301
132
Is Telegram really an encrypted messaging app? (blog.cryptographyengineering.com)
submitted 2 months ago by solrize@lemmy.world to c/privacy@lemmy.ml

Blog post by crypto professor Matthew Green, discussing what Telegram does (I wasn't familiar with it) and criticizing its cryptography. He says Telegram by default is not end-to-end encrypted. It does have an end-to-end "secret chat" feature, but it's a nuisance to activate and only works for two-person chats (not groups) where both people are online when the chat starts.

It still isn't clear to me why Telegram's founder was arrested. Green expresses some concern over that but doesn't give any details that weren't in the headlines.

302
202
submitted 2 months ago by MazonnaCara89@lemmy.ml to c/privacy@lemmy.ml

I needed to clean up my Google account but couldn't remove all my YouTube subscriptions because Google doesn’t allow it, SO FUCK YOU GOOGLE. I searched online for a solution but only found broken scripts. So, I made my own working script to unsubscribe from all channels efficiently. Sharing it here in case anyone else is in the same boat. Hope it helps!

303
126
submitted 2 months ago by mox@lemmy.sdf.org to c/privacy@lemmy.ml
304
406
submitted 2 months ago by JustMarkov@lemmy.ml to c/privacy@lemmy.ml

(Cross-posted from: https://lemmy.dbzer0.com/post/26559848/)

Some significant news for Telegram users!

See this article for some interesting backstory context on Pavel Durov and Telegram: https://www.spiegel.de/international/world/the-telegram-billionaire-and-his-dark-empire-a-f27cb79f-86ae-48de-bdbd-8df604d07cc8

Since the post article is in French, here's an auto-translation:

Pavel Durov, the founder and CEO of the encrypted messaging service Telegram, was arrested around 8 p.m. on Saturday evening as he got off his private jet on the tarmac of Le Bourget airport. The 39-year-old Franco-Russian was accompanied by his bodyguard and a woman.

The arrest was carried out by the gendarmes of the GTA (Air Transport Gendarmerie). Registered in the RPF (wanted persons file), Pavel Durov came straight from Azerbaijan. He had over his head a French search warrant issued by the OFMIN of the National Directorate of the French Judicial Police, issued on the basis of a preliminary investigation.

Why was he under threat of a search warrant?

The Justice considers that the lack of moderation, cooperation with the police and the tools offered by Telegram (disposable number, cryptocurrencies, etc.) makes it complicit in drug trafficking, paedophile offences and fraud.

This search warrant ran if, and only if, Pavel Durov was on national territory. "He made a mistake tonight. We don't know why... Was this flight just a step? In any case, he's locked up!" a source close to the investigation told TF1/LCI. Since he knew he was persona non grata in France, Pavel Durov used to travel to the Emirates, the countries of the former USSR, South America... He travelled very little in Europe and avoided countries where Telegram is under surveillance.

And now?

Investigators from the ONAF (National Anti-Fraud Office attached to the Customs Directorate) notified him and placed him in police custody. He is expected to be presented to an investigating judge this Saturday evening before a possible indictment on Sunday for a multitude of offences: terrorism, drugs, complicity, fraud, money laundering, concealment, paedophile content...

"Pavel Durov will end up in pre-trial detention, that's for sure," comments an investigator to TF1/LCI. "On his platform, he allowed an incalculable number of misdemeanours and crimes to be committed for which he does nothing to moderate or cooperate," said a source close to the case.

His pre-trial detention at the end of his indictment is indeed in no doubt. Pavel Durov, a billionaire, has substantial means to flee and his guarantees of representation will hardly convince the judges.

A net with international resonance

For the investigators, this international sweep has various objectives. First, it makes it possible to kick the anthill, impress and deter the perpetrators of crimes and offences who exchange, until now, freely on Telegram. Secondly, they aim to put pressure on European countries to step up joint work to make secure messaging on terrorist cases bend.

Indeed, Telegram is a hive of criminal content. At the moment, the platform is in the news with the illegal broadcasting of Ligue 1 matches. But on this encrypted messaging service, many accounts are used by organized crime. Beyond terrorism, the most dangerous pedophiles communicate on Telegram to exchange content. "It has become for years THE number 1 platform for organized crime," comments an investigator.

305
102
submitted 2 months ago* (last edited 2 months ago) by Decency8401@discuss.tchncs.de to c/privacy@lemmy.ml

Hi everyone,

I'm currently facing some frustrating restrictions with the public Wi-Fi at my school. It's an open Wi-Fi network without a password, but the school has implemented a firewall (Fortinet) that blocks access to certain websites and services, including VPNs like Mullvad and ProtonVPN. This makes it difficult for me to maintain my privacy online, especially since I don't want the school to monitor me excessively.

After uninstalling Mullvad, I tried to download it again, but I found that even a search engine (Startpage) is blocked, which is incredibly frustrating! Here’s what happened:

  • The Wi-Fi stopped working when I had the VPN enabled.
  • I disabled the VPN, but still couldn't connect.
  • I forgot the Wi-Fi network and reset the driver, but still no luck.
  • I uninstalled the Mullvad, and then the Wi-Fi worked again.
  • I tried to access Startpage to search for an up-to-date package for Mullvad, but it was blocked.
  • I used my phone to get the software file and sent it over, but couldn't connect.
  • I searched for different VPNs using DuckDuckGo, but the whole site was blocked.
  • I tried searching for Mullvad, but that was blocked too.
  • I attempted to use Tor with various bridges, but couldn't connect for some unknown reason.
  • I finally settled for Onionfruit Connect, but it doesn't have a kill switch, which makes me uneasy.

Ironically, websites that could be considered harmful, like adult content, gambling sites and online gaming sites, are still accessible, while privacy-tools are blocked.

I'm looking for advice on how to bypass these firewall restrictions while ensuring my online safety and privacy. Any suggestions or alternative methods would be greatly appreciated! (If any advice is something about Linux, it could be a Problem, since my school enforces Windows 11 only PC's which is really really igngamblingThanks in advance for your help

edit: did some formatting

edit2: It is my device, which I own and bought with my own money. I also have gotten in trouble for connecting to tor and searching for tor, but I stated that I only used it to protect my privacy. Honestly I will do everything to protect my privacy so I don't care if I will get in trouble.

edit 3: Thanks for the suggestions, if I haven't responded yet, that's because I don't know what will happen.

306
56
submitted 2 months ago* (last edited 2 months ago) by zaknenou@lemmy.dbzer0.com to c/privacy@lemmy.ml

307
22
submitted 2 months ago by Kyuuketsuki@lemmy.ml to c/privacy@lemmy.ml

More in physical privacy space than the usual post. Whenever I get mail, I shred it before disposal. Whenever I get a package, I black out the label.

But my method for blacking out the labels is basically turning on the gas range and holding the label over it until it turns black. It's not even that good of a method, because I can still see a black-on-black print.

So, I'm wondering if anyone has any better ideas for this sort of thing.

308
25
submitted 2 months ago by j4k3@lemmy.world to c/privacy@lemmy.ml

I just went to use nvcc for the first time and this nonsense hit my firewall. Make won't compile but it has to do with my unwillingness to use the proprietary toolkit. This network activity only happened once on startup.

309
189
submitted 2 months ago by sgibson5150@slrpnk.net to c/privacy@lemmy.ml

I know this will sound paranoid as fuck, but I've really been thinking about Microsoft lately. Like, they're pushing their Recall shit whether we like it or not. The fact that it even made it past the concept stage tells me that no one at Microsoft gives a single fuck about their users anymore. The final shreds of any trust I had in them as a company are gone and I've started thinking of them as an adversary.

Today I was considering Teams in particular. My company has been using it for maybe six years. When our email provider went teats up, I did some research and realized we had Microsoft cloud stuff included in our Action Pack subscription. We started using their email, and about the same time we started using Teams.

Teams offers EEE but only on Teams Premium, which we don't pay extra for. Microsoft has access to every message and chat. They could be saving transcripts and voice calls. They might have accumulated billions of hours of voice data by now.

What could they do with all this data?

  1. Sell to LEO
  2. Commit corporate espionage
  3. Gather government secrets
  4. Use for AI training

Something else just occurred to me. I did research a while back on the software stacks that big tech companies use. Not one uses IIS.

I've been a Windows developer for thirty years. I used to like Microsoft. I looked forward to new versions of Windows and Visual Studio. Now I feel like they've lured us all in slowly until we put our throats in their jaws. Fucking mental.

Talk me down, if you can.

310
16
submitted 2 months ago by Dymonika@beehaw.org to c/privacy@lemmy.ml

I'm mightily tempted, finally, by this month's Prime subscription's giveaway of the game KeyWe, which requires Epic Games account-linking.

I'm not really sure of what data risk to expect should I finally expose my real Amazon account to Epic Games (which is pretty much a dummy account that I've only been using to collect their giveaways ever since they began). I have refused to link accounts all these months so far. What do you think?

311
114
submitted 2 months ago by minnix@lemux.minnix.dev to c/privacy@lemmy.ml
312
62
submitted 2 months ago by Templa@beehaw.org to c/privacy@lemmy.ml

We currently pay for the Family plan as a couple so this will be good for us. I tried downgrading but it still doesn't appear for me.

313
35
submitted 2 months ago by monovergent@lemmy.ml to c/privacy@lemmy.ml

Been using searx.be for a bit now and they had many results in Dutch and German, which can be expected for a site based in Belgium. But does anyone notice an influx of results in Russian? Did they change the server location or are users in Russia catching on to it? Yandex isn't toggled on in the settings either.

Not trying to judge security by language. I just kinda liked having results in a mix of languages I could read.

314
301
submitted 2 months ago by gytrash@feddit.uk to c/privacy@lemmy.ml

"Google will have to face a class action lawsuit that accuses it of collecting users’ data through Chrome without their consent. In a decision on Tuesday, a federal appeals court reversed a December 2022 ruling that dismissed the case, saying the lower court should’ve reviewed Google’s disclosures and determined “whether a reasonable user reading them would think that he or she was consenting to the data collection.”...

315
103
submitted 2 months ago by overflow64@lemmy.ml to c/privacy@lemmy.ml
316
33
Opinions on Session? (lemmy.dbzer0.com)
submitted 2 months ago by 0laura@lemmy.dbzer0.com to c/privacy@lemmy.ml

It seems really cool but I'm a bit wary of it due to the crypto stuff.

317
661
submitted 2 months ago by minnix@lemux.minnix.dev to c/privacy@lemmy.ml
318
124
319
612
submitted 2 months ago* (last edited 2 months ago) by nokturne213@sopuli.xyz to c/privacy@lemmy.ml

Not only does the credit bureau max out their password length, you have a small list of available non-alphanumeric characters you can use, and no spaces. Also you cannot used a plused email address, and it had an issue with my self hosted email alias, forcing me to use my gmail address.

Both Experian and transunion had no password length limitations, nor did they require my username be my email address.

Update: I have been unable to log into my account for the last 3 days now. Every time I try I get a page saying to call customer service. After a total of 2 hours on hold I finally found the issue, you cannot connect to Equifax using a VPN. In addition there is no option for 2FA (not even email or sms) and they will hang up on you if you push the issue of their security being lax. Their reasoning for lax security and no vpn usage is "well all of our other customers are okay with this".

320
142
submitted 2 months ago by frengo_@lemmy.world to c/privacy@lemmy.ml

My brother seems to not care about his online privacy. He registers to services too easily without pondering, he’s not outraged we need a fucking account to use a vacuum cleaner, it seems he doesn’t care about all the potential risks of having videos of our indoors saved in a cloud. I don’t have strong arguments to convince him that privacy matters other than “if someone gets that, you could be in trouble” and “it’s like having someone watching you h24” and so on. How can i persuade him?

321
78
submitted 2 months ago by minnix@lemux.minnix.dev to c/privacy@lemmy.ml
322
33
submitted 2 months ago by electric_nan@lemmy.ml to c/privacy@lemmy.ml

Please suggest somewhere else I should post this. I took an OTA update last night for Lineage4microG and my OnePlus8T just bootlooped. I tried downloading and manually side loading both the most recent and previous versions, but they keep failing with a kInstallDeviceOpenError. I am desperate to get back into my device without wiping the data.

323
34
submitted 3 months ago* (last edited 3 months ago) by Ste41th@lemmy.ml to c/privacy@lemmy.ml

This is aimed at iOS users more, but do any of you use any firewall apps like 1 blocker fire wall or adguard dns.

The reason I’m asking is if you have all them things at router level what good does it do on a device level?

324
190
submitted 3 months ago by gytrash@feddit.uk to c/privacy@lemmy.ml

"The TV business isn't just about selling TVs anymore. Companies are increasingly seeing viewers, not TV sets, as their most lucrative asset..."

325
775
submitted 3 months ago by GravitySpoiled@lemmy.ml to c/privacy@lemmy.ml

I understand that it may be problematic sometimes but this was very smooth. I didn't even say anything.

A: what's your number for the whatsapp group Me: I don't have whatsapp because of facebook. B: ok, we have to use signal then A: ok

And that was it. Life can be very easy sometimes

view more: ‹ prev next ›

Privacy

31987 readers
498 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS