326
88
submitted 3 months ago by DeadNinja@lemmy.world to c/privacy@lemmy.ml
327
44

I was listening to a Bazzell podcast where he mentions his company self hosting and maintaining a database of personal data and credentials for use in OSINT investigations. Some acquired through public sources but others acquired through leaks. Then of course there are data aggregate companies that do the same but are going on to sell this data for a profit.

What is the legality of this? Obviously acquiring publicly available data is legal, but how are these companies able to hold on to leaked usernames, passwords, and other confidential personal information. Especially those that were initially acquired through illegal means?

328
90
submitted 3 months ago* (last edited 2 months ago) by GravitySpoiled@lemmy.ml to c/privacy@lemmy.ml

Neither newpipe nor libretube work for me anymore for a while now. Is there an alternative?

Edit: when using my vpn it is blocked. Without von it works fine

329
79
submitted 3 months ago by CynicusRex@lemmy.ml to c/privacy@lemmy.ml
330
56
331
176
submitted 3 months ago* (last edited 3 months ago) by Charger8232@lemmy.ml to c/privacy@lemmy.ml

I was bored, so I compiled a list of 77 of my favorite open-source privacy-focused software. This ranges from Android apps to desktop apps to websites to operating systems. I scraped the programming languages used for each one from their respective repositories, and created a simple scoring system to score each programming language.

Obviously there is some bias, since Kotlin is very popular for Android apps and not much else, and it's not an exhaustive list, so some data might be off, but it was still fun to make! Just wanted to share it with all of you, in case anyone else finds it interesting.

The full ranking

Full ranking

  1. C++
  2. C
  3. Kotlin
  4. Java
  5. JavaScript
  6. TypeScript
  7. Python
  8. Shell
  9. C#
  10. Dart
  11. PHP
  12. Ruby
  13. HTML
  14. Makefile
  15. Go
  16. QML
  17. Pascal
  18. CSS
  19. Clojure
  20. Blade
  21. Crystal
  22. Batchfile
  23. Swift
  24. Emacs Lisp
  25. Svelte
  26. Rust
  27. CMake
  28. Haskell
  29. Lua
  30. Vue
  31. Roff
  32. XSLT
  33. Assembly
  34. NSIS
  35. Objective-C
  36. SCSS
  37. Less
  38. PLpgSQL
  39. Objective-C++
  40. Inno Setup
  41. Meson
  42. WebAssembly
  43. ASL
  44. PowerShell
  45. Rich Text Format
  46. GLSL
  47. Common Lisp
  48. Haml
  49. Scheme
  50. Dockerfile
  51. Perl
  52. AIDL
  53. M4
  54. Mustache
  55. D
  56. MDX
  57. SourcePawn
  58. M
  59. Pug
  60. Lex
  61. EJS

Scores for each programming language

Language scoresC++: 13070

C: 11734

Kotlin: 7195

Java: 6727

JavaScript: 5356

TypeScript: 5002

Python: 4250

Shell: 1903

C#: 1873

Dart: 1872

PHP: 1844

Ruby: 1499

HTML: 1389

Makefile: 990

Go: 975

QML: 955

Pascal: 917

CSS: 888

Clojure: 878

Blade: 832

Crystal: 738

Batchfile: 708

Swift: 577

Emacs Lisp: 556

Svelte: 366

Rust: 351

CMake: 342

Haskell: 326

Lua: 300

Vue: 288

Roff: 268

XSLT: 176

Assembly: 167

NSIS: 130

Objective-C: 128

SCSS: 90

Less: 77

PLpgSQL: 66

Objective-C++: 61

Inno Setup: 59

Meson: 41

WebAssembly: 25

ASL: 22

PowerShell: 21

Rich Text Format: 21

GLSL: 18

Common Lisp: 16

Haml: 14

Scheme: 13

Dockerfile: 12

Perl: 12

AIDL: 11

M4: 7

Mustache: 7

D: 5

MDX: 5

SourcePawn: 2

M: 2

Pug: 2

Lex: 1

EJS: 1

The original data

(NOTE: I am NOT looking for criticism on any choices made here)

Original data

HuggingChat

TypeScript 62.1%

Svelte 36.6%

Dockerfile 0.4%

JavaScript 0.4%

HTML 0.2%

Shell 0.1%

Other 0.2%

GPT4ALL

C++ 48.2%

QML 32.3%

Python 8.5%

CMake 5.4%

JavaScript 3.9%

C 1.0%

Other 0.7%

Audacity

C 37.6%

C++ 35.3%

Python 18.1%

Shell 2.8%

Common Lisp 1.6%

QML 1.3%

Other 3.3%

Duplicati

C# 87.3%

JavaScript 5.7%

HTML 3.2%

Less 1.8%

Python 1.2%

Shell 0.4%

Other 0.4%

Vorta

Python 99.2%

Other 0.8%

Filen (Desktop)

TypeScript 96.3%

JavaScript 2.1%

HTML 1.2%

NSIS 0.4%

Monero

C++ 81.7%

C 11.7%

Python 3.2%

CMake 2.0%

Makefile 0.5%

Shell 0.4%

Other 0.5%

Ivy Wallet

Kotlin 99.7%

Other 0.3%

Brasero

C 98.1%

Makefile 1.5%

Other 0.4%

VSCodium

Shell 83.8%

XSLT 16.0%

PowerShell 0.2%

GNU Emacs

Emacs Lisp 55.6%

Roff 23.8%

C 16.4%

M4 0.7%

Objective-C 0.6%

C++ 0.5%

Other 2.4%

GitLab

Ruby 69.2%

JavaScript 17.3%

Vue 6.8%

PLpgSQL 2.9%

Haml 1.4%

HTML 0.9%

Other 1.5%

Codeberg

Clojure 87.8%

Shell 3.9%

CSS 2.3%

HTML 2.2%

Batchfile 2.2%

PowerShell 1.0%

Other 0.6%

Wikipedia (MediaWiki)

PHP 82.7%

JavaScript 15.3%

Less 1.1%

CSS 0.8%

HTML 0.1%

Vue 0.0%

7-Zip

C++ 79.3%

C 17.6%

Assembly 1.6%

Makefile 1.5%

PeaZip

Pascal 91.7%

Inno Setup 5.9%

Batchfile 1.8%

C++ 0.4%

Shell 0.1%

C 0.1%

qBittorrent

C++ 71.0%

JavaScript 14.1%

HTML 11.5%

Python 1.1%

CSS 0.8%

CMake 0.7%

Other 0.8%

osu!

C# 100.0%

2048

CSS 54.9%

JavaScript 38.1%

HTML 6.5%

Ruby 0.5%

Wireshark

C 95.2%

C++ 2.4%

Python 1.1%

Perl 0.3%

CMake 0.3%

SourcePawn 0.2%

Other 0.5%

nmap

C 38.0%

Lua 29.0%

C++ 17.3%

Shell 4.6%

Python 4.3%

Makefile 1.9%

Other 4.9%

VirtualBox

C 67.2%

C++ 25.2%

Python 2.8%

Objective-C 1.7%

Assembly 1.4%

D 0.5%

Other 1.2%

Docker

Go 97.5%

Shell 1.5%

Dockerfile 0.5%

PowerShell 0.3%

Makefile 0.1%

Python 0.1%

calibre

Python 79.2%

C 17.1%

C++ 2.8%

HTML 0.3%

Shell 0.2%

XSLT 0.1%

Other 0.3%

Thunderbird

JavaScript 60.5%

C++ 21.5%

HTML 6.6%

CSS 3.8%

C 1.8%

Java 1.7%

Other 4.1%

Betterbird

Batchfile 66.5%

C 18.3%

C++ 10.1%

Shell 5.1%

draw.io (Desktop)

JavaScript 96.0%

Shell 4.0%

Joplin

TypeScript 71.4%

JavaScript 22.3%

HTML 1.9%

CSS 1.3%

Java 1.2%

Mustache 0.7%

Other 1.2%

LibreOffice

C++ 86.6%

Java 5.5%

Python 1.8%

Makefile 1.6%

XSLT 1.5%

Rich Text Format 1.4%

Other 1.6%

Proton Mail (Web)

TypeScript 92.1%

JavaScript 5.2%

SCSS 1.5%

MDX 0.5%

Swift 0.4%

CSS 0.1%

Other 0.2%

F-Droid

Java 65.3%

Kotlin 33.1%

Other 1.6%

Aurora Store

Kotlin 96.8%

Java 2.8%

AIDL 0.4%

Neo-Store

Kotlin 100.0%

Obtainium

Dart 98.7%

Other 1.3%

Droid-ify

Kotlin 99.6%

Shell 0.4%

IzzyOnDroid

PHP 97.2%

Python 2.5%

Shell 0.3%

Accrescent

Kotlin 100.0%

GNOME Software

C 97.0%

Meson 1.2%

Python 1.1%

Other 0.7%

Flathub

TypeScript 74.0%

Python 24.2%

JavaScript 1.1%

Shell 0.4%

SCSS 0.2%

Dockerfile 0.1%

SearXNG

Python 74.7%

Shell 9.9%

HTML 6.1%

Less 4.8%

JavaScript 2.7%

CSS 0.9%

Other 0.9%

GrapheneOS

Makefile 87.1%

C++ 11.3%

Shell 1.6%

GNOME

C 97.3%

Meson 2.3%

Python 0.4%

KDE Plasma

C++ 45.6%

QML 41.2%

C 5.5%

CMake 2.3%

Python 2.2%

JavaScript 1.9%

Other 1.3%

Arch Linux

C 98.4%

Assembly 0.7%

Shell 0.4%

Python 0.2%

Makefile 0.2%

Perl 0.1%

HeliBoard

Java 45.4%

C++ 34.7%

Kotlin 19.2%

Other 0.7%

Blender

C++ 76.3%

Python 14.6%

C 5.0%

GLSL 1.8%

CMake 1.2%

Objective-C++ 1.0%

Other 0.1%

FreeCAD

C++ 52.7%

Python 44.5%

C 1.5%

CMake 0.8%

NSIS 0.2%

Lex 0.1%

Other 0.2%

Krita

C++ 90.2%

Python 3.0%

C 2.3%

CMake 1.6%

HTML 0.7%

Rich Text Format 0.7%

Other 1.5%

GIMP

C 95.5%

Scheme 1.3%

Python 1.1%

C++ 0.7%

Meson 0.6%

Perl 0.4%

Other 0.4%

Flameshot

C++ 87.8%

CMake 5.8%

Shell 3.3%

Python 1.7%

Roff 1.1%

C 0.2%

Other 0.1%

Inkscape

C++ 94.1%

C 1.7%

CMake 1.5%

HTML 1.4%

Python 0.3%

Aegis

Java 96.0%

HTML 2.1%

Roff 1.9%

VeraCrypt

C 68.8%

C++ 19.0%

Assembly 10.0%

Shell 1.1%

Makefile 0.5%

Batchfile 0.3%

Other 0.3%

KeePassXC

C++ 95.1%

CMake 2.2%

Shell 1.5%

PowerShell 0.6%

Objective-C++ 0.4%

Python 0.1%

Other 0.1%

KeePassDX

Kotlin 79.0%

C 14.0%

Java 4.1%

Assembly 2.6%

C++ 0.2%

Ruby 0.1%

addy.io

Blade 83.2%

JavaScript 5.2%

Vue 4.8%

PHP 4.5%

CSS 2.3%

Mullvad VPN

Rust 35.1%

Swift 26.2%

Kotlin 19.5%

TypeScript 13.2%

C++ 2.8%

Shell 1.8%

Other 1.4%

Alovoa

Java 82.7%

HTML 9.8%

JavaScript 3.6%

CSS 2.8%

Other 1.1%

Briar

Java 98.0%

Kotlin 1.9%

Other 0.1%

SimpleX Chat

Haskell 32.6%

Kotlin 32.3%

Swift 26.9%

HTML 2.2%

TypeScript 1.4%

JavaScript 1.1%

Other 3.5%

Medito

Dart 88.5%

Kotlin 8.0%

Ruby 2.0%

Swift 0.7%

CMake 0.2%

C++ 0.2%

Other 0.4%

coreboot

C 94.4%

ASL 2.2%

Makefile 1.0%

C++ 0.7%

Assembly 0.4%

Perl 0.4%

Other 0.9%

Libreboot

Shell 51.5%

Python 25.1%

C 22.2%

Makefile 1.2%

OpenStreetMap

Ruby 78.1%

HTML 8.7%

JavaScript 6.9%

PLpgSQL 3.7%

SCSS 1.2%

C++ 0.7%

Other 0.7%

OsmAnd

Java 95.3%

Kotlin 3.9%

AIDL 0.7%

CSS 0.1%

Shell 0.0%

XSLT 0.0%

Organic Maps

C++ 71.0%

C 7.5%

Java 6.1%

Swift 3.5%

Objective-C++ 3.1%

Python 2.9%

Other 5.9%

VLC Media Player

C 62.6%

C++ 18.9%

Objective-C 8.3%

QML 3.1%

Makefile 1.6%

Lua 1.0%

Other 4.5%

Stremio (Desktop)

C++ 36.7%

QML 17.6%

NSIS 12.4%

JavaScript 10.7%

Shell 9.1%

CMake 4.1%

Other 9.4%

OBS Studio

C 54.6%

C++ 34.7%

CMake 6.1%

Objective-C 2.2%

Objective-C++ 1.6%

M 0.2%

Other 0.6%

NewPipe

Java 84.0%

Kotlin 13.5%

HTML 2.5%

FreeTube

JavaScript 68.5%

Vue 17.2%

CSS 11.2%

SCSS 3.0%

EJS 0.1%

Invidious

Crystal 73.8%

HTML 13.9%

JavaScript 8.2%

CSS 2.6%

Shell 1.1%

Makefile 0.2%

Dockerfile 0.2%

PeerTube

TypeScript 89.7%

HTML 6.5%

SCSS 3.1%

Shell 0.4%

Pug 0.2%

JavaScript 0.1%

Tubular

Java 84.6%

Kotlin 13.0%

HTML 2.4%

Mullvad Browser

JavaScript 28.1%

C++ 25.7%

HTML 22.3%

C 12.4%

Python 2.8%

Tor Browser

JavaScript 28.2%

C++ 25.6%

HTML 22.3%

C 12.4%

Python 2.9%

uBlock Origin

JavaScript 88.4%

CSS 4.9%

HTML 3.4%

WebAssembly 2.5%

Shell 0.6%

Python 0.1%

Makefile 0.1%

332
74
submitted 3 months ago by nickb333@fedia.io to c/privacy@lemmy.ml

I have been using Firefox with Ublock Origin as my main browser for a long while. Usually when I get a privacy prompt, I reject cookies, or maybe some sites that are more difficult take me a to a panel that wants me to switch off loads of individual trackers.

How does Ublock handle the cookies? Obviously some are required for site functionality, such as being logged in here, but if I accept cookies (or can't reject them) then presumably they are still accepted? Or does it accept the essential ones and delete third-party trackers?

333
658
submitted 3 months ago by alkaliv2@lemmy.world to c/privacy@lemmy.ml

I am a Tasker enthusiast and when I can automate something simple on my phone I like to. I set a simple task to turn off WiFi when my home network is not detected so my phone doesn't scan and report my location to businesses. However, this functionality is now nonexistent and the developer has to ask people not to one-star their app because it doesn't work. My phone is my phone and killing my ability to use it as such for whatever security theater Google is playing at is why I root my device. Anyone else still rooting for similar reasons?

334
17

Try the interactive demo.

335
553
submitted 3 months ago by anti_antidote@lemmy.zip to c/privacy@lemmy.ml
336
71

I recently discovered a company called Flock which apparently is building a massive surveillance network. I came across a reddit post on r/sysadmin where an admin received a request to install a black box device so that law enforcement could access cameras.

https://en.m.wikipedia.org/wiki/Flock_Safety

https://www.aclu.org/news/privacy-technology/how-to-pump-the-brakes-on-your-police-departments-use-of-flocks-mass-surveillance-license-plate-readers (disclaimer: I don't support the political views of ACLU)

https://www.reddit.com/r/sysadmin/comments/1eu0fje/local_police_want_permanent_access_to_our_cameras/

337
64
submitted 3 months ago by SentientFishbowl@lemmy.ml to c/privacy@lemmy.ml

I'm aware of what constitutes a decent password, but typing in 15-30 random characters each time I lock my computer screen is starting to get a bit taxing.

How secure does my user password really need to be and what are the threats to it? Does the same apply to a root-enabled user as a "regular" user when it comes to password security?

For context, my threat model doesn't need to account for real people breaking in and accessing my computer, the damage would be very contained.

Bonus question - what are the risks of having a weak password on a root user on a spare laptop on the same network as my main device that is used exclusively for web browsing? Thanks.

338
43
submitted 3 months ago by Gangly3090@lemmy.ml to c/privacy@lemmy.ml

Hi, title's rather explanatory I think but I was considering getting a pair of TWS buds for convenience sake since cables are sometimes not an option for me. But I know a lot of modern buds make you get apps that request a large amount of questionable permissions(even if you deny them, the requests in and of itself feels like a red flag) and likely send your data away. So I was wondering if there were any options that were cleaner. Thanks for the help!

339
293
submitted 3 months ago by PullPantsUnsworn@lemmy.ml to c/privacy@lemmy.ml

After using LineageOS for long time, I have finally moved to GrapheneOS. I use a lot of banking and financial apps which I never felt comfortable using on LineageOS due to lack of proper sandboxing, unlocked bootloader etc.

GrapheneOS works flawlessly just like Android. You don't even notice there's hardening underneath. Also it protects from Google's evil location tracking using WiFi/Bluetooth or even when the Location is turned off. I don't understand how people in general are comfortable with Google tracking all the time. You can use Google Play and Play Services in a sandbox that works just like regular installation, but without deep tracking.

If you haven't tried GrapheneOS, try it. You won't go back to regular Android.

340
46
submitted 3 months ago by fubarx@lemmy.ml to c/privacy@lemmy.ml

Not sure if true, but someone raised an issue when this was first announced. That you can no longer refuse to unlock your phone when stopped, since you'll have to unlock it to show your digital driver's license.

341
260
submitted 3 months ago by bilbobaggins@lemmy.world to c/privacy@lemmy.ml

You may have heard about a lawsuit filed regarding a data breach concerning social security numbers. I encourage you to read at least the first few pages of the linked class action complaint to see how massive a violation of privacy this is.

The data breach concerns National Public Data, a company which offers background checks. They collect personally identifiable information (PII) as a part of their business. The defendant claims that NPD scraped PII from non-public sources (¶11). NPD then stored the data in an insecure manner and did not adequately protect this personal information (¶25). Consequently, a hacking group by the name of "USDoD" stole records of 2.9 billion individuals from NPD. According to the document, the data was independently reviewed by VX-underground, the cybersecurity company. They confirmed the breach included full names, address and address history, and social security numbers. They were also able to identify familial connections, both living and deceased (¶ 22-24).

Based on this class action complaint, NPD's conduct was grossly negligent, leading to potential identity theft for almost anyone in the United States. It was also a massive privacy violation by scraping data from non-public sources. Even after they took millions of Americans personal information, they failed to secure the data from hackers.

Criminals can ruin your life if they target you with this information. They can open lines of credit without you knowing. You might only find out until creditors call you, demanding that you pay them back (¶60).

So, yeah. I am very concerned. I'll have to figure out how to defend against this identity theft. Overall, I'm new to the privacy community, but I'm feeling like "privacy" in the United States is an absolute mess. If your data wasn't somewhere on the dark web, it might be now. Protect your data. Stay safe.

342
557
submitted 3 months ago by awiteb@lemmy.4rs.nl to c/privacy@lemmy.ml
343
37
submitted 3 months ago by yogthos@lemmy.ml to c/privacy@lemmy.ml
344
697
submitted 3 months ago by Alsephina@lemmy.ml to c/privacy@lemmy.ml

Google's campaign against ad blockers across its services just got more aggressive. According to a report by PC World, the company has made some alterations to its extension support on Google Chrome.

Google Chrome recently changed its extension support from the Manifest V2 framework to the new Manifest V3 framework. The browser policy changes will impact one of the most popular adblockers (arguably), uBlock Origin.

The transition to the Manifest V3 framework means extensions like uBlock Origin can't use remotely hosted code. According to Google, it "presents security risks by allowing unreviewed code to be executed in extensions." The new policy changes will only allow an extension to execute JavaScript as part of its package.

Over 30 million Google Chrome users use uBlock Origin, but the tool will be automatically disabled soon via an update. Google will let users enable the feature via the settings for a limited period before it's completely scrapped. From this point, users will be forced to switch to another browser or choose another ad blocker.

Archive link

345
247
submitted 3 months ago* (last edited 3 months ago) by Ranger@lemmy.blahaj.zone to c/privacy@lemmy.ml
346
600
submitted 3 months ago by Charger8232@lemmy.ml to c/privacy@lemmy.ml

It is truly upsetting to see how few people use password managers. I have witnessed people who always use the same password (and even tell me what it is), people who try to login to accounts but constantly can't remember which credentials they used, people who store all of their passwords on a text file on their desktop, people who use a password manager but store the master password on Discord, entire tech sectors in companies locked to LastPass, and so much more. One person even told me they were upset that websites wouldn't tell you password requirements after you create your account, and so they screenshot the requirements every time so they could remember which characters to add to their reused password.

Use a password manager. Whatever solution you think you can come up with is most likely not secure. Computers store a lot of temporary files in places you might not even know how to check, so don't just stick it in a text file. Use a properly made password manager, such as Bitwarden or KeePassXC. They're not going to steal your passwords. Store your master password in a safe place or use a passphrase that you can remember. Even using your browser's password storage is better than nothing. Don't reuse passwords, use long randomly generated ones.

It's free, it's convenient, it takes a few minutes to set up, and its a massive boost in security. No needing to remember passwords. No needing to come up with new passwords. No manually typing passwords. I know I'm preaching to the choir, but if even one of you decides to use a password manager after this then it's an easy win.

Please, don't wait. If you aren't using a password manager right now, take a few minutes. You'll thank yourself later.

347
4
submitted 3 months ago by OhVenus_Baby@lemmy.ml to c/privacy@lemmy.ml

I am looking for an auto toggle feature for the swipe down menu. Sometimes I forget to turn off Bluetooth, location, or other toggles on the drop down menu. Is there such a way to have Bluetooth shutoff after 15 mins of inactivity? Or say Mic, camera toggle off after X time of no use, location toggle, etc. Pixel 6 Pro.

348
26
submitted 3 months ago* (last edited 3 months ago) by cmgvd3lw@discuss.tchncs.de to c/privacy@lemmy.ml

I began using invidious after every piped instances refused to play videos lately. But what I read from their docs is that my IP might get exposed to google servers while loading videos from invidious. I use rethink DNS app and in that I can see all the domains that are getting called by my browser.

I tested about five instances and none are calling googlevideo domain as mentioned in the doc. Are they proxying my requests by default or am I missing something?

No, I don't have the option proxy video turned on. I use yewtu.be as my main invidious instance.

349
669
submitted 3 months ago by vk6flab@lemmy.radio to c/privacy@lemmy.ml

A cookie notice that seeks permission to share your details with "848 of our partners" and "actively scan device details for identification".

350
155
view more: ‹ prev next ›

Privacy

31987 readers
487 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS