Hello. I don't know where to post this and thought this would be the best place for my question.

As of today, I am no longer able to stream music on Qobuz when I have a VPN enabled. At first I thought they had a problem with their servers and tried to re-login, but then Qobuz told me that I am not allowed to log in with an active VPN.

I tried changing the country, but nothing worked.

I hope this is not the case. I switched to Qobuz because they are based in France and pay the most per stream. I don't want to go back to Tidal (based in the US) just to be able to keep my VPN enabled.

cross-posted from: https://sh.itjust.works/post/37022405

This is a carrier in the USA (T-Mobile).

I did a quick search for the other 2 carriers using the term "[Carrier Name] Family Tracking" and Verizon and AT&T also seems to have it.

And according to https://www.t-mobile.com/support/plans-features/t-mobile-familywhere-app, it says:

FamilyWhere uses geolocation data from the T-Mobile network and is not affected by changes to device location settings.

So it appears that its using cell tower triangulation. Turning on Airplane Mode should stop it (assuming there isn't a separate tracking app on your phone)

Oh Wow, What a wonderful tool for abusive spouses and abusive parents. And telecom companies are making money off of it. 🙃

TLDR: Its a good idea to get your own separate cellular plan.

I try to use "private DNS" option in my phone's settings, but it often does not work, and therefore privacy cannot be protected all the time. Sometimes I just cannot even ping other servers by IP (like 1.1.1.1) because of it. My question is: WHY this function requires hostname (so you need to query some other plain text DNS before reaching encrypted DNS)? Also if I understand well, it uses DNS over TLS, but I'm curious why not DNS over HTTPS (which seems like a reliable solution since I have it configured in my browser and there is never a problem with it...also it uses IP address instead of hostname). Why no one is seeing this problem and no one wants to address it? I tried downloading Quad9 app, but it does not work either (I guess some IPS is filtering TLS requests in my network, but again why DOH is not used then?).

Knowledgeable privacy aficionados of Lemmy, perhaps you can help.

I'm searching for a U.S. English speech to text program I can use for note taking, dictation, and internet searching that runs locally on Windows and doesn't collect information or send it off to either the software company or third parties. I'm looking for an out-of-the-box easy option first- if needed I can explore writing scripts and using an LLM to craft a UI, but I'm not looking for something that would require a significant amount of extra building or coding. Ideally it'd be FLOSS and be light on compute, but I'm not averse to paying for a solid product that meets the privacy requirement and if it's not ludicrously heavy on compute, that's okay.

Vosk seems a good option, though in my brief exploration, I haven't found a UI or scripts to use it easily.

WhisperAI, while very accurate, doesn't natively support real-time speech to text, though there are some mods that try and address that.

Anything I'm completely missing?

I put my old Gmail accounts on websites like haveibeenpwned.com osintleak.com pentester.com and osint.industries

And the results had a lot of personal info like old usernames I used, old passwords, IP addresses and other info

What can I do now?

I deleted all of my old Gmail accounts. I changed all of my usernames everywhere or deleted the accounts associated with them and changed all the passwords. I use Proton and Email aliases when signing up for services and random generated passwords with fake info everywhere(if possible) and I do use a VPN on all of my devices.

Is there anything more I can do?

Because those Emails had my full real name in them and I used them literally everywhere.

Hello, all

I'm sorry if there is an FAQ somewhere. My VPN is about enter it's yearly billing cycle and I thought I would come over here and see if anyone had a better suggestion. I've been using IPvanish for the last 10 years and have been pretty satisfied. I picked it by going into the darkweb and seeing what the criminals recommended to each other.

If anyone has other suggestions or tales before I renew, I would love to check it out.

cross-posted from: https://lemm.ee/post/62673770

• In December, an investigation by Tom's Hardware found that Recall frequently captured sensitive information in its screenshots, including credit card numbers and Social Security numbers — even though its "filter sensitive information" setting was supposed to prevent that from happening.

How viable is crypto as a private medium exchange in the modern world?

I see the value of using cryptocurrencies as a form of digital cash (from both a personal privacy point of view and a broader political/economic point of view) but am also put off by a) all the scamming and speculation and moreover b) the friction and privacy tradeoffs involved in getting any of it.

One of the obvious problems is that not many sellers accept it as payment. I can accept that. But AFAICT, in order to pay those that do, I must either do the legwork of conducting a peer-to-peer exchange of fiat currency for crypto (PITA) or use an exchange, which will have records of my personal identity. I'm aware that I could launder exchange-bought crypto to obfuscate my ownership of it but that is also a PITA. I suppose I could also mine coins but that has the most friction of all options and is a poor use of electricity production in my view.

Is there a solution that I'm not aware of, where I can buy (or indeed sell) crypto easily and privately?

I created an infographic of privacy-forward alternatives to Google products...and would love your feedback.

Is it easy to use? Enough white space? Intuitive? Sharable? Is there anything I'm missing?

The infographic image in this post is NOT clickable. The link above will give you a downloadable PDF with working hyperlinks.

Re: the legend, "easy set-up/use" means either that this is a big part of the alternative product's branding, or I've used it myself and found it easy.

Originally this was a reply to this article about a Windows feature called Recall, but there's a good argument the author's concerns resonate far beyond Windows and Meta to proprietary generally.

I was interviewed for Critical Future Tech on "mainstream tech companies' ability to influence us through the data that we willingly provide them, and the actions we can take to regain control over our digital identities."

There's a podcast and transcript.

CRITICAL FUTURE TECH ISSUE 19

Hope you enjoy!

Google is somehow the only company that is able to completely ruin a calculator app. Even before installing, Google outs themselves with how much data they collect:

• App info and performance: Crash logs and Diagnostics
• Personal info: Email address
• Device or other IDs
• App activity: App interactions

And of course the encouraging message:

Data can’t be deleted

The developer doesn’t provide a way for you to request that your data be deleted

As soon as you try to install it, the app requests network access. I'm glad to be using GrapheneOS where this can be restricted.

The app doesn't crash on launch, which is a new concept for Google, since most of their apps won't even start without Google Play Services installed. Maybe that means the calculator app can calculate 1+1 without requiring installing the most invasive software known to man, right?

Of course it can't. It crashes the moment you press the plus sign. Thank you, Google, for requiring Google Play Services for your calculator app to do basic addition. You know what calculator doesn't require Google Play services to do math?

In all seriousness, OpenCalc is a near 1:1 match to Google Calculator, so I suggest anyone use that instead.

The cherry on top is Google's calculator app is bundled with a privacy policy, which on its own is a treat to read through: https://policies.google.com/privacy

Congratulations, Google, you can spy on math now.

glitr.io

im working on a p2p file transfer app. at the moment its a close-source webapp, but i hope to work towards some selfhosted options as seen on my other projects.

the storage is local-only from your browser/device. so like "the cloud", but the cloud storage capacity is made up of your devices.

ive recently updated the landing page and i hope ive got it as simple as possible to transfer a file from one device to another.

im looking for feedback on the experience.

(Note 1: its still a work in progress. if there is an issue, you can usually refresh the browser and try again)

(Note 2: it seems important to mention: this app is not libre software. This needs more consideration to see if I can align to this. For information and open-source examples of the code in action, take a look at the docs and github for decentralized chat)

The title says it all. I want to wipe my phone and then only use open source apps. The thing im afraid of is not backing up my data correctly and losing things like my keepass.

I have to make sure the data from the open source apps is downloadable as well so i can reload them to my phone.

Any tips to assist me with this process?

Prefacing by saying I'm a total noob to webdev.

I'm trying to move my personal portfolio site off of Squarespace and onto some sort of static hosting. Since I know nothing, I'm cobbling together hugo templates and using LightBox2 to show image galleries. The blog I'm referencing includes LightBox2 using this:

<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.1/js/lightbox.min.js" integrity="sha256-CtKylYan+AJuoH8jrMht1+1PMhMqrKnB8K5g012WN5I=" crossorigin="anonymous"></script>

I would prefer to not subject people viewing my page to any external tracking if I can avoid it. My page has zero tracking/analytics for this reason. I briefly tried downloading LightBox2 and directly including it instead, and was able to get it working mostly, but some things were broken that I would need to debug. Before I do that I was wondering, is this even a problem? Is including stuff from cloudflare cdn like this sketchy? It's possible I'm being overly paranoid but I have no idea.

Do you guys trust these domains - how come?

(and same for the other 3 invidious instances: invidiousNerdvpnDe, invNadekoNet and id420129xyz) sorry im new to privacy

I recently stumbled upon Keet, which is a peer to peer messaging app with video calls and file sharing.

This app has a lot going for it:

• The user experience is really good
• ~~Free and open source~~ EDIT: the UI of Keet in closed atm, but the underlying P2P building blocks are open
• Privacy friendly (no datacentre, server or middleman between you and the people you are talking to)
• Better quality since there's no throttling of traffic
• No file size limit

I'm baffled that this app seems like a well kept secret, so I just wanted to share it with you guys.

To me, peer to peer technology seems really interesting because it addresses the root cause of many of the harms that plagues the modern day internet: surveillance, platform silos, the market dominance of multi-national tech-conglomerates, energy usage of datacentres, etc.

What do you think? Can P2P be the solution to these problems?

if i dont remove the private dns (as it says when i enable it) wont it work fine?

I thought people here might like to join this if you want to see what other privacy folk are talking about. I think it originated on Nostr.