefox (Plugins installed, seems to be replacing Kiwi because it’s likely a dead/gone/depreciated/archived project.) I even use URLCheck from F-Droid itself as my “Default Browser” so that I have the power to review each URL and open it in a browser I feel is most appropriate to the context of my browsing and choose the browser I feel can best protect my privacy for a given site. One-off visits often go to Hermit; which promptly isolates away and forgets I ever visited the site while blocking ads with a lighter touch than most plugins I’ve seen that exist. If a site often breaks in Hermit; usually due to ad-blocking hostile scripts; I kick it over to Firefox where I have extensive plug-in tooling to defang the beast…including tools like JShelter, Canvas Blocker, LocalCDN, Chameleon, Decentraleyes and uBlock Origin.

What I do know is that Android System Webview is far more configurable than you might realize; and that it is absolutely possible to build a browser on top of it. Most importantly; Android System Webview IS NOT Chrome! Yes, it is extremely similar and it behaves mostly the same; but it is based on the Chromium project; which is basically what Chrome is before Google applies all of its own Branding, Customization, Policies and Application touches on it. Does Chromium project mirror what Chrome needs? Absolutely yes, but it does not follow Chrome exactly. In general; Android System Webview is a Web rendering component that other applications can call on and wrap their own code around. This means you are basically free to implement whatever other features you want around the webview; including adding plugins and other things like ad-blocking. My favorite closed-source lite-app browser Hermit does this; and I’m not seeing any significant privacy concerns with that one.

As the Messages RCS implementation is supposedly E2EE from device to device; No. It is not possible that a log of your messages’ contents are being kept.

Can it stop them from storing your encrypted messages to decrypt later if law enforcement should be able to confiscate your phone and extract the encryption key? Also No. It is not possible for E2EE to prevent “Store ciphertext and decrypt later” attacks.

It also cannot prevent companies from logging who you are conducting an encrypted conversation with; even if the contents cannot be seen and this information cannot be used to infer anything about the contents. It cannot stop companies from making inferences about your messaging activity due to timing of messages sent or who they are sent to.

If these kinds of attacks are on your threat model; you need to ensure you are not sending messages or information via electronic means via your phone to begin with, wherever possible.

It is absurd to assume that they have backdoored the RCS protocol without proof or evidence. This isn’t saying it’s a verifiably secure or private protocol; but I think you could trust an E2EE RCS message for long enough to help you get someone else onboarded on to Signal or another more properly encrypted messenger without needing to worry about being put on a watch list. I would trust it with my grocery list or trivial communications with family; even if I wouldn’t trust it with my truly personal or private conversations.

I second tailscale. But this requires you to be using it at home as well.

I don’t like it. It screams “FINGERPRINT ME!”

A symbol for privacy should imply privacy. Not show things that which should be protected. (like your handprints or fingerprints)

Get Ready, Player 2!

S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don’t want to adapt or grow or change.

Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.

OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it’s really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.

Lack of detailed audits…only in this case specifically…does not imply lack of security and/or privacy.

The protocol that Signal uses, which is in fact firmly audited with no major problematic findings, plus the fact the client is OSS is generally enough to lower any concerns.

The server side software in production for Signal.org is not OSS. It will not be. You are required to trust the server to use Signal; because the protocol and the client renders it factually impossible for the server to spy on your messages. The server cannot read messages; or even connect who is messaging who if the correct client settings are used. (Sealed Sender).

Non-OS stats software in general is not automatically lacking in privacy or security, particularly not in this case where the affected software does interact only with software that is verifiably open-source and trustworthy in general due to the protocols and how they are implemented correctly in a verifiable manner.

E2EE is, theoretically, secure. It certainly prevents a government from hoovering up your data when they casually cast too wide of a dragnet while “chasing a criminal”. …At least, when it is implemented honestly and correctly.

Now if governments wanted to properly backdoor some E2EE implementation; all they really need to do is compromise one end of the conversation. Of course, they want to be able to do it auto-magically; through delivering a court order to a single point; and not through busting down the door, or capturing the user of, one end or another of the conversation and compromising the device.

The question therein lies; do you as a person want the government to be forced to bust down a door? Some people think they should be forced to break doors and others do not feel that it is necessary. There are many diverse stances on this question; all with unique reasons.

It’s clear to me that E2EE works properly…the governments would not be trying to “end Encryption” if it did not work. Therefore it stands to reason that E2EE is not compromised, if a government is forced to pass a law in order to compromise the encryption or turn it off entirely. That proves it works.

I just logically proved Encryption works, without even taking a stance on the matter. For the record however; I do support Encryption. I think this law undermining it is a massive governmental overreach that will quickly lead to that same government finding out how critical Encryption actually is to their people. Just give it time.

deleted by creator

YES PLEASE!

Let the branches be forced to fight it out like a bunch of children in front of the SCOTUS; who will probably gleefully say “AHAHAHAH NOPE! You both get nothing, and I keep all of this power to myself.”

This 100%.

The more valuable and critical a government employee knows they are; the more effective they can be by doing this.

Everyone in any federal agency who is resisting and who is being ordered to do something they object to should be falling to this maliciously compliant default to the maximum extent they can afford to do so. Gum up the works; extend out projects, stretch deadlines out, passively resist every step of the way and insist that every possible reasonable rule be followed to it’s exact and literal definition…even if it’s not common practice or expedient.

Exhaust the servants of the tyrant of their every resource; run these liaisons ragged; overload them with petty questions and minor, but critical, decisions; especially if they’re bogged down. If you can make them quit or get fired by the cheeto in a non suspicious way; all the better. Making it impossible to keep a liaison in your department will keep them guessing if they keep quitting on their own due to extreme stress and overwork.

Anybody who is a Political Appointee should be considered a hostile co-worker automatically and kept out of every loop possible. Make them battle for every inch of information or status updates and give as little information as you can while only answering explicit questions. Bonus points if management is in on the game; and can ping-pong any information requests around violently across all the various managers and supervisors who each only leak a tiny tidbit of information.

This just means you wrap your signal links in a URL shortener.

A slight hassle; but all the more reason to hate the muskratt.

We should be quietly linking anyone with a need to send a signal link to a nice privacy respecting URL shortening instance somewhere that will basically delete the link in 3-7 days unless told otherwise to keep it around by the user at creation.

Heck; host your own URL shortener while you’re at it.

Vanilla Ice ICE baby…

I.C.E. is obviously overstepping their boundaries here and needs to be pared down.

Someone should get on publishing EFF’s surveillance avoidance tactics in all the languages…or at least teach the immigrants in their lives to make sure to use throw-away emails, prepaid sim cards and pseudo-identities to criticize government.

Genuinely it’s not hard to not provide real world information online; you just keep your identities separated by a few things first. VPNs and Tor help as well to prevent tapping into data.

If the constitution decrees it; sure. I think death is too kind though. But it might be the only option; seeing as how the next GOP idiot who takes the Oval Office will probably pardon him out of it.