Your smartphone tracks your location, listens to your conversations, and sells your intimate moments to data brokers.

The law pretends to regulate this, but lobbyists write the rules and enforcement is a joke.

Encryption apps aren't enough when the hardware itself is designed to betray you.

The phone is a spy device marketed as a lifestyle accessory.

We need radical technical solutions, not incremental privacy policies that change nothing.

The surveillance economy depends on your ignorance and inaction.

Break the chain: use open hardware, de-Googled Android, or build your own tools.

#privacy #surveillance #digitalrights #antitrust

How much of your life are you willing to sell for a slightly more convenient map app?

Are we going to see decrease in apps available?

Read the whole thread

However, we don't have a "hardened security" approach, we aren't developing a phone for pedo(censored) so they can evade justice.

For reasons that boggle my mind, I am required to keep a Google account for work (ties into some proprietary software the company uses)

Earlier today, I got the following -

Yes, I’m certain people under the age of 16 are known for their use of very specific EHR software that requires professional license to subscribe to in the first place. Makes perfect sense.

Anyone else get one of these “for you protection” msgs from Big evil?

This is a shoutout to the app QuickTiles and the developer and contributors thereof.

While at first glance it may not seem like a privacy focused app, however, ultimately, improving digital privacy is more often than not a balance between convenience/ease of use and, well, privacy^[There will always be know-it-alls and above-it-alls in the privacy community who trashtalk normies and/or beginners, acting like this and that is never a tradeoff. If you happen to be one of those, think about whether your attitude helps or hampers our efforts.]

I was almost about to let out a big sigh, thinking do I have to learn kotlin and java for this...? and then I found this app. It has some neat "add-ons" for the quick tiles panel on Android systems. Personally, I was looking for a quick setting to enable/disable data saver. This app had a "data usage" tile, which reduces the amount of requires "clicks" from 5 to 2.

EU will require all member states to have digital profiles of citizens with birth certs and IDs

Ireland is getting a new, universal 'Digital Wallet' app that will collect info, including birth certs, driving licences and PPS numbers for individual citizens - as per European Union requirements for 2027.

And the Government is asking for volunteers to take part in testing and trial runs. The Digital wallet will be used to access a range of public services, including welfare support, such as the Working Family Payment. It could also store data such as health profiles, along the lines of the so called 'vaccine passports' that were in use during the Pandemic.

The digital wallet aims to allow people to securely access documents such as birth certificates or driving licences and register for key welfare support, such as the working family payment.
It has also been suggested as an age-verification tool by Tanaiste Simon Harris, who has said children under the age of 16 should not be on social media in the wake of the Grok AI controversy.
The Government is legally obliged, under EU regulations, to ensure there is a digital wallet for accessing public services by the end of the year, and for private services by the end of 2027.
The public testing phase of the wallet is to begin in early April and is seen as “critical” to ensure it is designed “to satisfy user needs and expectations”, the Department said.
The first stage, for which people can opt in, gives people the chance to view the design of the wallet, understand its proposed features, provide feedback and sign up for further testing.
The second stage allows people aged 16 or older to download the wallet and test limited functions.
People can register to be part of the testing phase at gov.ie/DigitalWallet.

Minister for Public Expenditure and Public Service Reform Jack Chambers said the app would “make it simpler” for people to verify their identity, apply for support and access entitlements, as he launched the public consultation on Friday.

He said: “The wallet is designed so that all personal data is fully protected, and the user stays in control of what information they put in the wallet and choose to share,” he said. "Only the details needed for a service will be shared, and nothing more. Big life events, such as having a baby, moving home, or starting a new job often require dealing with several different public service providers. The digital wallet aims to reduce that administrative burden, making it easier, faster and more secure to access the supports people need. This testing and consultation phase is an important step in building a digital wallet that genuinely works for people. We want to hear the public’s ideas, concerns and expectations. The public’s feedback will directly shape how the wallet looks, how it works, and how it supports everyday life.”

The UK government is like: "submit ID first before you use iPhone", like WTF? As apparently, they are considering on making that the default way to unlock a cellphone whilst spying on you (like they already are) keeping tabs on what apps you're currently using, have downloaded or purchases made online.

Their Online Safety Act is stupid ever since it was enforced last year as that has done nothing except for making people bypass it entirely (like there's cases of game characters used to circumvent age verification & facial scans) so I'll assume the same will happen with this (fake ID's) just to unlock iPhones.

cross-posted from : https://lemmy.zip/post/61888435

LLM-generated passwords (generated directly by the LLM, rather than by an agent using a tool) appear strong, but are fundamentally insecure, because LLMs are designed to predict tokens – the opposite of securely and uniformly sampling random characters.

I need to encrypt my files and store them locally as well as on my phone and sometimes on the cloud as well. Currently i'm using Paranoia File Encryption https://paranoiaworks.mobi/ everywhere. Is this good or does anybody else have a better suggestion. I also saw Cryptomator popping up in few places. Is that a better option?

Google is tightening control over Android under the guise of 'security,' but this crackdown on sideloading is a direct hit to digital sovereignty and FOSS. I've written about why this matters for our privacy and the future of open platforms. What do you think—is this the end of Android's 'open' era?

cross-posted from: https://lemmy.today/post/50424637

UKHSA will explore options to work with ‘big tech’ to use live location data and artificial intelligence (AI) for a more rapid, large-scale detection and alert system during pandemics. These services will adopt a whole-of-society approach with accessible and multilingual formats, and UKHSA will work to consider and build the equivalent tools needed for digitally excluded communities.

https://www.gov.uk/government/publications/pandemic-preparedness-strategy-building-our-capabilities/uk-government-approach-to-implementing-the-strategy-england-only

I'm looking to acquire or set up a Wi-Fi only tablet that is focused on privacy. I've been starting to do some research among the potential OS options and I wanted to ask this community whether it is better to go with LineageOS or /e/ OS for it, or potentially another option. I've tried additional software on other devices that at least help make them more private, but I really want to set something up that is truly private using a tablet.

Edit: I'm also considering Pixel Tablet + GrapheneOS

monkeytype.com I don't know if this has to do anything with Louiss Rossman, But Clippy is just there to he'll, yay.

Howdy folks, I’ve been working on getting more privacy, and I want my phone to be next. I just wish that the pixels and fairphones were cheaper, especially the fair phone. I know grapheneOS can be considered one of the more secure builds, but are there other more budget friendly devices known stateside that can run alt OSs?

cross-posted from: https://lemmy.ml/post/45206293

Brazil's authoritarian age verification law became active this month. It won't be implemented by GrapheneOS. Complying would require integrating a mandatory process for each user where a third party service checks government identification and confirms a match using the camera.

It doesn't stop there. It would require keeping data for auditing and providing a token for connecting age verification checks by apps and websites to the data. The law is a privacy disaster and exposes minors to being exploited by leaking their age bracket to apps and websites.

GrapheneOS has no team members or operations in Brazil. São Paulo in Brazil is by far the biggest network hub within South America. Miami is also a major network hub for South America and is currently where our update server is for South America since it's dramatically cheaper.

We have a tiny VPS in São Paulo for our ns1 anycast DNS and a second for our website/network services. It probably isn't an issue and those can be removed if necessary. Santiago could be added for both instead but wouldn't work very well as a replacement for having São Paulo.

There aren't yet devices supporting GrapheneOS directly sold in South America. Brazil in particular has unusually high import duties/taxes which add up to around 100%. This has resulted in us not having a lot of users there but our Motorola partnership will start changing this.

People are going to have their personal info leaked by third party age verification services due to these laws. Children are going to be harmed by apps and websites changing their behavior to exploit them. It isn't going to stop minors finding pornography if they want to find it.

Paper by,

Simon Lermen, Daniel Paleka, Joshua Swanson, Michael Aerni, Nicholas Carlini, Florian Tramèr

It talks about deanonymizing those who writes under a pseudonym. Sites like reddit, lemmy would be that type.

From the paper,

Given two databases of pseudonymous individuals, each containing unstructured text written by or about that individual, we implement a scalable attack pipeline that uses LLMs to: (1) extract identity-relevant features, (2) search for candidate matches via semantic embeddings, and (3) reason over top candidates to verify matches and reduce false positives.

Our results show that the practical obscurity protecting pseudonymous users online no longer holds and that threat models for online privacy need to be reconsidered.

They can match writing styles, interests, details to infer a job or city, or other unstructured information. That allows to match unrelated pseudonyms to the same person. Like, FooFighterGroupie and Yolanda43905 are the same human, despite they never said it. It can allow also, to match a pseudonym to a real identity across sites. Like someone posted on LinkedIn with a real name. It takes less info than most people expect, to figure out Julia Greenberg of Cedarville, NH is FooFighterGroupie.

You can protect yourself by never giving away much info. But ofc sometimes that's the whole point! Think talking about specific hobbies or w/e, gives away info. Also change up writing styles + vocab use, b/c it is a unique fingerprint.

I doubt this technique is used in a dragnet way... YET! But no reason it can't scale, if the cost of resources goes low eonugh. We could eventually see it become standard, analysis to link people across sites and identities.

It worked great until yesterday, and today, I cannot get it to work. The video below illustrates the problem:

https://buzzheavier.com/3jekkdqj1fu2

I have tried:

1. Clearing the cache of both HW Fido2 Provider and IronFox
2. Rebooting
3. Installing Key Driver BT Kunizoft
4. Disabling uBlockOrigin, Cookie Banner Blocker and Enhanced Tracking Protection

Any ideas?

Does anyone have greater understanding or experience? My use cases are general use in mobile or laptop with systemwide Hagezi blocklists. Also run on laptop using Mullvad browser with wireguard, uBlock Origin and filters. Mullvad is never used for anything personally identifying.

I've been trying duckAI and its very good / balanced when I check against my professional clinical and related legal expertise. I see that FHMY is advocating BraveAI and it is as good (from my n=1) checking against what I know.

A user created a thread in this lemmy community remarking that the Tor Browser has a personally identifiable fingerprint under normal settings (the "Standard" and "Safer" modes make you fingerprintable), with several commenters doing the same test and reporting the same. The user who created this post also said that on the privacy guides forum posts about this topic are being deleted.

The poster could try to provide proof. Has at least one of these posts been archived (on archive.is or archive.org)?