This is a shoutout to the app QuickTiles and the developer and contributors thereof.

While at first glance it may not seem like a privacy focused app, however, ultimately, improving digital privacy is more often than not a balance between convenience/ease of use and, well, privacy^[There will always be know-it-alls and above-it-alls in the privacy community who trashtalk normies and/or beginners, acting like this and that is never a tradeoff. If you happen to be one of those, think about whether your attitude helps or hampers our efforts.]

I was almost about to let out a big sigh, thinking do I have to learn kotlin and java for this...? and then I found this app. It has some neat "add-ons" for the quick tiles panel on Android systems. Personally, I was looking for a quick setting to enable/disable data saver. This app had a "data usage" tile, which reduces the amount of requires "clicks" from 5 to 2.

EU will require all member states to have digital profiles of citizens with birth certs and IDs

Ireland is getting a new, universal 'Digital Wallet' app that will collect info, including birth certs, driving licences and PPS numbers for individual citizens - as per European Union requirements for 2027.

And the Government is asking for volunteers to take part in testing and trial runs. The Digital wallet will be used to access a range of public services, including welfare support, such as the Working Family Payment. It could also store data such as health profiles, along the lines of the so called 'vaccine passports' that were in use during the Pandemic.

The digital wallet aims to allow people to securely access documents such as birth certificates or driving licences and register for key welfare support, such as the working family payment.
It has also been suggested as an age-verification tool by Tanaiste Simon Harris, who has said children under the age of 16 should not be on social media in the wake of the Grok AI controversy.
The Government is legally obliged, under EU regulations, to ensure there is a digital wallet for accessing public services by the end of the year, and for private services by the end of 2027.
The public testing phase of the wallet is to begin in early April and is seen as “critical” to ensure it is designed “to satisfy user needs and expectations”, the Department said.
The first stage, for which people can opt in, gives people the chance to view the design of the wallet, understand its proposed features, provide feedback and sign up for further testing.
The second stage allows people aged 16 or older to download the wallet and test limited functions.
People can register to be part of the testing phase at gov.ie/DigitalWallet.

Minister for Public Expenditure and Public Service Reform Jack Chambers said the app would “make it simpler” for people to verify their identity, apply for support and access entitlements, as he launched the public consultation on Friday.

He said: “The wallet is designed so that all personal data is fully protected, and the user stays in control of what information they put in the wallet and choose to share,” he said. "Only the details needed for a service will be shared, and nothing more. Big life events, such as having a baby, moving home, or starting a new job often require dealing with several different public service providers. The digital wallet aims to reduce that administrative burden, making it easier, faster and more secure to access the supports people need. This testing and consultation phase is an important step in building a digital wallet that genuinely works for people. We want to hear the public’s ideas, concerns and expectations. The public’s feedback will directly shape how the wallet looks, how it works, and how it supports everyday life.”

Another Discord alternative that popped up a few months ago like the others out of no where. This one promises voice channels and is evidently entirely encrypted.

But out of the blue they “halted” service and now one again are open for registration?

Has anyone tried this yet ? Just a web app and it’s not open source.

While it sounds promising , and not everything HAS to open source. I just can’t help but feel off about something…

The UK government is like: "submit ID first before you use iPhone", like WTF? As apparently, they are considering on making that the default way to unlock a cellphone whilst spying on you (like they already are) keeping tabs on what apps you're currently using, have downloaded or purchases made online.

Their Online Safety Act is stupid ever since it was enforced last year as that has done nothing except for making people bypass it entirely (like there's cases of game characters used to circumvent age verification & facial scans) so I'll assume the same will happen with this (fake ID's) just to unlock iPhones.

cross-posted from : https://lemmy.zip/post/61888435

I need to encrypt my files and store them locally as well as on my phone and sometimes on the cloud as well. Currently i'm using Paranoia File Encryption https://paranoiaworks.mobi/ everywhere. Is this good or does anybody else have a better suggestion. I also saw Cryptomator popping up in few places. Is that a better option?

LLM-generated passwords (generated directly by the LLM, rather than by an agent using a tool) appear strong, but are fundamentally insecure, because LLMs are designed to predict tokens – the opposite of securely and uniformly sampling random characters.

Google is tightening control over Android under the guise of 'security,' but this crackdown on sideloading is a direct hit to digital sovereignty and FOSS. I've written about why this matters for our privacy and the future of open platforms. What do you think—is this the end of Android's 'open' era?

cross-posted from: https://lemmy.today/post/50424637

UKHSA will explore options to work with ‘big tech’ to use live location data and artificial intelligence (AI) for a more rapid, large-scale detection and alert system during pandemics. These services will adopt a whole-of-society approach with accessible and multilingual formats, and UKHSA will work to consider and build the equivalent tools needed for digitally excluded communities.

https://www.gov.uk/government/publications/pandemic-preparedness-strategy-building-our-capabilities/uk-government-approach-to-implementing-the-strategy-england-only

I'm looking to acquire or set up a Wi-Fi only tablet that is focused on privacy. I've been starting to do some research among the potential OS options and I wanted to ask this community whether it is better to go with LineageOS or /e/ OS for it, or potentially another option. I've tried additional software on other devices that at least help make them more private, but I really want to set something up that is truly private using a tablet.

Edit: I'm also considering Pixel Tablet + GrapheneOS

monkeytype.com I don't know if this has to do anything with Louiss Rossman, But Clippy is just there to he'll, yay.

cross-posted from: https://lemmy.ml/post/45206293

Brazil's authoritarian age verification law became active this month. It won't be implemented by GrapheneOS. Complying would require integrating a mandatory process for each user where a third party service checks government identification and confirms a match using the camera.

It doesn't stop there. It would require keeping data for auditing and providing a token for connecting age verification checks by apps and websites to the data. The law is a privacy disaster and exposes minors to being exploited by leaking their age bracket to apps and websites.

GrapheneOS has no team members or operations in Brazil. São Paulo in Brazil is by far the biggest network hub within South America. Miami is also a major network hub for South America and is currently where our update server is for South America since it's dramatically cheaper.

We have a tiny VPS in São Paulo for our ns1 anycast DNS and a second for our website/network services. It probably isn't an issue and those can be removed if necessary. Santiago could be added for both instead but wouldn't work very well as a replacement for having São Paulo.

There aren't yet devices supporting GrapheneOS directly sold in South America. Brazil in particular has unusually high import duties/taxes which add up to around 100%. This has resulted in us not having a lot of users there but our Motorola partnership will start changing this.

People are going to have their personal info leaked by third party age verification services due to these laws. Children are going to be harmed by apps and websites changing their behavior to exploit them. It isn't going to stop minors finding pornography if they want to find it.

Howdy folks, I’ve been working on getting more privacy, and I want my phone to be next. I just wish that the pixels and fairphones were cheaper, especially the fair phone. I know grapheneOS can be considered one of the more secure builds, but are there other more budget friendly devices known stateside that can run alt OSs?

Paper by,

Simon Lermen, Daniel Paleka, Joshua Swanson, Michael Aerni, Nicholas Carlini, Florian Tramèr

It talks about deanonymizing those who writes under a pseudonym. Sites like reddit, lemmy would be that type.

From the paper,

Given two databases of pseudonymous individuals, each containing unstructured text written by or about that individual, we implement a scalable attack pipeline that uses LLMs to: (1) extract identity-relevant features, (2) search for candidate matches via semantic embeddings, and (3) reason over top candidates to verify matches and reduce false positives.

Our results show that the practical obscurity protecting pseudonymous users online no longer holds and that threat models for online privacy need to be reconsidered.

They can match writing styles, interests, details to infer a job or city, or other unstructured information. That allows to match unrelated pseudonyms to the same person. Like, FooFighterGroupie and Yolanda43905 are the same human, despite they never said it. It can allow also, to match a pseudonym to a real identity across sites. Like someone posted on LinkedIn with a real name. It takes less info than most people expect, to figure out Julia Greenberg of Cedarville, NH is FooFighterGroupie.

You can protect yourself by never giving away much info. But ofc sometimes that's the whole point! Think talking about specific hobbies or w/e, gives away info. Also change up writing styles + vocab use, b/c it is a unique fingerprint.

I doubt this technique is used in a dragnet way... YET! But no reason it can't scale, if the cost of resources goes low eonugh. We could eventually see it become standard, analysis to link people across sites and identities.

It worked great until yesterday, and today, I cannot get it to work. The video below illustrates the problem:

https://buzzheavier.com/3jekkdqj1fu2

I have tried:

1. Clearing the cache of both HW Fido2 Provider and IronFox
2. Rebooting
3. Installing Key Driver BT Kunizoft
4. Disabling uBlockOrigin, Cookie Banner Blocker and Enhanced Tracking Protection

Any ideas?

Does anyone have greater understanding or experience? My use cases are general use in mobile or laptop with systemwide Hagezi blocklists. Also run on laptop using Mullvad browser with wireguard, uBlock Origin and filters. Mullvad is never used for anything personally identifying.

I've been trying duckAI and its very good / balanced when I check against my professional clinical and related legal expertise. I see that FHMY is advocating BraveAI and it is as good (from my n=1) checking against what I know.

A user created a thread in this lemmy community remarking that the Tor Browser has a personally identifiable fingerprint under normal settings (the "Standard" and "Safer" modes make you fingerprintable), with several commenters doing the same test and reporting the same. The user who created this post also said that on the privacy guides forum posts about this topic are being deleted.

The poster could try to provide proof. Has at least one of these posts been archived (on archive.is or archive.org)?

Just got off the phone with my Colorado representative. I reminded him that:

• Everyone knows Meta lobbied for these laws
• Everyone knows it's not "for the children"
• My friends and neighbors care about privacy and we are watching how you vote
• A vote for age verification is a clear indicator that you work for corporations and not constituents

You don't have to live in Colorado to get involved! If your state is blue or light blue on this map, you are under threat of age verification laws!

https://en.wikipedia.org/wiki/Social_media_age_verification_laws_in_the_United_States

NOW is the time to call/email/write to your state legislators. Don't say, "Yeah, I should do that." Just do it and do it today, because they could surprise vote on it tomorrow.

I’ve been reminiscing lately about the 80s and 90s 'Pocket Novel' fever. In my part of the world, we had legendary series like The Future Files and The Impossible Man—short, cheap, 100-page Sci-Fi and Espionage thrillers that fit perfectly in your back pocket.

I realized we were essentially part of the same global culture, sharing the same 'Pulp' vibe as Mack Bolan (The Executioner), Harlequin Intrigue, or even the early Goosebumps and Fear Street books in the West.

It was a unique era. We used to wait at newsstands every month just to get the next mission. Those books didn’t just tell stories; they built our imagination. Back then, plots about AI takeovers, biological warfare, and global shifts felt like distant, exciting fiction.

Now, looking at the reality of 2026, it feels like we are actually living inside those old pages. We traded that tactile smell of cheap paper for mindless scrolling on a 5-inch screen that tracks our every move.

This nostalgia isn’t just about the past; it’s a warning. I spent years analyzing how we transitioned from that tactile privacy to the 2026 digital monitoring grid. I've put these findings into a thriller/guide called 'The Final Exodus'. Specifically, Chapter 13 focuses on how to reclaim your sovereignty before the grid closes. You can check it out here:

https://play.google.com/store/books/details?id=-0_GEQAAQBAJ

Did your country have a similar 'Pocket Novel' or 'Dime Novel' culture? What were the series you couldn't put down back then? Let’s talk about the glory days of Pulp and how they warned us about the world we live in today!

Lemmings, what are your opinions on the following?:

Mar 26, 2026 9:32 AM

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance

Six Democratic lawmakers are pressing the nation's top intelligence official to publicly disclose whether Americans who use commercial VPN services risk being treated as foreigners under United States surveillance law—a classification that would strip them of constitutional protections against warrantless government spying.

In a letter sent Thursday to Director of National Intelligence Tulsi Gabbard, the lawmakers say that because VPNs obscure a user's true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they're entitled to under the law.

Several federal agencies, including the FBI, the National Security Agency, and the Federal Trade Commission, have recommended that consumers use VPNs to protect their privacy. But following that advice may inadvertently cost Americans the very protections they're seeking.

The letter was signed by members of the Democratic Party’s progressive flank: Senators Ron Wyden, Elizabeth Warren, Edward Markey, and Alex Padilla, along with Representatives Pramila Jayapal and Sara Jacobs.

The concern centers on how intelligence agencies treat internet traffic routed through commercial VPN servers, which may be located anywhere in the world. Millions of Americans use these services routinely, whether to access region-restricted content like overseas sports broadcasts or to protect their privacy on public Wi-Fi networks. Because VPN servers commingle traffic from users in many countries, a single server—even one located in the United States—may carry communications from foreigners, potentially making it a target for surveillance under authorities that allow the government to secretly compel service from US service providers.

Under a controversial warrantless surveillance program, the US government intercepts vast quantities of electronic communications belonging to people overseas. The program also sweeps in enormous volumes of private messages belonging to Americans, which the FBI may search without a warrant, even though it is authorized to target only foreigners abroad.

The program, authorized under Section 702 of the Foreign Intelligence Surveillance Act, is set to expire next month and has become the subject of a fierce battle in Congress over whether it should be renewed without significant reforms to protect Americans' privacy.

Thursday’s letter points to declassified intelligence community guidelines that establish a default presumption at the heart of the lawmakers' concern: Under the NSA's targeting procedures, a person whose location is unknown is presumed to be a non-US person unless there is specific information to the contrary. Department of Defense procedures governing signals intelligence activities contain the same presumption.

Commercial VPN services work by routing a user's internet traffic through servers operated by the VPN company, which may be located anywhere in the world. A single server may carry traffic from thousands of users simultaneously, all of it appearing to originate from the same IP address. To an intelligence agency collecting communications in bulk, an American connected to a VPN server in, say, Amsterdam looks no different from a Dutch citizen.

The letter does not assert that Americans' VPN traffic has been collected under these authorities—that information would be classified—but asks Gabbard to publicly clarify what impact, if any, VPN use has on Americans' privacy rights.

Among those pressing the question is Wyden, who as a member of the Senate Intelligence Committee, has access to classified details about how these surveillance programs operate and has a well-documented history of using carefully worded public statements to draw attention to surveillance practices he is unable to discuss openly.

The letter also raises concerns about a second, broader surveillance authority: Executive Order 12333, a Reagan-era directive that governs much of the intelligence community's foreign surveillance operations and permits the bulk collection of foreigners' communications with even fewer constraints than Section 702.

While 702 is a statute with congressional oversight that requires approval from the Foreign Intelligence Surveillance Court, EO 12333 surveillance operates under guidelines approved by the US attorney general alone.

The letter warns that the same foreignness presumption applies under both authorities, meaning Americans on foreign VPN servers could be exposed not just to targeted collection under 702 but to what the lawmakers describe as “bulk, indiscriminate surveillance of foreigners' communications.”

Americans spend billions of dollars each year on commercial VPN services, many offered by foreign-headquartered companies that route traffic through servers located overseas. The letter notes that these services are widely advertised as privacy tools, including by elements of the US government itself.

Despite the scale of the market, the letter suggests consumers have been given no meaningful guidance on how to protect themselves.

The lawmakers urge Gabbard to “clarify what, if anything, American consumers can do to ensure they receive the privacy protections they are entitled to under the law and the US Constitution.”

Updated at 12:38 pm ET, March 26, 2026: This story has been updated with additional details to clarify the scope of the potential surveillance addressed in the letter.

OK, for context, none of us have Graphene, Lineage, Murena, etc compatible phones. However, at work, we use an MDM that let's me manage Apple and Google devices result. I see they offer a free tier for <25 devices (I would be under that limit for desktops, laptops, and mobiles) and I know they can deploy apps without a Google account. So maybe that's the trick! Deploy my kids phones with someone I can easily track, where they can't disable location, can't install social media apps, and no need for A Google account.

I understand a Google account is needed for the MDM, but I would make up a bogus one, lock down app permissions quite well, etc. Have a kid profile and a grown up profile for when devices are registered. Seems like it'd be a rather simple thing overall that gives way more control than Google family does.

Anyone else run something like this? This would be Endpoint Central. I know they're India based, but to me that's a bonus as it's not US tech either!

Edit: oh yeah and should help to bypass age verification limits too since it'll be "corporate owned"